From eba78682c91070492d8f91905048a94a6f5d306e Mon Sep 17 00:00:00 2001
From: stvn <stvn@mit.edu>
Date: Tue, 13 Apr 2021 15:04:22 -0700
Subject: [PATCH] test: Test (incorrect) behavior of discussions API access

As implemented, course staff members will not have access to this API
endpoint. This will be addressed with pending work [1].

- [1] https://openedx.atlassian.net/browse/TNL-8231
---
 .../core/djangoapps/discussions/tests/test_views.py  | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/openedx/core/djangoapps/discussions/tests/test_views.py b/openedx/core/djangoapps/discussions/tests/test_views.py
index 42f4e2af05..7fc6228ad0 100644
--- a/openedx/core/djangoapps/discussions/tests/test_views.py
+++ b/openedx/core/djangoapps/discussions/tests/test_views.py
@@ -91,3 +91,15 @@ class AuthorizedApiTest(AuthenticatedApiTest):
     def test_access_put(self):
         response = self.client.put(self.url)
         assert response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED
+
+
+class CourseStaffAuthorizedTest(UnauthorizedApiTest):
+    """
+    Course Staff should have the same access as Global Staff
+
+    TODO: This behavior should be changed to _allow_ access [1]
+    - [1] https://openedx.atlassian.net/browse/TNL-8231
+    """
+
+    def _login(self):
+        self.client.login(username=self.user_staff_course.username, password=self.password)