d1a775d3cd
* Use full LMS imports paths in LMS settings and urls modules * Use full LMS import paths in Studio settings and urls modules * Import from lms.djangoapps.badges instead of badges * Import from lms.djangoapps.branding instead of branding * Import from lms.djangoapps.bulk_email instead of bulk_email * Import from lms.djangoapps.bulk_enroll instead of bulk_enroll * Import from lms.djangoapps.ccx instead of ccx * Import from lms.djangoapps.course_api instead of course_api * Import from lms.djangoapps.course_blocks instead of course_blocks * Import from lms.djangoapps.course_wiki instead of course_wiki * Import from lms.djangoapps.courseware instead of courseware * Import from lms.djangoapps.dashboard instead of dashboard * Import from lms.djangoapps.discussion import discussion * Import from lms.djangoapps.email_marketing instead of email_marketing * Import from lms.djangoapps.experiments instead of experiments * Import from lms.djangoapps.gating instead of gating * Import from lms.djangoapps.grades instead of grades * Import from lms.djangoapps.instructor_analytics instead of instructor_analytics * Import form lms.djangoapps.lms_xblock instead of lms_xblock * Import from lms.djangoapps.lti_provider instead of lti_provider * Import from lms.djangoapps.mobile_api instead of mobile_api * Import from lms.djangoapps.rss_proxy instead of rss_proxy * Import from lms.djangoapps.static_template_view instead of static_template_view * Import from lms.djangoapps.survey instead of survey * Import from lms.djangoapps.verify_student instead of verify_student * Stop suppressing EdxPlatformDeprecatedImportWarnings
240 lines
7.9 KiB
Python
240 lines
7.9 KiB
Python
"""
|
|
Python tests for the Survey workflows
|
|
"""
|
|
|
|
|
|
from collections import OrderedDict
|
|
from copy import deepcopy
|
|
|
|
import six
|
|
from django.contrib.auth.models import User
|
|
from django.urls import reverse
|
|
from six.moves import range
|
|
|
|
from common.test.utils import XssTestMixin
|
|
from lms.djangoapps.courseware.tests.helpers import LoginEnrollmentTestCase
|
|
from lms.djangoapps.survey.models import SurveyAnswer, SurveyForm
|
|
from xmodule.modulestore.tests.django_utils import SharedModuleStoreTestCase
|
|
from xmodule.modulestore.tests.factories import CourseFactory
|
|
|
|
|
|
class SurveyViewsTests(LoginEnrollmentTestCase, SharedModuleStoreTestCase, XssTestMixin):
|
|
"""
|
|
All tests for the views.py file
|
|
"""
|
|
STUDENT_INFO = [('view@test.com', 'foo')]
|
|
|
|
@classmethod
|
|
def setUpClass(cls):
|
|
super(SurveyViewsTests, cls).setUpClass()
|
|
cls.test_survey_name = 'TestSurvey'
|
|
cls.course = CourseFactory.create(
|
|
display_name='<script>alert("XSS")</script>',
|
|
course_survey_required=True,
|
|
course_survey_name=cls.test_survey_name
|
|
)
|
|
|
|
cls.course_with_bogus_survey = CourseFactory.create(
|
|
course_survey_required=True,
|
|
course_survey_name="DoesNotExist"
|
|
)
|
|
|
|
cls.course_without_survey = CourseFactory.create()
|
|
|
|
def setUp(self):
|
|
"""
|
|
Set up the test data used in the specific tests
|
|
"""
|
|
super(SurveyViewsTests, self).setUp()
|
|
|
|
self.test_form = '<input name="field1"></input>'
|
|
self.survey = SurveyForm.create(self.test_survey_name, self.test_form)
|
|
|
|
self.student_answers = OrderedDict({
|
|
u'field1': u'value1',
|
|
u'field2': u'value2',
|
|
})
|
|
|
|
# Create student accounts and activate them.
|
|
for i in range(len(self.STUDENT_INFO)):
|
|
email, password = self.STUDENT_INFO[i]
|
|
username = 'u{0}'.format(i)
|
|
self.create_account(username, email, password)
|
|
self.activate_user(email)
|
|
|
|
email, password = self.STUDENT_INFO[0]
|
|
self.login(email, password)
|
|
self.enroll(self.course, True)
|
|
self.enroll(self.course_without_survey, True)
|
|
self.enroll(self.course_with_bogus_survey, True)
|
|
|
|
self.user = User.objects.get(email=email)
|
|
|
|
self.view_url = reverse('view_survey', args=[self.test_survey_name])
|
|
self.postback_url = reverse('submit_answers', args=[self.test_survey_name])
|
|
|
|
def _assert_survey_redirect(self, course):
|
|
"""
|
|
Helper method to assert that all known redirect points do redirect as expected
|
|
"""
|
|
for view_name in ['courseware', 'openedx.course_experience.course_home', 'progress']:
|
|
resp = self.client.get(
|
|
reverse(
|
|
view_name,
|
|
kwargs={'course_id': six.text_type(course.id)}
|
|
)
|
|
)
|
|
self.assertRedirects(
|
|
resp,
|
|
reverse('course_survey', kwargs={'course_id': six.text_type(course.id)})
|
|
)
|
|
|
|
def _assert_no_redirect(self, course):
|
|
"""
|
|
Helper method to asswer that all known conditionally redirect points do
|
|
not redirect as expected
|
|
"""
|
|
for view_name in ['courseware', 'openedx.course_experience.course_home', 'progress']:
|
|
resp = self.client.get(
|
|
reverse(
|
|
view_name,
|
|
kwargs={'course_id': six.text_type(course.id)}
|
|
)
|
|
)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
def test_visiting_course_without_survey(self):
|
|
"""
|
|
Verifies that going to the courseware which does not have a survey does
|
|
not redirect to a survey
|
|
"""
|
|
self._assert_no_redirect(self.course_without_survey)
|
|
|
|
def test_visiting_course_with_survey_redirects(self):
|
|
"""
|
|
Verifies that going to the courseware with an unanswered survey, redirects to the survey
|
|
"""
|
|
self._assert_survey_redirect(self.course)
|
|
|
|
def test_anonymous_user_visiting_course_with_survey(self):
|
|
"""
|
|
Verifies that anonymous user going to the courseware home with an unanswered survey is not
|
|
redirected to survey and home page renders without server error.
|
|
"""
|
|
self.logout()
|
|
resp = self.client.get(
|
|
reverse(
|
|
'openedx.course_experience.course_home',
|
|
kwargs={'course_id': six.text_type(self.course.id)}
|
|
)
|
|
)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
def test_visiting_course_with_existing_answers(self):
|
|
"""
|
|
Verifies that going to the courseware with an answered survey, there is no redirect
|
|
"""
|
|
resp = self.client.post(
|
|
self.postback_url,
|
|
self.student_answers
|
|
)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
self._assert_no_redirect(self.course)
|
|
|
|
def test_course_id_field(self):
|
|
"""
|
|
Assert that the course_id will be in the form fields, if available
|
|
"""
|
|
|
|
resp = self.client.get(
|
|
reverse(
|
|
'course_survey',
|
|
kwargs={'course_id': six.text_type(self.course.id)}
|
|
)
|
|
)
|
|
|
|
self.assertEqual(resp.status_code, 200)
|
|
expected = u'<input type="hidden" name="course_id" value="{course_id}" />'.format(
|
|
course_id=six.text_type(self.course.id)
|
|
)
|
|
|
|
self.assertContains(resp, expected)
|
|
|
|
def test_course_id_persists(self):
|
|
"""
|
|
Assert that a posted back course_id is stored in the database
|
|
"""
|
|
|
|
answers = deepcopy(self.student_answers)
|
|
answers.update({
|
|
'course_id': six.text_type(self.course.id)
|
|
})
|
|
|
|
resp = self.client.post(
|
|
self.postback_url,
|
|
answers
|
|
)
|
|
self.assertEqual(resp.status_code, 200)
|
|
|
|
self._assert_no_redirect(self.course)
|
|
|
|
# however we want to make sure we persist the course_id
|
|
answer_objs = SurveyAnswer.objects.filter(
|
|
user=self.user,
|
|
form=self.survey
|
|
)
|
|
|
|
for answer_obj in answer_objs:
|
|
self.assertEqual(answer_obj.course_key, self.course.id)
|
|
|
|
def test_visiting_course_with_bogus_survey(self):
|
|
"""
|
|
Verifies that going to the courseware with a required, but non-existing survey, does not redirect
|
|
"""
|
|
self._assert_no_redirect(self.course_with_bogus_survey)
|
|
|
|
def test_visiting_survey_with_bogus_survey_name(self):
|
|
"""
|
|
Verifies that going to the courseware with a required, but non-existing survey, does not redirect
|
|
"""
|
|
|
|
resp = self.client.get(
|
|
reverse(
|
|
'course_survey',
|
|
kwargs={'course_id': six.text_type(self.course_with_bogus_survey.id)}
|
|
)
|
|
)
|
|
course_home_path = 'openedx.course_experience.course_home'
|
|
self.assertRedirects(
|
|
resp,
|
|
reverse(course_home_path, kwargs={'course_id': six.text_type(self.course_with_bogus_survey.id)})
|
|
)
|
|
|
|
def test_visiting_survey_with_no_course_survey(self):
|
|
"""
|
|
Verifies that going to the courseware with a required, but non-existing survey, does not redirect
|
|
"""
|
|
|
|
resp = self.client.get(
|
|
reverse(
|
|
'course_survey',
|
|
kwargs={'course_id': six.text_type(self.course_without_survey.id)}
|
|
)
|
|
)
|
|
course_home_path = 'openedx.course_experience.course_home'
|
|
self.assertRedirects(
|
|
resp,
|
|
reverse(course_home_path, kwargs={'course_id': six.text_type(self.course_without_survey.id)})
|
|
)
|
|
|
|
def test_survey_xss(self):
|
|
"""Test that course display names are correctly HTML-escaped."""
|
|
response = self.client.get(
|
|
reverse(
|
|
'course_survey',
|
|
kwargs={'course_id': six.text_type(self.course.id)}
|
|
)
|
|
)
|
|
self.assert_no_xss(response, '<script>alert("XSS")</script>')
|