Commit 01557b26 by cahrens

Move call into authz methods out of model class.

parent 99584aab
......@@ -2,8 +2,11 @@
django admin page for the course creators table
"""
from course_creators.models import CourseCreator
from course_creators.models import CourseCreator, update_creator_state
from course_creators.views import update_course_creator_group
from django.contrib import admin
from django.dispatch import receiver
def get_email(obj):
......@@ -51,3 +54,11 @@ class CourseCreatorAdmin(admin.ModelAdmin):
admin.site.register(CourseCreator, CourseCreatorAdmin)
@receiver(update_creator_state, sender=CourseCreator)
def update_creator_group_callback(sender, **kwargs):
"""
Callback for when the model's creator status has changed.
"""
update_course_creator_group(kwargs['caller'], kwargs['user'], kwargs['add'])
......@@ -3,12 +3,13 @@ Table for storing information about whether or not Studio users have course crea
"""
from django.db import models
from django.db.models.signals import post_init, post_save
from django.dispatch import receiver
from django.dispatch import receiver, Signal
from django.contrib.auth.models import User
from auth.authz import add_user_to_creator_group, remove_user_from_creator_group
from django.utils import timezone
# A signal that will be sent when users should be added or removed from the creator group
update_creator_state = Signal(providing_args=["caller", "user", "add"])
class CourseCreator(models.Model):
"""
......@@ -52,12 +53,12 @@ def post_save_callback(sender, **kwargs):
# We only wish to modify the state_changed time if the state has been modified. We don't wish to
# modify it for changes to the notes field.
if instance.state != instance.orig_state:
update_creator_state.send(
sender=sender,
caller=instance.admin,
user=instance.user,
add=instance.state == 'g'
)
instance.state_changed = timezone.now()
if instance.state == 'g':
# We have granted access, add to course group
add_user_to_creator_group(instance.admin, instance.user)
else:
remove_user_from_creator_group(instance.admin, instance.user)
instance.orig_state = instance.state
instance.save()
......@@ -7,7 +7,7 @@ from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied
from course_creators.views import add_user_with_status_unrequested, add_user_with_status_granted
from course_creators.views import get_course_creator_status
from course_creators.views import get_course_creator_status, update_course_creator_group
from course_creators.models import CourseCreator
from auth.authz import is_user_in_creator_group
import mock
......@@ -26,7 +26,7 @@ class CourseCreatorView(TestCase):
def test_staff_permission_required(self):
"""
Tests that add methods must be called with staff permissions.
Tests that add methods and course creator group method must be called with staff permissions.
"""
with self.assertRaises(PermissionDenied):
add_user_with_status_granted(self.user, self.user)
......@@ -34,6 +34,9 @@ class CourseCreatorView(TestCase):
with self.assertRaises(PermissionDenied):
add_user_with_status_unrequested(self.user, self.user)
with self.assertRaises(PermissionDenied):
update_course_creator_group(self.user, self.user, True)
def test_table_initially_empty(self):
self.assertIsNone(get_course_creator_status(self.user))
......@@ -58,3 +61,11 @@ class CourseCreatorView(TestCase):
self.assertEqual('g', get_course_creator_status(self.user))
self.assertTrue(is_user_in_creator_group(self.user))
def test_update_creator_group(self):
with mock.patch.dict('django.conf.settings.MITX_FEATURES', {"ENABLE_CREATOR_GROUP": True}):
self.assertFalse(is_user_in_creator_group(self.user))
update_course_creator_group(self.admin, self.user, True)
self.assertTrue(is_user_in_creator_group(self.user))
update_course_creator_group(self.admin, self.user, False)
self.assertFalse(is_user_in_creator_group(self.user))
......@@ -4,7 +4,7 @@ Methods for interacting programmatically with the user creator table.
from course_creators.models import CourseCreator
from django.core.exceptions import PermissionDenied
from auth.authz import add_user_to_creator_group
from auth.authz import add_user_to_creator_group, remove_user_from_creator_group
def add_user_with_status_unrequested(caller, user):
......@@ -27,7 +27,19 @@ def add_user_with_status_granted(caller, user):
This method also adds the user to the course creator group maintained by authz.py.
"""
_add_user(caller, user, 'g')
add_user_to_creator_group(caller, user)
update_course_creator_group(caller, user, True)
def update_course_creator_group(caller, user, add):
"""
Method for adding and removing users from the creator group.
Caller must have staff permissions.
"""
if add:
add_user_to_creator_group(caller, user)
else:
remove_user_from_creator_group(caller, user)
def get_course_creator_status(user):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment