Merge pull request #10777 from edx/saleem-latif/SOL-1466

SOL-1466: Make sure web view renders certs only if downloadable.

lms/djangoapps/certificates/tests/test_views.py

@@ -215,7 +215,7 @@ class MicrositeCertificatesViewsTests(ModuleStoreTestCase):
             grade="0.95",
             key='the_key',
             distinction=True,
-            status='generated',
+            status='downloadable',
             mode='honor',
             name=self.user.profile.name,
         )

lms/djangoapps/certificates/tests/test_webview_views.py

@@ -89,7 +89,7 @@ class CertificatesViewsTests(ModuleStoreTestCase, EventTrackingTestCase):
             grade="0.95",
             key='the_key',
             distinction=True,
-            status='generated',
+            status='downloadable',
             mode='honor',
             name=self.user.profile.name,
         )
@@ -342,6 +342,52 @@ class CertificatesViewsTests(ModuleStoreTestCase, EventTrackingTestCase):
         self.assertIn(str(self.cert.verify_uuid), response.content)
 
     @override_settings(FEATURES=FEATURES_WITH_CERTS_ENABLED)
+    def test_render_certificate_only_for_downloadable_status(self):
+        """
+        Tests taht Certificate HTML Web View returns Certificate only if certificate status is 'downloadable',
+        for other statuses it should return "Invalid Certificate".
+        """
+        test_url = get_certificate_url(
+            user_id=self.user.id,
+            course_id=unicode(self.course.id)
+        )
+        self._add_course_certificates(count=1, signatory_count=2)
+
+        # Validate certificate
+        response = self.client.get(test_url)
+        self.assertIn(str(self.cert.verify_uuid), response.content)
+
+        # Change status to 'generating' and validate that Certificate Web View returns "Invalid Certificate"
+        self.cert.status = CertificateStatuses.generating
+        self.cert.save()
+        response = self.client.get(test_url)
+        self.assertIn("Invalid Certificate", response.content)
+        self.assertIn("Cannot Find Certificate", response.content)
+        self.assertIn("We cannot find a certificate with this URL or ID number.", response.content)
+
+    @override_settings(FEATURES=FEATURES_WITH_CERTS_ENABLED)
+    def test_html_view_for_invalid_certificate(self):
+        """
+        Tests that Certificate HTML Web View returns "Cannot Find Certificate" if certificate has been invalidated.
+        """
+        test_url = get_certificate_url(
+            user_id=self.user.id,
+            course_id=unicode(self.course.id)
+        )
+        self._add_course_certificates(count=1, signatory_count=2)
+
+        # Validate certificate
+        response = self.client.get(test_url)
+        self.assertIn(str(self.cert.verify_uuid), response.content)
+
+        # invalidate certificate and verify that "Cannot Find Certificate" is returned
+        self.cert.invalidate()
+        response = self.client.get(test_url)
+        self.assertIn("Invalid Certificate", response.content)
+        self.assertIn("Cannot Find Certificate", response.content)
+        self.assertIn("We cannot find a certificate with this URL or ID number.", response.content)
+
+    @override_settings(FEATURES=FEATURES_WITH_CERTS_ENABLED)
     def test_render_html_view_with_valid_signatories(self):
         test_url = get_certificate_url(
             user_id=self.user.id,

lms/djangoapps/certificates/views/webview.py

@@ -38,6 +38,7 @@ from certificates.api import (
 )
 from certificates.models import (
     GeneratedCertificate,
+    CertificateStatuses,
     CertificateHtmlViewConfiguration,
     CertificateSocialNetworks,
     BadgeAssertion
@@ -351,7 +352,8 @@ def _get_user_certificate(request, user, course_key, course, preview_mode=None):
         else:
             user_certificate = GeneratedCertificate.objects.get(
                 user=user,
-                course_id=course_key
+                course_id=course_key,
+                status=CertificateStatuses.downloadable
             )
 
     # If there's no generated certificate data for this user, we need to see if we're in 'preview' mode...