Skip to content

E
edx-platform
Commit 87434188 by Zia Fazal Committed by Jonathan Piacenti
Options

ziafazal/api-ability-to-ignore-user-roles: ability to ignore roles in bulk update

parent bc393990
Showing with 31 additions and 27 deletions
lms/djangoapps/api_manager/users/tests.py
......@@ -1542,11 +1542,12 @@ class UsersApiTests(ModuleStoreTestCase):
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['count'], 0)
data = [
data = {'ignore_roles': ['staff'], 'roles': [
{'course_id': unicode(self.course.id), 'role': 'instructor'},
{'course_id': unicode(course2.id), 'role': 'instructor'},
{'course_id': unicode(course3.id), 'role': 'instructor'},
]
{'course_id': unicode(course3.id), 'role': 'staff'},
]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 200)
......@@ -1556,10 +1557,10 @@ class UsersApiTests(ModuleStoreTestCase):
for role in response.data['results']:
self.assertEqual(role['role'], 'instructor')
data = [
data = {'roles': [
{'course_id': unicode(self.course.id), 'role': 'staff'},
{'course_id': unicode(course2.id), 'role': 'staff'},
]
]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 200)
response = self.do_get(test_uri)
......@@ -1572,10 +1573,10 @@ class UsersApiTests(ModuleStoreTestCase):
allow_access(course4, self.user, 'staff')
# Now modify the existing no-moderator role using the API, which tries to set the moderator role
# Also change one of the existing moderator roles, but call it using the deprecated string version
data = [
data = {'roles': [
{'course_id': course4.id.to_deprecated_string(), 'role': 'instructor'},
{'course_id': course2.id.to_deprecated_string(), 'role': 'instructor'},
]
]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 200)
response = self.do_get(test_uri)
......@@ -1584,7 +1585,7 @@ class UsersApiTests(ModuleStoreTestCase):
def test_users_roles_list_put_invalid_user(self):
test_uri = '{}/2131/roles/'.format(self.users_base_uri)
data = [{'course_id': unicode(self.course.id), 'role': 'instructor'}]
data = {'roles': [{'course_id': unicode(self.course.id), 'role': 'instructor'}]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 404)
......@@ -1594,7 +1595,7 @@ class UsersApiTests(ModuleStoreTestCase):
response = self.do_post(test_uri, data)
self.assertEqual(response.status_code, 201)
data = [{'course_id': self.test_bogus_course_id, 'role': 'instructor'}]
data = {'roles': [{'course_id': self.test_bogus_course_id, 'role': 'instructor'}]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 400)
......@@ -1605,10 +1606,10 @@ class UsersApiTests(ModuleStoreTestCase):
def test_users_roles_list_put_invalid_roles(self):
test_uri = '{}/{}/roles/'.format(self.users_base_uri, self.user.id)
data = []
data = {'roles': []}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 400)
data = [{'course_id': unicode(self.course.id), 'role': 'invalid-role'}]
data = {'roles': [{'course_id': unicode(self.course.id), 'role': 'invalid-role'}]}
response = self.do_put(test_uri, data)
self.assertEqual(response.status_code, 400)
......
lms/djangoapps/api_manager/users/views.py
......@@ -1275,26 +1275,29 @@ class UsersRolesList(SecureListAPIView):
except ObjectDoesNotExist:
raise Http404
if not len(request.DATA):
if not len(request.DATA['roles']):
return Response({}, status=status.HTTP_400_BAD_REQUEST)
ignore_roles = request.DATA.get('ignore_roles', [])
current_roles = self.get_queryset()
for current_role in current_roles:
course_descriptor, course_key, course_content = get_course(request, user, unicode(current_role.course_id)) # pylint: disable=W0612
_manage_role(course_descriptor, user, current_role.role, 'revoke')
for role in request.DATA:
try:
course_id = role['course_id']
course_descriptor, course_key, course_content = get_course(request, user, course_id) # pylint: disable=W0612
if not course_descriptor:
raise ValueError # ValueError is also thrown by the following role setters
_manage_role(course_descriptor, user, role['role'], 'allow')
except ValueError:
# Restore the current roleset to the User
for current_role in current_roles:
course_descriptor, course_key, course_content = get_course(
request, user, unicode(current_role.course_id)) # pylint: disable=W0612
_manage_role(course_descriptor, user, current_role.role, 'allow')
return Response({}, status=status.HTTP_400_BAD_REQUEST)
if current_role.role not in ignore_roles:
course_descriptor, course_key, course_content = get_course(request, user, unicode(current_role.course_id)) # pylint: disable=W0612
_manage_role(course_descriptor, user, current_role.role, 'revoke')
for role in request.DATA['roles']:
if role['role'] not in ignore_roles:
try:
course_id = role['course_id']
course_descriptor, course_key, course_content = get_course(request, user, course_id) # pylint: disable=W0612
if not course_descriptor:
raise ValueError # ValueError is also thrown by the following role setters
_manage_role(course_descriptor, user, role['role'], 'allow')
except ValueError:
# Restore the current roleset to the User
for current_role in current_roles:
course_descriptor, course_key, course_content = get_course(
request, user, unicode(current_role.course_id)) # pylint: disable=W0612
_manage_role(course_descriptor, user, current_role.role, 'allow')
return Response({}, status=status.HTTP_400_BAD_REQUEST)
return Response(request.DATA, status=status.HTTP_200_OK)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment