Commit eef45393 by Jillian Vogel Committed by GitHub

Merge pull request #14153 from open-craft/jill/fix-insights-ccx-staff

Checks access using the CCX course key instead of the base course key
parents 18e3e095 8493ff60
...@@ -156,9 +156,6 @@ def has_access(user, action, obj, course_key=None): ...@@ -156,9 +156,6 @@ def has_access(user, action, obj, course_key=None):
if isinstance(obj, XBlock): if isinstance(obj, XBlock):
return _has_access_descriptor(user, action, obj, course_key) return _has_access_descriptor(user, action, obj, course_key)
if isinstance(obj, CCXLocator):
return _has_access_ccx_key(user, action, obj)
if isinstance(obj, CourseKey): if isinstance(obj, CourseKey):
return _has_access_course_key(user, action, obj) return _has_access_course_key(user, action, obj)
...@@ -621,16 +618,6 @@ def _has_access_course_key(user, action, course_key): ...@@ -621,16 +618,6 @@ def _has_access_course_key(user, action, course_key):
return _dispatch(checkers, action, user, course_key) return _dispatch(checkers, action, user, course_key)
def _has_access_ccx_key(user, action, ccx_key):
"""Check if user has access to the course for this ccx_key
Delegates checking to _has_access_course_key
Valid actions: same as for that function
"""
course_key = ccx_key.to_course_locator()
return _has_access_course_key(user, action, course_key)
def _has_access_string(user, action, perm): def _has_access_string(user, action, perm):
""" """
Check if user has certain special access, specified as string. Valid strings: Check if user has certain special access, specified as string. Valid strings:
......
...@@ -33,7 +33,8 @@ class LoginEnrollmentTestCase(TestCase): ...@@ -33,7 +33,8 @@ class LoginEnrollmentTestCase(TestCase):
self.email, self.email,
self.password, self.password,
) )
self.activate_user(self.email) # activate_user re-fetches and returns the activated user record
self.user = self.activate_user(self.email)
self.login(self.email, self.password) self.login(self.email, self.password)
def assert_request_status_code(self, status_code, url, method="GET", **kwargs): def assert_request_status_code(self, status_code, url, method="GET", **kwargs):
...@@ -100,7 +101,10 @@ class LoginEnrollmentTestCase(TestCase): ...@@ -100,7 +101,10 @@ class LoginEnrollmentTestCase(TestCase):
url = reverse('activate', kwargs={'key': activation_key}) url = reverse('activate', kwargs={'key': activation_key})
self.assert_request_status_code(200, url) self.assert_request_status_code(200, url)
# Now make sure that the user is now actually activated # Now make sure that the user is now actually activated
self.assertTrue(User.objects.get(email=email).is_active) user = User.objects.get(email=email)
self.assertTrue(user.is_active)
# And return the user we fetched.
return user
def enroll(self, course, verify=False): def enroll(self, course, verify=False):
""" """
......
...@@ -30,7 +30,7 @@ from courseware.tests.factories import ( ...@@ -30,7 +30,7 @@ from courseware.tests.factories import (
from courseware.tests.helpers import LoginEnrollmentTestCase from courseware.tests.helpers import LoginEnrollmentTestCase
from openedx.core.djangoapps.content.course_overviews.models import CourseOverview from openedx.core.djangoapps.content.course_overviews.models import CourseOverview
from student.models import CourseEnrollment from student.models import CourseEnrollment
from student.roles import CourseCcxCoachRole from student.roles import CourseCcxCoachRole, CourseStaffRole
from student.tests.factories import ( from student.tests.factories import (
AdminFactory, AdminFactory,
AnonymousUserFactory, AnonymousUserFactory,
...@@ -123,6 +123,23 @@ class CoachAccessTestCaseCCX(SharedModuleStoreTestCase, LoginEnrollmentTestCase) ...@@ -123,6 +123,23 @@ class CoachAccessTestCaseCCX(SharedModuleStoreTestCase, LoginEnrollmentTestCase)
self.setup_user() self.setup_user()
self.assertFalse(access.has_ccx_coach_role(self.user, ccx_locator)) self.assertFalse(access.has_ccx_coach_role(self.user, ccx_locator))
def test_ccx_coach_has_staff_role(self):
"""
Assert that user has staff access on ccx.
"""
ccx_locator = self.make_ccx()
# coach user has access as staff on ccx
self.assertTrue(access.has_access(self.coach, 'staff', ccx_locator))
# basic user doesn't have staff access on ccx..
self.setup_user()
self.assertFalse(access.has_access(self.user, 'staff', ccx_locator))
# until we give her a staff role.
CourseStaffRole(ccx_locator).add_users(self.user)
self.assertTrue(access.has_access(self.user, 'staff', ccx_locator))
def test_access_student_progress_ccx(self): def test_access_student_progress_ccx(self):
""" """
Assert that only a coach can see progress of student. Assert that only a coach can see progress of student.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment