本文整理汇总了Python中student.auth.has_access函数的典型用法代码示例。如果您正苦于以下问题:Python has_access函数的具体用法?Python has_access怎么用?Python has_access使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了has_access函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_update_creator_group
def test_update_creator_group(self):
with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
self.assertFalse(auth.has_access(self.user, CourseCreatorRole()))
update_course_creator_group(self.admin, self.user, True)
self.assertTrue(auth.has_access(self.user, CourseCreatorRole()))
update_course_creator_group(self.admin, self.user, False)
self.assertFalse(auth.has_access(self.user, CourseCreatorRole()))
示例2: test_detail_post_no_json
def test_detail_post_no_json(self):
resp = self.client.post(self.detail_url, data={"role": "staff"}, HTTP_ACCEPT="application/json")
self.assertEqual(resp.status_code, 204)
# reload user from DB
ext_user = User.objects.get(email=self.ext_user.email)
self.assertTrue(auth.has_access(ext_user, CourseStaffRole(self.course_locator)))
self.assertFalse(auth.has_access(ext_user, CourseInstructorRole(self.course_locator)))
self.assert_enrolled()
示例3: test_creator_group_enabled_but_empty
def test_creator_group_enabled_but_empty(self):
""" Tests creator group feature on, but group empty. """
with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
self.assertFalse(has_access(self.user, CourseCreatorRole()))
# Make user staff. This will cause CourseCreatorRole().has_user to return True.
self.user.is_staff = True
self.assertTrue(has_access(self.user, CourseCreatorRole()))
示例4: test_detail_post
def test_detail_post(self):
resp = self.client.post(self.detail_url, data={"role": None})
self.assertEqual(resp.status_code, 204)
# reload user from DB
ext_user = User.objects.get(email=self.ext_user.email)
# no content: should not be in any roles
self.assertFalse(auth.has_access(ext_user, CourseStaffRole(self.course_locator)))
self.assertFalse(auth.has_access(ext_user, CourseInstructorRole(self.course_locator)))
self.assert_not_enrolled()
示例5: test_add_granted
def test_add_granted(self):
with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
# Calling add_user_with_status_granted impacts is_user_in_course_group_role.
self.assertFalse(auth.has_access(self.user, CourseCreatorRole()))
add_user_with_status_granted(self.admin, self.user)
self.assertEqual('granted', get_course_creator_status(self.user))
# Calling add again will be a no-op (even if state is different).
add_user_with_status_unrequested(self.user)
self.assertEqual('granted', get_course_creator_status(self.user))
self.assertTrue(auth.has_access(self.user, CourseCreatorRole()))
示例6: test_creator_group_enabled_nonempty
def test_creator_group_enabled_nonempty(self):
""" Tests creator group feature on, user added. """
with mock.patch.dict('django.conf.settings.FEATURES', {"ENABLE_CREATOR_GROUP": True}):
add_users(self.admin, CourseCreatorRole(), self.user)
self.assertTrue(has_access(self.user, CourseCreatorRole()))
# check that a user who has not been added to the group still returns false
user_not_added = User.objects.create_user('testuser2', '[email protected]', 'foo2')
self.assertFalse(has_access(user_not_added, CourseCreatorRole()))
# remove first user from the group and verify that CourseCreatorRole().has_user now returns false
remove_users(self.admin, CourseCreatorRole(), self.user)
self.assertFalse(has_access(self.user, CourseCreatorRole()))
示例7: test_add_user_to_course_group
def test_add_user_to_course_group(self):
"""
Tests adding user to course group (happy path).
"""
# Create groups for a new course (and assign instructor role to the creator).
self.assertFalse(has_access(self.creator, CourseInstructorRole(self.course_key)))
add_users(self.global_admin, CourseInstructorRole(self.course_key), self.creator)
add_users(self.global_admin, CourseStaffRole(self.course_key), self.creator)
self.assertTrue(has_access(self.creator, CourseInstructorRole(self.course_key)))
# Add another user to the staff role.
self.assertFalse(has_access(self.staff, CourseStaffRole(self.course_key)))
add_users(self.creator, CourseStaffRole(self.course_key), self.staff)
self.assertTrue(has_access(self.staff, CourseStaffRole(self.course_key)))
示例8: test_remove_user_from_course_group
def test_remove_user_from_course_group(self):
"""
Tests removing user from course group (happy path).
"""
add_users(self.global_admin, CourseInstructorRole(self.course_key), self.creator)
add_users(self.global_admin, CourseStaffRole(self.course_key), self.creator)
add_users(self.creator, CourseStaffRole(self.course_key), self.staff)
self.assertTrue(has_access(self.staff, CourseStaffRole(self.course_key)))
remove_users(self.creator, CourseStaffRole(self.course_key), self.staff)
self.assertFalse(has_access(self.staff, CourseStaffRole(self.course_key)))
remove_users(self.creator, CourseInstructorRole(self.course_key), self.creator)
self.assertFalse(has_access(self.creator, CourseInstructorRole(self.course_key)))
示例9: test_course_creation_disabled
def test_course_creation_disabled(self):
""" Tests that the COURSE_CREATION_DISABLED flag overrides course creator group settings. """
with mock.patch.dict('django.conf.settings.FEATURES',
{'DISABLE_COURSE_CREATION': True, "ENABLE_CREATOR_GROUP": True}):
# Add user to creator group.
add_users(self.admin, CourseCreatorRole(), self.user)
# DISABLE_COURSE_CREATION overrides (user is not marked as staff).
self.assertFalse(has_access(self.user, CourseCreatorRole()))
# Mark as staff. Now CourseCreatorRole().has_user returns true.
self.user.is_staff = True
self.assertTrue(has_access(self.user, CourseCreatorRole()))
# Remove user from creator group. CourseCreatorRole().has_user still returns true because is_staff=True
remove_users(self.admin, CourseCreatorRole(), self.user)
self.assertTrue(has_access(self.user, CourseCreatorRole()))
示例10: test_detail_delete_instructor
def test_detail_delete_instructor(self):
auth.add_users(self.user, CourseInstructorRole(self.course_locator), self.ext_user, self.user)
resp = self.client.delete(self.detail_url, HTTP_ACCEPT="application/json")
self.assertEqual(resp.status_code, 204)
# reload user from DB
ext_user = User.objects.get(email=self.ext_user.email)
self.assertFalse(auth.has_access(ext_user, CourseInstructorRole(self.course_locator)))
示例11: cm_course_delete
def cm_course_delete(request, course_id = None):
response_format = request.REQUEST.get('format','html')
if response_format == 'json' or 'application/json' in request.META.get('HTTP/ACCEPT', 'application/json'):
if request.method == 'POST':
if validate_token(request.body, request) is False:
log.warn("Unauthorized access made by course: %s, user: %s", request.json.get('email'))
return HttpResponse('Unauthorized', status=401)
email = request.json.get('email')
try:
instructor = User.objects.get(email = email)
request.user = instructor
except User.DoesNotExist:
log.error("course deletion attempted by unregistered user: %s", email)
return JsonResponse(json.dumps({ 'error': 'course deletion attempted by unregistered user' }), status = 400)
if course_id is None:
return JsonResponse(json.dumps({'error': 'Course ID does not exist'}), status = 404)
try:
course_key = CourseKey.from_string(course_id)
except InvalidKeyError:
try:
course_key = SlashSeparatedCourseKey.from_deprecated_string(course_id)
except InvalidKeyError:
course_key = None
if course_key is None:
return JsonResponse(json.dumps({'error': 'Course Key not found for course id: ' + str(course_id)}), status = 404)
if not auth.has_access(instructor, CourseInstructorRole(course_key)):
log.error("course deletion attempted by unauthorized user: %s", email)
return JsonResponse(json.dumps({'error': 'course deletion attempted by unauthorized user'}), status = 401)
try:
delete_course_and_groups(course_key, instructor.id)
try:
StudentModule.objects.filter(course_id=course_key).delete()
except:
# We need this for testing. The above mentioned model lives in
# LMS but our tests are executed via CMS. This piece of code
# makes sure that the test safely skips over this and runs
# successfully.
pass
CourseEnrollment.objects.filter(course_id=course_key).delete()
try:
CourseAccessRole.objects.get(course_id=course_key).delete()
except CourseAccessRole.DoesNotExist:
pass
except Exception as e:
return JsonResponse(json.dumps({'error' : str(e)}), status = 500)
return JsonResponse(json.dumps({'message': "successfully deleted course"}), status = 200)
else:
return JsonResponse(json.dumps({}), status=404)
else:
return JsonResponse(content=json.dumps({}), status=404)
示例12: test_add_user_not_active
def test_add_user_not_active(self):
"""
Tests that adding to creator group fails if user is not active
"""
with mock.patch.dict('django.conf.settings.FEATURES',
{'DISABLE_COURSE_CREATION': False, "ENABLE_CREATOR_GROUP": True}):
self.user.is_active = False
add_users(self.admin, CourseCreatorRole(), self.user)
self.assertFalse(has_access(self.user, CourseCreatorRole()))
示例13: test_add_user_not_authenticated
def test_add_user_not_authenticated(self):
"""
Tests that adding to creator group fails if user is not authenticated
"""
with mock.patch.dict('django.conf.settings.FEATURES',
{'DISABLE_COURSE_CREATION': False, "ENABLE_CREATOR_GROUP": True}):
anonymous_user = AnonymousUser()
role = CourseCreatorRole()
add_users(self.admin, role, anonymous_user)
self.assertFalse(has_access(anonymous_user, role))
示例14: test_post_last_instructor
def test_post_last_instructor(self):
auth.add_users(self.user, CourseInstructorRole(self.course_locator), self.ext_user)
resp = self.client.post(self.detail_url, data={"role": "staff"}, HTTP_ACCEPT="application/json")
self.assertEqual(resp.status_code, 400)
result = json.loads(resp.content)
self.assertIn("error", result)
# reload user from DB
ext_user = User.objects.get(email=self.ext_user.email)
self.assertTrue(auth.has_access(ext_user, CourseInstructorRole(self.course_locator)))
示例15: test_detail_post_staff_other_inst
def test_detail_post_staff_other_inst(self):
auth.add_users(self.user, CourseInstructorRole(self.course.id), self.user)
resp = self.client.post(
self.detail_url,
data=json.dumps({"role": "staff"}),
content_type="application/json",
HTTP_ACCEPT="application/json",
)
self.assertEqual(resp.status_code, 204)
# reload user from DB
ext_user = User.objects.get(email=self.ext_user.email)
self.assertTrue(auth.has_access(ext_user, CourseStaffRole(self.course.id)))
self.assertFalse(auth.has_access(ext_user, CourseInstructorRole(self.course.id)))
self.assert_enrolled()
# check that other user is unchanged
user = User.objects.get(email=self.user.email)
self.assertTrue(auth.has_access(user, CourseInstructorRole(self.course.id)))
self.assertFalse(CourseStaffRole(self.course.id).has_user(user))