diff --git a/lms/djangoapps/instructor/tests/test_api.py b/lms/djangoapps/instructor/tests/test_api.py index 96511e1fef8a..8540e4dc8a8f 100644 --- a/lms/djangoapps/instructor/tests/test_api.py +++ b/lms/djangoapps/instructor/tests/test_api.py @@ -417,49 +417,49 @@ def setUp(self): # Endpoints that only Staff or Instructors can access self.staff_level_endpoints = [ - # ('students_update_enrollment', - # {'identifiers': 'foo@example.org', 'action': 'enroll'}), - # ('get_grading_config', {}), - # ('get_students_features', {}), - # ('get_student_progress_url', {'unique_student_identifier': self.user.username}), - # ('update_forum_role_membership', - # {'unique_student_identifier': self.user.email, 'rolename': 'Moderator', 'action': 'allow'}), - # ('list_forum_members', {'rolename': FORUM_ROLE_COMMUNITY_TA}), - # # ('send_email', {'send_to': '["staff"]', 'subject': 'test', 'message': 'asdf'}), - # ('list_instructor_tasks', {}), - # ('instructor_api_v1:list_instructor_tasks', {}), - # ('list_background_email_tasks', {}), - # ('instructor_api_v1:list_report_downloads', {}), - # ('calculate_grades_csv', {}), - # ('get_students_features', {}), + ('students_update_enrollment', + {'identifiers': 'foo@example.org', 'action': 'enroll'}), + ('get_grading_config', {}), + ('get_students_features', {}), + ('get_student_progress_url', {'unique_student_identifier': self.user.username}), + ('update_forum_role_membership', + {'unique_student_identifier': self.user.email, 'rolename': 'Moderator', 'action': 'allow'}), + ('list_forum_members', {'rolename': FORUM_ROLE_COMMUNITY_TA}), + ('send_email', {'send_to': '["staff"]', 'subject': 'test', 'message': 'asdf'}), + ('list_instructor_tasks', {}), + ('instructor_api_v1:list_instructor_tasks', {}), + ('list_background_email_tasks', {}), + ('instructor_api_v1:list_report_downloads', {}), + ('calculate_grades_csv', {}), + ('get_students_features', {}), ('get_students_who_may_enroll', {}), - # ('get_proctored_exam_results', {}), - # ('get_problem_responses', {}), - # ('instructor_api_v1:generate_problem_responses', {"problem_locations": [str(self.problem.location)]}), - # ('export_ora2_data', {}), - # ('export_ora2_submission_files', {}), - # ('export_ora2_summary', {}), - # ('rescore_problem', - # {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email}), - # ('override_problem_score', - # {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email, 'score': 0}), - # ('reset_student_attempts', - # {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email}), - # ( - # 'reset_student_attempts', - # { - # 'problem_to_reset': self.problem_urlname, - # 'unique_student_identifier': self.user.email, - # 'delete_module': True - # } - # ), + ('get_proctored_exam_results', {}), + ('get_problem_responses', {}), + ('instructor_api_v1:generate_problem_responses', {"problem_locations": [str(self.problem.location)]}), + ('export_ora2_data', {}), + ('export_ora2_submission_files', {}), + ('export_ora2_summary', {}), + ('rescore_problem', + {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email}), + ('override_problem_score', + {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email, 'score': 0}), + ('reset_student_attempts', + {'problem_to_reset': self.problem_urlname, 'unique_student_identifier': self.user.email}), + ( + 'reset_student_attempts', + { + 'problem_to_reset': self.problem_urlname, + 'unique_student_identifier': self.user.email, + 'delete_module': True + } + ), ] # Endpoints that only Instructors can access self.instructor_level_endpoints = [ - # ('bulk_beta_modify_access', {'identifiers': 'foo@example.org', 'action': 'add'}), - # ('modify_access', {'unique_student_identifier': self.user.email, 'rolename': 'beta', 'action': 'allow'}), - # ('list_course_role_members', {'rolename': 'beta'}), - # ('rescore_problem', {'problem_to_reset': self.problem_urlname, 'all_students': True}), + ('bulk_beta_modify_access', {'identifiers': 'foo@example.org', 'action': 'add'}), + ('modify_access', {'unique_student_identifier': self.user.email, 'rolename': 'beta', 'action': 'allow'}), + ('list_course_role_members', {'rolename': 'beta'}), + ('rescore_problem', {'problem_to_reset': self.problem_urlname, 'all_students': True}), ('reset_student_attempts', {'problem_to_reset': self.problem_urlname, 'all_students': True}), ] @@ -472,26 +472,24 @@ def _access_endpoint(self, endpoint, args, status_code, msg, content_type=MULTIP status_code: expected HTTP status code response msg: message to display if assertion fails. """ - url = reverse(endpoint, kwargs={'course_id': str(self.course.id)}) if endpoint in INSTRUCTOR_GET_ENDPOINTS: response = self.client.get(url, args) else: - # if endpoint not in ['get_students_features', 'get_students_who_may_enroll']: response = self.client.post(url, args, content_type=content_type) - assert response.status_code == status_code, msg def test_student_level(self): """ Ensure that an enrolled student can't access staff or instructor endpoints. - # """ - # self.user.is_staff = True - # self.user.save() - # UserPreference.objects.create(user=self.user, key="preview-site-theme", value="test-theme") - # UserPreference.objects.create(user=self.user, key="pref-lang", value="en") + """ + self.user.is_staff = True + self.user.save() + UserPreference.objects.create(user=self.user, key="preview-site-theme", value="test-theme") + UserPreference.objects.create(user=self.user, key="pref-lang", value="en") self.client.login(username=self.user.username, password=self.TEST_PASSWORD) + for endpoint, args in self.staff_level_endpoints: self._access_endpoint( endpoint, @@ -499,16 +497,14 @@ def test_student_level(self): 403, "Student should not be allowed to access endpoint " + endpoint ) - # - from common.djangoapps.util.db import outer_atomic - with outer_atomic(): - for endpoint, args in self.instructor_level_endpoints: - self._access_endpoint( - endpoint, - args, - 403, - "Student should not be allowed to access endpoint " + endpoint - ) + + for endpoint, args in self.instructor_level_endpoints: + self._access_endpoint( + endpoint, + args, + 403, + "Student should not be allowed to access endpoint " + endpoint + ) def _access_problem_responses_endpoint(self, endpoint, msg): """ diff --git a/openedx/core/djangoapps/lang_pref/middleware.py b/openedx/core/djangoapps/lang_pref/middleware.py index 3004806018b5..90b0535ec081 100644 --- a/openedx/core/djangoapps/lang_pref/middleware.py +++ b/openedx/core/djangoapps/lang_pref/middleware.py @@ -77,8 +77,6 @@ def process_response(self, request, response): # lint-amnesty, pylint: disable= else: # Get the user's language preference try: - import pdb; - pdb.set_trace() user_pref = get_user_preference(current_user, LANGUAGE_KEY) except (UserAPIRequestError, UserAPIInternalError): # If we can't find the user preferences, then don't modify the cookie