Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
grady
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container Registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Jan Maximilian Michal
grady
Commits
9524bc63
Commit
9524bc63
authored
3 years ago
by
Thilo Wischmeyer
Browse files
Options
Downloads
Patches
Plain Diff
Replaced change_is_reviewer with change_role
parent
66bef095
No related branches found
Branches containing commit
No related tags found
Tags containing commit
1 merge request
!282
Resolve "Feature proposal: Let reviewers manage roles of other users."
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
core/tests/test_user_account_views.py
+23
-13
23 additions, 13 deletions
core/tests/test_user_account_views.py
core/views/common_views.py
+20
-15
20 additions, 15 deletions
core/views/common_views.py
with
43 additions
and
28 deletions
core/tests/test_user_account_views.py
+
23
−
13
View file @
9524bc63
...
...
@@ -105,27 +105,27 @@ class ReviewerCanChangeCorrectorRoleTests(APITestCase):
self
.
reviewer1
=
self
.
user_factory
.
make_reviewer
()
self
.
client
=
APIClient
()
def
_set_r
eviewer_rights
(
self
,
new_value
,
changing_user
,
user_to_change
):
def
_set_r
ole
(
self
,
new_value
,
changing_user
,
user_to_change
):
self
.
client
.
force_authenticate
(
user
=
changing_user
)
url
=
f
"
/api/user/
{
user_to_change
.
pk
}
/change_
is_reviewer
/
"
return
self
.
client
.
patch
(
url
,
data
=
{
'
is_reviewer
'
:
new_value
})
url
=
f
"
/api/user/
{
user_to_change
.
pk
}
/change_
role
/
"
return
self
.
client
.
patch
(
url
,
data
=
{
'
role
'
:
new_value
})
def
_
grant
_reviewer
_rights
(
self
,
changing_user
,
user_to_change
):
return
self
.
_set_reviewer
_rights
(
True
,
changing_user
,
user_to_change
)
def
_
make
_reviewer
(
self
,
changing_user
,
user_to_change
):
return
self
.
_set_r
ole
(
'
R
eviewer
'
,
changing_user
,
user_to_change
)
def
_
revoke_reviewer_rights
(
self
,
changing_user
,
user_to_change
):
return
self
.
_set_r
eviewer_rights
(
False
,
changing_user
,
user_to_change
)
def
_
make_tutor
(
self
,
changing_user
,
user_to_change
):
return
self
.
_set_r
ole
(
'
Tutor
'
,
changing_user
,
user_to_change
)
def
test_reviewer_can_promote_tutor_to_reviewer
(
self
):
tutor
=
self
.
user_factory
.
make_tutor
()
response
=
self
.
_
grant
_reviewer
_rights
(
self
.
reviewer1
,
tutor
)
response
=
self
.
_
make
_reviewer
(
self
.
reviewer1
,
tutor
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_200_OK
)
tutor
.
refresh_from_db
()
self
.
assertTrue
(
tutor
.
is_reviewer
())
def
test_reviewer_can_demote_other_reviewer_to_tutor
(
self
):
reviewer2
=
self
.
user_factory
.
make_reviewer
()
response
=
self
.
_
revoke_reviewer_rights
(
self
.
reviewer1
,
reviewer2
)
response
=
self
.
_
make_tutor
(
self
.
reviewer1
,
reviewer2
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_200_OK
)
reviewer2
.
refresh_from_db
()
self
.
assertFalse
(
reviewer2
.
is_reviewer
())
...
...
@@ -137,7 +137,17 @@ class ReviewerCanChangeCorrectorRoleTests(APITestCase):
'
pass_score
'
:
60
,
}])[
0
]
student
=
self
.
user_factory
.
make_student
(
exam
=
exam
)
response
=
self
.
_grant_reviewer_rights
(
self
.
reviewer1
,
student
)
response
=
self
.
_make_reviewer
(
self
.
reviewer1
,
student
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_403_FORBIDDEN
)
def
test_reviewer_cannot_promote_student_to_tutor
(
self
):
exam
=
make_exams
(
exams
=
[{
'
module_reference
'
:
'
Test Exam 01
'
,
'
total_score
'
:
100
,
'
pass_score
'
:
60
,
}])[
0
]
student
=
self
.
user_factory
.
make_student
(
exam
=
exam
)
response
=
self
.
_make_tutor
(
self
.
reviewer1
,
student
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_403_FORBIDDEN
)
def
test_student_cannot_change_access_rights
(
self
):
...
...
@@ -147,14 +157,14 @@ class ReviewerCanChangeCorrectorRoleTests(APITestCase):
'
pass_score
'
:
60
,
}])[
0
]
student
=
self
.
user_factory
.
make_student
(
exam
=
exam
)
response
=
self
.
_
grant
_reviewer
_rights
(
student
,
self
.
reviewer1
)
response
=
self
.
_
make
_reviewer
(
student
,
self
.
reviewer1
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_403_FORBIDDEN
)
def
test_tutor_cannot_change_access_rights
(
self
):
tutor
=
self
.
user_factory
.
make_tutor
()
response
=
self
.
_
grant
_reviewer
_rights
(
tutor
,
self
.
reviewer1
)
response
=
self
.
_
make
_reviewer
(
tutor
,
self
.
reviewer1
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_403_FORBIDDEN
)
def
test_reviewer_cannot_demote_self_to_tutor
(
self
):
response
=
self
.
_
revoke_reviewer_rights
(
self
.
reviewer1
,
self
.
reviewer1
)
response
=
self
.
_
make_tutor
(
self
.
reviewer1
,
self
.
reviewer1
)
self
.
assertEqual
(
response
.
status_code
,
status
.
HTTP_403_FORBIDDEN
)
This diff is collapsed.
Click to expand it.
core/views/common_views.py
+
20
−
15
View file @
9524bc63
...
...
@@ -328,26 +328,31 @@ class UserAccountViewSet(viewsets.ReadOnlyModelViewSet):
user
.
save
()
return
Response
(
status
.
HTTP_200_OK
)
@action
(
detail
=
True
,
methods
=
[
'
patch
'
])
def
change_
is_reviewer
(
self
,
request
,
*
args
,
**
kwargs
):
changing_to_reviewer
=
request
.
data
.
get
(
'
is_reviewer
'
)
@action
(
detail
=
True
,
methods
=
[
"
patch
"
])
def
change_
role
(
self
,
request
,
*
args
,
**
kwargs
):
new_role
=
request
.
data
.
get
(
'
role
'
)
user
=
self
.
get_object
()
valid_values
=
[
models
.
UserAccount
.
STUDENT
,
models
.
UserAccount
.
REVIEWER
,
models
.
UserAccount
.
TUTOR
,
]
if
new_role
not
in
valid_values
:
error_msg
=
(
"
You need to provide a
'
role
'
field with one of these values:
"
+
'
,
'
.
join
(
valid_values
)
)
return
Response
({
'
Error
'
:
error_msg
},
status
.
HTTP_400_BAD_REQUEST
)
if
not
request
.
user
.
is_reviewer
():
error_msg
=
"
Only reviewers can manage access rights.
"
error_msg
=
'
Only reviewers can manage access rights.
'
return
Response
({
'
Error
'
:
error_msg
},
status
.
HTTP_403_FORBIDDEN
)
if
changing_to_reviewer
is
None
:
error_msg
=
"
You need to provide an
'
is_reviewer
'
field
"
return
Response
({
'
Error
'
:
error_msg
},
status
.
HTTP_400_BAD_REQUEST
)
if
user
.
is_student
()
and
changing_to_reviewer
:
error_msg
=
"
Cannot promote a student to reviewer.
"
if
user
.
is_student
():
error_msg
=
'
Cannot promote a student to another role.
'
return
Response
({
'
Error
'
:
error_msg
},
status
.
HTTP_403_FORBIDDEN
)
if
user
==
request
.
user
and
not
changing_to_reviewer
:
error_msg
=
"
As a reviewer, you cannot demote yourself.
"
if
user
==
request
.
user
and
not
new_role
==
models
.
UserAccount
.
REVIEWER
:
error_msg
=
'
As a reviewer, you cannot demote yourself.
'
return
Response
({
'
Error
'
:
error_msg
},
status
.
HTTP_403_FORBIDDEN
)
if
changing_to_reviewer
:
user
.
role
=
models
.
UserAccount
.
REVIEWER
else
:
user
.
role
=
models
.
UserAccount
.
STUDENT
user
.
role
=
new_role
user
.
save
()
return
Response
(
status
.
HTTP_200_OK
)
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
