Changeset 9565 for main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py

Timestamp:

7 Nov 2012, 08:27:23 (12 years ago)

Author:

Henrik Bettermann

Message:

Add 'show students' button to CoursePage?.

Lecturers can now list all students in course but they can neither access the students nor the respective course tickets. A CourseTicketPrincipalRoleManager? does not yet exist. And we have to discuss what lecturers are supposed to see. In my opinion, lecturers must no see student data.

File:

• main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py (modified) (1 diff)

main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py

@@ -1406 +1406 @@
         self.assertTrue(self.student_id in self.browser.contents)
 
+    def test_handle_courses_by_lecturer(self):
+        # Create course lecturer
+        self.app['users'].addUser('mrslecturer', 'mrslecturersecret')
+        self.app['users']['mrslecturer'].email = 'mrslecturer@foo.ng'
+        self.app['users']['mrslecturer'].title = u'Mercedes Benz'
+        # Assign local Courselecturer100 role for a certificate
+        course = self.app['faculties']['fac1']['dep1'].courses['COURSE1']
+        prmlocal = IPrincipalRoleManager(course)
+        prmlocal.assignRoleToPrincipal('waeup.local.Lecturer', 'mrslecturer')
+        # Login as lecturer
+        self.browser.open(self.login_path)
+        self.browser.getControl(name="form.login").value = 'mrslecturer'
+        self.browser.getControl(name="form.password").value = 'mrslecturersecret'
+        self.browser.getControl("Login").click()
+        self.assertMatches('...You logged in...', self.browser.contents)
+        # CO can see her roles
+        self.browser.getLink("My Roles").click()
+        self.assertMatches(
+            '...<div>Academics Officer (view only)</div>...',
+            self.browser.contents)
+        # But not her local role ...
+        self.assertFalse('Lecturer' in self.browser.contents)
+        # ... because we forgot to notify the course that the local role
+        # has changed
+        notify(LocalRoleSetEvent(
+            course, 'waeup.local.Lecturer', 'mrslecturer', granted=True))
+        self.browser.open('http://localhost/app/users/mrslecturer/my_roles')
+        self.assertTrue('Lecturer' in self.browser.contents)
+        self.assertMatches(
+            '...<a href="http://localhost/app/faculties/fac1/dep1/courses/COURSE1">...',
+            self.browser.contents)
+        # The lecturer can go to her course
+        self.browser.getLink(
+            "http://localhost/app/faculties/fac1/dep1/courses/COURSE1").click()
+        # and view the list of students
+        self.browser.getLink("Show students").click()
+        self.assertTrue('<th>Fullname</th>' in self.browser.contents)
+        # No student in course so far
+        self.assertFalse(self.student_id in self.browser.contents)
+        studylevel = createObject(u'waeup.StudentStudyLevel')
+        studylevel.level = 100
+        self.student['studycourse'].addStudentStudyLevel(
+            self.certificate, studylevel)
+        # Now the student has registered the course and can
+        # be seen by the lecturer.
+        self.assertFalse(self.student_id in self.browser.contents)
+        # XXX: So far the lecturer can neither access ths student ...
+        self.assertRaises(
+            Unauthorized, self.browser.open, self.student_path)
+        # ... nor the respective course ticket since a
+        # CourseTicketPrincipalRoleManager does not yet exist.
+        self.assertTrue('COURSE1' in self.student['studycourse']['100'].keys())
+        course_ticket_path = self.student_path + '/studycourse/100/COURSE1'
+        self.assertRaises(
+            Unauthorized, self.browser.open, course_ticket_path)
+
     def test_change_current_mode(self):
         self.browser.addHeader('Authorization', 'Basic mgr:mgrpw')