Skip to content

Commit d1b0f30

Browse files
MaferMazuMaferMazu
authored
[FC-0099] fix: add constants and improve test class (#125)
1 parent ee25f8a commit d1b0f30

14 files changed

Lines changed: 384 additions & 390 deletions

File tree

CHANGELOG.rst

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,14 @@ Unreleased
1616

1717
*
1818

19+
0.10.1 - 2025-10-28
20+
********************
21+
22+
Fixed
23+
=====
24+
25+
* Fix constants and test class to be able to use it outside this app.
26+
1927
0.10.0 - 2025-10-28
2028
*******************
2129

openedx_authz/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,6 @@
44

55
import os
66

7-
__version__ = "0.10.0"
7+
__version__ = "0.10.1"
88

99
ROOT_DIRECTORY = os.path.dirname(os.path.abspath(__file__))

openedx_authz/constants/__init__.py

Whitespace-only changes.

openedx_authz/constants/permissions.py

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
"""
2+
Default permission constants.
3+
"""
4+
from openedx_authz.api.data import ActionData, PermissionData
5+
6+
# Content Library Permissions
7+
VIEW_LIBRARY = PermissionData(
8+
action=ActionData(external_key="view_library"),
9+
effect="allow",
10+
)
11+
MANAGE_LIBRARY_TAGS = PermissionData(
12+
action=ActionData(external_key="manage_library_tags"),
13+
effect="allow",
14+
)
15+
DELETE_LIBRARY = PermissionData(
16+
action=ActionData(external_key="delete_library"),
17+
effect="allow",
18+
)
19+
EDIT_LIBRARY_CONTENT = PermissionData(
20+
action=ActionData(external_key="edit_library_content"),
21+
effect="allow",
22+
)
23+
PUBLISH_LIBRARY_CONTENT = PermissionData(
24+
action=ActionData(external_key="publish_library_content"),
25+
effect="allow",
26+
)
27+
REUSE_LIBRARY_CONTENT = PermissionData(
28+
action=ActionData(external_key="reuse_library_content"),
29+
effect="allow",
30+
)
31+
VIEW_LIBRARY_TEAM = PermissionData(
32+
action=ActionData(external_key="view_library_team"),
33+
effect="allow",
34+
)
35+
MANAGE_LIBRARY_TEAM = PermissionData(
36+
action=ActionData(external_key="manage_library_team"),
37+
effect="allow",
38+
)
39+
40+
CREATE_LIBRARY_COLLECTION = PermissionData(
41+
action=ActionData(external_key="create_library_collection"),
42+
effect="allow",
43+
)
44+
EDIT_LIBRARY_COLLECTION = PermissionData(
45+
action=ActionData(external_key="edit_library_collection"),
46+
effect="allow",
47+
)
48+
DELETE_LIBRARY_COLLECTION = PermissionData(
49+
action=ActionData(external_key="delete_library_collection"),
50+
effect="allow",
51+
)

openedx_authz/constants/roles.py

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
"""
2+
Default roles and their associated permissions.
3+
"""
4+
5+
from openedx_authz.api.data import RoleData
6+
from openedx_authz.constants import permissions
7+
8+
# Library Roles and Permissions
9+
10+
# Define the associated permissions for each role
11+
12+
LIBRARY_ADMIN_PERMISSIONS = [
13+
permissions.VIEW_LIBRARY,
14+
permissions.MANAGE_LIBRARY_TAGS,
15+
permissions.DELETE_LIBRARY,
16+
permissions.EDIT_LIBRARY_CONTENT,
17+
permissions.PUBLISH_LIBRARY_CONTENT,
18+
permissions.REUSE_LIBRARY_CONTENT,
19+
permissions.VIEW_LIBRARY_TEAM,
20+
permissions.MANAGE_LIBRARY_TEAM,
21+
permissions.CREATE_LIBRARY_COLLECTION,
22+
permissions.EDIT_LIBRARY_COLLECTION,
23+
permissions.DELETE_LIBRARY_COLLECTION,
24+
]
25+
26+
LIBRARY_AUTHOR_PERMISSIONS = [
27+
permissions.VIEW_LIBRARY,
28+
permissions.MANAGE_LIBRARY_TAGS,
29+
permissions.EDIT_LIBRARY_CONTENT,
30+
permissions.PUBLISH_LIBRARY_CONTENT,
31+
permissions.REUSE_LIBRARY_CONTENT,
32+
permissions.VIEW_LIBRARY_TEAM,
33+
permissions.CREATE_LIBRARY_COLLECTION,
34+
permissions.EDIT_LIBRARY_COLLECTION,
35+
permissions.DELETE_LIBRARY_COLLECTION,
36+
]
37+
38+
LIBRARY_CONTRIBUTOR_PERMISSIONS = [
39+
permissions.VIEW_LIBRARY,
40+
permissions.MANAGE_LIBRARY_TAGS,
41+
permissions.EDIT_LIBRARY_CONTENT,
42+
permissions.REUSE_LIBRARY_CONTENT,
43+
permissions.VIEW_LIBRARY_TEAM,
44+
permissions.CREATE_LIBRARY_COLLECTION,
45+
permissions.EDIT_LIBRARY_COLLECTION,
46+
permissions.DELETE_LIBRARY_COLLECTION,
47+
]
48+
49+
LIBRARY_USER_PERMISSIONS = [
50+
permissions.VIEW_LIBRARY,
51+
permissions.REUSE_LIBRARY_CONTENT,
52+
permissions.VIEW_LIBRARY_TEAM,
53+
]
54+
55+
LIBRARY_ADMIN = RoleData(external_key="library_admin", permissions=LIBRARY_ADMIN_PERMISSIONS)
56+
LIBRARY_AUTHOR = RoleData(external_key="library_author", permissions=LIBRARY_AUTHOR_PERMISSIONS)
57+
LIBRARY_CONTRIBUTOR = RoleData(external_key="library_contributor", permissions=LIBRARY_CONTRIBUTOR_PERMISSIONS)
58+
LIBRARY_USER = RoleData(external_key="library_user", permissions=LIBRARY_USER_PERMISSIONS)

openedx_authz/rest_api/v1/views.py

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
from rest_framework.views import APIView
1616

1717
from openedx_authz import api
18+
from openedx_authz.constants import permissions
1819
from openedx_authz.rest_api.data import RoleOperationError, RoleOperationStatus
1920
from openedx_authz.rest_api.decorators import authz_permissions, view_auth_classes
2021
from openedx_authz.rest_api.utils import (
@@ -250,7 +251,7 @@ class RoleUserAPIView(APIView):
250251
status.HTTP_401_UNAUTHORIZED: "The user is not authenticated or does not have the required permissions",
251252
},
252253
)
253-
@authz_permissions(["view_library_team"])
254+
@authz_permissions([permissions.VIEW_LIBRARY.identifier])
254255
def get(self, request: HttpRequest) -> Response:
255256
"""Retrieve all users with role assignments within a specific scope."""
256257
serializer = ListUsersInRoleWithScopeSerializer(data=request.query_params)
@@ -277,7 +278,7 @@ def get(self, request: HttpRequest) -> Response:
277278
status.HTTP_401_UNAUTHORIZED: "The user is not authenticated or does not have the required permissions",
278279
},
279280
)
280-
@authz_permissions(["manage_library_team"])
281+
@authz_permissions([permissions.MANAGE_LIBRARY_TEAM.identifier])
281282
def put(self, request: HttpRequest) -> Response:
282283
"""Assign multiple users to a specific role within a scope."""
283284
serializer = AddUsersToRoleWithScopeSerializer(data=request.data)
@@ -324,7 +325,7 @@ def put(self, request: HttpRequest) -> Response:
324325
status.HTTP_401_UNAUTHORIZED: "The user is not authenticated or does not have the required permissions",
325326
},
326327
)
327-
@authz_permissions(["manage_library_team"])
328+
@authz_permissions([permissions.MANAGE_LIBRARY_TEAM.identifier])
328329
def delete(self, request: HttpRequest) -> Response:
329330
"""Remove multiple users from a specific role within a scope."""
330331
serializer = RemoveUsersFromRoleWithScopeSerializer(data=request.query_params)
@@ -427,7 +428,7 @@ class RoleListView(APIView):
427428
status.HTTP_401_UNAUTHORIZED: "The user is not authenticated or does not have the required permissions",
428429
},
429430
)
430-
@authz_permissions(["view_library_team"])
431+
@authz_permissions([permissions.VIEW_LIBRARY.identifier])
431432
def get(self, request: HttpRequest) -> Response:
432433
"""Retrieve all roles and their permissions for a specific scope."""
433434
serializer = ListRolesWithScopeSerializer(data=request.query_params)

openedx_authz/tests/api/test_data.py

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
SubjectData,
1818
UserData,
1919
)
20+
from openedx_authz.constants import permissions, roles
2021

2122

2223
@ddt
@@ -372,7 +373,7 @@ def test_user_data_str_and_repr(self, external_key, expected_str, expected_repr)
372373
@data(
373374
("read", "Read", "act^read"),
374375
("write", "Write", "act^write"),
375-
("delete_library", "Delete Library", "act^delete_library"),
376+
(permissions.DELETE_LIBRARY.identifier, "Delete Library", "act^delete_library"),
376377
("edit_content", "Edit Content", "act^edit_content"),
377378
)
378379
@unpack
@@ -413,7 +414,7 @@ def test_scope_data_str_and_repr(self, external_key, expected_str, expected_repr
413414

414415
@data(
415416
("instructor", "Instructor", "role^instructor"),
416-
("library_admin", "Library Admin", "role^library_admin"),
417+
(roles.LIBRARY_ADMIN.external_key, "Library Admin", "role^library_admin"),
417418
("course_staff", "Course Staff", "role^course_staff"),
418419
)
419420
@unpack
@@ -454,7 +455,7 @@ def test_role_data_str_with_permissions(self):
454455
("read", "allow", "Read - allow", "act^read => allow"),
455456
("write", "deny", "Write - deny", "act^write => deny"),
456457
(
457-
"delete_library",
458+
permissions.DELETE_LIBRARY.identifier,
458459
"allow",
459460
"Delete Library - allow",
460461
"act^delete_library => allow",
@@ -485,7 +486,7 @@ def test_role_assignment_data_str(self):
485486
"""
486487
user = UserData(external_key="john_doe")
487488
role1 = RoleData(external_key="instructor")
488-
role2 = RoleData(external_key="library_admin")
489+
role2 = RoleData(external_key=roles.LIBRARY_ADMIN.external_key)
489490
scope = ContentLibraryData(external_key="lib:DemoX:CSPROB")
490491
assignment = RoleAssignmentData(subject=user, roles=[role1, role2], scope=scope)
491492

@@ -502,7 +503,7 @@ def test_role_assignment_data_repr(self):
502503
"""
503504
user = UserData(external_key="john_doe")
504505
role1 = RoleData(external_key="instructor")
505-
role2 = RoleData(external_key="library_admin")
506+
role2 = RoleData(external_key=roles.LIBRARY_ADMIN.external_key)
506507
scope = ContentLibraryData(external_key="lib:DemoX:CSPROB")
507508
assignment = RoleAssignmentData(subject=user, roles=[role1, role2], scope=scope)
508509

0 commit comments

Comments
 (0)