chore: also expose course config in dashboard

2024-02-28 10:25:01 +01:00 · 2024-02-28 10:25:01 +01:00 · 51609591e1
parent 3b2385afe1
commit 51609591e1
3 changed files with 81 additions and 0 deletions
--- a/server/vbv_lernwelt/dashboard/graphql/queries.py
+++ b/server/vbv_lernwelt/dashboard/graphql/queries.py
@ -1,12 +1,14 @@
 from typing import Dict, List, Set, Tuple

 import graphene
+from graphql import GraphQLError

 from vbv_lernwelt.assignment.models import (
    AssignmentCompletion,
    AssignmentCompletionStatus,
 )
 from vbv_lernwelt.core.admin import User
+from vbv_lernwelt.course.graphql.types import CourseConfigurationObjectType
 from vbv_lernwelt.course.models import Course, CourseSession, CourseSessionUser
 from vbv_lernwelt.course_session_group.models import CourseSessionGroup
 from vbv_lernwelt.dashboard.graphql.types.competence import competences
@ -22,6 +24,7 @@ from vbv_lernwelt.iam.permissions import (
    can_view_course_session,
    can_view_course_session_group_statistics,
    can_view_course_session_progress,
+    can_view_course,
 )
 from vbv_lernwelt.learning_mentor.models import LearningMentor

@ -31,6 +34,10 @@ class DashboardQuery(graphene.ObjectType):
        CourseStatisticsType, course_id=graphene.ID(required=True)
    )

+    course_configuration = graphene.Field(
+        CourseConfigurationObjectType, course_id=graphene.ID(required=True)
+    )
+
    course_progress = graphene.Field(
        CourseProgressType, course_id=graphene.ID(required=True)
    )
@ -39,6 +46,14 @@ class DashboardQuery(graphene.ObjectType):
        graphene.NonNull(DashboardConfigType), required=True
    )

+    def resolve_course_configuration(root, info, course_id: str):  # noqa
+        course = Course.objects.get(id=course_id)
+
+        if not can_view_course(user=info.context.user, course=course):
+            raise GraphQLError("You do not have access to this course.")
+
+        return course.configuration
+
    def resolve_course_statistics(root, info, course_id: str):  # noqa
        user = info.context.user
        course = Course.objects.get(id=course_id)
--- a/server/vbv_lernwelt/dashboard/tests/graphql/test_dashboard.py
+++ b/server/vbv_lernwelt/dashboard/tests/graphql/test_dashboard.py
@ -150,6 +150,62 @@ class DashboardTestCase(GraphQLTestCase):
        self.assertEqual(assignment["points_max_count"], 50)
        self.assertEqual(assignment["points_achieved_count"], 20)

+    def test_course_configuration_denied(self):
+        # GIVEN
+        role_less_user = create_user("sepp@blatter.fifa")
+        self.client.force_login(role_less_user)
+
+        course, _ = create_course("Course 1")
+
+        # WHEN
+        query = """query($course_id: ID!) {
+                        course_configuration(course_id: $course_id) {
+                            enable_circle_documents
+                            enable_learning_mentor
+                            enable_competence_certificates
+                        }
+                    }
+                """
+        response = self.query(query, variables={"course_id": str(course.id)})
+
+        # THEN
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(
+            response.json()["errors"][0]["message"],
+            "You do not have access to this course.",
+        )
+
+    def test_course_configuration(self):
+        # GIVEN
+        member = create_user("sepp@blatter.fifa")
+        self.client.force_login(member)
+
+        course, _ = create_course("Course 1")
+        add_course_session_user(
+            course_session=create_course_session(course=course, title="Whatever"),
+            role=CourseSessionUser.Role.MEMBER,
+            user=member,
+        )
+
+        # WHEN
+        query = """query($course_id: ID!) {
+                        course_configuration(course_id: $course_id) {
+                            enable_circle_documents
+                            enable_learning_mentor
+                            enable_competence_certificates
+                        }
+                    }
+                """
+        response = self.query(query, variables={"course_id": str(course.id)})
+
+        # THEN
+        self.assertResponseNoErrors(response)
+
+        course_configuration = response.json()["data"]["course_configuration"]
+        self.assertEqual(course_configuration["enable_circle_documents"], True)
+        self.assertEqual(course_configuration["enable_learning_mentor"], True)
+        self.assertEqual(course_configuration["enable_competence_certificates"], True)
+
    def test_dashboard_config(self):
        # GIVEN
        course_1, _ = create_course("Test Course 1")
--- a/server/vbv_lernwelt/iam/permissions.py
+++ b/server/vbv_lernwelt/iam/permissions.py
@ -178,6 +178,16 @@ def has_role_in_course(user: User, course: Course) -> bool:
    return False


+def can_view_course(user: User, course: Course) -> bool:
+    if user.is_superuser:
+        return True
+
+    if has_role_in_course(user, course):
+        return True
+
+    return False
+
+
 def can_view_profile(user: User, profile_user: CourseSessionUser) -> bool:
    if user.is_superuser:
        return True