feat: Roles 15 - permission checks back end changes part 1 (#33347)

* test: add test cases for permission list check functions * test: update tests * feat: add helper functions to check lists of permissions * style: improve code style * feat: add course roles checks in the contentstore app * feat: add course roles checks in the student app * feat: add course roles checks in the lms discussion app * feat: add course roles checks in the lms instructor app * feat: add course roles checks in the Learning Sequences package * style: fix code style * fix: course_permission_check calls * feat: add validation for AnonymousUser in course permission check helper functions * fix: disable some pylint warnings * test: update number of querys asserted in has_course_author_access * feat: add helper functions to check course or organization permissions * test: update course_roles tests * feat: replace course or organization helper functions in auth * docs: update course_roles docstrings
openedx · Oct 31, 2023 · 70795f3 · 70795f3
1 parent 8dba093
commit 70795f3
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 0 deletions.
diff --git a/cms/djangoapps/contentstore/views/user.py b/cms/djangoapps/contentstore/views/user.py
@@ -120,6 +120,7 @@ def _course_team_user(request, course_key, email):
     else:
         role_hierarchy = (CourseInstructorRole, CourseStaffRole)
 
+    MANAGE_ALL_USERS_PERMISSION = "manage_all_users"
     if request.method == "GET":
         # just return info about the user
         msg = {

diff --git a/common/djangoapps/student/auth.py b/common/djangoapps/student/auth.py
@@ -152,6 +152,7 @@ def get_user_permissions(user, course_key, org=None):
     ):
         return STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT
     # Otherwise, for libraries, users can view only:
+    LIBRARY_USER_ROLE_PERMISSION = "view_library"
     if course_key and isinstance(course_key, LibraryLocator):
         # TODO: course roles: If the course roles feature flag is disabled the course_or_organization_permission_check
         #       call below will never return true.

diff --git a/lms/djangoapps/discussion/rest_api/api.py b/lms/djangoapps/discussion/rest_api/api.py
@@ -336,6 +336,7 @@ def _format_datetime(dt):
         course.get_discussion_blackout_datetimes()
     )
 
+    MODEREATE_DISCUSSION_FORUM_PERMISSION = 'moderate_discussion_forum'
     return {
         "id": str(course_key),
         "is_posting_enabled": is_posting_enabled,