Example 6 with UnauthorizedAccessException
use of teammates.common.exception.UnauthorizedAccessException in project teammates by TEAMMATES.
the class InstructorEditInstructorFeedbackSaveActionTest method testDifferentPrivilegesWithEditedFeedback.
private void testDifferentPrivilegesWithEditedFeedback() {
FeedbackQuestionsDb fqDb = new FeedbackQuestionsDb();
FeedbackQuestionAttributes fq = fqDb.getFeedbackQuestion("First feedback session", "IEIFPTCourse", 1);
assertNotNull("Feedback question not found in database", fq);
FeedbackResponsesDb frDb = new FeedbackResponsesDb();
FeedbackResponseAttributes fr;
InstructorAttributes instructor;
InstructorEditInstructorFeedbackSaveAction editInstructorFsAction;
RedirectResult redirectResult;
String moderatedInstructorEmail;
String[] submissionParams;
______TS("Unsuccessful case: insufficient privileges");
fr = dataBundle.feedbackResponses.get("response1ForQ1");
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
instructor = dataBundle.instructors.get("IEIFPTCoursehelper1");
moderatedInstructorEmail = "IEIFPTCoursehelper1@gmail.tmt";
gaeSimulation.loginAsInstructor(instructor.googleId);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedInstructorEmail };
try {
editInstructorFsAction = getAction(submissionParams);
editInstructorFsAction.executeAndPostProcess();
signalFailureToDetectException();
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] is not accessible to " + "instructor [" + instructor.email + "] for privilege [canmodifysession]", e.getMessage());
}
______TS("Successful case: Course Instructor edit Course Instructor");
fr = dataBundle.feedbackResponses.get("response2ForQ1");
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
instructor = dataBundle.instructors.get("IEIFPTCourseinstr");
moderatedInstructorEmail = "IEIFPTCourseintr@gmail.tmt";
gaeSimulation.loginAsInstructor(instructor.googleId);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedInstructorEmail };
editInstructorFsAction = getAction(submissionParams);
redirectResult = getRedirectResult(editInstructorFsAction);
assertFalse(redirectResult.isError);
assertEquals(Const.StatusMessages.FEEDBACK_RESPONSES_SAVED, redirectResult.getStatusMessage());
assertEquals(getPageResultDestination(Const.ActionURIs.INSTRUCTOR_EDIT_INSTRUCTOR_FEEDBACK_PAGE, false, "IEIFPTCourseintr%40gmail.tmt", "IEIFPTCourseinstr", "IEIFPTCourse", "First+feedback+session"), redirectResult.getDestinationWithParams());
assertNotNull(frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient));
}
Also used :
FeedbackResponseAttributes(teammates.common.datatransfer.attributes.FeedbackResponseAttributes)
RedirectResult(teammates.ui.controller.RedirectResult)
InstructorEditInstructorFeedbackSaveAction(teammates.ui.controller.InstructorEditInstructorFeedbackSaveAction)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
FeedbackQuestionAttributes(teammates.common.datatransfer.attributes.FeedbackQuestionAttributes)
FeedbackResponsesDb(teammates.storage.api.FeedbackResponsesDb)
FeedbackQuestionsDb(teammates.storage.api.FeedbackQuestionsDb)
InstructorAttributes(teammates.common.datatransfer.attributes.InstructorAttributes)
Example 7 with UnauthorizedAccessException
use of teammates.common.exception.UnauthorizedAccessException in project teammates by TEAMMATES.
the class InstructorEditStudentFeedbackSaveActionTest method testSubmitResponseForInvalidQuestion.
private void testSubmitResponseForInvalidQuestion() {
______TS("Failure case: submit response for question in session, but should not be editable by instructor");
InstructorAttributes instructor = dataBundle.instructors.get("IESFPTCourseinstr");
gaeSimulation.loginAsInstructor(instructor.googleId);
FeedbackResponsesDb frDb = new FeedbackResponsesDb();
FeedbackQuestionsDb fqDb = new FeedbackQuestionsDb();
FeedbackResponseAttributes fr = dataBundle.feedbackResponses.get("response1ForQ3");
FeedbackQuestionAttributes fq = fqDb.getFeedbackQuestion("First feedback session", "IESFPTCourse", 3);
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
String moderatedStudentEmail = "student1InIESFPTCourse@gmail.tmt";
String[] submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
InstructorEditStudentFeedbackSaveAction a;
try {
a = getAction(submissionParams);
a.executeAndPostProcess();
signalFailureToDetectException("Did not detect that this instructor cannot access this particular question.");
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] question [" + fr.feedbackQuestionId + "] " + "is not accessible to instructor [" + instructor.email + "]", e.getMessage());
}
fq = fqDb.getFeedbackQuestion("First feedback session", "IESFPTCourse", 4);
assertNotNull("Feedback question not found in database", fq);
fr = dataBundle.feedbackResponses.get("response1ForQ4");
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
a = getAction(submissionParams);
a.executeAndPostProcess();
signalFailureToDetectException("Did not detect that this instructor cannot access this particular question.");
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] question [" + fr.feedbackQuestionId + "] " + "is not accessible to instructor [" + instructor.email + "]", e.getMessage());
}
fq = fqDb.getFeedbackQuestion("First feedback session", "IESFPTCourse", 5);
assertNotNull("Feedback question not found in database", fq);
fr = dataBundle.feedbackResponses.get("response1ForQ5");
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
a = getAction(submissionParams);
a.executeAndPostProcess();
signalFailureToDetectException("Did not detect that this instructor cannot access this particular question.");
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] question [" + fr.feedbackQuestionId + "] " + "is not accessible to instructor [" + instructor.email + "]", e.getMessage());
}
}
Also used :
FeedbackResponseAttributes(teammates.common.datatransfer.attributes.FeedbackResponseAttributes)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
FeedbackQuestionAttributes(teammates.common.datatransfer.attributes.FeedbackQuestionAttributes)
FeedbackResponsesDb(teammates.storage.api.FeedbackResponsesDb)
InstructorEditStudentFeedbackSaveAction(teammates.ui.controller.InstructorEditStudentFeedbackSaveAction)
FeedbackQuestionsDb(teammates.storage.api.FeedbackQuestionsDb)
InstructorAttributes(teammates.common.datatransfer.attributes.InstructorAttributes)
Example 8 with UnauthorizedAccessException
use of teammates.common.exception.UnauthorizedAccessException in project teammates by TEAMMATES.
the class InstructorEditStudentFeedbackSaveActionTest method testDifferentPrivileges.
private void testDifferentPrivileges() {
______TS("Unsuccessful case: insufficient privileges");
FeedbackQuestionsDb fqDb = new FeedbackQuestionsDb();
FeedbackQuestionAttributes fq = fqDb.getFeedbackQuestion("First feedback session", "IESFPTCourse", 1);
assertNotNull("Feedback question not found in database", fq);
FeedbackResponsesDb frDb = new FeedbackResponsesDb();
FeedbackResponseAttributes fr = dataBundle.feedbackResponses.get("response1ForQ1");
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
String moderatedStudentEmail = "student1InIESFPTCourse@gmail.tmt";
InstructorAttributes instructorHelper = dataBundle.instructors.get("IESFPTCoursehelper1");
gaeSimulation.loginAsInstructor(instructorHelper.googleId);
String[] submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
getAction(submissionParams).executeAndPostProcess();
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] is not accessible to instructor [" + instructorHelper.email + "] for privilege " + "[" + Const.ParamsNames.INSTRUCTOR_PERMISSION_MODIFY_SESSION_COMMENT_IN_SECTIONS + "] on section [Section 1]", e.getMessage());
}
______TS("Unsuccessful case: sufficient privileges only for a section, but attempted to modify another section");
instructorHelper = dataBundle.instructors.get("IESFPTCoursehelper1");
gaeSimulation.loginAsInstructor(instructorHelper.googleId);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
getAction(submissionParams).executeAndPostProcess();
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] is not accessible to instructor [" + instructorHelper.email + "] for privilege " + "[" + Const.ParamsNames.INSTRUCTOR_PERMISSION_MODIFY_SESSION_COMMENT_IN_SECTIONS + "] on section [Section 1]", e.getMessage());
}
______TS("Successful case: sufficient privileges only for a section");
moderatedStudentEmail = "student2InIESFPTCourse@gmail.tmt";
instructorHelper = dataBundle.instructors.get("IESFPTCoursehelper1");
gaeSimulation.loginAsInstructor(instructorHelper.googleId);
frDb = new FeedbackResponsesDb();
fr = dataBundle.feedbackResponses.get("response2ForQ1");
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
InstructorEditStudentFeedbackSaveAction a = getAction(submissionParams);
RedirectResult r = getRedirectResult(a);
assertFalse(r.isError);
assertEquals(Const.StatusMessages.FEEDBACK_RESPONSES_SAVED, r.getStatusMessage());
assertEquals(getPageResultDestination(Const.ActionURIs.INSTRUCTOR_EDIT_STUDENT_FEEDBACK_PAGE, false, "student2InIESFPTCourse%40gmail.tmt", "IESFPTCoursehelper1", "IESFPTCourse", "First+feedback+session"), r.getDestinationWithParams());
assertNotNull(frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient));
______TS("failure case: privileges sufficient for section BUT insufficient for a session");
moderatedStudentEmail = "student2InIESFPTCourse@gmail.tmt";
InstructorAttributes instructorHelper2 = dataBundle.instructors.get("IESFPTCoursehelper2");
gaeSimulation.loginAsInstructor(instructorHelper2.googleId);
frDb = new FeedbackResponsesDb();
fr = dataBundle.feedbackResponses.get("response2ForQ1");
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
getAction(submissionParams).executeAndPostProcess();
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [First feedback session] is not accessible to instructor [" + instructorHelper2.email + "] for privilege [canmodifysessioncommentinsection] " + "on section [Section 2]", e.getMessage());
}
______TS("Successful case: sufficient for section, although insufficient for another session");
frDb = new FeedbackResponsesDb();
fr = dataBundle.feedbackResponses.get("response2ForS2Q1");
fq = fqDb.getFeedbackQuestion("Another feedback session", "IESFPTCourse", 1);
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
a = getAction(submissionParams);
r = getRedirectResult(a);
assertFalse(r.isError);
assertEquals(Const.StatusMessages.FEEDBACK_RESPONSES_SAVED, r.getStatusMessage());
assertEquals(getPageResultDestination(Const.ActionURIs.INSTRUCTOR_EDIT_STUDENT_FEEDBACK_PAGE, false, "student2InIESFPTCourse%40gmail.tmt", "IESFPTCoursehelper2", "IESFPTCourse", "Another+feedback+session"), r.getDestinationWithParams());
assertNotNull(frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient));
______TS("Success case: insufficient for section, BUT sufficient for a session");
moderatedStudentEmail = "student2InIESFPTCourse@gmail.tmt";
InstructorAttributes instructorHelper3 = dataBundle.instructors.get("IESFPTCoursehelper3");
gaeSimulation.loginAsInstructor(instructorHelper3.googleId);
frDb = new FeedbackResponsesDb();
fr = dataBundle.feedbackResponses.get("response2ForQ1");
fq = fqDb.getFeedbackQuestion("First feedback session", "IESFPTCourse", 1);
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
a = getAction(submissionParams);
r = getRedirectResult(a);
assertFalse(r.isError);
assertEquals(Const.StatusMessages.FEEDBACK_RESPONSES_SAVED, r.getStatusMessage());
assertEquals(getPageResultDestination(Const.ActionURIs.INSTRUCTOR_EDIT_STUDENT_FEEDBACK_PAGE, false, "student2InIESFPTCourse%40gmail.tmt", "IESFPTCoursehelper3", "IESFPTCourse", "First+feedback+session"), r.getDestinationWithParams());
assertNotNull(frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient));
______TS("Failure case: insufficient for section, although sufficient for another session");
moderatedStudentEmail = "student2InIESFPTCourse@gmail.tmt";
frDb = new FeedbackResponsesDb();
fr = dataBundle.feedbackResponses.get("response2ForS2Q1");
fq = fqDb.getFeedbackQuestion("Another feedback session", "IESFPTCourse", 1);
// necessary to get the correct responseId
fr = frDb.getFeedbackResponse(fq.getId(), fr.giver, fr.recipient);
assertNotNull("Feedback response not found in database", fr);
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_QUESTION_RESPONSETOTAL + "-1", "1", Const.ParamsNames.FEEDBACK_RESPONSE_ID + "-1-0", fr.getId(), Const.ParamsNames.FEEDBACK_SESSION_NAME, fr.feedbackSessionName, Const.ParamsNames.COURSE_ID, fr.courseId, Const.ParamsNames.FEEDBACK_QUESTION_ID + "-1", fr.feedbackQuestionId, Const.ParamsNames.FEEDBACK_RESPONSE_RECIPIENT + "-1-0", fr.recipient, Const.ParamsNames.FEEDBACK_QUESTION_TYPE + "-1", fr.feedbackQuestionType.toString(), Const.ParamsNames.FEEDBACK_RESPONSE_TEXT + "-1-0", "Edited" + fr.getResponseDetails().getAnswerString(), Const.ParamsNames.FEEDBACK_SESSION_MODERATED_PERSON, moderatedStudentEmail };
try {
getAction(submissionParams).executeAndPostProcess();
} catch (UnauthorizedAccessException e) {
assertEquals("Feedback session [Another feedback session] is not accessible to instructor [" + instructorHelper3.email + "] for privilege [" + Const.ParamsNames.INSTRUCTOR_PERMISSION_MODIFY_SESSION_COMMENT_IN_SECTIONS + "] on section [Section 2]", e.getMessage());
}
}
Also used :
FeedbackResponseAttributes(teammates.common.datatransfer.attributes.FeedbackResponseAttributes)
RedirectResult(teammates.ui.controller.RedirectResult)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
FeedbackQuestionAttributes(teammates.common.datatransfer.attributes.FeedbackQuestionAttributes)
FeedbackResponsesDb(teammates.storage.api.FeedbackResponsesDb)
InstructorEditStudentFeedbackSaveAction(teammates.ui.controller.InstructorEditStudentFeedbackSaveAction)
FeedbackQuestionsDb(teammates.storage.api.FeedbackQuestionsDb)
InstructorAttributes(teammates.common.datatransfer.attributes.InstructorAttributes)
Example 9 with UnauthorizedAccessException
use of teammates.common.exception.UnauthorizedAccessException in project teammates by TEAMMATES.
the class BaseActionTest method verifyCannotAccess.
/**
* Verifies that the {@link Action} matching the {@code params} is not
* accessible to the logged in user.
* This could be one of the following ways:
* -> Unauthorised Access Exception
* ->
*/
protected void verifyCannotAccess(String... params) {
try {
Action c = gaeSimulation.getActionObject(getActionUri(), params);
ActionResult result = c.executeAndPostProcess();
String classNameOfResult = result.getClass().getName();
assertEquals(classNameOfResult, result.getClass().getName());
AssertHelper.assertContains("You are not registered in the course ", result.getStatusMessage());
} catch (UnauthorizedAccessException e) {
ignoreExpectedException();
}
}
Also used :
Action(teammates.ui.controller.Action)
ActionResult(teammates.ui.controller.ActionResult)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
Example 10 with UnauthorizedAccessException
use of teammates.common.exception.UnauthorizedAccessException in project teammates by TEAMMATES.
the class FeedbackSessionStatsPageActionTest method testExecuteAndPostProcess.
@Override
@Test
public void testExecuteAndPostProcess() {
InstructorAttributes instructor1OfCourse1 = typicalBundle.instructors.get("instructor1OfCourse1");
String instructorId = instructor1OfCourse1.googleId;
String[] submissionParams;
gaeSimulation.loginAsInstructor(instructorId);
______TS("typical: instructor accesses feedback stats of his/her course");
FeedbackSessionAttributes accessableFeedbackSession = typicalBundle.feedbackSessions.get("session1InCourse1");
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_SESSION_NAME, accessableFeedbackSession.getFeedbackSessionName(), Const.ParamsNames.COURSE_ID, instructor1OfCourse1.courseId };
FeedbackSessionStatsPageAction a = getAction(addUserIdToParams(instructorId, submissionParams));
AjaxResult r = getAjaxResult(a);
FeedbackSessionStatsPageData data = (FeedbackSessionStatsPageData) r.data;
assertEquals(getPageResultDestination("", false, "idOfInstructor1OfCourse1"), r.getDestinationWithParams());
assertEquals(10, data.sessionDetails.stats.expectedTotal);
assertEquals(4, data.sessionDetails.stats.submittedTotal);
assertEquals("", r.getStatusMessage());
______TS("fail: instructor accesses stats of non-existent feedback session");
String nonexistentFeedbackSession = "nonexistentFeedbackSession";
submissionParams = new String[] { Const.ParamsNames.FEEDBACK_SESSION_NAME, nonexistentFeedbackSession, Const.ParamsNames.COURSE_ID, instructor1OfCourse1.courseId };
boolean hasThrownUnauthorizedAccessException = false;
String exceptionMessage = "";
a = getAction(addUserIdToParams(instructorId, submissionParams));
try {
r = getAjaxResult(a);
} catch (UnauthorizedAccessException e) {
hasThrownUnauthorizedAccessException = true;
exceptionMessage = e.getMessage();
}
assertTrue(hasThrownUnauthorizedAccessException);
assertEquals("Trying to access system using a non-existent feedback session entity", exceptionMessage);
assertEquals("", r.getStatusMessage());
}
Also used :
FeedbackSessionAttributes(teammates.common.datatransfer.attributes.FeedbackSessionAttributes)
AjaxResult(teammates.ui.controller.AjaxResult)
FeedbackSessionStatsPageAction(teammates.ui.controller.FeedbackSessionStatsPageAction)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
FeedbackSessionStatsPageData(teammates.ui.pagedata.FeedbackSessionStatsPageData)
InstructorAttributes(teammates.common.datatransfer.attributes.InstructorAttributes)
Test(org.testng.annotations.Test)
Aggregations
UnauthorizedAccessException (teammates.common.exception.UnauthorizedAccessException)32
InstructorAttributes (teammates.common.datatransfer.attributes.InstructorAttributes)18
Test (org.testng.annotations.Test)13
FeedbackSessionAttributes (teammates.common.datatransfer.attributes.FeedbackSessionAttributes)8
ShowPageResult (teammates.ui.controller.ShowPageResult)8
FeedbackQuestionAttributes (teammates.common.datatransfer.attributes.FeedbackQuestionAttributes)6
StudentAttributes (teammates.common.datatransfer.attributes.StudentAttributes)6
AccountAttributes (teammates.common.datatransfer.attributes.AccountAttributes)5
FeedbackResponseAttributes (teammates.common.datatransfer.attributes.FeedbackResponseAttributes)4
EntityNotFoundException (teammates.common.exception.EntityNotFoundException)4
FeedbackQuestionsDb (teammates.storage.api.FeedbackQuestionsDb)4
FeedbackResponsesDb (teammates.storage.api.FeedbackResponsesDb)4
RedirectResult (teammates.ui.controller.RedirectResult)4
CourseAttributes (teammates.common.datatransfer.attributes.CourseAttributes)3
StatusMessage (teammates.common.util.StatusMessage)3
Action (teammates.ui.controller.Action)3
DeadlineExceededException (com.google.apphosting.api.DeadlineExceededException)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
UserType (teammates.common.datatransfer.UserType)2
