Example 6 with StudentProfilePictureAction
use of teammates.ui.controller.StudentProfilePictureAction in project teammates by TEAMMATES.
the class StudentProfilePictureActionTest method testActionWithEmailAndCourseUnauthorisedInstructorOrStudent.
private void testActionWithEmailAndCourseUnauthorisedInstructorOrStudent() {
String[] submissionParams = new String[] { Const.ParamsNames.STUDENT_EMAIL, StringHelper.encrypt(student.email), Const.ParamsNames.COURSE_ID, StringHelper.encrypt(student.course) };
______TS("Failure case: instructor not from same course");
AccountAttributes unauthInstructor = typicalBundle.accounts.get("instructor1OfCourse2");
gaeSimulation.loginAsInstructor(unauthInstructor.googleId);
StudentProfilePictureAction action = getAction(submissionParams);
try {
action.executeAndPostProcess();
signalFailureToDetectException("Unauthorised Access");
} catch (UnauthorizedAccessException uae) {
assertEquals("User is not in the course that student belongs to", uae.getMessage());
}
______TS("Failure case: instructor from same course with no 'viewing student' privilege");
unauthInstructor = typicalBundle.accounts.get("helperOfCourse1");
gaeSimulation.loginAsInstructor(unauthInstructor.googleId);
action = getAction(submissionParams);
try {
action.executeAndPostProcess();
signalFailureToDetectException("Unauthorised Access");
} catch (UnauthorizedAccessException uae) {
assertEquals("Instructor does not have enough privileges to view the photo", uae.getMessage());
}
______TS("Failure case: student not from same course");
AccountAttributes unauthStudent = typicalBundle.accounts.get("student1InArchivedCourse");
gaeSimulation.loginAsStudent(unauthStudent.googleId);
action = getAction(submissionParams);
try {
action.executeAndPostProcess();
signalFailureToDetectException("Unauthorised Access");
} catch (UnauthorizedAccessException uae) {
assertEquals("User is not in the course that student belongs to", uae.getMessage());
}
______TS("Failure case: student not from same team");
StudentAttributes studentFromDifferentTeam = typicalBundle.students.get("student5InCourse1");
gaeSimulation.loginAsStudent(studentFromDifferentTeam.googleId);
action = getAction(submissionParams);
try {
action.executeAndPostProcess();
signalFailureToDetectException("Unauthorised Access");
} catch (UnauthorizedAccessException uae) {
assertEquals("Student does not have enough privileges to view the photo", uae.getMessage());
}
}
Also used :
AccountAttributes(teammates.common.datatransfer.attributes.AccountAttributes)
UnauthorizedAccessException(teammates.common.exception.UnauthorizedAccessException)
StudentProfilePictureAction(teammates.ui.controller.StudentProfilePictureAction)
StudentAttributes(teammates.common.datatransfer.attributes.StudentAttributes)
Example 7 with StudentProfilePictureAction
use of teammates.ui.controller.StudentProfilePictureAction in project teammates by TEAMMATES.
the class StudentProfilePictureActionTest method testActionWithNoParams.
private void testActionWithNoParams() {
______TS("Failure case: no parameters given");
gaeSimulation.loginAsStudent(account.googleId);
String[] submissionParams = new String[] {};
StudentProfilePictureAction action = getAction(submissionParams);
try {
action.executeAndPostProcess();
signalFailureToDetectException();
} catch (AssertionError ae) {
assertEquals("expected blob-key, or student email with courseId", ae.getMessage());
}
}
Also used :
StudentProfilePictureAction(teammates.ui.controller.StudentProfilePictureAction)
Aggregations
StudentProfilePictureAction (teammates.ui.controller.StudentProfilePictureAction)7
ImageResult (teammates.ui.controller.ImageResult)4
StudentAttributes (teammates.common.datatransfer.attributes.StudentAttributes)2
AccountAttributes (teammates.common.datatransfer.attributes.AccountAttributes)1
EntityNotFoundException (teammates.common.exception.EntityNotFoundException)1
UnauthorizedAccessException (teammates.common.exception.UnauthorizedAccessException)1
