From 90146d9ae01100bb830c007c8acc7e22f58dd4c8 Mon Sep 17 00:00:00 2001
From: Michael Frey <mfrey@edx.org>
Date: Mon, 22 Feb 2016 07:58:11 -0500
Subject: [PATCH] Only allow ecommerce checkout if user is also activated
---
common/djangoapps/course_modes/views.py | 2 +-
common/djangoapps/student/views.py | 2 +-
lms/djangoapps/commerce/tests/test_utils.py | 12 +++++++++---
lms/djangoapps/commerce/utils.py | 7 ++++---
lms/djangoapps/courseware/tests/test_views.py | 15 +++++++++++++--
lms/djangoapps/courseware/views.py | 4 ++--
6 files changed, 30 insertions(+), 12 deletions(-)
diff --git a/common/djangoapps/course_modes/views.py b/common/djangoapps/course_modes/views.py
index eb23262f215..d40bb7d41c1 100644
--- a/common/djangoapps/course_modes/views.py
+++ b/common/djangoapps/course_modes/views.py
@@ -151,7 +151,7 @@ class ChooseModeView(View):
if verified_mode.sku:
ecommerce_service = EcommerceService()
- context["use_ecommerce_payment_flow"] = ecommerce_service.is_enabled()
+ context["use_ecommerce_payment_flow"] = ecommerce_service.is_enabled(request)
context["ecommerce_payment_page"] = ecommerce_service.payment_page_url()
context["sku"] = verified_mode.sku
diff --git a/common/djangoapps/student/views.py b/common/djangoapps/student/views.py
index 95506455b5b..21097d63778 100644
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -739,7 +739,7 @@ def dashboard(request):
}
ecommerce_service = EcommerceService()
- if ecommerce_service.is_enabled():
+ if ecommerce_service.is_enabled(request):
context.update({
'use_ecommerce_payment_flow': True,
'ecommerce_payment_page': ecommerce_service.payment_page_url(),
diff --git a/lms/djangoapps/commerce/tests/test_utils.py b/lms/djangoapps/commerce/tests/test_utils.py
index 90c446982e1..8f343014c6f 100644
--- a/lms/djangoapps/commerce/tests/test_utils.py
+++ b/lms/djangoapps/commerce/tests/test_utils.py
@@ -5,6 +5,8 @@ from mock import patch
from commerce.utils import audit_log, EcommerceService
from commerce.models import CommerceConfiguration
+from django.test.client import RequestFactory
+from student.tests.factories import UserFactory
class AuditLogTests(TestCase):
@@ -25,6 +27,10 @@ class EcommerceServiceTests(TestCase):
SKU = 'TESTSKU'
def setUp(self):
+ self.request_factory = RequestFactory()
+ self.user = UserFactory.create()
+ self.request = self.request_factory.get("foo")
+ self.request.user = self.user
CommerceConfiguration.objects.create(
checkout_on_ecommerce_service=True,
single_course_checkout_page='/test_basket/'
@@ -33,20 +39,20 @@ class EcommerceServiceTests(TestCase):
def test_is_enabled(self):
"""Verify that is_enabled() returns True when ecomm checkout is enabled. """
- is_enabled = EcommerceService().is_enabled()
+ is_enabled = EcommerceService().is_enabled(self.request)
self.assertTrue(is_enabled)
config = CommerceConfiguration.current()
config.checkout_on_ecommerce_service = False
config.save()
- is_not_enabled = EcommerceService().is_enabled()
+ is_not_enabled = EcommerceService().is_enabled(self.request)
self.assertFalse(is_not_enabled)
@patch('openedx.core.djangoapps.theming.helpers.is_request_in_themed_site')
def test_is_enabled_for_microsites(self, is_microsite):
"""Verify that is_enabled() returns False if used for a microsite."""
is_microsite.return_value = True
- is_not_enabled = EcommerceService().is_enabled()
+ is_not_enabled = EcommerceService().is_enabled(self.request)
self.assertFalse(is_not_enabled)
@override_settings(ECOMMERCE_PUBLIC_URL_ROOT='http://ecommerce_url')
diff --git a/lms/djangoapps/commerce/utils.py b/lms/djangoapps/commerce/utils.py
index 00ff3bb99f4..e07ec1d9b7a 100644
--- a/lms/djangoapps/commerce/utils.py
+++ b/lms/djangoapps/commerce/utils.py
@@ -44,9 +44,10 @@ class EcommerceService(object):
def __init__(self):
self.config = CommerceConfiguration.current()
- def is_enabled(self):
- """ Check if the service is enabled and that the site is not a microsite. """
- return self.config.checkout_on_ecommerce_service and not helpers.is_request_in_themed_site()
+ def is_enabled(self, request):
+ """ Check if the user is activated, if the service is enabled and that the site is not a microsite. """
+ return (request.user.is_active and self.config.checkout_on_ecommerce_service and not
+ helpers.is_request_in_themed_site())
def payment_page_url(self):
""" Return the URL for the checkout page.
diff --git a/lms/djangoapps/courseware/tests/test_views.py b/lms/djangoapps/courseware/tests/test_views.py
index 889fafa4f66..e26f4470a16 100644
--- a/lms/djangoapps/courseware/tests/test_views.py
+++ b/lms/djangoapps/courseware/tests/test_views.py
@@ -39,6 +39,7 @@ from courseware.testutils import RenderXBlockTestMixin
from courseware.tests.factories import StudentModuleFactory
from courseware.user_state_client import DjangoXBlockUserStateClient
from edxmako.tests import mako_middleware_process_request
+from lms.djangoapps.commerce.utils import EcommerceService # pylint: disable=import-error
from milestones.tests.utils import MilestonesTestCaseMixin
from openedx.core.djangoapps.self_paced.models import SelfPacedConfiguration
from openedx.core.lib.gating import api as gating_api
@@ -271,13 +272,23 @@ class ViewsTestCase(ModuleStoreTestCase):
@ddt.data(True, False)
def test_ecommerce_checkout(self, is_anonymous):
- self.assert_enrollment_link_present(is_anonymous=is_anonymous)
+ if not is_anonymous:
+ self.assert_enrollment_link_present(is_anonymous=is_anonymous)
+ else:
+ request = self.request_factory.get("foo")
+ request.user = AnonymousUser()
+ self.assertEqual(EcommerceService().is_enabled(request), False)
@ddt.data(True, False)
@unittest.skipUnless(settings.FEATURES.get('ENABLE_SHOPPING_CART'), 'Shopping Cart not enabled in settings')
@patch.dict(settings.FEATURES, {'ENABLE_PAID_COURSE_REGISTRATION': True})
def test_ecommerce_checkout_shopping_cart_enabled(self, is_anonymous):
- self.assert_enrollment_link_present(is_anonymous=is_anonymous, _id=True)
+ if not is_anonymous:
+ self.assert_enrollment_link_present(is_anonymous=is_anonymous, _id=True)
+ else:
+ request = self.request_factory.get("foo")
+ request.user = AnonymousUser()
+ self.assertEqual(EcommerceService().is_enabled(request), False)
def test_user_groups(self):
# depreciated function
diff --git a/lms/djangoapps/courseware/views.py b/lms/djangoapps/courseware/views.py
index 60e16b873e5..73a43345c10 100644
--- a/lms/djangoapps/courseware/views.py
+++ b/lms/djangoapps/courseware/views.py
@@ -906,7 +906,7 @@ def course_about(request, course_id):
ecommerce_checkout_link = ''
professional_mode = ''
ecomm_service = EcommerceService()
- if ecomm_service.is_enabled() and (
+ if ecomm_service.is_enabled(request) and (
CourseMode.PROFESSIONAL in modes or CourseMode.NO_ID_PROFESSIONAL_MODE in modes
):
professional_mode = modes.get(CourseMode.PROFESSIONAL, '') or \
@@ -944,7 +944,7 @@ def course_about(request, course_id):
'is_cosmetic_price_enabled': settings.FEATURES.get('ENABLE_COSMETIC_DISPLAY_PRICE'),
'course_price': course_price,
'in_cart': in_cart,
- 'ecommerce_checkout': ecomm_service.is_enabled(),
+ 'ecommerce_checkout': ecomm_service.is_enabled(request),
'ecommerce_checkout_link': ecommerce_checkout_link,
'professional_mode': professional_mode,
'reg_then_add_to_cart_link': reg_then_add_to_cart_link,
--
GitLab