Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_runtime_prevents_student_writes_to_non_student_fields(self):
rt = xblock_module.Runtime(MockHandler(), is_admin=True)
usage_id = parse_xml_string(rt, 'Test')
# Load the block in student role
rt = xblock_module.Runtime(MockHandler(), student_id='s23')
block = rt.get_block(usage_id)
self.assertEqual('Test', block.content)
block.content = 'Something else'
try:
block.save()
self.fail('Expected InvalidScopeError')
except xblock.exceptions.InvalidScopeError:
pass # Expected exception
# Load the block in admin role
rt = xblock_module.Runtime(MockHandler(), is_admin=True)
block = rt.get_block(usage_id)
block.content = 'Something else'
block.save() # No exception
def _field_data(self, block, name):
"""Return the field data for the field `name` on the :class:`~xblock.core.XBlock` `block`"""
scope = block.fields[name].scope
if scope not in self._scope_mappings:
raise InvalidScopeError(scope)
return self._scope_mappings[scope]
def delete(self, block, name):
raise InvalidScopeError("{block}.{name} is read-only, cannot delete".format(block=block, name=name))
def __init__(self, invalid_scope, valid_scopes=None):
super(InvalidScopeError, self).__init__()
if valid_scopes:
self.message = "Invalid scope: {}. Valid scopes are: {}".format(
invalid_scope,
valid_scopes,
)
else:
self.message = "Invalid scope: {}".format(invalid_scope)
def set(self, block, name, value):
raise InvalidScopeError("{block}.{name} is read-only, cannot set".format(block=block, name=name))