Last active
August 29, 2015 14:25
-
-
Save dcollien/a44c0d8a57a7b7a53413 to your computer and use it in GitHub Desktop.
ol auth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests, json, string, os | |
chars = string.ascii_lowercase | |
random_crap = ''.join(chars[ord(x) % len(chars)] for x in os.urandom(16)) | |
# Auth | |
credentials = {'user': 'testapiuser', 'password': 'test1234'} | |
request_url = "https://www.openlearning.com/json/auth" | |
response = requests.post(request_url, data=credentials) | |
token = response.cookies["auth_token"].replace('"', '') | |
print 'Auth Token:', token | |
auth_header = {'Authorization': 'OLAUTH', "X-Auth-Token" : token} | |
request_root = "https://www.openlearning.com/json/" | |
# Create a page | |
request_url = request_root + "page/create" | |
request_data = {"path" : "/u/testapiuser/test_page_" + random_crap} | |
print 'requesting', request_url, request_data | |
response = requests.post(request_url, data=request_data, headers=auth_header) | |
response_data = json.loads(response.content) | |
print response_data | |
page_path = request_data['path'] | |
page_id = response_data['id'] | |
print page_path, page_id | |
# Add some content | |
request_url = request_root + "block/create" | |
request_data = {"pageID": page_id, "widgetType": "RichTextWidget"} | |
print 'requesting', request_url, request_data | |
response = requests.post(request_url, data=request_data, headers=auth_header) | |
response_data = json.loads(response.content) | |
print response_data | |
# Set Permissions | |
# schemes: | |
# 'anon' - users who are not logged in can access | |
# 'any' - users who are members of ANY of the 'groups' listed can access | |
# 'all' - users who are members of ALL of the 'groups' listed can access | |
# 'condition' - users who satisfy the 'condition' field can access | |
# groups: | |
# user:<profile name> - the group of 1 user with that profile name | |
# id:<group path> - the group of users who are members of legacy group page at "group path", e.g. 'id:courses/mycourse/somegroup' | |
# | |
## course:<course path> - is enrolled in course <course path> | |
## admin:<course path> - is a course admin of <course path> | |
## class:<cohort path> - is enrolled in the <cohort path> class | |
## teacher:<cohort path> - is a teacher in the <cohort path> class | |
## courseteacher:<course path> - is a teacher for any class in <course path> | |
## profile:<profile path> - has access to view the profile at <profile path> | |
## | |
## after:<date> - TODO: all users after this date | |
## before:<date> - TODO: all users before this date | |
## after-due:<page identifier> - TODO: all users after the page is due | |
## before-due:<page identifier> - TODO: all users before the page is due | |
## completed:<page identifier> - TODO: user has completed the page identified by <page identifier> | |
## assessor:<cohort path> - TODO: user is an assessor in the <cohort path> class (currently added only for teachers) | |
## assessor:<page identifier> - TODO: user is an assessor of the page identified by <page identifier> | |
# condition: | |
# list RPN of group ID, with 'AND', 'OR', 'NOT' keywords | |
# context: the rule for how permissions should be inherited (when the permissions of a parent page is updated). | |
# 'custom' - never update, this has a custom setting | |
# 'profile', 'course', 'class', 'site', 'parent' - update according to these contexts | |
permissions_data = { | |
'read': { | |
'scheme': 'anon', | |
'condition': [], | |
'groups': [] | |
}, | |
'write': { | |
'scheme': 'any', | |
'condition': [], | |
'groups': ['user:testapiuser'] | |
}, | |
'admin': { | |
'scheme': 'any', | |
'condition': [], | |
'groups': [u'user:testapiuser'] | |
}, | |
'context': 'custom' | |
} | |
request_url = request_root + "page/multi/update/" + page_path | |
request_data = {"methodsJSON": json.dumps( | |
[ | |
{ | |
"method": "setAccess", | |
"args": { | |
"permissions": permissions_data | |
} | |
} | |
] | |
)} | |
print 'requesting', request_url, request_data | |
response = requests.post(request_url, data=request_data, headers=auth_header) | |
response_data = json.loads(response.content) | |
print response_data | |
# Check Permissions | |
request_url = request_root + "page/read/getAccess/" + page_path | |
print 'requesting', request_url | |
response = requests.get(request_url, headers=auth_header) | |
response_data = json.loads(response.content) | |
print response_data |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment