test: enhance authorization tests for about page access and visibility

BryanttV · BryanttV · commit 95a51b74ddc3 · 2026-06-09T17:38:51.000-05:00
diff --git a/lms/djangoapps/courseware/tests/test_about.py b/lms/djangoapps/courseware/tests/test_about.py
@@ -9,6 +9,7 @@
 
 import ddt
 import pytz
+from crum import set_current_request
 from django.conf import settings
 from django.test.utils import override_settings
 from django.urls import reverse
@@ -224,7 +225,12 @@ def test_about_page_public_view(self, course_visibility):
             self.assertContains(resp, "Enroll Now")
 
 
-class AuthzAboutPageTestCase(CourseAuthoringAuthzTestMixin, LoginEnrollmentTestCase, SharedModuleStoreTestCase):
+class AuthzAboutPageTestCase(
+    CourseAuthoringAuthzTestMixin,
+    LoginEnrollmentTestCase,
+    SharedModuleStoreTestCase,
+    EventTrackingTestCase,
+):
     """
     About page HTTP access when AuthZ course authoring is enabled.
     """
@@ -237,11 +243,16 @@ def setUpClass(cls):
         CourseDetails.update_about_item(cls.course_without_about, "overview", "WITHOUT ABOUT", None)
         CourseDetails.update_about_item(cls.course_with_about, "overview", "WITH ABOUT", None)
 
+    def setUp(self):
+        super().setUp()
+        self.addCleanup(set_current_request, None)
+        self.assertTrue(  # noqa: PT009
+            self.client.login(username=self.unauthorized_user.username, password=self.password)
+        )
+
     @override_settings(COURSE_ABOUT_VISIBILITY_PERMISSION="see_about_page")
     def test_about_page_honors_catalog_visibility_without_authz_role(self):
         """A learner without AuthZ roles can view catalog-visible about pages."""
-        self.client.force_login(self.unauthorized_user)
-
         url = reverse("about_course", args=[str(self.course_with_about.id)])
         resp = self.client.get(url)
         self.assertContains(resp, "WITH ABOUT")
diff --git a/lms/djangoapps/courseware/tests/test_access.py b/lms/djangoapps/courseware/tests/test_access.py
@@ -26,7 +26,6 @@
 
 import lms.djangoapps.courseware.access as access
 import lms.djangoapps.courseware.access_response as access_response
-from common.djangoapps.student.auth import add_users
 from common.djangoapps.student.models import CourseEnrollment
 from common.djangoapps.student.roles import CourseCcxCoachRole, CourseLimitedStaffRole, CourseStaffRole
 from common.djangoapps.student.tests.factories import (
@@ -1087,9 +1086,8 @@ def test_course_staff_bypass_when_catalog_hidden(self):
 
     def test_limited_staff_bypass_when_catalog_hidden(self):
         """Limited staff inherit staff bypass for about-page access."""
-        course_staff = StaffFactory.create(course_key=self.course_hidden.id)
         limited_staff = UserFactory.create()
-        add_users(course_staff, CourseLimitedStaffRole(self.course_hidden.id), limited_staff)
+        CourseLimitedStaffRole(self.course_hidden.id).add_users(limited_staff)
 
         response = self._see_about_page_response(limited_staff, self.course_hidden)
 
