ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DA - assignments api index/show 

fixes CNVS-14074

test plan:
 * setup DA
 * DA feature flag on
 - use the API for the following requests
   - index
     > should only show assignments that the student can see
   - show
     > should return as assignment that the student can see
     > should return an error for assignments that the student
       cannot see

Change-Id: I921ffbab639d96c3bfbf16d0b1df9ef79515f44e
Reviewed-on: https://gerrit.instructure.com/39520
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Liz Abinante <labinante@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
This commit is contained in:
Cameron Sutter 2014-08-19 09:37:46 -06:00
parent 9e06181005
commit 39a2b71f7f
2 changed files with 127 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/controllers/assignments_api_controller.rb
View File

@ -497,6 +497,20 @@ class AssignmentsApiController < ApplicationController
scope = scope.published
end
if @context.feature_enabled?(:differentiated_assignments) && !@context.grants_any_right?(@current_user, :read_as_admin, :manage_grades, :manage_assignments)
student_ids = [@current_user.id]
if @context.user_has_been_observer?(@current_user)
observed_student_ids = ObserverEnrollment.observed_student_ids(@context, @current_user)
student_ids.concat(observed_student_ids)
# if observer has no students, let them see any assignments already in the scope
# otherwise, filter assignments by observed student visibilities
scope = scope.visible_to_student_in_course_with_da(student_ids, @context.id) if observed_student_ids.any?
else
scope = scope.visible_to_student_in_course_with_da(student_ids, @context.id)
end
end
assignments = Api.paginate(scope, self, api_v1_course_assignments_url(@context))
if Array(params[:include]).include?('submission')
@ -543,6 +557,8 @@ class AssignmentsApiController < ApplicationController
@assignment = @context.active_assignments.find(params[:id],
:include => [:assignment_group, :rubric_association, :rubric])
if authorized_action(@assignment, @current_user, :read)
return render_unauthorized_action unless @assignment.visible_to_user?(@current_user)
if Array(params[:include]).include?('submission')
submission = @assignment.submissions.for_user(@current_user).first
end

113
spec/apis/v1/assignments_api_spec.rb
View File

@ -280,8 +280,23 @@ describe AssignmentsApiController, type: :request do
end
describe "differentiated assignments" do
def setup_DA
@course_section = @course.course_sections.create
@student1, @student2, @student3 = create_users(3, return_type: :record)
@assignment = @course.assignments.create!(title: "title", only_visible_to_overrides: true)
@course.enroll_student(@student2, :enrollment_state => 'active')
@section = @course.course_sections.create!(name: "test section")
@section2 = @course.course_sections.create!(name: "second test section")
student_in_section(@section, user: @student1)
create_section_override_for_assignment(@assignment, {course_section: @section})
@assignment2 = @course.assignments.create!(title: "title2", only_visible_to_overrides: true)
create_section_override_for_assignment(@assignment2, {course_section: @section2})
@course.reload
end
before :once do
course_with_teacher(:active_all => true)
course_with_teacher_logged_in(:active_all => true)
@assignment = @course.assignments.create :name => 'differentiated assignment'
end
@ -298,7 +313,7 @@ describe AssignmentsApiController, type: :request do
end
it "should include visibility data if included" do
@course.account.enable_feature!(:differentiated_assignments)
@course.enable_feature!(:differentiated_assignments)
json = api_call(:get,
"/api/v1/courses/#{@course.id}/assignments.json",
{
@ -311,6 +326,74 @@ describe AssignmentsApiController, type: :request do
a.has_key?("assignment_visibility").should == true
end
end
it "should show all assignments" do
@course.enable_feature!(:differentiated_assignments)
setup_DA
count = @course.assignments.reload.length
json = api_get_assignments_index_from_course(@course)
json.length.should == count
end
context "as a student" do
before :once do
course(:active_all => true)
@course.enable_feature!(:differentiated_assignments)
setup_DA
end
it "should show visible assignments" do
user_session @student1
@user = @student1
json = api_get_assignments_index_from_course(@course)
json.length.should == 1
json.first["id"].should == @assignment.id
end
it "should not show non-visible assignments" do
user_session @student2
@user = @student2
json = api_get_assignments_index_from_course(@course)
json.should == []
end
end
context "as an observer" do
before :once do
course(:active_all => true)
@course.enable_feature!(:differentiated_assignments)
setup_DA
@observer = User.create
@observer_enrollment = @course.enroll_user(@observer, 'ObserverEnrollment', :section => @course.course_sections.first, :enrollment_state => 'active', :allow_multiple_enrollments => true)
end
it "should show assignments visible to observed student" do
@observer_enrollment.update_attribute(:associated_user_id, @student1.id)
user_session @observer
@user = @student1
json = api_get_assignments_index_from_course(@course)
json.length.should == 1
json.first["id"].should == @assignment.id
end
it "should not show assignments not visible to observed student" do
@observer_enrollment.update_attribute(:associated_user_id, @student2.id)
user_session @observer
@user = @student2
json = api_get_assignments_index_from_course(@course)
json.should == []
end
it "should show assignments visible to any of the observed students" do
@observer_enrollment.update_attribute(:associated_user_id, @student2.id)
@course.enroll_user(@observer, "ObserverEnrollment", {:allow_multiple_enrollments => true, :associated_user_id => @student1.id})
user_session @observer
@user = @student1
json = api_get_assignments_index_from_course(@course)
json.length.should == 1
json.first["id"].should == @assignment.id
end
end
end
it "includes submission info with include flag" do
@ -1896,6 +1979,13 @@ describe AssignmentsApiController, type: :request do
)
end
it "returns any assignment" do
json1 = api_get_assignment_in_course @assignment1, @course
json1["id"].should == @assignment1.id
json2 = api_get_assignment_in_course @assignment2, @course
json2["id"].should == @assignment2.id
end
it "includes assignment_visibility" do
json = visibility_api_request @assignment1
json.has_key?("assignment_visibility").should == true
@ -1908,6 +1998,25 @@ describe AssignmentsApiController, type: :request do
json["assignment_visibility"].include?(@student2.id).should == true
json["assignment_visibility"].include?(@student3.id).should == true
end
context "as a student" do
it "should return a visible assignment" do
user_session @student1
@user = @student1
json = api_get_assignment_in_course @assignment1, @course
json["id"].should == @assignment1.id
end
it "should return an error for a non-visible assignment" do
user_session @student2
@user = @student2
json = api_call(:get,
"/api/v1/courses/#{@course.id}/assignments/#{@assignment1.id}.json",
{ :controller => "assignments_api", :action => "show",
:format => "json", :course_id => @course.id.to_s,
:id => @assignment1.id.to_s }, {}, {}, {:expected_status => 401})
end
end
end
end