Add settings to make course public to auth users

closes PFS-884, PFS-885, PFS-886, PFS-887, PFS-888, PFS-889, PFS-891, PFS-892 Test Plan: 1) View a course that is public (Possibly take a screenshot) 2) Go the settings for that course and check 'Make this course visible to authenticated users' 3) Attempt to view that course without being logged in. You should not be able to. 4) Login but make sure you aren't enrolled in that course and you should see the identical page that was seen when the page was public 5) Enroll in the course and it should appear normally. Change-Id: I5303874c80db9d19c838ef44581102f4dfaf5f29 Reviewed-on: https://gerrit.instructure.com/46550 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Sean Mikkelsen <smikkelsen@instructure.com> Reviewed-by: Dan Minkevitch <dan@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Reviewed-by: Cody Tanner <ctanner@instructure.com> Product-Review: Cody Tanner <ctanner@instructure.com> QA-Review: Cody Tanner <ctanner@instructure.com> Tested-by: Cody Tanner <ctanner@instructure.com>
2015-01-08 10:35:09 -07:00 · 2015-01-08 10:35:09 -07:00 · 47889f7c65
parent 90b4e4fa8d
commit 47889f7c65
6 changed files with 25 additions and 5 deletions
--- a/app/controllers/courses_controller.rb
+++ b/app/controllers/courses_controller.rb
@ -200,6 +200,10 @@ require 'set'
 #           "example": true,
 #           "type": "boolean"
 #         },
+#         "is_public_to_auth_users": {
+#           "example": true,
+#           "type": "boolean"
+#         },
 #         "public_syllabus": {
 #           "example": true,
 #           "type": "boolean"
@ -455,6 +459,9 @@ class CoursesController < ApplicationController
  # @argument course[is_public] [Boolean]
  #   Set to true if course if public.
  #
+  # @argument course[is_public_to_auth_users] [Boolean]
+  #   Set to true if course if public to authenticated users.
+  #
  # @argument course[public_syllabus] [Boolean]
  #   Set to true to make the course syllabus public.
  #
@ -574,7 +581,7 @@ class CoursesController < ApplicationController
            @current_user,
            session,
            [:start_at, course_end, :license,
-             :is_public, :public_syllabus, :allow_student_assignment_edits, :allow_wiki_comments,
+             :is_public, :is_public_to_auth_users, :public_syllabus, :allow_student_assignment_edits, :allow_wiki_comments,
             :allow_student_forum_attachments, :open_enrollment, :self_enrollment,
             :root_account_id, :account_id, :public_description,
             :restrict_enrollments_to_course_dates, :hide_final_grades], nil)
--- a/app/models/course.rb
+++ b/app/models/course.rb
@ -38,6 +38,7 @@ class Course < ActiveRecord::Base
                  :conclude_at,
                  :grading_standard_id,
                  :is_public,
+                  :is_public_to_auth_users,
                  :allow_student_wiki_edits,
                  :show_public_context_messages,
                  :syllabus_body,
@ -1009,7 +1010,7 @@ class Course < ActiveRecord::Base
  end

  set_policy do
-    given { |user| self.available? && self.is_public }
+    given { |user, session| self.available? && (self.is_public || (self.is_public_to_auth_users && session.present? && session.has_key?(:user_id)))  }
    can :read and can :read_outcomes and can :read_syllabus

    given { |user| self.available? && self.public_syllabus }
@ -2124,7 +2125,7 @@ class Course < ActiveRecord::Base
      else scope.none
    end
  end
-  
+
  def sections_visible_to(user, sections = active_course_sections)
    visibilities = section_visibilities_for(user)
    visibility = enrollment_visibility_level_for(user, visibilities)
@ -2450,6 +2451,7 @@ class Course < ActiveRecord::Base
  add_setting :large_roster, :boolean => true, :default => lambda { |c| c.root_account.large_course_rosters? }
  add_setting :public_syllabus, :boolean => true, :default => false
  add_setting :course_format
+  add_setting :is_public_to_auth_users, :boolean => true, :default => false

  def user_can_manage_own_discussion_posts?(user)
    return true if allow_student_discussion_editing?
@ -2516,7 +2518,7 @@ class Course < ActiveRecord::Base
      self.save!
      # Assign original course profile to the new course (automatically saves it)
      new_course.profile = self.profile unless self.profile.new_record?
-      
+
      Course.find(new_course.id)
    end
  end
--- a/app/views/courses/settings.html.erb
+++ b/app/views/courses/settings.html.erb
@ -246,6 +246,12 @@ TEXT
            <%= f.label :is_public, :en => "Make this course publicly visible" %>
            <span class="aside checklabelfix"><%= t('help.public_course', %{(student data will remain private)}) %></span>
          </div>
+          <div>
+            <span>
+              <%= f.check_box :is_public_to_auth_users %>
+              <%= f.label :is_public_to_auth_users, :en => "Make this course visible to authenticated users" %>
+            </span>
+          </div>
          <div class="public_options">
            <%= f.check_box :indexed %>
            <%= f.label :indexed, :en => "Include this course in the public course index" %>
--- a/lib/api/v1/course_json.rb
+++ b/lib/api/v1/course_json.rb
@ -27,7 +27,7 @@ module Api::V1
    end

    def methods_to_send
-      methods = ['end_at', 'public_syllabus', 'storage_quota_mb']
+      methods = ['end_at', 'public_syllabus', 'storage_quota_mb', 'is_public_to_auth_users']
      methods << 'hide_final_grades' if @includes.include?(:hide_final_grades)
      methods << 'storage_quota_used_mb' if @includes.include?(:storage_quota_used_mb)
      methods
--- a/spec/apis/v1/courses_api_spec.rb
+++ b/spec/apis/v1/courses_api_spec.rb
@ -297,6 +297,7 @@ describe CoursesController, type: :request do
            'start_at'                             => '2011-01-01T00:00:00-0700',
            'end_at'                               => '2011-05-01T00:00:00-0700',
            'is_public'                            => true,
+            'is_public_to_auth_users'              => false,
            'public_syllabus'                      => true,
            'allow_wiki_comments'                  => true,
            'allow_student_forum_attachments'      => true,
@ -357,6 +358,7 @@ describe CoursesController, type: :request do
            'start_at'                             => '2011-01-01T00:00:00-0700',
            'end_at'                               => '2011-05-01T00:00:00-0700',
            'is_public'                            => true,
+            'is_public_to_auth_users'              => false,
            'public_syllabus'                      => true,
            'allow_wiki_comments'                  => true,
            'allow_student_forum_attachments'      => true,
@ -2071,6 +2073,7 @@ describe CoursesController, type: :request do
        'default_view' => @course1.default_view,
        'public_syllabus' => @course1.public_syllabus,
        'is_public' => @course1.is_public,
+        'is_public_to_auth_users' => @course1.is_public_to_auth_users,
        'workflow_state' => @course1.workflow_state,
        'storage_quota_mb' => @course1.storage_quota_mb,
        'apply_assignment_group_weights' => false,
--- a/spec/apis/v1/stream_items_api_spec.rb
+++ b/spec/apis/v1/stream_items_api_spec.rb
@ -342,6 +342,7 @@ describe UsersController, type: :request do
        'workflow_state' => 'available',
        'public_syllabus' => false,
        'is_public' => @course.is_public,
+        'is_public_to_auth_users' => @course.is_public_to_auth_users,
        'storage_quota_mb' => @course.storage_quota_mb,
        'apply_assignment_group_weights' => false
      },
@ -447,6 +448,7 @@ describe UsersController, type: :request do
        'workflow_state' => 'available',
        'public_syllabus' => false,
        'is_public' => @course.is_public,
+        'is_public_to_auth_users' => @course.is_public_to_auth_users,
        'storage_quota_mb' => @course.storage_quota_mb,
        'apply_assignment_group_weights' => false
      },