restrict former self-enrollment enabled courses through account

test plan: * enable self-enrollment on the root account * enable self-enrollment on a course * disable self-enrollment on the root account * self-enrollment should not work on the course closes #CNVS-9109 Change-Id: Ic186497ae11376c00872200460d9850e4dfecc38 Reviewed-on: https://gerrit.instructure.com/39684 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Hilary Scharton <hilary@instructure.com>
2014-08-21 07:07:27 -06:00 · 2014-08-21 07:07:27 -06:00 · 70a6d79bad
parent 59e62577d0
commit 70a6d79bad
14 changed files with 86 additions and 35 deletions
--- a/app/models/account.rb
+++ b/app/models/account.rb
@ -1071,6 +1071,11 @@ class Account < ActiveRecord::Base
    end
  end

+  def allow_self_enrollment!(setting='any')
+    settings[:self_enrollment] = setting
+    self.save!
+  end
+
  TAB_COURSES = 0
  TAB_STATISTICS = 1
  TAB_PERMISSIONS = 2
--- a/app/models/course.rb
+++ b/app/models/course.rb
@ -777,12 +777,16 @@ class Course < ActiveRecord::Base
    !!(self.account && self.account.self_enrollment_allowed?(self))
  end

+  def self_enrollment_enabled?
+    self.self_enrollment? && self.self_enrollment_allowed?
+  end
+
  def self_enrollment_code
    read_attribute(:self_enrollment_code) || set_self_enrollment_code
  end

  def set_self_enrollment_code
-    return if !self_enrollment? || read_attribute(:self_enrollment_code)
+    return if !self_enrollment_enabled? || read_attribute(:self_enrollment_code)

    # subset of letters and numbers that are unambiguous
    alphanums = 'ABCDEFGHJKLMNPRTWXY346789'
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -266,7 +266,7 @@ class User < ActiveRecord::Base
    elsif record.validation_root_account
      course = record.validation_root_account.self_enrollment_course_for(value)
      record.self_enrollment_course = course
-      if course && course.self_enrollment?
+      if course && course.self_enrollment_enabled?
        record.errors.add(attr, "full") if course.self_enrollment_limit_met?
        record.errors.add(attr, "already_enrolled") if course.user_is_student?(record, :include_future => true)
      else
--- a/app/views/courses/settings.html.erb
+++ b/app/views/courses/settings.html.erb
@ -294,7 +294,7 @@ TEXT
      </tr><tr>
        <td></td>
        <td colspan="3">
-          <span class="self_enrollment_message" style="<%= hidden unless @context.self_enrollment %>">
+          <span class="self_enrollment_message" style="<%= hidden unless @context.self_enrollment_enabled? %>">
            <% if @context.root_account.self_registration? %>
              <%= t 'course_open_enrollment', <<-TEXT, :url => enroll_url(@context.self_enrollment_code || '{{ self_enrollment_code }}'), :url2 => register_url, :code => @context.self_enrollment_code || '{{ self_enrollment_code }}', :wrapper => '<b>\1</b>'
                    This course has enabled open enrollment. Students can
--- a/app/views/courses/show.html.erb
+++ b/app/views/courses/show.html.erb
@ -101,7 +101,7 @@
      <% end %>
    <% end %>

-    <% if @context.available? && @context.self_enrollment && @context.open_enrollment && (!@context_enrollment || !@context_enrollment.active?) %>
+    <% if @context.available? && @context.self_enrollment_enabled? && @context.open_enrollment && (!@context_enrollment || !@context_enrollment.active?) %>
      <div class="rs-margin-lr rs-margin-top">
        <a href="<%= enroll_url(@context.self_enrollment_code) %>" title="<%= t('links.join_course', %{Join this Course}) %>" class="btn button-sidebar-wide self_enrollment_link" data-open-as-dialog><i class="icon-user-add"></i>  <%= t('links.join_course', %{Join this Course}) %></a>
      </div>
--- a/app/views/self_enrollments/new.html.erb
+++ b/app/views/self_enrollments/new.html.erb
@ -13,7 +13,7 @@

 <div id="modal-box">
  <h2><%= t('titles.course_enrollment', 'Enroll in %{course}', :course => @course.name) %></h2>
-  <% if !@course.self_enrollment? %>
+  <% if !@course.self_enrollment_enabled? %>
    <%= render :partial => 'enrollment_closed' %>
  <% elsif @current_user && @course.user_is_student?(@current_user, :include_future => true) %>
    <% if params[:enrolled] %>
--- a/spec/apis/v1/courses_api_spec.rb
+++ b/spec/apis/v1/courses_api_spec.rb
@ -490,6 +490,7 @@ describe CoursesController, type: :request do

    context "an account admin" do
      it "should be able to update a course" do
+        @course.root_account.allow_self_enrollment!
        Auditors::Course.expects(:record_updated).once

        json = api_call(:put, @path, @params, @new_values)
--- a/spec/apis/v1/enrollments_api_spec.rb
+++ b/spec/apis/v1/enrollments_api_spec.rb
@ -472,6 +472,7 @@ describe EnrollmentsApiController, type: :request do
    context "self enrollment" do
      before :once do
        course(active_all: true)
+        @course.root_account.allow_self_enrollment!
        @course.update_attribute(:self_enrollment, true)
        @unenrolled_user = user_with_pseudonym
        @path = "/api/v1/courses/#{@course.id}/enrollments"
@ -518,6 +519,21 @@ describe EnrollmentsApiController, type: :request do
        new_enrollment.should be_active
        new_enrollment.should be_self_enrolled
      end
+
+      it "should not let anyone self-enroll if account disables it" do
+        account = @course.root_account
+        account.settings.delete(:self_enrollment)
+        account.save!
+
+        json = raw_api_call :post, @path, @path_options,
+                        {
+                            enrollment: {
+                                user_id: 'self',
+                                self_enrollment_code: @course.self_enrollment_code
+                            }
+                        }
+        response.code.should eql '400'
+      end
    end
  end

--- a/spec/controllers/self_enrollments_controller_spec.rb
+++ b/spec/controllers/self_enrollments_controller_spec.rb
@ -22,6 +22,7 @@ describe SelfEnrollmentsController do
  describe "GET 'new'" do
    before do
      course(:active_all => true)
+      @course.root_account.allow_self_enrollment!
      @course.update_attribute(:self_enrollment, true)
    end

--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -386,38 +386,37 @@ describe UsersController do
        u.pseudonym.should be_password_auto_generated
      end

-      it "should ignore the password if self enrolling with an email pseudonym" do
-        course(:active_all => true)
-        @course.update_attribute(:self_enrollment, true)
+      context "self enrollment" do
+        before(:once) do
+          course(:active_all => true)
+          @course.root_account.allow_self_enrollment!
+          @course.update_attribute(:self_enrollment, true)
+        end

-        post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com', :password => 'asdfasdf', :password_confirmation => 'asdfasdf' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'email', :self_enrollment => '1'
-        response.should be_success
-        u = User.find_by_name 'Jacob Fugal'
-        u.should be_pre_registered
-        u.pseudonym.should be_password_auto_generated
-      end
+        it "should ignore the password if self enrolling with an email pseudonym" do
+          post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com', :password => 'asdfasdf', :password_confirmation => 'asdfasdf' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'email', :self_enrollment => '1'
+          response.should be_success
+          u = User.find_by_name 'Jacob Fugal'
+          u.should be_pre_registered
+          u.pseudonym.should be_password_auto_generated
+        end

-      it "should require a password if self enrolling with a non-email pseudonym" do
-        course(:active_all => true)
-        @course.update_attribute(:self_enrollment, true)
+        it "should require a password if self enrolling with a non-email pseudonym" do
+          post 'create', :pseudonym => { :unique_id => 'jacob' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1'
+          assert_status(400)
+          json = JSON.parse(response.body)
+          json["errors"]["pseudonym"]["password"].should be_present
+          json["errors"]["pseudonym"]["password_confirmation"].should be_present
+        end

-        post 'create', :pseudonym => { :unique_id => 'jacob' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1'
-        assert_status(400)
-        json = JSON.parse(response.body)
-        json["errors"]["pseudonym"]["password"].should be_present
-        json["errors"]["pseudonym"]["password_confirmation"].should be_present
-      end
-
-      it "should auto-register the user if self enrolling" do
-        course(:active_all => true)
-        @course.update_attribute(:self_enrollment, true)
-
-        post 'create', :pseudonym => { :unique_id => 'jacob', :password => 'asdfasdf', :password_confirmation => 'asdfasdf' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1'
-        response.should be_success
-        u = User.find_by_name 'Jacob Fugal'
-        @course.students.should include(u)
-        u.should be_registered
-        u.pseudonym.should_not be_password_auto_generated
+        it "should auto-register the user if self enrolling" do
+          post 'create', :pseudonym => { :unique_id => 'jacob', :password => 'asdfasdf', :password_confirmation => 'asdfasdf' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1'
+          response.should be_success
+          u = User.find_by_name 'Jacob Fugal'
+          @course.students.should include(u)
+          u.should be_registered
+          u.pseudonym.should_not be_password_auto_generated
+        end
      end

      it "should validate the observee's credentials" do
--- a/spec/models/content_migration/course_copy_spec.rb
+++ b/spec/models/content_migration/course_copy_spec.rb
@ -301,6 +301,7 @@ describe ContentMigration do
    end

    it "should copy course attributes" do
+      Account.default.allow_self_enrollment!
      #set all the possible values to non-default values
      @copy_from.start_at = 5.minutes.ago
      @copy_from.conclude_at = 1.month.from_now
--- a/spec/models/course_spec.rb
+++ b/spec/models/course_spec.rb
@ -430,6 +430,8 @@ describe Course do
    end

    it "should clear content" do
+      @course.root_account.allow_self_enrollment!
+
      @course.discussion_topics.create!
      @course.quizzes.create!
      @course.assignments.create!
@ -477,6 +479,22 @@ describe Course do
      @course.replacement_course_id.should == @new_course.id
    end

+    it "should not have self enrollment enabled if account setting disables it" do
+      @course.self_enrollment = true
+      @course.save!
+      @course.self_enrollment_enabled?.should == false
+
+      account = @course.root_account
+      account.allow_self_enrollment!
+      @course.self_enrollment = true
+      @course.save!
+      @course.reload.self_enrollment_enabled?.should == true
+
+      account.settings.delete(:self_enrollment)
+      account.save!
+      @course.reload.self_enrollment_enabled?.should == false
+    end
+
    it "should retain original course profile" do
      data = {:something => 'special here'}
      description = 'simple story'
@ -3218,7 +3236,10 @@ end

 describe Course do
  describe "self_enrollment" do
-    let_once(:c1) { course }
+    let_once(:c1) do
+      Account.default.allow_self_enrollment!
+      course
+    end
    it "should generate a unique code" do
      c1.self_enrollment_code.should be_nil # normally only set when self_enrollment is enabled
      c1.update_attribute(:self_enrollment, true)
--- a/spec/selenium/self_enrollment_spec.rb
+++ b/spec/selenium/self_enrollment_spec.rb
@ -5,6 +5,7 @@ describe "self enrollment" do

  context "in a full course" do
    it "should not be allowed" do
+      Account.default.allow_self_enrollment!
      course(:active_all => true)
      @course.self_enrollment = true
      @course.self_enrollment_limit = 0
@ -66,6 +67,7 @@ describe "self enrollment" do

  shared_examples_for "closed registration" do
    before do
+      Account.default.allow_self_enrollment!
      course(:active_all => active_course)
      set_up_course
      @course.update_attribute(:self_enrollment, true)
--- a/spec/selenium/users_spec.rb
+++ b/spec/selenium/users_spec.rb
@ -226,6 +226,7 @@ describe "users" do

    it "should register a student with a join code" do
      course(:active_all => true)
+      @course.root_account.allow_self_enrollment!
      @course.update_attribute(:self_enrollment, true)

      get '/register'