fixes MAT-32
flag=none
In order to make this work a couple endpoints now
accept a file verifier as means of authorization similar to
downloading and previewing files elsewhere.
Those endpoints are:
1. FilesController#api_show
* /api/v1/files/:file_id
* /api/v1/:context/:context_id/files/:file_id
2. FilePreviewsController#file_preview
* /files/:file_id/file_preview
test plan:
- As a teacher, link to a user file in a page
- Make sure preview is set to overlay
- As a student, click to preview the file
- The file should preview in the overlay
Change-Id: Iee48359f186a7280e9b3dd772e71357d171e054a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/263505
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Nate Armstrong <narmstrong@instructure.com>
refs INTEROP-6650
flags=none
Test plan
- Upload an inaccessible s3 file to
a migration in Canvas
- Check the attachment it created
and verify you can see the URL
in the error message
Change-Id: I665214875110e9c57fed58b3eb480b2099267fcc
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/261572
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Wagner Goncalves <wagner.goncalves@instructure.com>
Reviewed-by: Evan Battaglia <ebattaglia@instructure.com>
QA-Review: Evan Battaglia <ebattaglia@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
this reverts the spec change introduced in
e97db6ab80 by instead bumping the s3
version.
Change-Id: If6028ebde8b5675b58d5d05adcaa4cc26fbbf6e4
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/227281
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
Fixes: GOOF-701
Note:
- We are no longer using the `workflow_state` attribute form the
Attachment model. We are using AttachmentUploadStatus that is
joined to the Attachment model to retrieve the same results.
We are now using Redis to track the state of the Attachment
per Submission which will allow us to give a more accurate view
of the Attachment state as it is being processed.
Test plan:
- Compile assets for canvas
- Boot up the docker container
- Navigate to a course with the google lti installed
- As a student submit an assignment from google drive
- On the assignment detials, submission details and grade summary
pages (found on the invision links in the ticket) confirm you
see the progress widgets and the files correct upload status
- On the submission details page in the grade book confirm you
can see the icons
- In speedgrader confirm you can see the correct icons on the right
hand sidebar AND confirm they change accrodignly as you change
the submission selected from the dropdown if there are multiple
submissions
Change-Id: I6c1152cb7b450c3c2e3a2ca810233fc222c0967a
Reviewed-on: https://gerrit.instructure.com/180605
Tested-by: Jenkins
Reviewed-by: Joshua Orr <jgorr@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Add model AttachmentProgressStatus that tracks if an upload fails.
This is used instead of the deprecated Attachment#workflow_status
field. The Rails.cache is used store a temporary pending status. If no
pending status or AttachmentProgressStatus for the upload, it is
considered a success
fixes GOOF-709
Test Plan:
* Verify that homework submission from Google works as expected.
Change-Id: I41273eb071ad92ed139e37c994def26065634134
Reviewed-on: https://gerrit.instructure.com/179109
Tested-by: Jenkins
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Reviewed-by: Joshua Orr <jgorr@instructure.com>
Reviewed-by: Derek Bender <djbender@instructure.com>
Reviewed-by: Nick Houle <nhoule@instructure.com>
Product-Review: Nick Houle <nhoule@instructure.com>
Remove submit_assignment parameter used for backwards compatibility with
legacy assignment submission. Add a check so that only an Assignment is
submitted in the SubmitHomeworkService.
refs: GOOF-434
Test Plan:
* Verify that homework submission from Google still works.
Change-Id: Iaa2cffac3447d29fe30f9b57b8e13a00ab6cc275
Reviewed-on: https://gerrit.instructure.com/161899
Reviewed-by: Nick Houle <nhoule@instructure.com>
Reviewed-by: Josh Orr <jgorr@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Tested-by: Jenkins
Product-Review: Michael Guymon <mguymon@instructure.com>
Refs: GOOF-443
Test plan:
- Query the Attachment API and confirm the `workflow_state`
attribute exists in the response
Change-Id: Ie079a70cf30fff255707164cd8881797de5a8c44
Reviewed-on: https://gerrit.instructure.com/162190
Reviewed-by: Michael Guymon <mguymon@instructure.com>
Tested-by: Jenkins
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Josh Orr <jgorr@instructure.com>
closes GOOF-543
each of these slightly different jobs really should be on the same
strand, because they're all calling Attachment#clone_url at their core
Change-Id: I241ca0fd47b696dba17164f8ecbb07f41912e2f3
Reviewed-on: https://gerrit.instructure.com/162278
Reviewed-by: James Williams <jamesw@instructure.com>
Tested-by: Jenkins
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
fixes RECNVS-401
the javascript has already been adapted to expect a progress instead of
the file status blob, that's what causes the bug. give it what it
expects. the progress results are populated during Attachment#clone_url,
and the progress is flagged completed once the worker successfully
completes the job.
test-plan:
- with inst-fs turned off in the account
- have a course with the Google Drive LTI tool enabled
- have a file upload assignment in that course
- as a student in the course, click "Submit Assignment" on the file
upload assignment
- choose the Google Drive tab, authorize a google account, select a
file from the drive, and click submit.
- submit the assignment with the selected file; the submission should
go through without error (will give an error at this point without
this commit)
- click the link to download the submission; should download
Change-Id: I43e991f419a9f81359145d9f40899ecc82675da0
Reviewed-on: https://gerrit.instructure.com/145403
Reviewed-by: Michael Jasper <mjasper@instructure.com>
Tested-by: Jenkins
Reviewed-by: Andrew Huff <ahuff@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes RECNVS-361
instead of just using Attachment.current_root_account.domain
to facilitate the change, all generation of non-public links to external
file storage go through a FileAuthenticator instance that holds the
necessary information about the current user and oauth host
test-plan:
[locally]
- smoke test file uploads and downloads, there should be no impact on
behavior, just a refactor
[once on beta]
- enable inst-fs in your sandbox
- logout of canvas
- open network logging in your browser dev tools and log back in to
canvas
- identify the requests related to the inst-fs login pixel and
corresponding oauth redirects
- the oauth should have occurred against your beta sandbox, not your
production sandbox
- attempt to upload a file; should be successful
Change-Id: Ic859b707908baef84f5ee4dba29f18bdd841abcc
Reviewed-on: https://gerrit.instructure.com/143930
Tested-by: Jenkins
Reviewed-by: Michael Jasper <mjasper@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes RECNVS-237
simplify FilesController#create_pending (which corresponds to the
POST /files/pending route) to do its preflight setup through
api_attachment_preflight. this makes it consistent with other preflight
endpoints, particularly so inst-fs gets used when enabled.
cascaded implications:
* FilesController#create for local uploads is removed in favor of
FilesController#api_create + FilesController#api_create_success
* FilesController#s3_success for s3 uploads is removed in favor of
FilesController#api_create_success
* FilesController#render_attachment_json is removed (was only used by
the previous two removed methods) in favor of the attachment_json
returned by #api_create_success
* JavaScript performing uploads through /files/pending now expects an
{<attachment fields>} shaped response in line with
attachment_json
* JavaScript performing uploads through /files/pending now expects a
'content-type' field in the response instead of 'content_type', in
line with attachment_json
as part of the cleanup, the duplicate_handling parameter was renamed to
on_duplicate to match other preflight endpoints, and the size parameter
was added to the request for quota checking
test-plan:
- generally, uploads that go through /files/pending:
- still work
- work with instfs
- specifically, the uploads that go through /files/pending are:
- uploading an image as an avatar in the user profile
- submitting an assignment via file upload
- conversation messages with attached files
- uploading a file to an eportfolio
- upload image from wiki sidebar (w/o RCE enabled)
- upload files from wiki sidebar (w/o RCE enabled)
- of particular interest to confirm beyond just "appears to work" are:
- attachment(s) are associated with conversation message correctly
after upload
- attachment(s) are associated with submission correctly after upload
- images uploaded to eportfolio are recognized as images
- video files uploaded via wiki sidebar are recognized as video
- image files uploaded via wiki sidebar are recognized as images
Change-Id: I463b3746e8e99a5e503df302664122bf364771c1
Reviewed-on: https://gerrit.instructure.com/141859
Tested-by: Jenkins
QA-Review: Collin Parrish <cparrish@instructure.com>
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
closes CORE-358
This makes it so files uploaded to groups via the sidebar
get the proper attributes to allow inline preview options
to show up in the RCE.
Test Plan:
- Go to a group and create a page
- On that page use the sidebar to upload a file
- Click on the link that appears in the RCE
- Click the link button in the RCE toolbar
- You should see 2 checkbox options related to inline previews
Change-Id: Ic046e737a6ef05c7dc7b7fcc92267832a161d566
Reviewed-on: https://gerrit.instructure.com/134320
Tested-by: Jenkins
Reviewed-by: Brent Burgoyne <bburgoyne@instructure.com>
QA-Review: Tucker McKnight <tmcknight@instructure.com>
Product-Review: Clay Diffrient <cdiffrient@instructure.com>
fixes CNVS-38591
when the inst-fs service is enabled, generate a preflight response
tailored for inst-fs instead of for S3. the service will then receive
the POSTed file data, generate it, and ping Canvas at the embedded
capture URL. compatible with existing Canvas UI.
along the way, some cleanup refactoring in api_attachment_preflight:
* instead of taking submission_context and inferring a folder from
that, have the submission API be responsible for determining the
folder and then just specify it. note that the folder inference was
the only use of submission_context, the submission API was the only
caller of api_preflight_json to specify submission_context, and the
folder option we took over was previously both broken and unused.
* simplify the remaining folder inference code. if a folder is
specified by the code (vs. the user in params), assume they have
necessary access (the :manage_contents permission would fail for a
student making a submission)
* correctly abort if params[:on_duplicate] is invalid. before, if the
UI provided an explicit but invalid value, it would cause a double
render error.
* inline process_attachment_params for update, and skip it on
preflight. the UI never provides any of the possible params but
display_name for preflight, which is then ignored from the
process_attachment_params result because it's treated separately
TODO: tests
* InstFS.upload_preflight_json
* api_attachment_preflight:
- uploading a file to a submission (submissions_api#create_file) when the
submissions_folder feature is enabled stores the file in the user's
submissions folder
- student uploading a file to a submission is not blocked by permissions
- user with :manage_contents permission on a folder is not blocked when
uploading to that folder
- user without :manage_contents permission on a folder is blocked when
attempting to upload to that folder
- no double render error on on_duplicate=invalid
- updates to lock_at, etc., on a file (via files#api_update) stick
* files#api_capture:
- reject if over quota and not flagged quota_exempt
- attachment.locked based on usage rights settings
- attachment.handle_duplicates
- content migration success callback triggered
* InstFS.authenticated_url:
- includes iat claim
- expiration is a timestamp
test-plan:
inst-fs upload happy path:
- have inst-fs service running, have canvas configured to be able to
find and share a secret with it, and enable the inst-fs plugin setting
- go to the files area, or a discussion, or a conversation, etc., and
upload a file.
- the file should be successfully uploaded
- NOTE: known issue, there seems to be a race condition in the service
responding 201 Created with a Location before Canvas is ready to
respond to that Location. This will make the upload appear to fail.
But if you refresh the page, the file should be present. This race
condition will be fixed in a later commit; it has already been filed
as a separate bug.
- attempt to download/preview the file
- download/preview should work, and should be served from inst-fs
quota enforcement:
- configure a course to have a quota
- select a file that should exceed that quota when uploaded
- bypassing the canvas UI, access the preflight endpoint directly
while providing the true size; preflight should fail
- access the preflight endpoint directly while providing a false size
that would fit inside the quota; preflight should succeed
- attempt to POST the file to the returned upload_url with the
returned upload_params; the upload should fail
locking pending usage rights:
- configure the account to lock files without usage rights
- upload a file
- the newly created file should be locked
- assign usage rights to the new file
- it should unlock
path collisions:
- upload a file to a folder
- upload a distinct file but with the same filename to the same folder
- should be prompted to rename or overwrite
- select rename; the newly uploaded file should have the filename
modified to avoid the collision
- repeat, but selecting overwrite; the filename should now refer to
the new file, and the old file should not be accessible in the UI
non-inst-fs unharmed:
- disable the inst-fs plugin setting
- do general regression tests on file uploads (whether S3 or local
storage)
Change-Id: I2bff1e3c31a3ed0955c29e677a422b7149253318
Reviewed-on: https://gerrit.instructure.com/124929
Tested-by: Jenkins
Reviewed-by: Andrew Huff <ahuff@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
Change-Id: I68cd388bbf7d22d7608a68fbb075493e4a1709fc
Reviewed-on: https://gerrit.instructure.com/120423
Tested-by: Jenkins
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
most of these are simple fixes, but there are a few where the spec has
actually been broken due to underlying API changes, that were masked
due to the generic raise_error matcher
fixes CNVS-35542
Change-Id: I982e7ab9af59101b79fdf6b2e0816b374a6a6d5b
Reviewed-on: https://gerrit.instructure.com/104750
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins
Product-Review: Jon Jensen <jon@instructure.com>
QA-Review: Jon Jensen <jon@instructure.com>
Fixes CNVS-34757
On the back-end, automatically localize numbers that are part of a
localized string even if the developer has forgotten to do so
explicitly. We already did this for the %{count} placeholder, now
do it for any interpolated number. Any explicitly localized numbers
will be unaffected.
Test plan:
* Confirm localization works as per usual
* Confirm this new behavior works in places where we don't explicitly
localize the number, e.g. upload a bigger file than is allowed by the
quota and confirm the error message says something like "file size
exceeds quota limits: 2,097,152 bytes" (instead of "2097152 bytes")
Change-Id: I6896a2c31b1f6debad96c974b1c8b95f653268d9
Reviewed-on: https://gerrit.instructure.com/101137
Reviewed-by: Simon Williams <simon@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
QA-Review: Cemal Aktas <caktas@instructure.com>
Product-Review: Jon Jensen <jon@instructure.com>
closes CNVS-33615
test plan:
* upload and download files using S3
* submit an assignment
* do an SIS import with parallel
* do a course copy
* export and import a course
* upload some custom css file in theme editor
* test a canvadoc and crocodoc preview
Change-Id: I9145b39728938e7e5903d23c4a4598fc8df4ef45
Reviewed-on: https://gerrit.instructure.com/93002
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
Also adds a `audio/mp3` => `audio` mime_class mapping.
closes CNVS-31340
refs CNVS-30900
test plan:
- Hit a files-related API endpoint that uses `attachment_json` under the
hood. I was using:
`/api/v1/folders/:folder_id/files?per_page=50&include[]=preview_url`
- Observe that `mime_class` & `media_entry_id` values are included.
Change-Id: I3ea854b9bfff0eb3e629b0ffd3dc75fe0694b93a
Reviewed-on: https://gerrit.instructure.com/88686
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: John Corrigan <jcorrigan@instructure.com>
fixes CNVS-20737
When working with files, the modified_at attribute is now updated when
the modified_by attribute is changed. We are doing this because
updated_at doesn't property reflect the file change, just the record
change.
Test Plan
Given you're using something like Postman to test the api
When you upload a file via the api
Then the 'modified_at' attribute should be set to the time it was
modified
Given you're using something like Postman to test the api
And you have all ready uploaded a file
When you update the file content (not just renaming it)
Then the 'modified_at' attribute should be set to the time it was
modified
Given you're using something like Postman to test the api
And you have all ready uploaded a file
And the file that was uploaded modified_at attribute is null (because
the file was uploaded before this change)
When you "GET" the file via the api
Then the 'modified_at' attribute should be set to the same value as its
"updated_at" attribute.
Change-Id: I6b1fe761d0a0ed29ce436b178ced7f4c79bb1039
Reviewed-on: https://gerrit.instructure.com/55315
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
Product-Review: Sterling Cobb <sterling@instructure.com>
QA-Review: Jahnavi Yetukuri <jyetukuri@instructure.com>
Addresses an issue where previews weren't getting
queued up for generation in notorious.
fixes CNVS-13756
refs CNVS-17946
Test Plan:
* Enable "Better File Browsing" feature flag
* Upload a video file to a course's Files page
* After the upload has completed, try previewing the file
* If the file preview is unavailable, a message should display
stating that the conversion has been queued. Close
the preview, then try opening it again after a few seconds/minutes.
* The file preview modal should have the video file
displayed and playing.
* Repeat the above steps, but for an audio file instead.
Change-Id: I4f0e47d569b5ab22e777519b2baae80c4a8ff3ae
Reviewed-on: https://gerrit.instructure.com/50593
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jahnavi Yetukuri <jyetukuri@instructure.com>
Product-Review: Dan Minkevitch <dan@instructure.com>
Also adds the folder_id to files that are returned from the list files
endpoint
closes CNVS-18385
Test Plan:
- Add several folders to a context (course, group, user)
These should include nested folders.
- Perform api calls against /api/v1/<context>/<context_id>/folders
- You should receive a flat list of all folders
- Perform an api call against /api/v1/<context>/<context_id>/files
- You should receive a flat list of all files the files should
now contain a folder_id attribute
Change-Id: I9a86899161438a9673f9c31a54c5a6ee6e5f6884
Reviewed-on: https://gerrit.instructure.com/48338
Tested-by: Jenkins
QA-Review: Clare Strong <clare@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
test plan:
- upload a file via the API using the POST workflow
- upload a file via the API using the remote URL workflow
- examine both Attachment objects via the Rails console.
the user_id should be set to the uploading user
refs CNVS-11219
Change-Id: Ic61901f7dfac99d74efc57e42e97b90aaf133433
Reviewed-on: https://gerrit.instructure.com/33513
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Mark Severson <markse@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Change-Id: Ib90c12b99d30853a0a1a0235c9aa1b5dd645f614
fixes: CNVS-11949
Reviewed-on: https://gerrit.instructure.com/32176
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
Reviewed-by: Stanley Stuart <stanley@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Change-Id: I8a10679218b9a6ff8485b7822a21c704bdfaa398
Reviewed-on: https://gerrit.instructure.com/29213
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
test plan:
- upload images to a course
- retrieve these files via the files api
- a thumbnail_url should be in the response
- confirm that this thing is downloadable
fixes CNVS-5329
Change-Id: I583cba7d08566770223821de554b76f9c767b38f
Reviewed-on: https://gerrit.instructure.com/19612
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
closes CNVS-4248
this gains us EU region support, and no longer using a forked aws-s3 gem
in the process, setting bucket_name via a plugin is no longer supported
test plan:
* should be able to upload new files via various methods
* should be able to download old and new files still
Change-Id: If32fa5f381f5a4ac493948fa32230175a695f51e
Reviewed-on: https://gerrit.instructure.com/18282
QA-Review: Clare Hetherington <clare@instructure.com>
Tested-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
removes the need to fork/exec (and reboot rails) for specs;
also simplifies forcing a specific backend for specs
note that path_prefix in file_store.yml is now respected for
S3 as well (so that parallel spec runs that use the same bucket
don't conflict with each other), with the caveat that 'tmp/files'
is special cased to be backwards compatible for S3, and change
to 'attachments'
test plan:
* specs pass (especially selenium specs involving files)
Change-Id: I9673d454291062c958c2989788d36339ce60dfc4
Reviewed-on: https://gerrit.instructure.com/18292
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Clare Hetherington <clare@instructure.com>
Tested-by: Cody Cutrer <cody@instructure.com>
closes#8943
now that all access tokens have the crypted_token field filled in, we
can drop the unencrypted column.
test plan: both before and after running the migration, you should be
able to use existing access tokens to make api calls, and create new
access tokens.
Change-Id: I83cfb2342ad2302bb7b43aabc528341d1d265920
Reviewed-on: https://gerrit.instructure.com/15601
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Test plan:
* turn off scribd submission filtering
* upload a document to your course files
* make sure the document is previewable in scribd
Change-Id: I3f5cc1b4971d901407a0665edeef9af40b68092b
Reviewed-on: https://gerrit.instructure.com/14044
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Bryan Madsen <bryan@instructure.com>
Rather than submitting all scribdable files to scribd, when this setting
is enabled, only files for assignment submissions are submitted to
scribd.
test plan: Setting.set("filter_scribd_submits", "true")
Then upload a .doc, .pdf or other scribdable file to your course
or user files. Verify the file isn't submitted to scribd, not even a job
is created.
The upload a file as an assignment submission, verify it's still
submitted to scribd and the scribd preview works in the speed grader
(once it's processed)
Change-Id: Ib5378e12b9630b40483d5cb14c80c699762ffd1a
Reviewed-on: https://gerrit.instructure.com/13301
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Cameron Matheson <cameron@instructure.com>
This adds an alternative method for uploading files by giving Canvas a
public URL in the first step, rather than uploading the file data directly.
test plan:
- create a course file via the API upload mechanism
- make sure the return values are as documented
- make sure the file was correctly uploaded
- create a course file via the URL approach
- make sure the return values are as documented
- make sure the file status endpoint returns valid responses
- make sure the file was correctly stored in Canvas
- repeat that process with a file that has at least one redirect
- repeat that process but creating a homework submission file
- try to create a course file with a malformed URL
- confirm that the appropriate error message is returned
- try to create a course file with a relative URL
- confirm that the appropriate error message is returned
- try to create a course file with a URL that doesn't return 200
- confirm that the appropriate error message is returned
Change-Id: I2dcf711347ec4ef26d767ae1c1fa0bb056986651
Reviewed-on: https://gerrit.instructure.com/12143
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
This adds some new fields to the files/folders api:
Folders:
* hidden
* hidden_for_user
* locked
* locked_for_user
Attachments:
* created_at
* updated_at
* locked
* locked_for_user
* lock_at
* unlock_at
* hidden
* hidden_for_user
Test Plan:
* Use the api and observe the fancy new fields
closes#9625
Change-Id: Ib5ca2fe70bc283216c3f643a9e6b82bac9e31f73
Reviewed-on: https://gerrit.instructure.com/12508
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Course/group/users file uploads must be checked
against the context's storage quota before new
files can be added. This commit adds that check
for API uploads. It also adds a note to the API
documentation since this is an additional type of
response developers will need to anticipate.
test plan:
- preflight a file upload in a course that is not over quota
- ensure everything works correctly
- set a small quota for a course
- preflight a file upload in a course that is over quota
- ensure that an appropriate error message is returned
- set a quota of zero for a course
- preflight a file upload for a homework submission
(a case that isn't quota-enforced)
- ensure everything works correctly, even though the
course is at quota
Change-Id: I28cc02d91799b1ff27501c3ff919c54834597d74
Reviewed-on: https://gerrit.instructure.com/12142
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
A complete api for folder and file management
Also updates the alphabetical sorting features to escape
a backslash caused errors when casting a string to a
bytea in postgres
Test Plan:
* CRUD yourself some files
* CRUD yourself some folder
closes#9163
Change-Id: I0b937f9273077b66ab9d6c37171bec1fcc5380dd
Reviewed-on: https://gerrit.instructure.com/12085
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
closes#7775
Allows specifying the folder to upload to as a slash-separated string,
as well.
test plan:
upload to both the current user, and an allowed course, verify the
workflow for s3 and local files. verify you can't upload to course you
don't have permissions to, or another user.
verify that you can specify a folder, and the folder will be created if
it doesn't exist.
Change-Id: Ib9082f047c1c93824fe65decf4789606d82450c6
Reviewed-on: https://gerrit.instructure.com/9603
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Cody Cutrer