also remove some no-op code
test plan:
* create a new ta role
* disable their permission to "manage faculty journal entries"
* add them to a course
* they should not be able to see "faculty journal" buttons
on student profiles and be able to access their journal pages
closes #CNVS-9000
Change-Id: I35b1cef5a458c6dec68209e4aa964a64a51edd65
Reviewed-on: https://gerrit.instructure.com/47818
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
fixes CNVS-7398
test plan
- using canvas mobile app with push notification support, enable
push notifications
- cause a notification to be sent from the canvas web ui
- ensure that the canvas app gets a notification
Change-Id: Idb320520a23ba6c5c2649253da557160be54084a
Reviewed-on: https://gerrit.instructure.com/42892
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
fixes CNVS-17951
test plan:
- go to course settings and enter student view
- open a browser console and type ENV.current_user_roles
- it should include 'student'
Change-Id: I8b4e05089519a9ed2946262c42853cb5c1da03dc
Reviewed-on: https://gerrit.instructure.com/47034
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Sean Lewis <slewis@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
fixes CNVS-8728
test plan:
- DA off
- set up an observer following a student
- set up an observer in course without a student
- create an assignment in this course
- both observers and the student should be
notified of the assignments creation
- remove an enrollment from an observer user
- create another assignment and this user
should not be notified
- DA on
- set up an observer following a student
(we'll call him observer A)
- set up an observer following a student
in a different section (observer B)
- set up an observer in course without a student
(observer C)
- create an assignment in this course for only
the section that observer A's student is in
- observer A and observer C should be notified of
the assignment, observer B should not be
Change-Id: I5ff01cc9a6f19e8c7dca4f806fe48b9d6d8dbe36
Reviewed-on: https://gerrit.instructure.com/45853
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Sean Lewis <slewis@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
test plan:
- users (teachers and students) should be able to rename
themselves only if the "user can edit display name" account
setting is enabled
- teachers should not be able to rename students
(unless they are account administrators)
- account admins should be able to rename students
- teachers (who are not account admins) should still be able
to access student profiles via the API endpoint
/api/v1/users/:user_id/profile
refs CNVS-15410
Change-Id: Ieca773a566ec55da7d28f8a2f647eba99a8ef1ea
Reviewed-on: https://gerrit.instructure.com/46402
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
test plan:
* create a user on one shard
* enroll the user on a course on another shard
* should be able to set that course as a favorite
closes #CNVS-17647
Change-Id: Icb2163b8755243955f8a35d04bacad4e32be0c08
Reviewed-on: https://gerrit.instructure.com/46506
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
closes CNVS-17635
closes gh-97
Test Plan:
- Create a course that is unpublished
- Add a student to the class
- Add the student to a group
- Login as the student
- Go to the courses index page (/courses)
- The group should not be shown
- Publish the course
- The group should now be shown with a link to it
Change-Id: I3588cbd323cd065a33898c91021f475507101dee
Reviewed-on: https://gerrit.instructure.com/46266
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Clay Diffrient <cdiffrient@instructure.com>
fixes CNVS-5256
test plan
- as a teacher, add a user to a group
- wait 15 minutes or clear the "Courses & Groups" cache entry
- as the user, ensure that the new group shows up in the "Courses
& Groups" menu
- as the teacher, remove the user from the group
- wait 15 minutes or clear the "Courses & Groups" cache entry
- as the user, ensure that the new group does not show up in the
"Courses & Groups" menu
Change-Id: I091775f50783e0f9bb99a4adbc3e726a7f78be89
Reviewed-on: https://gerrit.instructure.com/45603
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Derek Hansen <dhansen@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
test plan:
1. consult the files API documentation and note the additions:
A. usage_rights include parameter on 'List files'
B. usage_rights include parameter on 'Get file'
C. 'List licenses' endpoint
D. 'Set usage rights' endpoint (PUT)
E. 'Remove usage rights' endpoint (DELETE)
2. exercise these new API features
closes CNVS-16826
closes CNVS-16841
Change-Id: I6c01128423adc24a5b70f71bb109d5a005379c37
Reviewed-on: https://gerrit.instructure.com/44403
Reviewed-by: James Williams <jamesw@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Anna Koalenz <akoalenz@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
test plan:
* create a custom course-level role for an account
* enroll a user into an active course with the custom role
* as that user, the "Courses" dropdown menu on the navigation header
should read "Enrolled as: [Custom Role]" instead of
the base type for the role
refs #CNVS-5349
Change-Id: Ife07a10852de3d5376a945c9f35d3ef56cb4ca58
Reviewed-on: https://gerrit.instructure.com/44507
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jahnavi Yetukuri <jyetukuri@instructure.com>
Product-Review: Cosme Salazar <cosme@instructure.com>
associations with joins were never really supported by rails
test plan:
* canvas works
Change-Id: I62dd9b38c7340fce96351f1e3ba91acd6440aa66
Reviewed-on: https://gerrit.instructure.com/42856
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-1552
any time the UI/API tries to "delete" a user, it should only be trying
to remove it from some root account (the @domain_root_account if not
otherwise specified). if that root account was the last root account the
user was associated with, then the remnants of the user are fully
deleted, but only then. leave User#destroy as a short-cut to delete the
user from all their accounts at once, but should not be invoked directly
from any UI/API actions.
test-plan:
PERMISSIONS
being able to remove a user from an account entails being able to:
- DELETE http://accounts-domain/users/:user
- DELETE /accounts/:account/users/:user
both should fail or succeed together
* given
- Sally who's an admin with the :manage_user_logins
permission on one account (Account1) and a student on another
account (Account2)
- Bob who's a student on both accounts
- Alice who's an admin on Account1 with greater permissions than
Sally
* Sally should:
- see "Delete My Account" on her Account1 profile
- not see "Delete My Account" on her Account2 profile
- not see "Delete My Account" on Bob's Account1 profile
- not see "Delete My Account" on Alice's Account1 profile
- see "Delete from Account1" at /users/:sally
- see "Delete from Account1" at /users/:bob
- not see "Delete from Account2" at /users/:sally
- not see "Delete from Account2" at /users/:bob
- not see "Delete from Account1" at /users/:alice
- be able to remove herself from Account1
- be able to remove Bob from Account1
- not be able to remove herself from Account2
- not be able to remove Bob from Account2
- not be able to remove Alice from Account1
* given Sally's Account1 pseudonym has a SIS ID but her Account2
pseudonym doesn't, Sally should:
- no longer see "Delete My Account" on her Account1 profile
- no longer see "Delete from Account1" at /users/:sally
- still see "Delete from Account1" at /users/:bob
- no longer be able to remove herself from Account1
- still be able to remove Bob from Account1
EFFECTS
* as Sally, remove Bob from Account1 via
DELETE http://account1-domain/users/:bob
- Bob's pseudonyms, enrollments, etc. in Account1 should be removed
- Bob's pseudonyms, enrollments, etc. in Account2 should be untouched
* repeat using DELETE /accounts/:account1/users/:bob, with the same
expectations
Change-Id: Ib7612f95d1c7e4cca36d8486950565ec096b4ab1
Reviewed-on: https://gerrit.instructure.com/41591
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
refs CNVS-16563
distinct_on returns a relation, and takes select from the relation
(and order becomes automatic)
test plan:
* specs should pass
* dashboard should load, and course menu should have data
Change-Id: I26c6068aaa4aa89c2626cdb8058f3aa9e50ff0fb
Reviewed-on: https://gerrit.instructure.com/43622
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-16196
test plan:
* add a user to a course in account A, and as an admin in account B
* view source when visiting account A, and look for current_user_roles
in the ENV for js.
* it should include student, but not admin
* when visiting B, it should include admin, but not student
Change-Id: Ic69da40dcdd3858840a34c260d75b537b4779c07
Reviewed-on: https://gerrit.instructure.com/42542
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-16481
A user must have permission to update a pseudonym in order to delete it.
In addition, a user cannot delete a system-created pseudonym unless they
can also change its SIS ID.
test-plan:
being able to delete a pseudonym entails being able to DELETE
/users/:user/pseudonyms/:id
* given
- Sally who's an admin with the :manage_user_logins
permission on one account (Account1) and a student on another
account (Account2)
- Bob who's a student on both accounts
- Alice who's an admin on Account1 with greater permissions than
Sally
* Sally should:
- be able to delete her Account1 pseudonym
- be able to delete Bob's Account1 pseudonym
- not be able to delete her Account2 pseudonym
- not be able to delete Bob's Account2 pseudonym
- not be able to delete Alice's Account1 pseudonym
* given pseudonyms have SIS ids are set and Sally doesn't have the
:manage_sis permission on Account1, Sally should:
- no longer be able to delete her Account1 pseudonym
- no longer be able to delete Bob's Account1 pseudonym
Change-Id: Iad54c6ceb5efcbd32ca1ba3fd011ebe0aa699c94
Reviewed-on: https://gerrit.instructure.com/42776
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes CNVS-16480
A user has permission to merge any user for which he can manage at least
one pseudonym (doesn't need permission to manage all pseudonyms). To
merge two users, the acting user must have permission to merge each of
them.
test-plan:
being able to merge two users entails being able to:
- GET /users/:user1/admin_merge?pending_user_id=:user2
- GET /users/:user1/admin_merge?new_user_id=:user2
- POST /users/:user1/merge?new_user_id=:user2
- PUT /api/v1/users/:user1/merge_into/:user2
they should either all succeed or all fail
* given
- Sally who's an admin with the :manage_user_logins
permission on one account (Account1) and a student on another
account (Account2)
- Sally2 who's a student in Account1, admin in Account2
- Bob who's a student on both accounts
- Bob2 who's a student in Account1, admin in Account2
- Alice who's an admin on Account1 with greater permissions than
Sally
* Sally should:
- not see "Merge with Another User" link at /users/:alice
- see "Merge with Another User" link at /users/:sally
- see "Merge with Another User" link at /users/:sally2
- see "Merge with Another User" link at /users/:bob
- see "Merge with Another User" link at /users/:bob2
- not be able to merge herself with Alice
- be able to merge herself with Sally2
- be able to merge Bob with Bob2
* Bob should:
- not see "Merge with Another User" link at /users/:bob
- not be able to merge himself with Bob2
Change-Id: I840077e80fbdb35ea5b9ef6c80d6af8e41e90ce9
Reviewed-on: https://gerrit.instructure.com/42775
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes CNVS-16478
A user can only reset their own MFA if the setting is not required of
them. They can only reset another user's MFA if they have the :update
permission on all of the other user's pseudonyms (even if it's required
for that other user, since it's just a reset, not full out disabling).
test-plan:
being able to reset MFA on a user entails being able to DELETE
/users/:target_user/mfa
* given
- Sally who's an admin with the :manage_user_logins
permission on one account (Account1) and a student on another
account (Account2)
- Bob who's a student on both accounts
- Charlie who's a student in Account1 only
- Alice who's an admin on Account1 with greater permissions than
Sally
* Sally should:
- see the "Reset Multi-Factor Authentication" link at /users/:sally
- see the "Reset Multi-Factor Authentication" link at /users/:charlie
- not see the "Reset Multi-Factor Authentication" link at /users/:bob
- not see the "Reset Multi-Factor Authentication" link at
/users/:alice
- be able to reset her own MFA
- be able to reset Charlie's MFA
- not be able to reset Bob's MFA
- not be able to reset Alice's MFA
* given MFA is required on Account1, Sally should:
- no longer see the "Reset Multi-Factor Authentication" link at
/users/:sally
- still see the "Reset Multi-Factor Authentication" link at
/users/:charlie
- no longer be able to reset her own MFA
- still be able to reset Charlie's MFA
Change-Id: I38afc269c0baa8a72be77714254f088569b22116
Reviewed-on: https://gerrit.instructure.com/42773
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
QA-Review: Jacob Fugal <jacob@instructure.com>
fixes CNVS-15647
test plan:
* ensure that all of the following still work -
* replying to an e-mail notification
* displaying avatars
* changing your avatar
* uploading a file that's exempt from quota checks (i.e.
submitting an assignment)
* grade passback via LTI
* add an object embed to a wiki page
* rotate your encryption key -
* in security.yml, move encryption_key to previous_encryption_keys,
and put something else in encryption_key
* repeat step 1, as much as possible using the original verifier
from that step (i.e. reply to the original e-mail, refresh just
the object embedded in the wiki page)
Change-Id: Id36bbb1711f8b6c6f960cc1e898b75e335bfac81
Reviewed-on: https://gerrit.instructure.com/41368
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
also change not_ended_enrollments to be a multishard association,
since the preloader now respects the shard of the owner
test plan:
* enroll an out-of-shard user in a course
* do GET /api/v1/courses/:course_id/users?include[]=enrollments
* it should include the enrollment for the out-of-shard user
Change-Id: If45f047fd12c15364076cfa7a1d3780e795e996f
Reviewed-on: https://gerrit.instructure.com/43167
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
it shouldn't matter, but protects against server misconfiguration
Change-Id: Ic8da4caa9b99e82fa73c4a6e18b1599998da29cd
Reviewed-on: https://gerrit.instructure.com/43224
Reviewed-by: James Williams <jamesw@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-16198
test plan:
* smoke test home menu isn't busted
Change-Id: I3b410dd7d813efca6c89cb400f4d2aa2ed973b93
Reviewed-on: https://gerrit.instructure.com/42544
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Reviewed-by: Paul Hinze <paulh@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-15925
test plan:
- quick regression test of DA
- focus on assignments/quiz/discussion/modules index pages
Change-Id: I0c6fe67f14e0692d54727839ece993037fc4f6ca
Reviewed-on: https://gerrit.instructure.com/41958
Reviewed-by: Cameron Sutter <csutter@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Sean Lewis <slewis@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
refs CNVS-15736
test plan:
* set the locale for an account, course, and user to something explicit
* remove that locale (see g/41630)
* restart your server, and your language for each of the above should
have reverted back to the default. also, editing the preferred
locale for any of them should show system default again
Change-Id: Ic25290a4374a596610ffa97ad21aecd3a86f1bed
Reviewed-on: https://gerrit.instructure.com/41775
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
- cleans up assignment model
- eliminates unnecessary feature flag checks
- eliminates unnecessary teacher permission checks
- moves duplicated methods from assignment and quiz
to new module
Change-Id: I8d1e8f99bf5c8f6a63bd670b432aeef7e8f0e86b
Reviewed-on: https://gerrit.instructure.com/41654
Reviewed-by: Cameron Sutter <csutter@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Sean Lewis <slewis@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
refs CNVS-15830
test plan:
* view the list of prior enrollments for a course
* it should work
Change-Id: Ifb92a7a5c8f2b2a8382c2d8666038f9c4e7be4a3
Reviewed-on: https://gerrit.instructure.com/41977
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
refs CNVS-15830
test plan:
* download the gradebook, change a grade, and upload it again
* it should work
Change-Id: I0fe245b23aa24152a2a62ad919cf045120ae1c47
Reviewed-on: https://gerrit.instructure.com/41974
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
refs CNVS-15830
test plan:
* the courses menu should not asplode
Change-Id: Ibec8f2496df476767472bf2245edde63909e7b16
Reviewed-on: https://gerrit.instructure.com/41980
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-15716
test plan:
- with DA on
- make a sel_rel'd quiz
- on the quiz show page, click message_students_who
- students without visibility should not show up
- send a message
- make sure only students with visibility get it
- on the show page, click "Show Student Quiz Results"
in the gear menu
- students without visibility should not show up
- with DA off
- repeat the above steps but ensure all students
show up/get the message
Change-Id: I202599a9a0c26430075c2056b553c03a908b0dfd
Reviewed-on: https://gerrit.instructure.com/41545
Reviewed-by: Cameron Sutter <csutter@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
QA-Review: Sean Lewis <slewis@instructure.com>
Product-Review: Mike Nomitch <mnomitch@instructure.com>
fixes CNVS-14094
test plan:
- course with DA as students and teacher
- api show & index
- quizzes index page shows only assigned quizzes
- quizzes show page url redirects to index if
quiz isnt visible to user
- grade calculation
- gradebook/grades page
- calendar events events
- modules filter out quizzes correctly
- observers see same things as their students
- if a student takes a quiz and it is not graded and then
loses visibility, make sure that the GB greys out the cell
rather than showing a submission icon
- same course with DA off works normally
Change-Id: I10b936f1516d6d24f11d74c0bb572051f0b1d1c4
Reviewed-on: https://gerrit.instructure.com/39897
Reviewed-by: Simon Williams <simon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Mike Nomitch <mnomitch@instructure.com>
Reviewed-by: Derek DeVries <ddevries@instructure.com>
Product-Review: Mike Nomitch <mnomitch@instructure.com>
it's a shim of the rails 2 variety, and breaks in rails 4 in the
common case because the options became a scope
Change-Id: I712a8fed35ee0a9747a13c1495f7d51b8dac6823
Reviewed-on: https://gerrit.instructure.com/41716
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
refs CNVS-15830
this is deprecated in rails 3, and raises an error in rails 4
test plan:
* dashboard and course streams should still work
Change-Id: I180ae447ac7f384659d91d6e8382e5a7d5703576
Reviewed-on: https://gerrit.instructure.com/41788
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
it was a useless order anyway, and in rails 4 the order isn't removed
in has_many :through, :uniq, causing sql errors
Change-Id: Ieda66f3ab5a5c75c15fafac2eeb153e305de39e0
Reviewed-on: https://gerrit.instructure.com/41714
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-14101
test plan:
* setup DA
- go to a course home page
* as a student
- 'recent activity' should not show notifications about
assignments/discussions that are not visible to the student
* as a teacher
- 'recent activity' should show notifications for all
assignments/discussions
- make sure it works normally with DA off
Change-Id: I7d4cad8fd6e6cc5ed4dc48ed139182bcc59652eb
Reviewed-on: https://gerrit.instructure.com/40722
Reviewed-by: Liz Abinante <labinante@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
this optimizes the query to use a union and
reduces speed from ~5s to ~0.2s
fixes CNVS-15212
test plan
- go to /accounts/self
- search for a user
- it should work and be faster
Change-Id: I46fd32c4850c7e56e7ccf24eade6b63a1b2ba8ad
Reviewed-on: https://gerrit.instructure.com/40825
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
test plan:
- create a tool with ContentItemSelectionResponse
- it should send the parameter 'tool_consumer_instance_contact_email'
- it should substitute the parameter $Canvas.user.prefersHighContrast
fixes PLAT-622
Change-Id: If55d0a1b488f82a90c8aa620fd037f7e7c7b0272
Reviewed-on: https://gerrit.instructure.com/40703
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
test plan:
* add various communication methods to your user
* navigate to any page other than your user's settings
* using the console, increase the bounce count of all channels:
User.find(id).communication_channels.unretired.each do |cc|
cc.bounce_count = 100
cc.save
end
* refresh the page
- a notification should show at the top of the page, indicating a
potential problem on your settings page
- navigating anywhere other than the settings page will cause the
notification to persist
* navigate to the settings page
- the notification should disappear
- your communication channels should all indicate a problem with
delivering messages to you
* removing and re-adding the channels should remove all indicators
* navigate to any page other than your user's settings
* using the console, increase the bounce count of one channel:
cc = User.find(id).communication_channels.unretired.first
cc.bounce_count = 100
cc.save
* refresh the page
- once again, the notification should show at the top of the page
fixes CNVS-15255
Change-Id: If45664c1b33d75fbfe8aa3480dfebd8872c6b064
Reviewed-on: https://gerrit.instructure.com/40534
Reviewed-by: Joel Hough <joel@instructure.com>
QA-Review: Trevor deHaan <tdehaan@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Janelle Seegmiller <jseegmiller@instructure.com>
fixes CNVS-14375
Previously grading counts were only available
aggregated as a count for the assignment. This
lets you consume them split out by section
rather than.
needs_grading_count_by_section is the flag
to send. This also splits out the needs_grading
query off into it's own object to reduce the
cognitive load of working in the assignment model.
TEST PLAN:
- setup a course with multiple sections and
assignments that need grading for students in
each
- hit the assignments API index with the
"needs_grading_count_by_section" parameter set
to true
- the JSON response should include a
"needs_grading_count_by_section" key for
each assignment and it should have a hash
of section ids and counts
Change-Id: I290a080b5f657996423798cacfb37660f5ed427c
Reviewed-on: https://gerrit.instructure.com/39627
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Mike Nomitch <mnomitch@instructure.com>
Reviewed-by: Cameron Matheson <cameron@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
This email only went to site admins, and isn't useful.
This commit stops new notifications being created, a subsequent commit
will remove the no longer used code and data.
refs CNVS-15219
Change-Id: Ibd8c88c7310cf3dcfb06cf0c782f2b3cf571d843
Reviewed-on: https://gerrit.instructure.com/40375
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Brian Palmer <brianp@instructure.com>
fixes CNVS-15059
test plan:
- enroll a designer in a course.
- create two assignments, but only publish one.
- masquerade as the designer
- navigate to the assignments index page
- both assignments should be showing
Change-Id: I361bc3bda4bd85539f25e94b188506c8d4ca0f54
Reviewed-on: https://gerrit.instructure.com/40125
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Matt Berns <mberns@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
(previously, canvas only did this for users with SIS IDs and
managed authentication. I do not see how the managed auth part
is relevant.)
test plan:
- The Edit Settings page at /profile/settings should show the
"Delete My Account" link only if
* the user is an account or site administrator, or
* the user has no SIS ID
- the "Really delete" page (users/1/delete) should redirect
back to the profile page with an error message for non-admins
with SIS IDs
- the Users API should return a 401 (Unauthorized) error if
non-admins with SIS IDs try to delete themselves
fixes CNVS-14804
Change-Id: I93a003235204b0fbde226c76aaf8677f3a417f9d
Reviewed-on: https://gerrit.instructure.com/39789
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
many consumers of this function proceed to load the course for
each enrollment (note that #active? etc. load the course, to get
term dates). this causes an N+1 query each time. add an option
to preload courses for the returned enrollments, and use it
where it makes sense.
test plan:
- have a user with many active enrollments
- load the dashboard for the user (/)
- consult the system log and ensure this isn't sequentially
queried for every course the user is enrolled in:
SELECT "courses".* FROM "courses" WHERE "courses"."id" IN (x)
fixes CNVS-14880
Change-Id: Ie7be8f402b49516aa7bc667f9cf8b7598d2abfc7
Reviewed-on: https://gerrit.instructure.com/40070
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
test plan:
* enable self-enrollment on the root account
* enable self-enrollment on a course
* disable self-enrollment on the root account
* self-enrollment should not work on the course
closes #CNVS-9109
Change-Id: Ic186497ae11376c00872200460d9850e4dfecc38
Reviewed-on: https://gerrit.instructure.com/39684
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
fixes CNVS-14100
fixes CNVS-14099
refs CNVS-14443
test plan:
- set up differentiated assignments
- as the teacher, all assignment events as visible as
usual on calendar and syllabus
- as a student, assignments without visibility and assignments
with visibility but no applicable override (aka - the student
only can see the assignment because of a grade) dont show up
on the calendar or syllabus
- also, their json doesnt come in at all when the calendar
calls the the CalendarEvent API (ping me if you want to
know how to check thos)
- assignments_needing_submitting works as expected
Change-Id: I62c0b77d562808636a9a5a146eae16e25a55ffe8
Reviewed-on: https://gerrit.instructure.com/38172
Reviewed-by: Mike Nomitch <mnomitch@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
fixes CNVS-1455
test plan:
- create a graded discussion that requires peer review
- the discussion should have a peer review icon in listings
- assign peer reviews to students
- the students should have a peer review link in their
activity stream
Change-Id: I416c876c9e21b5ce2a72c46fceb7a33bdfd3f96e
Reviewed-on: https://gerrit.instructure.com/36459
Reviewed-by: Joel Hough <joel@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: David Josse <david@instructure.com>
Closes CNVS-11854
Test Plan:
1) Restart your server after checking out this code (there is new feature flag)
2) As a user, visit /profile/settings and see that there is no option
for disabling the inbox
3) As an instructure employee viewing settings for the root account,
turn "on" the inbox opt out feature flag. If the button says "allow"
instead of "on", you are in the wrong place and want to be on the
account's settings, not the site admin settings.
4) As a user, visit your settings again: /profile/settings
5) See that you can now disable the inbox.
6) Do so.
7) Check the that conversations notification settings no longer appear
at /profile/communication
8) Check that when you have new conversation messages, the unread
messages badging doesn't display on the inbox link in the main nav
9) Visit your settings a 3rd time, and un-disable the inbox
10) check that the inverse of 7 & 8 are now true
Change-Id: I061e2d3ab9052a7809fb43f80d8e2e92d99316ee
Reviewed-on: https://gerrit.instructure.com/38313
Reviewed-by: Joel Hough <joel@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Matthew Wheeler <mwheeler@instructure.com>
QA-Review: David Josse <david@instructure.com>
test plan:
1. use the content exports api with export_type=zip
to export files from courses, groups, and users
a. confirm only users who have permission to
download files from these contexts can perform
the export
b. confirm that deleted files and folders do not show
up in the downloaded archive
c. confirm that students cannot download locked files
or folders from courses this way
d. check the progress endpoint and make sure
it increments sanely
2. perform selective content exports by passing an array
of ids in select[folders] and/or select[attachments].
for example,
?select[folders][]=123&select[folders][]=456
?select[attachments][]=345
etc.
a. any selected files, plus the full contents of any
selected folders (that the caller has permission
to see) should be included
- that means locked files and subfolders should
be excluded from the archive
b. if all selected files and folders are descendants
of the same subfolder X, the export should be named
"X_export.zip" and all paths inside the zip should be
relative to it. for example, if you are exporting A/B/1
and A/C/2, you should get "A_export.zip" containing
files "B/1" and "C/2".
3. use the index and show endpoints to list and view
content exports in courses, groups, and users
a. confirm students cannot view non-zip course exports
(such as common cartridge exports)
b. confirm students cannot view other users' file (zip)
exports, in course, group, and user context
c. confirm teachers cannot view other users' file (zip)
exports, in course, group, and user context
(but can still view course [cc] exports initiated by
other teachers)
4. look at /courses/X/content_exports (web, not API)
a. confirm teachers see file exports they performed
b. confirm teachers do not see file exports performed by
other teachers
c. confirm teachers see all non-zip course exports
(cc/qti) including those initiated by other teachers
5. as a site admin user, perform a zip export of another
user's files. then, as that other user, go to
/dashboard/data_exports and confirm that the export
performed by the site admin user is not shown.
fixes CNVS-12706
Change-Id: Ie9b58e44ac8006a9c9171b3ed23454bf135385b0
Reviewed-on: https://gerrit.instructure.com/34341
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Trevor deHaan <tdehaan@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Jon Willesen <jonw@instructure.com>
course_ids were being looked up on the currently active shard and then used on
the user shard
fixes CNVS-14449
test plan:
- create a teacher and two shards, each with a course
- enroll the teacher in both courses (so they are now a cross-shard user)
- in each course, create a student and have them submit an assignment
- load the dashboard on each shard
- both shards To Do lists should be the same -- they should both list
2 assignments (one from each shard/course) as needing grading
Change-Id: Id34541f7d7144fa0ffb8b221a95aa9369118f50a
Reviewed-on: https://gerrit.instructure.com/38372
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
test plan:
* as a student, visit /dashboard/data_exports
* should be able to export a zip file containing
all of the student's submissions
refs #CNVS-14242
Change-Id: Iaab216e7411c27fa6d259f677e40a75d3de3f5a8
Reviewed-on: https://gerrit.instructure.com/36872
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Trevor deHaan <tdehaan@instructure.com>
Product-Review: Hilary Scharton <hilary@instructure.com>
fixes CNVS-14443
This reverts commit 57427343e3.
Change-Id: Ic70da7d96965d368773c2e16c2b49c59f57e5c18
Reviewed-on: https://gerrit.instructure.com/38314
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
fixes CNVS-14137
test plan:
- In one course with DA off
- make sure that the To Turn In
section shows an assignment that is
due in 1 day and not turned in
- In one course with DA on
- make sure that a similar assignment
that a student cannot see due to
differentiated assignments doesnt
show up in that column
- NOTE: don't use the same course/user
because there is a cache that only updates
every 15 minutes
Change-Id: I6cc93b01ba41335ae0c7f6f8682b8798e0604c3e
Reviewed-on: https://gerrit.instructure.com/37020
Reviewed-by: Liz Abinante <labinante@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Mike Nomitch <mnomitch@instructure.com>
fixes CNVS-13839
test plan
- create an account
- create an admin
- delete the account
- the admin role should not show in the drop down
Change-Id: I12c3f6cc615deb0646d3b4f2af60bb191f070edc
Reviewed-on: https://gerrit.instructure.com/37076
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CNVS-13649
test plan:
- go to a few pages and make sure no errors occur
- GB2
- assignment index
- student grades page
- do same with and without DA on
Change-Id: I72f303cf54c36420a57dfbd23635f319f9827bd0
Reviewed-on: https://gerrit.instructure.com/36675
Reviewed-by: Cameron Sutter <csutter@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
test plan:
* create a course
* add two teachers (I'll refer to them as
"New Teacher" and "Old Teacher")
* also enroll a student
* create an assignment requiring submissions
* as the student, make a submission
* now, as the "New Teacher", comment on the submission
* remove the "Old Teacher" from the course as a teacher,
and instead add them again as a student
* confirm that the "Old Teacher"'s recent feedback does not
show the feedback for the other student
fixes #CNVS-13215
Change-Id: Ie03c9036b65c0de93c869818ebc60b059e9a4260
Reviewed-on: https://gerrit.instructure.com/37465
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
refs CNVS-13987
what was called CanvasUuid was *not* generating UUIDs. it was generating
slugs. by default, its generate method only creates 4 character slugs.
these should obviously not be used as UUIDs. the misnomer already caused
a bug in EventStream where it used these slugs as UUIDs, causing
collisions. to fix:
(1) rename canvas_uuid gem to canvas_slug, and rename it's primary
class CanvasUuid to CanvasSlug
(2) create new canvas_uuid gem, with class CanvasUUID, extracted from
lib/uuid_singleton for actual UUID generation
(3) fix event stream use CanvasUUID, rather than following the rename
of CanvasUuid to CanvasSlug
test-plan:
- have cassandra set up for audit logs
- create an audit log entry (e.g. change a grade)
- look at the generated audit log entry's id field; it should be a UUID
value, not a 4 character slug
Change-Id: I19758fff4433cd6cb2e21219217dced19ee05c5a
Reviewed-on: https://gerrit.instructure.com/37506
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Brian Palmer <brianp@instructure.com>
fixes CNVS-13351
test plan:
* created an admin role that has permission to create other admins,
but that's it
* as an admin in that role, it should only show that role as one
to choose for new admins
* you should only be able to delete admins in that role
* verify both of the above are enforced via the API
Change-Id: I11459567ab184d787ee02af55280e0f4f76d47e8
Reviewed-on: https://gerrit.instructure.com/35672
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
test plan:
* open Canvas as a user with unread conversations
* POST to /api/v1/conversations/mark_all_as_read
* refresh the page
* verify that your unread conversations badge is gone
* verify that receiving new conversations also
immediately updates the badge
Change-Id: Ib0b629ba84a59af102810a415d5955f7a2f4e46a
Reviewed-on: https://gerrit.instructure.com/36698
Product-Review: Braden Anderson <braden@instructure.com>
Reviewed-by: Joel Hough <joel@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
fixes: CNVS-3669
Changes the given blocks to look for the sought right in the
current courses first and if its not found look through the
concluded courses. The current courses should catch the majority
of calls and fall back to the concluded courses if required.
* Note: This will not check in other course states then completed and
current.
Test Plan:
- Create a course with a student and admin/teacher.
- Enable user notes for the course.
- Check to make sure the teacher can read the students user notes.
- Make sure the user notes button on the students profile is visible.
- Conclude the course.
- Ensure the teacher can still read the students user notes and the
button is still visible.
- As an admin do the same as above but for manage user notes.
- Make sure the teacher/admin can run reports on the student for a
concluded and current course.
Change-Id: I5eade42253c24c6ecad5e1d654695662ebb3afde
Reviewed-on: https://gerrit.instructure.com/36770
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nick Cloward <ncloward@instructure.com>
mostly has_many_through associations, where we are
already covered because we export the through
association as well
Change-Id: I95deb0f3c55059a480f1d77aa70ad32701267f91
Reviewed-on: https://gerrit.instructure.com/36335
Reviewed-by: Braden Anderson <braden@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Anthus Williams <awilliams@instructure.com>
QA-Review: Anthus Williams <awilliams@instructure.com>
fixes CNVS-13293
test plan:
- regression on gb2 and srgb
to make sure they both still work properly
Change-Id: I4ec554589b6a77a113d2faf46e7b530faa2d535f
Reviewed-on: https://gerrit.instructure.com/35501
Product-Review: Dana Danger <dana@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
fixes: PS-1538
**test plan
configure and launch lti tool, upon lti tool launch the
lti_context_id for user should be set, and if course launch
the lti_context_id on course object, if account launch, then
lti_context_id on account. Once these are set, api calls to the
corresponding object can be made using the syntax lti_context_id:id
Change-Id: Icdf02e4f99691be417c024adb2a2751ba2aa9335
Reviewed-on: https://gerrit.instructure.com/35380
Reviewed-by: Brad Humphrey <brad@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Adam Phillipps <adam@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
test plan:
* configure MFA for a user
* log in to canvas, and remember me on the MFA verification page
* log out and log back in; you should not need to enter your MFA
* log out, and switch internet connections to a different public
IP (using tethering would be great for this)
* log in, and you should have to enter your MFA
* log out and log back in; you should not need to enter your MFA
* log out and switch back to your original internet connection
* log in, and you should not have to enter your MFA
Change-Id: Id682ecdabcae8c520ff43f6c90387f78382f5755
Reviewed-on: https://gerrit.instructure.com/25889
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes CAT-147
add support for a user_id param when querying course/section enrollments
ensure course and enrollment endpoints allow users to see their own
*active* enrollments in unpublished course (i.e. self-enrollments), even
if they are not admins.
slightly tighten up User#current_and_future_enrollments (only return non-
admin enrollments in unpublished courses if they are active). this method
is only used currently around self-enrollment functionality, and that sets
the enrollment state to :active, so there should be no changes in
functionality
test plan:
1. set up self-enrollment in an unpublished course
2. self-enroll as a student (via link from course settings page)
3. it should work (though you can't get into the course yet)
4. as the student, hit /api/v1/courses
1. with no params, you shouldn't see the course
2. with state[]=unpublished you should see the course
5. as the student, hit /api/v1/courses/:id/enrollments?user_id=self&state[]=current_and_future
1. you should get back your enrollment
6. as a teacher, publish the course
7. as the student, hit /api/v1/courses
1. you should get back the course
8. as the student, hit /api/v1/courses/:id/enrollments?user_id=self
1. you should get back your enrollment
Change-Id: I75a4f77b0298729088c7f8e3dbc46d551f36f241
Reviewed-on: https://gerrit.instructure.com/35085
Reviewed-by: Jeff Belser <jbelser@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Marc LeGendre <marc@instructure.com>
QA-Review: Marc LeGendre <marc@instructure.com>
they're not relevant to *a* User, and they're needed by things other than
User.reflections.
test plan:
n/a, just refactoring to a (hopefully) better spot. existing and new specs
should cover all of this
Change-Id: I66ab5314582113ac549af5662bcf08a8ca5df580
Reviewed-on: https://gerrit.instructure.com/35082
Reviewed-by: Dave Donahue <ddonahue@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Marc LeGendre <marc@instructure.com>
QA-Review: Marc LeGendre <marc@instructure.com>
fixes CNVS-12474, CNVS-12477, CNVS-12478
this commit fleshes out the API endpoints for polling sessions and
submissions, and solidifies the other polling endpoints.
Test plan
- Full tests on the following endpoints:
- Polls are the basic data model of the polling app. They can take a
question attribute and a description attribute. They are only
creatable and modifiable by teachers.
- GET /api/v1/polls (index action)
- POST /api/v1/polls (create action)
- GET /api/v1/polls/:id (show action)
- PUT /api/v1/polls/:id (update action)
- DELETE /api/v1/polls/:id (destroy action)
- Poll choices belong to polls. They consist of the particular answers
a submitter can choose when participating in a poll session. They
have attributes of text (the answer text), their associated poll,
and an 'is_correct' boolean attribute. The 'is_correct' attribute
show not be accessible by students. Poll choices are only creatable
and modifiable by the creator of the poll.
- GET /api/v1/polls/:poll_id/poll_choices (index action)
- POST /api/v1/polls/:poll_id/poll_choices (create action)
- GET /api/v1/polls/:poll_id/poll_choices/:id (show action)
- PUT /api/v1/polls/:poll_id/poll_choices/:id (update action)
- DELETE /api/v1/polls/:poll_id/poll_choices/:id (destroy action)
- Poll sessions are for publishing a poll so that it can accept
submissions. They should only be createable / modifiable by
teachers. Only students that are enrolled in the associated course
of the poll session should be allowed to view them.
The show action of a poll session acts differently for a teacher.
They are able to see the results of the voting that has taken place
by students since the session was published.
- GET /api/v1/polls/:poll_id/poll_sessions (index action)
- POST /api/v1/polls/:poll_id/poll_sessions (create action)
- GET /api/v1/polls/:poll_id/poll_sessions/:id (show action)
- PUT /api/v1/polls/:poll_id/poll_sessions/:id (update action)
- DELETE /api/v1/polls/:poll_id/poll_sessions/:id (destroy action)
- GET /api/v1/polls/:poll_id/poll_sessions/:id/publish (publish action)
- GET /api/v1/polls/:poll_id/poll_sessions/:id/close (close action)
- Poll submissions are for submitting an answer for a particular poll
session. A student should only be allowed to submit a poll choice
for a session they're able to view, and they can only submit one
poll choice per poll session.
- GET /api/v1/polls/:poll_id/poll_sessions/:poll_session_id/poll_submissions/:id (show action)
- POST /api/v1/polls/:poll_id/poll_sessions/:poll_session_id/poll_submissions (create action)
Change-Id: Ifcfd72ec30597e37fc54c687fb7d61a644d7348c
Reviewed-on: https://gerrit.instructure.com/34605
Reviewed-by: Derek DeVries <ddevries@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Josh Simpson <jsimpson@instructure.com>
fixes CNVS-12330, CNVS-9234, CNVS-8099
before you check out
- configure a user to use old conversations
test plan
- ensure that everyone get new conversations, always, even if
they explicitly told us that they really like old conversations
better
- as a student with an existing conversation with a teacher,
make an assignment submission and a submission comment
- as the teacher, ensure that your unread message count did not
increase because of the submission comment
Change-Id: If5ae7143abbc5cf5e035f5ed9ea2e5728f70cd45
Reviewed-on: https://gerrit.instructure.com/34343
Reviewed-by: Braden Anderson <banderson@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
fixes CNVS-11814
and be sure to identify the account somehow
test plan:
* set up a trust between account A to account B
* add a user to account B with an SIS pseudonym
* enroll the user in a course in account A
* course gradebook csv and quiz statistics csv should show the
pseudonym from account B, and account B's domain
* an API call to list students in the course shoud show the
pseudonym from account B, and account B's domain
Change-Id: Id656d06b8119bdcb31cc3e567d49cd6ce7c8428f
Reviewed-on: https://gerrit.instructure.com/31812
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
instead of passing an :exportable option to
ActiveRecord::Associations, simply define a constant
on the class containing exportable associations and
attributes. This is due to :exportable breaking
ActiveRecord, and we can't simply monkey-patch in
config/initializers because models are included in
migrations before the initializers are run
Change-Id: I11f1a6b4570c397d8e01010c517bc6efdac7afca
Reviewed-on: https://gerrit.instructure.com/33235
Reviewed-by: Braden Anderson <banderson@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Anthus Williams <awilliams@instructure.com>
QA-Review: Anthus Williams <awilliams@instructure.com>
test plan:
* regress module progression workflow for students
- student progress should always be up-to-date
fixes CNVS-11818
Change-Id: Ib6b4ccf7b93bc490726fe2bf75333d75f1572ee0
Reviewed-on: https://gerrit.instructure.com/31575
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Nathan Rogowski <nathan@instructure.com>
test plan:
- use the List Migration Systems endpoint on
a group and a user, and confirm only the
zip_file_importer is returned
- use the Content Migrations API to import a zip file
into folders belonging to Users and Groups
- try both the POST and the URL workflows
- ensure migration types other than zip_file_importer
are rejected in User and Group context
fixes CNVS-11218
Change-Id: I4b407ce76f0b5df60cc9f99795a6d9d3ddf81ae2
Reviewed-on: https://gerrit.instructure.com/33723
QA-Review: Clare Strong <clare@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
fixes CNVS-11966
test plan:
- with srgb feature flag enabled
- cant get to gb1
- /gradebook takes you to your preference
- switching saves the preference
- student behavior is normal
- with srgb feature flag disabled
- cant get to srgb
- /gradebook goes to gb1
- /gradebook2 goes to gb2
- student behavior is normal
- make sure all links to the GBs work
- student grade summary should work as usual
- with both FF settings, as a teacher checking a
single student's grade should work as usual
- courses with 'large rosters' get GB2 not GB1
Change-Id: I2a488fdfb5b3667c1d6cd21dc250ef3c50df101c
Reviewed-on: https://gerrit.instructure.com/33178
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Anna Koalenz <akoalenz@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
fixes CNVS-1485
test plan:
* verify that stream items show up on the dashboard
* create a term with an end date in the past
* assign a course to that term
* verify that items from that course are no longer on the dashboard
Change-Id: I9851997c9672f73335f54bdba78bdb71ee24d029
Reviewed-on: https://gerrit.instructure.com/33264
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joel Hough <joel@instructure.com>
QA-Review: Trevor deHaan <tdehaan@instructure.com>
Product-Review: Braden Anderson <banderson@instructure.com>
fixes: CNVS-11426
a few months ago we started trying to enable users to turn
on some "high contrast" css changes. The way we did that was
with a override css file that would go and override existing
style rules to set them to new values. the main difference
here is that it is done at the *source of where the variable
is declared* instead of *after the fact, overriding what was there*
this will make things a lot easier to maintain. for example, see
the part where instead of having a huge selector to override a bunch
of things that look like links to be darker, we just go and set the
$linkColor sass variable to be a little bit darker.
test plan:
* before you check out this code, go to /settings and turn on the
'high_contrast' user theme.
* run the db migration in this commit
* now go to /settings and make sure that the 'high contrast' feature
is enabled.
* verify that with that feature enabled, when you go to /styleguide
you should see higher contrast buttons, link text, and backgrounds
* it wont be exactly the same as when you had the 'high contrast' theme
enabled because some of the high contrast things weren't super important
(specifically, the darker grey borders on some elements). but the most
important changes, making the contrast between text and the background
around it, should be there.
this essentially reverts:
"adds high-contrast theme user preference"
b232dcf448.
this also makes jmadsen's change to make the green
alert bar a little darker (to comply with contrast)
in g/31881 apply across the board to all of our
green things so they are all compliant. (in addition,
now if they have high contrast enabled, it will be
even darker green)
Change-Id: Iee7d81bb5160e86f1900dbf4a249364b1ddfa7f1
Reviewed-on: https://gerrit.instructure.com/32863
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Florence <ryanf@instructure.com>
QA-Review: Nathan Rogowski <nathan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
fixes CNVS-11426
The UI/UX team *really* wants to start doing some major style changes
to the canvas interface. Because it is a very visual change and especially
because we've let people hack the crap out of canvas styles with
their own css override file, any changes we do need to be behind a
feature flag so an institution can opt-in when they are ready.
This commit does some trickery so we actually create 4 different versions
of every stylesheet. one for each variant in:
legacy_normal_contrast legacy_high_contrast
new_styles_normal_contrast new_styles_high_contrast
and then sets the $use_new_styles and $use_high_contrast sass variables
accordingly in each.
now, in any sass file, you can do things like:
@if $use_new_styles {
background-color: red;
} @else {
background-color: blue;
}
@if not $use_high_contrast{
font-size: 12px;
}
test plan:
* in a production (minified assets) environment, ensure you see:
<link href="/assets/common_legacy_normal_contrast.css... in the <head> of the page
* go to the account settings page for the domain_root_account you are on
* turn on the "Use New Styles" feature
* now verify that <link href="/assets/common_new_styles_normal_contrast.css...
is in the <head>. There should not be any visible differences because we do
not have any styles that target specifically $use_new_styles yet.
* now, go to /settings and turn on the user feature for "Use High Contrast Styles"
* verify that <link href="/assets/common_new_styles_high_contrast.css..
is in the <head>
* again, turning that on will not actually change the way anything looks,
the next commit (g/32863) will take care of that
Change-Id: I45ba4ddfe780c5c819fb995b61ebfc0a5325d418
Reviewed-on: https://gerrit.instructure.com/31881
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
fixes: CNVS-11645
Test Plan:
Test the groups api endpoint at
api/v1/users/self/groups?context_type=Account
Make sure its not broken.
Change-Id: I2a17672f0e81530aa8623c5ed16b9cb0bb6b3ce5
Reviewed-on: https://gerrit.instructure.com/31417
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
in order to enroll a user in a course via the API, the user
being enrolled must have an active pseudonym that works
with the course's root account.
test plan:
- an account administrator or site administrator should
receive a user-not-found (status 404) error when trying
to use the API to enroll a user in a course where the user
does not have a login in the course's root account (i.e.,
the user "belongs to a different institution"),
AND the course's root account is _not_ the default account
(since the default account trusts everybody; this allows
anyone to enroll in FFT courses)
- you should be able to create an Observer via the course's
people page and link that observer to students in the course
before creating a login for the observer.
fixes CNVS-12020
Change-Id: Ib058d9b78830347e6fadfdc86bf4325aa557c325
Reviewed-on: https://gerrit.instructure.com/32374
Reviewed-by: Brian Palmer <brianp@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Matt Fairbourn <mfairbourn@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
fixes: CNVS-11890
Test Plan:
Canvas Should not be broken, test requests that use the SortLast and SortFirst
class. One is account settings. Make sure its sorted correctly. Another is
submissions_controller show method and make sure the visible rubric assesments
are sorted correctly.
Change-Id: I75a61475a928e069d6566fcc51305a6c442ec5a0
Reviewed-on: https://gerrit.instructure.com/32014
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
fixes: CNVS-11546
Adds a user relation to sis batches so we can relate a sis batch job back to the
user who initiated it.
Test Plan:
- Initiate SIS Imports.
- The associated sis batch records user_id column should have the correct value.
* SIS Imports should not be broken.
Change-Id: Ic5d0807af4d945a150a0268776e51c6db96b29c6
Reviewed-on: https://gerrit.instructure.com/31172
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nick Cloward <ncloward@instructure.com>
fixes CNVS-11269
test plan
- start conversations and send messages from new and old
conversations between users who share no contexts, one context,
two context, and >2 contexts
- ensure that the notification emails include shared courses next
to the author's name
- ensure that messages sent from new conversations only include
the selected context next to the author name
Change-Id: Ibc05752100dfb4b139c8dce64cfe1985987c6467
Reviewed-on: https://gerrit.instructure.com/30778
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jon Willesen <jonw@instructure.com>
QA-Review: Trevor deHaan <tdehaan@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
test plan:
* simple regression on student module progression
closes CNVS-11483
Change-Id: I58cfd4f71d8fb2fe597f9f0d72523e07cc04de75
Reviewed-on: https://gerrit.instructure.com/30906
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Matt Fairbourn <mfairbourn@instructure.com>
fixes CNVS-10403
test plan:
- turn on srgb in course settings
- in gb2, click the 'switch gradebooks' link
- navigate to courses/:id/grades
- it should load srgb
- click the 'switch gradebooks' link
- navigate to courses/:id/grades
- it should load gb2
Change-Id: I8c41b9763be44c2c968d818ac4d8a909476361a7
Reviewed-on: https://gerrit.instructure.com/29841
Reviewed-by: Mike Nomitch <mnomitch@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Liz Abinante <labinante@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
Product-Review: Cameron Sutter <csutter@instructure.com>
Change-Id: Ia99e45a824476f1170a632c48dd950d177634f01
Reviewed-on: https://gerrit.instructure.com/30897
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Change-Id: Ic226e61e900532cc3acf08444b316b6e2bb6b368
Reviewed-on: https://gerrit.instructure.com/30049
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
active record::associations accepts an :include
parameter which automatically retrieves specified
associations of the associated model.
In rails 2, AR checks through the where clause and
joins the table if it is referenced in the where
clause. In rails 3, this parameter is ignored when
specifying a condition on the association (and also
when you call pluck, incidentally), resulting in
database errors when you e.g.
has_many enrollments, include: [:course], :conditions
=> "courses.some_property = 'some value'"
this commit adds support for using an inner join with
these associations (it is not enough to simply define
a method on the model to retrieve the association with
the given conditions, because the associations in
question are referenced in a few has_many_through
associations later)
note this does not add similar support for inner joins on
associations in rails2, so we are still using the
:include option. This is a bit of an antipattern
as it can result in something of an N+1 queries
problem. This commit doesn't address that; it simply
makes the rails 3 postgres adapter less upset with us.
Change-Id: I5beefd689c734d372ed5627fef4bbb450883837d
Reviewed-on: https://gerrit.instructure.com/30185
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Anthus Williams <awilliams@instructure.com>
QA-Review: Anthus Williams <awilliams@instructure.com>
This commit namespaces the rest of quiz related code into a Quizzes
namespace: controllers, views, models, and classes that previously lived
under lib/ that are Quiz-related.
Test plan:
Full regression test on all quiz related items
refs CNVS-10457
Change-Id: If54b61213945056539e03271a936d233abb66188
Reviewed-on: https://gerrit.instructure.com/29351
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Myller de Araujo <myller@instructure.com>
Reviewed-by: Jason Madsen <jmadsen@instructure.com>
Product-Review: Josh Simpson <jsimpson@instructure.com>
Cody Cutrer