Fixes: PLAT-1851
Test Plan:
- Verify that your app center access token
has at least some apps blacklisted
- obtain the app center id for on of the
blacklisted applications (i.e. gamelab
if eduappcenter.com/api/v1/lti_apps/gamelab
was on the blacklist).
- Install an app from the app center but
intercept the request made to
"course/course_id/create_tool_with_verification"
and change the 'app_center_api' value to
the blacklisted id (Or just mimic the POST with
curl, Postman, etc.).
- Verify that installation fails
- Verify that installing a non-blacklisted app
succeeds.
Change-Id: I306a76927eb4677530de11db1ae6681b8f1c117b
Reviewed-on: https://gerrit.instructure.com/92144
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
- change assignment model to full assignment json
- change select_mastery_path to return context module items in
addition to assignments
closes CYOE-329
Test plan:
1. Create a CYOE rule that includes an OR condition. Include
the trigger assignment and some of the follow on assignments
in a module
2. Grade a student so that they fall in the OR range
3. As the student, hit the modules API to determine
which assignment sets are relevant:
/api/v1/courses/:course_id/modules/:module_id/items?includes[]=mastery_paths
Look for the conditional release rules of the trigger assignment
4. Verify that the follow on assignments listed show their
submission_types attribute as an array
5. Select a mastery path as the student
/api/v1/courses/:course_id/modules/:module_id/items/:trigger_item_id/select_mastery_path?assignment_set_id=:assignment_set_id
6. Verify that the response includes:
- a meta tag specifying that the primary content is the assignments
- an assignments tag listing all assignments in the assignment set
(including those w/o modules)
- an items tag listing all context module items related to those
assignments
7. Verify that the UI version of the above (visiting context modules
page with a "select assignment set" block showing, select the
assignment set from the choice page) works as expected
Change-Id: Iab652af64fa02a76e896bfc0a21f882ad51319ab
Reviewed-on: https://gerrit.instructure.com/91457
Tested-by: Jenkins
Reviewed-by: Christian Prescott <cprescott@instructure.com>
QA-Review: Jahnavi Yetukuri <jyetukuri@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
fixes CNVS-32276
* use a single query to check too many versions threshold
* avoid instantiating AR objects for each of the quiz submission
versions
* avoid cloning the same quiz over and over again when we only
need 1 field
Change-Id: I921e0bc7a2153a6eb7627a88bb8519beefeaa87e
Reviewed-on: https://gerrit.instructure.com/92123
Tested-by: Jenkins
Reviewed-by: Simon Williams <simon@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
test plan:
* create a numerical quiz question using the
"answer with precision" answer type
* copy the course
* the new question should be copied correctly
closes #CNVS-32279
Change-Id: I5e2298f5318d8467d593d1c19d0db748e7092614
Reviewed-on: https://gerrit.instructure.com/91732
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Refs PFS-5573
Test plan:
- in a course with a student submission, change the grade of
said submission
- verify submission_updated live events payload contains correct
graded_at timestamp
Change-Id: I4f9a6f67ea3656edd8f62cbb78367118e38a0d90
Reviewed-on: https://gerrit.instructure.com/91942
Tested-by: Jenkins
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Ben Young <byoung@instructure.com>
Assignments which have been assigned for at least one student in
a closed grading period must:
* prevent changes to course group weighting setting
* prevent changes to assignment group weights
* prevent changes to assignment drop rules
These restrictions must not apply to admins.
closes CNVS-30909
closes CNVS-30912
test plan:
A. create or select:
a. an account
b. an enrollment term for the account
c. a grading period set for that term with:
* a closed grading period
* an open grading period
d. a course with that enrollment term
e. a student for the course
f. two assignment groups (1, 2)
g. an assignment (A) in group 1
* due for everyone in the closed grading period
h. an assignment (B) in group 2
* due for everyone in the open grading period
B. as a Teacher in the course, visit the course assignments page
a. access the Assignment Settings Modal
1. verify the 'Weight final grade' option cannot be changed
2. verify the individual weights cannot be changed
b. access the Assignment Group Edit Modal for group 1
1. verify the assignment group weight cannot be changed
2. verify the drop highest/lowest options cannot be changed
3. verify that 'never drop' assignments cannot be removed
4. verify that 'never drop' assignments cannot be added
c. access the Assignment Group Edit Modal for group 2
1. verify the assignment group weight can be changed
2. verify the drop highest/lowest options can be changed
3. verify that 'never drop' assignments can be removed
4. verify that 'never drop' assignments can be added
C. as an Admin, visit the course assignments page
a. access the Assignment Settings Modal
1. verify the 'Weight final grade' option can be changed
2. verify the individual weights can be changed
b. access the Assignment Group Edit Modal for group 1
1. verify the assignment group weight can be changed
2. verify the drop highest/lowest options can be changed
3. verify that 'never drop' assignments can be removed
4. verify that 'never drop' assignments can be added
c. access the Assignment Group Edit Modal for group 2
1. verify the assignment group weight can be changed
2. verify the drop highest/lowest options can be changed
3. verify that 'never drop' assignments can be removed
4. verify that 'never drop' assignments can be added
D. delete Assignment A
E. as a Teacher in the course, visit the course assignments page
a. access the Assignment Settings Modal
1. verify the 'Weight final grade' option can be changed
2. verify the individual weights can be changed
b. access the Assignment Group Edit Modal for group 1
1. verify the assignment group weight can be changed
2. verify the drop highest/lowest options can be changed
3. verify that 'never drop' assignments can be removed
4. verify that 'never drop' assignments can be added
c. access the Assignment Group Edit Modal for group 2
1. verify the assignment group weight can be changed
2. verify the drop highest/lowest options can be changed
3. verify that 'never drop' assignments can be removed
4. verify that 'never drop' assignments can be added
Change-Id: I73648f6ae0a3ca2229d383af025bad74dddb5a49
Reviewed-on: https://gerrit.instructure.com/91877
Reviewed-by: Neil Gupta <ngupta@instructure.com>
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Danaan Clarke <dclarke@instructure.com>
e.g. don't dump and reparse quiz_data when cloning to
calculate changes if we're only going to make it readonly
anyway
closes #CNVS-32276
Change-Id: I9bd457b74a3a8a2736707c14e96fac79dae7c880
Reviewed-on: https://gerrit.instructure.com/92088
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
This removes N+1 from the importer by preloading grading
periods and admin_of_root_account?.
Fix imports so that submissions with no due date fall
into the last period for the course.
closes: CNVS-26720
test plan:
1. Test that a gradebook upload can update a submission's
grade in a grading period where it is the last grading
period for the term (course) and the due date is nil
2. Test that an update fails if the above conditions are met
and the grading period is closed
3. Finally test for no N+1s during the import:
- have a course with grading periods and assignments
- import a gradebook csv as a basic teacher enrollment
- notice in the logs that there are not several (1 per
submission) N+1s for Grading Periods during import parsing
Change-Id: Ia595eaa50e44a2813727803aa13b897ee29fbd00
Reviewed-on: https://gerrit.instructure.com/91623
Tested-by: Jenkins
Reviewed-by: Jeremy Neander <jneander@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
closes OUT-383
test plan:
- create a group set and at least 2 groups
- assign some students to the groups
- create a new assignment and assign it to the
group set, and enable peer reviews
- as a student in one of the groups, submit to the
assignment
- go to the peer reviews page and attempt to
assign peer reviews
- no peer reviews should be assigned
- on the same page, enable intra-group peer reviews
- attempt to assign peer reviews, peer reviews should
be assigned to other group members of the submission
UI testing:
- when creating/editing an assignment, the intra-group
reviews toggle should only be present if the group
assignment box is checked, and if the automatically
assign peer reviews toggle is selected
- the setting for intra-group reviews should persist after
saving
Change-Id: I770749555f70b0e6d204f2d8eca268ec08ddeb36
Reviewed-on: https://gerrit.instructure.com/89757
Reviewed-by: Christian Prescott <cprescott@instructure.com>
QA-Review: Alex Ortiz-Rosado <aortiz@instructure.com>
Tested-by: Jenkins
Product-Review: McCall Smith <mcsmith@instructure.com>
fixes CNVS-32336
test plan
- run an invalid sis import with invalid login_id
- it should display warnings and not an error on
/sis_imports page
Change-Id: I708ee42c359a154bad6574417daac44839317177
Reviewed-on: https://gerrit.instructure.com/91767
Tested-by: Jenkins
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Benjamin Christian Nelson <bcnelson@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
refs CNVS-31937
the secret stored in consul/dynamicsettings should be base64 encoded.
test-plan:
- NOTE: depends on having version of service that also base64 decodes
the shared secret
- put correct base64 encoded secret in config (consul,
dynamicsettings.yml, etc.), make requests against the service --
should work
- put incorrect but valid base64 encoded secret in config, make
requests against the service -- should fail gracefully and log an
error report about invalid jwt
- put invalid base64 secret in config (so decoding will fail), make
requests against the service -- should fail gracefully and log error
reports both about base64 decoding failure and invalid jwt
- remove any secret in config, make requests against the service --
should fail gracefully and log error reports both about base64
decoding failure and invalid jwt
Change-Id: I450fc5838301db3b0bb948e3754b0c1566495123
Reviewed-on: https://gerrit.instructure.com/90805
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Tested-by: Jenkins
Product-Review: Jacob Fugal <jacob@instructure.com>
Assignments which have been assigned for at least one student in
a closed grading period must not be moveable between assignment groups,
except by admins.
closes CNVS-30915
test plan:
A. create or select:
a. an account
b. an enrollment term for the account
c. a grading period set for that term with:
* a closed grading period
* an open grading period
d. a course with that enrollment term
e. two students (1 & 2) for the course
f. three assignment groups (1, 2, 3)
g. an assignment (A) in group 1
* due for everyone in the closed grading period
h. an assignment (B) in group 1
* due for student 1 in the open grading period
* due for student 2 after the open grading period
i. an assignment (C) in group 2
* due for student 1 in the closed grading period
* due for student 2 in the open grading period
j. an assignment (D) in group 2
* due for student 1 after the open grading period
* for student 2 without a due date
k. an assignment (E) in group 3
* due for everyone in the open grading period
B. as a Teacher in the course, visit the course assignments page
a. verify assignment A cannot be moved
b. verify assignment B can be moved
c. verify assignment C cannot be moved
d. verify assignment D can be moved
e. verify assignment E can be moved
C. as an Admin, visit the course assignments page
a. verify assignment A can be moved
b. verify assignment B can be moved
c. verify assignment C can be moved
d. verify assignment D can be moved
e. verify assignment E can be moved
Change-Id: I93a7f0f9391b493041172ed159136990c51d6a6a
Reviewed-on: https://gerrit.instructure.com/91744
Tested-by: Jenkins
Reviewed-by: Derek Bender <djbender@instructure.com>
Reviewed-by: Neil Gupta <ngupta@instructure.com>
QA-Review: Alex Morris <amorris@instructure.com>
Product-Review: Christi Wruck
the global grades page will now use global grading
period IDs to support selecting grading periods
accross shards.
fixes CNVS-31407
fixes CNVS-31523
test plan:
* you will need an account in a trust relationship
with a cross-shard account
1. enroll a user in a course in the main account.
2. enroll same user in a course in the
cross-sharded account.
3. enable "Multiple Grading Periods" in the
cross-sharded course.
4. create an assignment in each course as a teacher
5. create a submission for each assignment as the student
6. grade the submission from the cross-shard course
7. return to the main account and masquerade as the
user.
8. visit the user's dashboard and click
"View Grades". select a grading period from the
dropdown on the cross-shard course.
9. verify no error message is shown and the total
grade updates.
10. go to the non-global grades page for the
cross-shard course (/courses/:course_id/grades).
11. select a grading period from the dropdown and
verify the grade updates with no error.
12. go to the cross-shard account and masquerade as the
user.
13. visit the user's dashboard and click
"View Grades". select a grading period from the
dropdown on cross-shard course.
14. verify no error message is shown and the total
grade updates.
Change-Id: I3324c09f33ad976e76cf613a8163e3b7670a5cda
Reviewed-on: https://gerrit.instructure.com/89467
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Derek Bender <djbender@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Christi Wruck
Fixes PLAT-1834
Test Plan:
- Install application from the CAnvas app center to verify that
the Canvas app center is using the
/api/v1/courses/:id/create_tool_with_verification
endpoint.
- Repeat the installation but intercept the request
and modify the "config_url" post param (or just
replicate the installation post request with
Postman or similar and include the modified param).
Make sure Canvas still installs the tool indicated by
the app_center_id, not the tool at the modified config_url
location.
- Attempt to make the same request with the
'app_center_id' param missing. Make sure
the tool is not installed an an error is
returned
Change-Id: I2e025a2cb840d77d972aabc4352ac66ed7d21560
Reviewed-on: https://gerrit.instructure.com/91110
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes CNVS-32260
also do a join instead of a subquery. also revert the reverting of
doing it in SQL instead of loading a bunch of ids into memory
Change-Id: I2089b12378ad5301049a4bb427f92b1603c9c964
Reviewed-on: https://gerrit.instructure.com/91405
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
test plan:
* in the rails console, configure the override threshold with
Setting.set('assignment_all_dates_too_many_threshold', '5')
* an assignment more than 5 overrides should not return the
'all_dates' value in the api, but rather 'all_dates_count'
* on the assignment index page, an assignment with more than 5
overrides should still list "Multiple Dates" but no longer
shows a tooltip
closes #CNVS-32277
Change-Id: I99df5ae0f482c745f00a2d4c9dcedbc8042f007c
Reviewed-on: https://gerrit.instructure.com/91478
Tested-by: Jenkins
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
Reviewed-by: Matt Berns <mberns@instructure.com>
QA-Review: Heath Hales <hhales@instructure.com>
Product-Review: McCall Smith <mcsmith@instructure.com>
test plan:
- ensure ungraded quizzes (survey or practice quizzes)
due in the near future appear alongside graded quizzes
and assignments in the To Do list on the dashboard
- ensure they appear in the correct chronological
position
- ensure they link to the quiz properly
- ensure the X button to remove the notification
works properly
- ensure ungraded quizzes are returned by the API
"TODO items" endpoints for users and courses
when `include[]=ungraded_quizzes` is supplied
and that they appear in the correct chronological
position
closes CNVS-32164
Change-Id: I216140ff9a3cada662c9fc8357de2e0ab0a8fa45
Reviewed-on: https://gerrit.instructure.com/91346
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
use has_no_overrides to speed up when there are no overrides
and preload the roles so we don't calculate :manage_assignments
on every student
Change-Id: I5cc812e8d1efaca297811ac846ea7e5fe73b4707
Reviewed-on: https://gerrit.instructure.com/91612
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
should help with many concurrent recalculation jobs for a
single course
closes #CNVS-32173
Change-Id: I0bb7e6e07dac06793fd0b00e46c85bb9583086e2
Reviewed-on: https://gerrit.instructure.com/91531
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
- supports cyoe ability to make multiple overrides for a single
student
closes CYOE-279
Test plan:
Consult generated api documentation for parameters for the following requests:
1. As teacher or TA or student, retrieve multiple assignment overrides via
GET /api/v1/courses/<id>/assignments/overrides
Should respect override visibility, student visibility
2. As teacher or TA, update assignment overrides via
PUT /api/v1/courses/<id>/assignments/overrides
Should respect validity, permissions, visibility, etc.
3. As teacher or TA, create assignment overrides via
POST /api/v1/courses/<id>/assignments/overrides
Should respect validity, permissions, visibility, etc.
Change-Id: I72f3bdae87f16bb6ff49727cb7880f7728ff60a7
Reviewed-on: https://gerrit.instructure.com/88817
Tested-by: Jenkins
Reviewed-by: Christian Prescott <cprescott@instructure.com>
QA-Review: Christian Prescott <cprescott@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
Closes CYOE-86
Test Plan:
* Enable the "Conditional Release" feature
in Canvas for a new account & course
* Verify in CYOE that a request has been made
and a corresponding Account model has been
created for the root account of the feature
enabled course.
Change-Id: Ide8ed35f664ddafbf61e26cda0d0233bbf4f3781
Reviewed-on: https://gerrit.instructure.com/77455
Tested-by: Jenkins
Reviewed-by: Christian Prescott <cprescott@instructure.com>
QA-Review: Jahnavi Yetukuri <jyetukuri@instructure.com>
Product-Review: Dan Minkevitch <dan@instructure.com>
closes #CNVS-32253
Change-Id: I99cde7d015e86d4f8a8fb3c7203ede0c9735c604
Reviewed-on: https://gerrit.instructure.com/91315
Tested-by: Jenkins
Reviewed-by: Joel Hough <joel@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
fixes: PLAT-1836
test plan:
1. Install this tool into a Canvas course:
https://lti-tool-provider.herokuapp.com
2. Create and publish an assignment that uses the external tool from #1
3. Enroll and masquerade as a student and access the assignment
4. Submit either text or url (or a valid LTI launch URL)
5. view the submission details (grades --> click the assignment), notice
your submission is previewable
6. view the submissions API and notice the submission_type is
"online_upload"
7. return to the assignment and give yourself a grade
8. make sure that the assignment is still previewable and that the
submission_type didn't change
Change-Id: Ibdd2fbafb54f80d20dff447ec7f2b776eee419bb
Reviewed-on: https://gerrit.instructure.com/91100
Tested-by: Jenkins
Reviewed-by: Matthew Wheeler <mwheeler@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
Fixes: SIS-2360
Test plan:
- Start canvas and expose it through ngrok
- Install the Pinnacle LTI app
- Create a course
- Create two users WITH an SIS ID
- Add the users to the course
- Create two user lever differentiated assignments for each user
- Use your favorite REST client and hit this endpoint appropriately:
/api/sis/accounts/:account_id/assignments
- Confirm you see a `user_overrides` attribute in the response with
each user override you created and their respective values in this
format:
"user_overrides": [
{
"id": [
{
"id": 5,
"name": "some student",
"sis_user_id": "some-sis-id"
"override": {
"due_at": "2016-08-26T05:59:59Z"
}
},
{
"id": 10,
"name": "some other student",
"sis_user_id": "some-other-sis-id",
"override": {
"due_at": "2016-08-26T05:59:59Z"
}
}
]
}
]
Change-Id: I88b69c3732d0c3f88b88b7f61b44665e76d094bd
Reviewed-on: https://gerrit.instructure.com/87623
Reviewed-by: Stewie aka Nicholas Stewart <nstewart@instructure.com>
Tested-by: Jenkins
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Product-Review: Nick Houle <nhoule@instructure.com>
define a new workflow inteded to be used by any service that needs to
render a ui. this workflow includes state indicating if high contrast
styles should be used.
refs CNVS-31909, closes CNVS-31983
test plan:
- enable high contrast
- make sure rcs is enabled
- go to view with rce sidebar
- get the jwt from Authoriation header of requests to rcs
- don't inclued "Bearer "
- open the canvas console, run:
Canvas::Security.decrypt_services_jwt(
Canvas::Security.base64_decode('<token here>')
)
- make suer the token inclues use_high_contrast: true
- disable high contrast
- repeat, but use_high_contrast should be false in the token
Change-Id: I8752ad534928081d2e4b8e8d748f8dd9897222a2
Reviewed-on: https://gerrit.instructure.com/90452
Tested-by: Jenkins
Reviewed-by: John Corrigan <jcorrigan@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Brent Burgoyne <bburgoyne@instructure.com>
test plan:
* assignment + assignment_groups api calls with
include[]=overrides should behave as before
and have the correct "student_ids" for adhoc overrides
refs #CNVS-31961
Change-Id: I573e034dd844f16f3e51d7b82072410f01685151
Reviewed-on: https://gerrit.instructure.com/91160
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
Tested-by: Jenkins
QA-Review: Michael Hargiss <mhargiss@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
the logic that sanitizes urls in user content only converts verified
file urls to file urls in the correct scope when the uri does not
contain the host. this is breaking because the rcs is using full
absolute urls for links to files, and we probably don't want to stop
in case content is rendered on a different domain in the future (lti
app in an iframe?).
fixes CNVS-32091
test plan:
- insert a file link from the rcs sidebar
- inspect the html before saveing
- should include the host and be a verified url without the context
- save the content
- inspect the html
- link should include the host, context and context id
(i.e. https://account.instructure.com/course/1/files...)
Change-Id: I22e872370a120aebc2c60b3a11d2b98be14c7771
Reviewed-on: https://gerrit.instructure.com/91099
Reviewed-by: John Corrigan <jcorrigan@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Brent Burgoyne <bburgoyne@instructure.com>
Assignments which have been assigned for at least one student in
a closed grading period must not be deletable, except by admins.
The same applies to assignment groups and quizzes.
closes CNVS-30897
test plan:
A. create or select:
a. an account
b. an enrollment term for the account
c. a grading period set for that term with:
* a closed grading period
* an open grading period
d. a course with that enrollment term
e. two students (1 & 2) for the course
f. three assignment groups (1, 2, 3)
g. an assignment (A) in group 1
* due for everyone in the closed grading period
h. an assignment (B) in group 1
* due for student 1 in the open grading period
* due for student 2 after the open grading period
i. an assignment (C) in group 2
* due for student 1 in the closed grading period
* due for student 2 in the open grading period
j. an assignment (D) in group 2
* due for student 1 after the open grading period
* for student 2 without a due date
k. an assignment (E) in group 3
* due for everyone in the open grading period
B. as a Teacher in the course
1. visit the course assignments page
a. verify assignment A cannot be deleted
b. verify assignment B can be deleted
c. verify assignment C cannot be deleted
d. verify assignment D can be deleted
e. verify assignment E can be deleted
f. verify assignment group 1 cannot be deleted
g. verify assignment group 2 cannot be deleted
h. verify assignment group 3 can be deleted
2. visit the edit assignment page for each assignment
a. verify assignment A cannot be deleted
b. verify assignment B can be deleted
c. verify assignment C cannot be deleted
d. verify assignment D can be deleted
e. verify assignment E can be deleted
C. as an Admin
1. visit the course assignments page
a. verify assignment A can be deleted
b. verify assignment B can be deleted
c. verify assignment C can be deleted
d. verify assignment D can be deleted
e. verify assignment E can be deleted
f. verify assignment group 1 can be deleted
g. verify assignment group 2 can be deleted
h. verify assignment group 3 can be deleted
2. visit the edit assignment page for each assignment
a. verify assignment A can be deleted
b. verify assignment B can be deleted
c. verify assignment C can be deleted
d. verify assignment D can be deleted
e. verify assignment E can be deleted
D. create or select:
a. an account
b. an enrollment term for the account
c. a grading period set for that term with:
* a closed grading period
* an open grading period
d. a course with that enrollment term
e. two students (1 & 2) for the course
f. three assignment groups (1, 2, 3)
g. a quiz (A) in group 1
* due for everyone in the closed grading period
h. a quiz (B) in group 1
* due for student 1 in the open grading period
* due for student 2 after the open grading period
i. a quiz (C) in group 2
* due for student 1 in the closed grading period
* due for student 2 in the open grading period
j. a quiz (D) in group 2
* due for student 1 after the open grading period
* for student 2 without a due date
k. a quiz (E) in group 3
* due for everyone in the open grading period
B. as a Teacher in the course
1. visit the course quizzes page
a. verify quiz A cannot be deleted
b. verify quiz B can be deleted
c. verify quiz C cannot be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
f. verify assignment group 1 cannot be deleted
g. verify assignment group 2 cannot be deleted
h. verify assignment group 3 can be deleted
2. visit the show quiz page for each quiz
a. verify quiz A cannot be deleted
b. verify quiz B can be deleted
c. verify quiz C cannot be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
3. visit the edit quiz page for each quiz
a. verify quiz A cannot be deleted
b. verify quiz B can be deleted
c. verify quiz C cannot be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
C. as an Admin
1. visit the course quizzes page
a. verify quiz A can be deleted
b. verify quiz B can be deleted
c. verify quiz C can be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
f. verify assignment group 1 can be deleted
g. verify assignment group 2 can be deleted
h. verify assignment group 3 can be deleted
2. visit the show quiz page for each quiz
a. verify quiz A can be deleted
b. verify quiz B can be deleted
c. verify quiz C can be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
3. visit the edit quiz page for each quiz
a. verify quiz A can be deleted
b. verify quiz B can be deleted
c. verify quiz C can be deleted
d. verify quiz D can be deleted
e. verify quiz E can be deleted
Change-Id: I2176904e9de96b61f31c9972c4c35b2b72367c54
Reviewed-on: https://gerrit.instructure.com/88608
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Derek Bender <djbender@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Christi Wruck
fixes CNVS-31926
Also note: we no longer want to load all of InstUI at once, and instead
prefer to load components as we need them.
Test plan:
* automated tests pass
Change-Id: Ia3b73bd68c94901da64c432ab88f3b7a1634a77f
Reviewed-on: https://gerrit.instructure.com/90271
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
Tested-by: Jenkins
Product-Review: Colleen Palmer <colleen@instructure.com>
QA-Review: Colleen Palmer <colleen@instructure.com>
fixes PLAT-1349
test plan:
regression check grade passback
try using the same nonce twice for grade passback
try using an expired oauth signature
Change-Id: I76ca22568451823c0ed9ae03e815873dda843883
Reviewed-on: https://gerrit.instructure.com/90006
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
test plan:
* have an instructor on a different shard than a course
* on the course, submit to an assignment as a student
and make a comment on the submission
* the comment should show up in the instructor's
"Submission Comments" inbox
closes #CNVS-31502
Change-Id: I3313c64c6b3c0cfc60f130745aec5ce7cb2781bf
Reviewed-on: https://gerrit.instructure.com/89704
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Wiki: https://instructure.atlassian.net/wiki/display/CE/Rake+Task+to+Quickly+Add+Users
Test plan
bundle exec rake db:create_user
follow the steps
then login as your new user
Change-Id: I77b6b63cfaf4f067742c9a4b14f51b20c144ccea
Reviewed-on: https://gerrit.instructure.com/90327
Reviewed-by: Shahbaz Javeed <sjaveed@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
Tested-by: Jenkins
QA-Review: Brad Horrocks <bhorrocks@instructure.com>
Product-Review: Brad Horrocks <bhorrocks@instructure.com>
for a given workflow, services consuming canvas jwts may need access
to additional state (feature flags, permissions, etc). this commit
introduces the ability to to define state requirements for a jwt
based on its workflows, context and user.
the concept of jwt workflow has been made plural and it expects it to
be an array of workflows. a token for one service may need to be used
in multiple workflows (i.e. a quiz token may need to work as a rich
content token as well).
this commit defines the :rich_content workflow which includes upload
and usage rights information.
tokens also include context type and id. since the workflow state may
be specific to the context, this provides a way for the service to
validate that the token is being used in the correct context.
code that generates conditional-release tokens has been updated to use
the workflows array. this won't break anything becuase, even though it
is including in the token, it is not being validated yet. future
validations will check for inclusion in the array.
refs CNVS-30966, refs CNVS-32094
test plan:
- launch a page with the rich content service side bar
- ensure the request to the proxy don't return 401 status codes
- a test plan for the consuption of the new data in the token will
come with a seperate RCS commit
Change-Id: I9e643995cb98547664f721a9b5d8c9441010eea9
Reviewed-on: https://gerrit.instructure.com/89012
Reviewed-by: Simon Williams <simon@instructure.com>
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Brent Burgoyne <bburgoyne@instructure.com>
fixes CNVS-31872
test plan:
- Enable the MathMan plugin for MathML generation, and provide a base
url.
- Add an assignment that has an equation in the body.
- Look at MathMan request logs and validate that the `X-Request-Context-Id`
& `X-Request-Context-Signature` headers are present.
Change-Id: Ic807c8768a9583046b047e08072ba8815e065a3f
Reviewed-on: https://gerrit.instructure.com/90491
Tested-by: Jenkins
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: John Corrigan <jcorrigan@instructure.com>
test plan:
* enable the "Post Grades to SIS" feature flag
to enable the option when creating assignments
* create an assignment with "Post Grades" on and a due date
* on the calendar, drag the assignment from one day
to another
* it should not reset the "Post Grades" setting to
the account default (i.e. off)
* new assignments created through api should still have
their "Post Grades" (post_to_sis) setting set to the
account default (can be changed in the account settings)
as with g/84391
closes #CNVS-31951
Change-Id: I9fdf31f76f2d72a9a3da03ecc9230eaf202c45e5
Reviewed-on: https://gerrit.instructure.com/90569
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
refs CNVS-29149
test plan
- when merging users
- communication channels should be recorded
Change-Id: I24709e85ced40e4a5c62d62042c464c669e77738
Reviewed-on: https://gerrit.instructure.com/89883
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
refs CNVS-30480
fixes CNVS-30706
Test plan:
* BEFORE checking out this commit:
* create 2 shards (s1 and s2)
* make a course with a file-upload assignment in s1
* make a user in s2
* enroll the user as a student in the course
* submit homework
* the teacher/student should not be able to see eachother's crocodoc
comments
* checkout this commit
* the student/teacher should be able to see eachother's comments
* make another submission as the student. the teacher/student should
be able to view each other's comments on that document too
Change-Id: Iee6c9087f2c67afc8959cb4989fd14eaa4ce3d46
Reviewed-on: https://gerrit.instructure.com/86715
Tested-by: Jenkins
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Cameron Matheson <cameron@instructure.com>
should improve performance on conversations index
Change-Id: I93517ab7d856950d4cf3fddc500b8f2cd3f9168b
Reviewed-on: https://gerrit.instructure.com/90931
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
close date will now be respected when uploading a gradebook CSV.
this means a) grades cannot be changed if they fall in a closed
grading period, and b) assignments cannot be created via upload
if they would fall in a closed grading period.
closes CNVS-26720
test plan:
1. turn multiple grading periods on
for a course, go to the gradebook
and click 'import'.
2. log in as a non-admin teacher and verify via
CSV upload:
a) trying to change the grade for a submission
that falls in a closed grading period does
not change the grade and displays a message
before uploading that says some submissions
were skipped because they were not gradeable.
b) changing the grade for a submission with a due
date that does not fall in a closed grading period
is allowed.
c) trying to create a new assignment (by adding
a new assignment column in the CSV) does not
succeed if the last grading period in the course
is closed. also verify a message is displayed
saying new assignments could not be created
because they would fall in a closed grading period.
d) creating a new assignment (by adding a new assignment
column in the CSV) succeeds if the last grading period
in the course is not closed.
3. log in as a root account admin and verify step 2a allows
the user to change a submission's grade and step 2c allows
the user to create a new assignment.
4. turn off multiple grading periods and verify gradebook upload
behaves normally.
Change-Id: Ic4e9e1b08d7910cf99b5c4cff57d921e80af9e19
Reviewed-on: https://gerrit.instructure.com/88540
Tested-by: Jenkins
Reviewed-by: Jeremy Neander <jneander@instructure.com>
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: KC Naegle <knaegle@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
refs CNVS-31277
closes CNVS-31939
test-plan:
- configure your canvas to use an address book service instance that
has authentication enabled and has your data loaded
- configure your canvas to use the same secret as that service
- search for recipients on a new conversation in the inbox
- should find the recipients
- configure your canvas to use a different secret than that service
- search for recipients on a new conversation in the inbox
- search should come back empty, but gracefully so (no page error)
- error reports should show the request failed due to authentication
Change-Id: I3a5f1c4ddcbbf830c9e7b98f6c8a39d4fdc82461
Reviewed-on: https://gerrit.instructure.com/90399
Tested-by: Jenkins
Reviewed-by: Andrew Huff <ahuff@instructure.com>
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
Change-Id: I70540791ffb2f294139912fb78d020ed4a5e6d0a
Reviewed-on: https://gerrit.instructure.com/90679
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
refs CNVS-29149
test plan
- specs should pass
Change-Id: Ie7b6748d9c3da741434b3324c7670500f312fcbf
Reviewed-on: https://gerrit.instructure.com/89951
Tested-by: Jenkins
Reviewed-by: John Corrigan <jcorrigan@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
Fixes: CNVS-30709
Test plan:
- Clear cache / restart Canvas
- Go to Theme Editor in your Canvas instance
- You should now see a new field for Main
Text Color, as well as some new additions
to the test page on the right of the
Theme Editor sidebar:
http://screencast.com/t/JrBJ0FgOxbA
- Updating the value of this field with a
new HEX color should change the main
font color of Canvas, as well as the
secondary links (like the cog dropdown)
that also use the main text color.
- I did a find-and-replace for
`color: $ic-color-dark` -->
`color: $ic-font-color-dark`, which is
why there are so many files in this commit.
Because $ic-color-dark has the same HEX color
as $ic-font-color-dark, however, there should
be zero impact to all these changes. They
were just done so users can now theme the colors
via Theme Editor.
Change-Id: Idabfa6649ecf40e439df4a8672529ea6dbd7fa01
Reviewed-on: https://gerrit.instructure.com/89934
Tested-by: Jenkins
Reviewed-by: Stephen Jensen <sejensen@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Chris Hart <chart@instructure.com>
wdransfield