fixes CNVS-6888
testing steps:
* from a console, set a custom privacy and terms url
Setting.set('privacy_policy_url', 'http://custom.example.com/privacy')
Setting.set('terms_of_use_url', 'http://custom.example.com/terms')
* verify the following location all display the new links:
* <canvas>/enroll/<join_code> - with self_enrollments enabled for
the course and currently logged out
* when self registration is disabled at the root account,
will be prompted to authenticate, "View Privacy Policy"
* when self registration is enabled at the root account,
will be prompted to authenticate or register, "View Privacy Policy"
* when logged in as a teacher, prompted to confirm enrollment
"View Privacy Policy"
* <canvas>/register_from_website - when logged out
* page footer links for "Terms of Use" and "Privacy Policy"
* "I'm a teacher", both links at bottom of dialog
* "I'm a student", both links at bottom of dialog
* "Parents sign up here", both links at bottom of dialog
* <canvas>/accounts/<id>/users - click "Add a New User" from
the right sidebar. "View Privacy Policy" in modal dialog.
Change-Id: Ic80c369dcea8483c93fb8adfcd9a80c1d6d3ad6a
Reviewed-on: https://gerrit.instructure.com/22712
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Marc LeGendre <marc@instructure.com>
Product-Review: Marc LeGendre <marc@instructure.com>
refs CNVS-4554
this makes it possible to have an embedded iframe dialog that controls
the content of its titlebar. this is useful for dialogs that take you
through multiple steps (pages)
test plan:
N/A, see g/19071 where we use it
Change-Id: I580b263321467c8e5445f60206517fb8f27d94be
Reviewed-on: https://gerrit.instructure.com/19620
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
Product-Review: Jon Jensen <jon@instructure.com>
QA-Review: Jon Jensen <jon@instructure.com>
refactor self enrollment flow to support a @confirm_enrollment_url (can be
set via plugin). if set, the user will be created/authenticated, but
rather than being enrolled, s?he will be redirected to this url (for
payment, lo que sea).
NOTE: it's incumbent upon the plugin author to also add any necessary
checks to the self_enrollment code so that users can't just hit the API
directly and circumvent required payment steps.
test plan:
there are no functional changes in this commit, we just need to do a basic
regression test, i.e.
1. confirm you can self enroll as a new user
2. confirm you can self enroll as an existing unauthenticated user
3. confirm you can self enroll as an existing authenticated user
additionally, we should confirm that the various error scenarios work
(i.e. make sure you have to enter in all required fields).
Change-Id: Ic51d82114e08c5f3700d1b567643405b48cb7d4f
Reviewed-on: https://gerrit.instructure.com/19028
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
Product-Review: Jon Jensen <jon@instructure.com>
test plan:
1. create a course, allow self enrollment, make it publicly visible, and
add a join button to the public page
2. log out
3. go to the public course page and click on the join button
4. the privacy policy link should be left aligned
5. fill out the form to register in the course
6. the dashboard/course buttons should be on the right side (rather than
squished and overlapping on the left)
Change-Id: I8e458926ac59c7d9629ce993e1444b0f8d391c7a
Reviewed-on: https://gerrit.instructure.com/18973
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Florence <ryanf@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
Product-Review: Jon Jensen <jon@instructure.com>
adds privacy policy link in the following places:
1. "Add a New User" dialog (on account pages)
2. /register now has a footer w/ a link to the privacy policy
3. /register dialogs (student/parent/teacher signups) now prompt the user
to agree to the privacy policy in addition to the terms
4. self enrollment dialogs (can be seen via "Join this Course" button or
via canvas.net "Enroll" button) now have a link to the privacy policy
for all flows (i.e. even if already authenticated)... previously there
was only a checkbox/link for new users
test plan:
1. confirm privacy policy links appear in the places listed above
Change-Id: I1ad48eee7fc116901c901673ca985bbc354b5c13
Reviewed-on: https://gerrit.instructure.com/18107
Reviewed-by: Ryan Florence <ryanf@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
test plan:
1. go to /register
2. you should not be prompted to enter a birthdate in any of the flows
3. the forms should work
4. go to your (user) settings
5. you should not see your birthdate nor be able to enter one
6. the form should work
7. go to the self enrollment page for a course as a new user
8. you should not be prompted to enter a birthdate
9. the form should work
Change-Id: I9bf92d27e208696b2aed74b4a6396d434494679c
Reviewed-on: https://gerrit.instructure.com/18143
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Florence <ryanf@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
closes #CNVS-2464
test plan:
- turn self-enroll on for a course (course settings, more options)
- copy the secret URL
- turn self-enroll off
- go to the secret URL
- it should say enrollment is closed and not a 404 page
Change-Id: Ibd3f1c36f3c444dad48d4f492756d1db320475d8
Reviewed-on: https://gerrit.instructure.com/17226
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
fixes #CNVS-2614
when users self enroll, don't give them a link to the course on the
confirmation page if it's restricted by date and not yet available. also
fix dashboard messaging when all of the user's enrollments are in
not-yet-started courses.
test plan:
1. create a course
2. set a start/end date and limit participation to the course dates
3. enable self enrollment
4. self enroll as a student
5. confirm that you get a link to the dashboard, but not to the course
6. on the dashboard, confirm that you see a message that states "You've
enrolled in one or more courses that have not started yet"
7. click on courses on the top menu
8. confirm that you see the course under future enrollments
9. click on the course
10. confirm that you get an error page stating the course is not yet
available
Change-Id: Ib63ac2a8f76e197acae44614a0702b784d874dce
Reviewed-on: https://gerrit.instructure.com/16813
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Florence <ryanf@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
test plan:
* a fresh account should not be able to visit /register
* enable self_registration in script/console for the account
(see the migration)
* you should now be able to visit /register
* no other changes should be visible
Change-Id: Ibfd6a0d23d3c3e37243ffb762e284b8907cd45cc
Reviewed-on: https://gerrit.instructure.com/16713
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Cody Cutrer <cody@instructure.com>
test plan:
1. self enroll in a course
2. you should see the regular "terms" checkbox and text
Change-Id: I8c3e677d8e30343626d198258e604c65755dddf3
Reviewed-on: https://gerrit.instructure.com/16225
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
QA-Review: Jon Jensen <jon@instructure.com>
add support for self enrollment caps to limit the size of a particular
course. there is no UI for setting caps (yet)
test plan:
1. run specs
2. follow test plan for https://gerrit.instructure.com/15819
Change-Id: Ibf0a8f04f0c2efa820d0850cef26dfae20849246
Reviewed-on: https://gerrit.instructure.com/16021
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
QA-Review: Cam Theriault <cam@instructure.com>
fixes #CNVS-1119, potentially supersedes
https://gerrit.instructure.com/14501 with a little work.
simpler flow that is more consistent with FFT signup. whether you click
the "join course" button (popup) or go to the join url, the workflow is
the same:
1. if you are authenticated, you just click the enroll button.
2. if you are not authenticated, you can either:
1. enter your (canvas/ldap) credentials and submit to join the course.
2. register and join the course (single form). you will then be
dropped on the course dashboard in the pre_registered state just
like a /register signup (you have to follow the link in your email
to set a password).
note that if open registration is turned off, option 2.2 is not available.
other items of interest:
* fix CSRF vulnerabilities where you can enroll authenticated users in
open courses, or un-enroll them if you know their enrollment's UUID
* move to shorter course-id-less route (w/ join code)
* reuse UserController#create
* handy openAsDialog behavior and embedded view mode
* better json support in PseudonymSessionsController#create
* extract markdown helper from mt
* show "you need to confirm your email" popup when you land on the course
page the first time (already showed on dashboard)
test plan:
1. test the authenticated/unauthenticated scenarios above, for both the
popup and join pages
2. regression test of /registration forms
Change-Id: I0d8351695356d437bdbba72cb66c23ed268b0d1a
Reviewed-on: https://gerrit.instructure.com/15902
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
QA-Review: Jon Jensen <jon@instructure.com>
Jon Jensen