[skip-stages=Flakey]
the balance. mostly. Lint/UriEscapeUnescape is put in the pending
block because it's so touchy, and I didn't want to deal with it
right now
all manual
Change-Id: Ibeb81e013f56f160d51f7d237a9bcfe98daa1e53
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/277569
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
refs MAT-508
flag=none
Test Plan:
- Follow the "steps to reproduce" on the ticket
> Verify the issue is no longer reproducable
Change-Id: I55c1a155477629e6eb5d1b2b151efd839e7f88c8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/277506
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jon Scheiding <jon.scheiding@instructure.com>
QA-Review: Jon Scheiding <jon.scheiding@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Fixes a regression that prevented observers from seeing the 'coming
up' list on the classic dashboard.
fixes LS-2812
flag = none
Test plan:
- Create an observer linked to a student in a classic course with
(at least) 1 upcoming assignment
- Visit the classic dashboard as the observer
- Expect to see the upcoming assignment under 'coming up' sidebar
- Visit the classic dashboard as the student
- Expect to see the assignment in the same place
- Visit the k5 dashboard as an observer of a k5 student and switch to
the schedule tab
- Expect to see the student's assignments in the planner
Change-Id: If03b864a558727ba1185c7f126677496adbe8940
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/277401
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
flag=none
fixes MAT-439
Test plan
- Set up MRA / vanity domains
- Create a vanity domain for your Canvas (e.g. vanity.canvas.docker)
- Using your primary domain (e.g. canvas.docker), create a wiki page and
embed a media file in it
- Using your vanity domain, browse to the wiki page you created and
ensure the media file renders correctly
Change-Id: I2ccb6731d872ca6a6d79fb7d005655ae6b7ce852
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/274794
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Jon Scheiding <jon.scheiding@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
closes LS-2750
flag = k5_parent_support
Test plan:
- Check out the setup steps in ticket LS-2750
- Visit the dashboard as the observer and expect to see the
cross-shard user in the dropdown
Change-Id: I9dff318e177e7891a063f4cf4afa860fb38b1280
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/276370
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
app except for app/models, config
all manual. many cases I removed the unused argument entirely, and
updated callers to not send it
there were also a few "override this method and raise an exception so
you don't use it cause rails is changed" methods that were for old
rails versions that I just removed completely
Change-Id: I071a5a8266801427c5c7a157fefe14850495e620
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/276446
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes VICE-1090
flag=react_inbox
Test Plan:
- Enable react inbox feature flag
- Follow the steps in the following confluence doc to get kaltura
working locally
- https://instructure.atlassian.net/wiki/spaces/ENG/pages/45645877/Enable+the+Notorious+Plugin+Replacement+for+Kaltura
- Navigate to the inbox and open the compose modal
- Click the "add media comment" button on the bottom left of the
compose modal
- record or upload a media file
- The media uplaod should display below the rest of the header inputs
- Click the x button to remove the media comment
- Create a conversation with a media comment
- Inspect the graphql response and note the presence of the media comment
Change-Id: I6a9af8f1d0ba6473ee8262a148ccd5561dda1336
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/275995
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Reviewed-by: Drake Harper <drake.harper@instructure.com>
Product-Review: Drake Harper <drake.harper@instructure.com>
QA-Review: Drake Harper <drake.harper@instructure.com>
closes VICE-1037
flag=none
The purpose of this ticket was to consolidate the mostly
duplicate logic of the conversation controller
and graphql api for conversations#add_message.
TEST PLAN:
1. Look over the conversations controller#add_message
2. Look over the conversations mutation add_message.
3. Look over conversations_helper#process_message and
validate that it propery consolidates the add_message
functionality.
4. All the specs pass
Change-Id: I6799e7338779dd30df01e1deb60c5fce76473165
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/267589
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Matthew Lemon <mlemon@instructure.com>
QA-Review: Matthew Lemon <mlemon@instructure.com>
Product-Review: Matthew Lemon <mlemon@instructure.com>
fixes FOO-1504
flag = none
pseudonym.works_for_account? should only be called with a root account,
but it had the potential to be called with a subaccount here.
test plan:
- create a consortium parent -> root account -> subaccount hierarchy
- enroll an admin in the consortium parent
- create a theme with custom javascript in the subaccount
- visit the subaccount as the admin
- the custom js should run
Change-Id: I340d7ba2993ba63bad27d624efd0ce73931e2c9a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/275525
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Charley Kline <ckline@instructure.com>
Product-Review: Charley Kline <ckline@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
This commit will load the correct plannable items into the planner
when an observer is selected; a successive commit will filter missing
items and planner overrides.
closes LS-2700
flag = k5_parent_support
Test plan:
- Open k5 dashboard as an observer with multiple linked students
and student enrollments of their own
- Switch between students in the observer picker
- Expect to see items only from courses where the selected student
has enrollments
- Expect this to work the same way on the subject schedule tab
- Expect the planner to work as before with the flag off
Change-Id: I2612707c24e6c42110120c7cbdc26369539bb94d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/275538
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Nate Armstrong <narmstrong@instructure.com>
closes LS-2609
flag=k5_parent_support
The code never checks the flag, but if the flag is off, the necessary
UI won't be rendered.
test plan:
Be logged in as an observer with a couple observees
Test that the right cards are loaded if the cookie points to an
invalid user:
- in devtools, change the value of the k5_observed_user_for_<your_id>
cookie to a number that's not an observer
- refresh
> expect the observed user to be the first in the list, their course
cards are in the dashboard, and their id is reflected in the cookie
Test that the dashboard cards reflect the selected student
- select a different student from the observee dropdown
> expect the newly selected student's course cards to be in the dashboard
Test that the dashboard cards and dropdown reflect the newly paired tudent
- in another browser, when logged in as a student, from
/profile/settings, click "pair with observer" and get the code
- back as the observer, select "Add User" from the dropdown and
enter the pairing code
> expect the dropdown to select the new student
> expect the dashboard to show the new student's course cards
Test that the cookie is deleted if you remove the currently
observed student
- go to the observer's /profile/observees
- click "remove"
> if you removed a student that's not the current observee,
the cookie remains intact
> if you removed the current observee, the cookie is deleted
Change-Id: Id1f705d68f9374536d62abbde67a5c3468d19bfd
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/275351
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
QA-Review: Jackson Howe <jackson.howe@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
So that observers' currently selected student is correct even when
masquerading or using the same browser session as another user.
closes LS-2688
flag = k5_parent_support
Test plan:
- Visit the k5 dashboard as an admin who is linked to several
observed students
- In the observer picker, select a student that nobody else observes
- Log out and log in (same browser session) as another observer
(i.e., one who doesn't observe the student selected earlier)
- Expect the dashboard cards to load normally with no errors
Change-Id: I38c268e28392bf40ecee4737038700cf8ddaf953
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/274831
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jonathan Guardado <jonathan.guardado@instructure.com>
QA-Review: Jonathan Guardado <jonathan.guardado@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
so that public k5 courses work properly.
flag = none
fixes LS-2684
Test plan:
- Make a public k5 course
- Log out and visit that course
- Expect it to load without error
Change-Id: If7f65968a2182c9ca48bf7bc5f5408468d3bebe1
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/274898
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
Just let cloudfront compress the assets for us. It can handle the brotli/gzip
switching natively now.
Change-Id: I3416d428403f0bfbec5a575ff1c095d2342a5e4c
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/247818
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Sort the user names after querying users from multiple shards to
prevent a OrderOnMultiShardQuery error.
fixes LS-2677
flag = none
Test plan:
- Enable siteadmin FF: Canvas for Elementary: Parent Support
- Create a k5 course, enroll a student, enroll an observer, and pair
the student/observer
- Create a student on a separate trusted shard and enroll this
student in the same course
- Pair the same observer with this cross-shard user
- As the observer, open the dashboard
- Expect both students to appear in the observer dropdown with no
errors
Change-Id: If005035e5be09fee8e25c8e44235ba8b21ca3355
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/274674
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Luis Oliveira <luis.oliveira@instructure.com>
QA-Review: Luis Oliveira <luis.oliveira@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
* check read_roster first, as it's the mostly likely permission that a
user will have, and if they don't, they won't have _any_ permissions,
so you only need to check the one
* for course_section_visibility, we don't care about the difference
between :full and :limited, so pass that hint along so that we don't
need to check any more permissions deep inside if we already know they
can read_roster, and that they're not section limited
this is an optimization for planner, to avoid checking lots of permissions
in the common case of being passed courses that we can access, but only
needing to know the sections we can see in that course
Change-Id: I1ac7f98e5a825233569acf517d166fd38b1d8bfe
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/271732
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
In addition to the existing rules for showing the notification
settings prompt, never show the prompt to users who have active k5
enrollments and have only student-type enrollments.
closes LS-2607
flag = none
Test plan:
- Do the following for these types of users:
* a user with all student enrollments (k5 courses)
* a user with at least 1 teacher enrollment (k5 courses)
* an admin
- Satisfy the unrelated notification prompt prerequisites by
running the following:
* `user.features_used = ''`
* `user.save!`
* `user.pseudonyms.first.login_count = 1`
* `user.pseudonyms.first.save!`
- Open the k5 dashboard
- Expect the first user (student only) to not see the
notifications prompt, and expect the remaining users to see it
Change-Id: Ica3d380a745df6d1f827302796c737330ba4bac9
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/273187
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
refs FOO-2226
flag = granular_permissions_manage_assignments
I originally intended to keep the original manage_assignments permission
and use it when the flag was on for edit/manage specific permissions,
but this made labeling and documentation difficult, especially since our
rollout strategy for this flag is gradual rather than all at once. So
this commit shifts gears to create a separete granular edit flag and
only use the old permission when the flag is off.
test plan:
- labeling and documentation on the account permissions page should be
clearer and make more sense
- everything should continue to work as before
Change-Id: I93e4cbe0daa319217e17007e3391f905f1a9d77d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/273020
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
closes QUIZ-8352
flag = new_quizzes_skip_to_build_module_button
Test Plan:
- Turn on the feature flag (site admin)
- Navigate to the modules page for a course
which has new quizzes.
- Click on the kebab menu for the new quiz.
- Build option should be present.
- Clicking build should open up the NQ build
screen.
Change-Id: I881bc96e2a67f3cc92d565a237be0bf6fea77b74
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/272010
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jorge Arteaga <jorge.arteaga@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
it natively works as a normal where condition in Rails now
Change-Id: I74e6990e583bfd54bf4bd6c86fd5e00051818b99
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/271671
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Place the same parent picker currently on the k5 dashboard within
k5 subjects as well. Only shows enrollments that exist in the
current subject.
This also moves the logic for calculating the users that appear in
the picker to the server, so that we have instant access to the
picker once the js renders and can preload the correct dashboard
cards. Uses a cookie for saving the selected user (so the server
can get at that too). The query to fetch observed users is cached
and run against secondaries.
Also tweaks the subject header to remove Student View button on
small screens, since the button exists in the mobile nav header.
closes LS-2480
flag = k5_parent_support
Test plan:
- Open dashboard as a user who is observing a few students and
who has (at least) one enrollment of their own
- Expect picker to show their name
- Open the subject where they're enrolled as student/ teacher
- Expect picker to still show their name
- Open a subject where they're observing
- Expect picker to pick first (alphabetically) observer
- Expect picker in the subject to be searchable and switchable
just like on the dashboard
- Expect selected user to persist when moving between dashboard
and subjects (as long as the selected user is available in that
subject)
Change-Id: Iccf5114735e2d600cc70b41934ab8c1cf9647b11
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/271360
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
closes FOO-2226
flag = granular_permissions_manage_assignments
Split manage_assignments_add and manage_assignments_delete off from the
main manage_assignments permission.
These permissions control more granularity for adding and deleting the
following types of content:
- Assignments
- Assignment Groups
- Quizzes
- Question Banks
- Questions within Question Banks
- Live Assessments
test plan:
[ with the flag off ]
- Smoke test creating, editing and deleting assignments, assignment
groups, quizzes, and question banks.
- It should all work as before.
[ with the flag on ]
- Create roles that have only the add permission, only the manage
permission, and only the delete permission.
- With those three roles, as well as with a role with all permission,
try creating, editing, and deleting assignments, assignment groups,
quizzes, and quesiton banks.
- It should make sense with the role.
Change-Id: I06505509e55e7ac6c3b5ef1c688ef1353e2045d8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/271290
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: August Thornton <august@instructure.com>
The controller was not properly handling the `web_conference` param when
supplied as part of a request to create a recurring event.
fixes LS-2495
flag=calendar_conferences
test plan:
- enable the calendar_conferences feature flag
- navigate to the calendar page
- begin creating an event for a course, and click "More Options"
- enable the "Duplicate" option to duplicate the event
- submit the event, and verify that the submission is successful
- enable BBB (or another conferencing plugin), if not already enabled
- repeat the steps above, but this time enable a conference for the event
- additionally, enable "Number each event" for the duplicate events
- verify that the event submission is successful
- navigate to the course, and verify that the newly created conferences
are named correctly (incremental naming)
- also verify that the newly created conferences each have correct dates
Change-Id: I9c1b89ec96e34de66b80ff5e0f20c7ef58f56d9a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/270803
Reviewed-by: Robin Kuss <rkuss@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
- not directly related to the RCE, but now preload the
3 lato-exended font variants likely to be used
on the page. this keeps font loading from blocking
- the big change is to make it possible to limit the number
of RCEs that will fully render on page load. This should
address the loading issues for quizzes with many essay questions
(the sample quiz from Harvard had 30 + other questions)
For now, the necessary property is only being set on the
take-quiz page
closes: MAT-355
flag=rce_enhancements,flag=rce_limit_init_render_on_page
test plan:
account flag.
- create a legacy quiz with > 5 essay questions. Feel
free to have other questions in there too if you like
- preview or take the quiz
> expect all 6 RCEs to be created on the page
- you could use React dev tools or
document.querySelectorAll('.rce-wrapper').length === 6
- turn the "RCE Limit number of RCEs initially rendered on th page"
account feature flag on
- take the quiz again
> expect only the first 5 RCEs to be fully rendered
- scroll down to the bring the 6th into view
> expect it to be fully realized
- while scrolled to the bottom, refresh the page
> not that the 6th RCE is in view, expect it to be
fully realized also
Change-Id: Idd76a56c4ea69e45a4f1cc28e3cd8561b40c2403
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/270075
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Jon Scheiding <jon.scheiding@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
closes EVAL-1555
flag=annotated_document_submissions
Test Plan 1:
1. Create a student annotation assignment.
2. As a student, go to the assignment (make sure the 'Assignment
Enhancements — Student' feature flag is disabled). When the
page loads, you should see the document for annotating; you should
not see a "Start Assignment" button like you normally would.
3. Click "Cancel", and verify the "Start Assignment" button shows up
and the document is hidden. Then click "Start Assignment" and
verify the document shows back up.
4. Make some annotations and then submit to the assignment. Then go
back to the assignment page. Verify the document is _not_ shown
and that if you click "New Attempt" the document shows up.
Test Plan 2:
1. Create an assignment that allows 2 types of submissions: text entry
and student annotation.
2. As a student go to the assignment (make sure the 'Assignment
Enhancements — Student' feature flag is disabled). When the page
loads, you should see the document for annotating. The
'Student Annotation' tab should be the first tab, and the 'Text
Entry' tab should be the second tab.
Test Plan 3:
1. Create a student annotation assignment.
2. In ui/features/submit_assignment/jquery/index.js, modify the
POST request so that it will always fail (I changed
'/api/v1/canvadoc_session' to '/api/v1/canvadoc_sessionx').
3. As a student, go to the assignment (make sure the 'Assignment
Enhancements — Student' feature flag is disabled). When the
page loads, you should see the 'Student Annotation' tab, the
content should read 'There was an error loading the document.',
and there should be a "Cancel" and "Submit Assignment" button.
Click the "Cancel" button. The tab content should go away and
a "Start Assignment" button should appear in the top-right.
Change-Id: I45ad44658d954a96205e591aaf80b992ed422545
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/270127
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Jody Sailor
Reviewed-by: Kai Bjorkman <kbjorkman@instructure.com>
Reviewed-by: Adrian Packel <apackel@instructure.com>
QA-Review: Kai Bjorkman <kbjorkman@instructure.com>
closes FOO-1766
flag = none
[fsc-max-nodes=18]
[fsc-timeout=30]
Test Plan:
- Run the migration and make sure there are no errors
- Some things to check:
* How it acts as a teacher, student, and public user
in course files/folders and personal files/folders
with the various settings above toggled to different states
* How it acts as a teacher, student, and public user
in discussions, modules, content migrations/import/exports
(RCE should behave similarly throughout the site)
* Should only be able to upload or add folders if the
Course Files - add permission is enabled for the user's role
* Should only be able to manage file access, usage rights, move,
or rename course files/folders if the Course Files -
edit permission is enabled for the user's role
• Check Toolbar header at the top of Course files
• Check Cog (hamburger menu) to the right of each file/folder
• Check Usage Rights Indicator under usage rights column
that can be found in course and group file pages. This can
be enabled under course settings if not available
* Should only be able to delete course files/folders if the
Course Files - delete permission is enabled for the user's role
* Any given user/role should have full access to their respective
personal files/folders regardless of granted permissions. The
same also applies to a group context with some caveats
• Should not be able to modify file access in a group context
• Should not be able to modify usage rights in personal files
* A student enrollment not granted any file permissions (the default)
should only be able to _view_ and _download_ files unless granted
additional access from an authorizing role
* REST API works as expected
* UI works as expected with no additional javascript errors
Change-Id: I5e7f717494d658e6c8ec9be8a8039015afcebc63
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/262775
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
QA-Review: Ahmad Amireh <ahmad@instructure.com>
Product-Review: Ahmad Amireh <ahmad@instructure.com>
closes MAT-270
flag=none
There were some areas where the presence of a Crocodoc configuration
would change the behavior of a page, but the presence of
configuration is not useful because, in some instances, we have
configuration that's actually not really enabled, and in other
instances, completely empty configuration. This patchset changes the
inline preview feature to assume previews are enabled since we use
DocViewer now.
Test Plan
- Enable the RCE Better File Previewing site admin flag.
- Ensure that there is no Crocodoc configuration in
`${your_canvas.local}/plugins.
- Disable the Google Doc Previews setting under the root account's
settings.
- Upload a document to the course folder.
- Create a Page, with the document there linked in the RCE.
- Change the link option to have inline previews.
- Visit the Page.
- Verify that clicking the linked document opens it as an inline
document rather than in a new tab.
Change-Id: Ic75c95e7e61715460a67f83f9474d2e0f8b178b1
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/268804
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Gary Mei <gmei@instructure.com>
0 is truthy in Ruby
test plan:
- in an account that enables the faculty journal,
with a teacher that has permission to use the faculty journal,
send a message to a student in a course.
- a faculty journal entry should be created only if
the "Add as a Faculty Journal" entry box is checked
flag = none
fixes LS-1798
Change-Id: If275649439ebbefafcc4b17ed0902d9d10acd5bc
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/267882
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
There are instances where @context is undefined in the feature
helper. This updates the method to take a passed context and
default to the class define context.
fixes QUIZ-8516
flag=new_quizzes_account_course_level_item_banks
Test Plan:
1. specs pass
2. open up the broswer dev console for your local canvas
3. Run `fetch('http://canvas.docker/api/v1/courses?include[]=tabs'}`
4. You should not get an error.
Change-Id: I331e921f626651244738ca6bc7d7007f06d30d9a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/267422
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Stephen Kacsmark <skacsmark@instructure.com>
Sends flag to Canvadocs indicating whether annotation
notifications should be sent back to Canvas
Test plan:
- As teacher: Create student annotation assignment
- As student: click "Start Assigment"
- Inspect the iframe url
It should include disable_annotation_notifications%22:true
- Submit assignment
- Launch same assignment as student under submission details
disable_annotation_notifications should be absent in iframe url
- As teacher: Launch SpeedGrader
- disable_annotation_notifications should be absent in iframe url
Refs EVAL-1715
Refs EVAL-1692
flag=annotated_document_submissions
Change-Id: Ifb3d08e288326861c564fcd978078c6060863870
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/266190
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Syed Hussain <shussain@instructure.com>
QA-Review: Dustin Cowles <dustin.cowles@instructure.com>
Product-Review: Aaron Shafovaloff <ashafovaloff@instructure.com>
flag = none
Test Plan:
- Verify the Quizzes 2 Item Banks Placement does not appear
in the tabs api when the relevant feature flag is disabled
- Verify the Quizzes 2 Item Banks Placement does not appear
in the courses/<id>/settings Navigation tab when the
relevant feature flag is disabled
Change-Id: I1c333322c7957642264a78dfa11cefe3e72a524e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/266796
Reviewed-by: Han Yan <hyan@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Stephen Kacsmark <skacsmark@instructure.com>
test plan
- have a discussion topic in a course
- in rails console assign the topic to a variable like dt
- create an entry for a user like
de = dt.discussion_entries.new(user_id: 5, message: "hello")
me = de.mentions.new(user_id: 6, root_account_id: dt.root_account_id)
de.save!
- it should generate a stream item for user 6
closes VICE-1254
flag=none
Change-Id: I264716d570d19057cb3b9fd69657b530b770f8ec
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/266057
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Drake Harper <drake.harper@instructure.com>
QA-Review: Drake Harper <drake.harper@instructure.com>
Product-Review: Drake Harper <drake.harper@instructure.com>
fixes FOO-2013
test plan:
- With the feature on, an ajax request should be made to /release_notes/unread_count
- When opening the tray, an ajax request should be made to /release_notes/latest
- With the feature off, the above should not be made
Change-Id: I2ae7020f8bf21d66aa842a164e86363e10bf4b5d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/265844
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Creates a helper in the application_controller called `k5_user?` which
returns true iff the user is associated with any k5 accounts. Also sets
a JS_ENV variable called :K5_USER with the value of ks_user?. Renames
other JS_ENV variables to :K5_HOMEROOM_COURSE and :K5_SUBJECT_COURSE for
clarity. Also removes references to 'k5_mode', replacing with calls to
k5_user? or calls on the Course model for clarity.
use_k5? is cached since it is frequently referenced. The cache key is
cleared for each user in the account when k5 mode is toggled by an admin
or when enrollments are adjusted. It is also set to expire after 1 hour,
which might not be necessary. Cache is not invalidated when the k5 flag
is toggled since the flag is being removed.
The user dashboard and global nav states are dependent on use_k5? Shows
`Subjects` instead of `Courses` and `Homeroom` instead of `Dashboard` in
the global nav when k5 is on. Also filters homeroom courses out of
course list when k5 is on.
closes LS-1827
flag=canvas_for_elementary
[fsc-max-nodes=20]
[fsc-timeout=40]
Test plan:
- Login as a teacher enrolled in at least one course in a k5 account
- Expect to see k5 dashboard
- Expect to see `Subjects` and `Homeroom` (with home icon) in the
global nav (and in the mobile global nav)
- Toggle the courses/subjects tray in global nav and expect to see
only references to Subjects
- Open /courses/ and expect the page heading to be `Subjects`
- Browse through the course and expect it to look normal (w/ Balsamiq)
- Switch to a student and expect the above to be true, plus the courses
list should not include homeroom courses
- Disable k5 for the account and return to teacher or student
- Expect to immediately see classic canvas nav, dashboard, and courses
again
- Test caching by placing a log statement (i.e.
`p "K5 Cache: uncached"`) in ApplicationController#uncached_use_k5?
- Run `redis-cli FLUSHDB`
- Navigate around canvas; expect to see the log statement only once in
the logs until toggling k5 mode or adding the first k5 course to a
user
Change-Id: Iec970c939b976d10eee13d40b7bf68f601d8178e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/265239
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
closes QUIZ-8391
flag=new_quizzes_account_course_level_item_banks
test plan
- make sure you have course and account navigation placements
for your Quiz LTI tool
- the account Quiz LTI placement should not appear in the
admin account page
- the course Quiz LTI placement should not appear in the course page
- enable the SiteAdmin FF new_quizzes_account_course_level_item_banks
- make sure New Quizzes is also enabled
- the account Quiz LTI placement should appear in the admin account page
- the course Quiz LTI placement should appear in the course page
- turn the New Quizzess FF off
- the Quiz LTI placements should not appear
Change-Id: Ia14251aaa3e5585cf9e868d71b7b96a5e97dbbfe
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/264244
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
fixes FOO-1824
flag = none
[pin-commit-analytics=7f2f049830a11e43f4a5d0031e3c4ecc3145ccdb]
[pin-commit-instructure_misc_plugin=9b505159130c0724ce6bcbb75d07d40ff16a1961]
read directly from gems/plugins/* instead of symlinks
- dropped dead brandable_css config property "all_sass_files"
- webpack test runner now generates a file that runs all plugin spec
files (from spec_canvas/coffeescripts)
test plan: you can remove your symlinks and still survive!
Change-Id: I0206c2d827aa9f59b0374b21f0863443dff3be0f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/262346
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Michael Ziwisky <mziwisky@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
Test plan:
- As teacher: Make an assignment with Student Annotations
- As student: Launch that assignment as a student
- iframe should launch properly
Closes EVAL-1653
Change-Id: I9c146c025613c8f2022ed37eba19db6b021a0c94
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/264929
QA-Review: Aaron Shafovaloff <ashafovaloff@instructure.com>
Product-Review: Aaron Shafovaloff <ashafovaloff@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Adrian Packel <apackel@instructure.com>
This change replaces the normal course nav tabs in the Navigation
section under course settings with the tabs/LTIs that appear on the
home page when in a subject course. It introduces a new option
`course_subject_tabs` to `course#tabs_available` that determines
whether course nav or subject nav tabs should be returned.
closes LS-2176
flag = canvas_for_elementary
Test plan:
- Log in as an admin or teacher
- Set up a course with a couple of LTIs available. Start with the
canvas_for_elementary flag off or the account K-5 setting off.
- Go to the navigation section in the course's settings and move the
tabs around a bit, then save. Move one of the LTIs to the top or
near the top (above modules / grades). Potentially hide one or two
of them.
- Turn K-5 mode on for the course's account.
- Go back to the navigation section in the course's settings, and
expect to only see "Home", "Schedule", "Modules", "Grades", and
the LTIs. Expect the order and hidden/shown state to be preserved
from before, except that "Home" and "Schedule" should be the first
two tabs. Also expect the LTIs to always be at the bottom.
- Move the tabs around and show/hide some, and expect them to
persist this configuration when saved. Expect LTIs to always
appear at the bottom of the show/hide sections.
- Expect the course nav in the sidebar to always be the default and
be unaffected by the changes you're making the navigation settings
- Turn K-5 mode back off for the course's account.
- Expect the order and show/hide configuration of the "Modules",
"Grades", and LTI tabs to be preserved. Expect "Home" to be at the
top and "Schedule" to be gone.
Change-Id: I48c662596431b18339482ba294fcd923ced6a230
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/264226
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
QA-Review: Jackson Howe <jackson.howe@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
closes FOO-1745
flag = granular_permissions_manage_courses
test plan:
• see g/261805 for test plan
Change-Id: I683db559d923b93b8dfb9cfd7552d90a15a48ff9
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/261094
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: August Thornton <august@instructure.com>
fixes: EVAL-1465
flag=none
Test Plan:
1. Set up a course with a differentiated assignment
2. Set the assignment to be available to a single section
3. Set a due date for that section
4. Confirm Speedgrader displays the due date for that assignment
Change-Id: Ic81be443aaf6bf3451443a972e1ec265d61e83c0
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/262552
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Adrian Packel <apackel@instructure.com>
QA-Review: Syed Hussain <shussain@instructure.com>
Product-Review: Syed Hussain <shussain@instructure.com>
closes QUIZ-8341
flag=none
test plan:
- set root account level NQ to disabled but unlocked (allowed)
- set course level NQ FF to disabled
- on course import page, "import to NQ" should be hidden
Change-Id: I95246fe3e19ee2f4aceedfdd0f057790cab30a67
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/263150
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
closes EVAL-1590
flag=annotated_document_submissions
Test Plan:
1. Create a "student annotation" assignment.
2. As a student, before submitting go to the student grades page and
notice that the 'Score' column for the assignment shows '—'.
3. As the student, submit to the assignment.
4. As the student, go to the grades page for the course. Notice that
the 'Score' column for the assignment shows an 'annotate' icon (a
piece of paper with a pencil).
5. As the teacher, grade the student in SpeedGrader.
6. As the student, go the student grades page. Verify the icon is no
longer there and the score has taken its place.
Change-Id: Ifeb554e5fce73ff201b6b04f48d56ada5f41401d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/263023
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Eduardo Escobar <eduardo.escobar@instructure.com>
Reviewed-by: Adrian Packel <apackel@instructure.com>
QA-Review: Spencer Olson <solson@instructure.com>
Product-Review: Jody Sailor
the RCE creates a MediaObject and then the conversations
controller creates a duplicate of it, because it interprets
"type" more broadly. the media id should be enough on its own.
test plan:
- have a working canvas/notorious setup
- enable the "autocreate attachments for media objects" feature
- send a conversation message to another user
- in your "Uploaded Media" folder in your user files, there
should only be one copy of the file, not two
(really, there should only be one MediaObject, not two)
closes LS-2038
Change-Id: I4478f7e261e04e6c773988bf4dafd4fa5d03bec2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/262440
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Robin Kuss <rkuss@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
fixes LS-1980
flag=none
test plan:
- Setting should be on for site admin
- Setting should be configurable at the account level
- All fullstory features should work as intended
Change-Id: Id3e2cb61308da7811e8b06980aa051e522ddbef4
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/261904
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Robin Kuss <rkuss@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Eric Saupe <eric.saupe@instructure.com>
closes QUIZ-8257
flag=quizzes_next
test plan:
- enable/disable quizzes_next, on Import Content page,
"Import assessment content as New Quizzes" option will
be shown/hidden
Change-Id: Ie0b88f1a3940a34512e0627e593258ddf100deb8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/261928
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
closes LS-2042
flag=canvas_for_elementary
done so far:
- disable < and > if nothing there
- include today in empty this week
- left-align missing items
test plan:
1. this week is empty
- have no assignments for the student due this week
- have assignment(s) due but not submitted last week (or earlier)
- load the k5 schedule tab.
> expect "Today" to be the only day shown, with "Nothing Planned Yet"
> expect the list of missing items to be below it.
> expect the list of missing items to be left-aligned
Extra credit: load in RTL and expect right-aligned
2. empty weeks show the balloons
- have some assignments in the future, but with an empty week between
now and then
- load the k5 schedule tab
- click the ">" next button
> expect the next week's assignments, unless it's a week with nothing
due, then expect the balloons.
- same going into the past.
3. prev/next buttons are disabled when there is no more
- have some assignments in the future and the past
- load the k5 schedule tab
- click the ">" next button until there are no more future items due
> expec the ">" button to become disabled
- ditto moving into the past
4. show an error when failing to load a new week
- have some assignments in the future
- load the k5 schedule tab
- disconnect from the network or kill the canvas server
- click the ">" next button
> expect an error alert
Change-Id: I40e0eedea1916740ab7ac8d7e0ce8b6f9d6ab296
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/261570
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
the issue was that it was checking for account assocations on one shard
when it is living on another. This simplifies to check on all the users
shards but scoped to the specific root_account from the where clause.
added spec covers the case
test plan
- have sharding setup
- have user from other shard as a sub_account admin
- go to /users/ at the sub_account level as the admin
- attempt to message the user
- it should not render invalid context error
fixes VICE-1183
flag=none
Change-Id: I02f1a29fd6882f8177eb7364a335c8da20b2fe22
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/260414
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Davis Hyer <dhyer@instructure.com>
QA-Review: Davis Hyer <dhyer@instructure.com>
Product-Review: Davis Hyer <dhyer@instructure.com>
Clicking this button did not actually submit the assignment.
"Submit Assignment" changes to "Start Assignment"
"Re-submit Assignment" changes to "New Attempt"
Test plan:
- As a student go to an assignment
- The button for beginning the assignment should read
"Start Assignment"
- The same button for subsequent attempts should read
"Re-submit Assignment"
Refs EVAL-1519
flag=none
Change-Id: I8025365d1b4624ceb5dcff19bff5bc6624df2c3d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/260264
Product-Review: Jody Sailor
QA-Review: Aaron Shafovaloff <ashafovaloff@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Syed Hussain <shussain@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
fixes QUIZ-8191
flag=new_quizzes_modules_support
flag=quizzes_next
test plan:
- enable new_quizzes_modules_support
- leave New Quizzes disabled/unprovisioned
- when using the "add content to module" modal to
create a quiz, the user should not see an option
to create a New Quizzes quiz
- with New Quizzes enabled/provisioned etc, the
user should see an option to create a New Quizzes
quiz in that modal
Change-Id: I183cbe366301a287ae48841757b358b1ba44a82e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/259649
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
closes LS-1939
flag=none
we moved the flag, but didn't update the checks.
test plan:
- enable new_math_equation_handling in site admin
- disable in your root account
- load any page but quiz edit or question banks in canvas
> expect ENV.FEATURES.new_math_equation_handling to be false
- enable the feature in your root account and load a page
> expect ENV.FEATURES.new_math_equation_handling to be true
- create a quiz,
- include a comment with a math equation from the eq editor
on one of the question answer's comments
- on the quiz' edit page, check "show question details"
> expect the equation in the answer's comment to be the
equation and not MathJax output
Change-Id: If85bc04733d9bbc4e3ee1676350f5411422198fc
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/259562
Reviewed-by: Jeff Largent <jeff.largent@instructure.com>
QA-Review: Jeff Largent <jeff.largent@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
[fsc-max-nodes=12]
[fsc-timeout=60]
* switch lots of parsing to Nokogumbo to keep things consistent
* deep CSS sanitization is now built in, and with a proper parser (meaning
we can drop our code to do it, and adjust some specs to account for things
that _are_ valid)
lots of changes because gumbo parsing<->serialization cycle is slightly different:
* better job preserving original whitespace
* literal non-breaking space characters are converted to entities
* <p> tags aren't inserted for the heck of it
* several _other_ entities are unnecessary, and output as literal characters
* some elements no longer have a closing tag
Change-Id: I7c5e36cbd04b8a05f64c9e0af00868dd6b00f4ce
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256444
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
closes LS-1750
flag=canvas_for_elementary
test plan:
- enable Canvas for Elementary feature in your account
- in /courses/:id/settings, check "Enable as homeroom course"
and click Update Course Details
> expect course pages to have only Announcements, People, Settings
in the course nav.
- turn the Canvas for Elementary feature in your account
> expect course pages to have all the course nav.
- enable the feature
> expect course pages to have only the 3 homeroom nav items
Extra credit:
- go to the homeroom course as a student
> expect only Announcements
- as the teacher, to to course settings, navigation tab
> expect to see only Announcments and People available
- make People visible to students
- as a student, refresh
> expect Announcements and People
Finally:
- uncheck the Homeroom checkbox in course settings
> expect all the nav items to come back.
Change-Id: I348e422b7160bf586cbb39777dd9f4bbe6b66bee
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/258655
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
fixes VICE-1005
flag=react_inbox
Test Plan:
- Have an existing conversation between several users
- Login as one of those users and navigate to /graphiql
- Run the following mutation:
```
mutation MyMutation {
__typename
addConversationMessage(
input: {
conversationId: <conversation_id>,
body: "This is a test",
recipients: [<recipient_id>]
}
) {
conversationMessage {
_id
attachmentsConnection {
nodes {
displayName
}
}
author {
name
}
body
conversationId
mediaComment {
_id
title
}
}
messageQueued
errors {
attribute
message
}
}
}
```
- The mutation should add a message to the conversation
Change-Id: Iba5a8901408d8d6acc80d629f2a89298c39fc4ac
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254849
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Caleb Guanzon <cguanzon@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Caleb Guanzon <cguanzon@instructure.com>
closes FOO-1314
flag=none
TEST PLAN:
1) try to publish a content tag in
with an assignment in a state like "duplicating"
2) you should get a 4xx and no sentry error
Change-Id: I8654402e4b4a7da0fdce6a2e471669449821b0aa
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254829
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Michael Ziwisky <mziwisky@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
fixes VICE-869
flag=react_inbox
TEST PLAN:
- have several users associated through a context (e.g. Course)
- Login as one of those users and navigate to /graphiql
- Run the following mutation:
```
mutation MyMutation {
__typename
createConversation(
input: {
recipients: [<other_user_id>],
body: "This is working!",
subject: "bingo bongo",
contextCode: <context_asset_string> # e.g. course_1
}
) {
conversations {
conversation {
subject
contextId
contextType
conversationMessagesConnection {
nodes {
author {
name
}
body
}
}
conversationParticipantsConnection {
nodes {
user {
name
}
}
}
}
}
errors {
message
attribute
}
}
}
```
- The mutation should run successfully and return the conversation
Change-Id: I2fb8ac1ee82a2c8a161586d279c56cd134121328
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/253984
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeffrey Johnson <jeffrey.johnson@instructure.com>
QA-Review: Jeffrey Johnson <jeffrey.johnson@instructure.com>
Product-Review: Jeffrey Johnson <jeffrey.johnson@instructure.com>
refs SAS-1610
test plan:
inst-fs thumbnail jwt tokens should have a "original_url" and "jti" claim
flag = none
Change-Id: I05c59584c8c165d358301d6d101545f4571a36f8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/255005
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
QA-Review: Nathan Mills <nathanm@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
fixes FOO-1211
flag=none
the `request.format` is unreliable -- it can be non-html even when the
app responds with html (follow the test plan below without this change
applied to see that). use the `response.mime_type` instead -- it's a
direct indicator of what we're responding with (which is what we
actually care about) as opposed to what the request asks for.
test plan:
- Enable CSP on your account.
- go to /accounts/self/settings, click Feature Options, enable Content Security Policy
- refresh, click Security tab in top nav, "Enable Content Security Policy"
- Create a classic quiz.
- Use HTML editor: input <iframe src="somewhere not in CSP"></iframe>
- Save and Publish the quiz
- Note that content is blocked.
- Append `?format=js` to the URL and load the page
- Note that although the content formatting is messed up, the content is still blocked
and the CSP header is attached to the response for the page.
Change-Id: I0f5c7bdb9aa605de482dc9f944d9c7e61f723836
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254699
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Michael Ziwisky <mziwisky@instructure.com>
fixes VICE-868
flag=react_inbox
TEST PLAN:
- navigate to /graphiql and run the following query
```
query MyQuery {
legacyNode(_id: <user_id>, type: User) {
... on User {
id
email
recipients {
contextsConnection {
nodes {
id
name
avatarUrl
permissions {
sendMessages
sendMessagesAll
}
userCount
}
}
usersConnection {
nodes {
name
commonCoursesConnection {
nodes {
type
course {
name
}
}
}
commonGroupsConnection {
nodes {
name
}
}
}
}
}
}
}
}
```
- The query should return some results
- You can also play around with pagination to ensure that works
as well
Change-Id: I63666a7225e3ac051990f24c11199a9a40569edc
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/253043
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
refs FOO-1273
flag=none
masquerade to see all custom assets
TEST PLAN:
1) visit a custom assets account as siteadmin
2) custom css and js should not render
3) masquerade as a user
4) both custom css and js render
Change-Id: I15c9aa00667d3709656566a76f5fc4ea6cb6828e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254357
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
closes FOO-1273
(unless there's no JS, then it
can't hurt)
TEST PLAN:
1) visit a custom assets account as siteadmin
2) custom css and js should not render
3) masquerade as a user
4) both custom css and js render
Change-Id: I55fc0baef4062598a611e9428fb13d16934a4f4d
Change-Id: Ib5c9b7d64a107d94e485c6076391a032590c41da
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254328
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Charley Kline <ckline@instructure.com>
QA-Review: Charley Kline <ckline@instructure.com>
Product-Review: Charley Kline <ckline@instructure.com>
refs FOO-1264
TEST PLAN:
1) visit an account with custom JS as a siteadmin
2) you should not get custom JS in your page
3) masquerade as a user on the account
4) you should see custom JS
Change-Id: I571f2d3d35ccd295d52c03f13b1f861a4ec71c29
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/254148
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
closes LS-1639
flag=none
The change to SyllabusBehaviors puts code back that existed
before the new math handling was introduced, and should have
been behind its flag.
If the new_math_equation_handling flag is on, turn it off if
we're editing a quiz, and skip having the backend inject the
hidden mathml, which is part of the legacy equation handling.
test plan:
=== With the new math_equation_handling flag off ====
- create a quiz, add a multiple choice question with an equation
as an answer
- save the question, save the quiz
- edit the quiz, edit the question, do not edit the answer
> look at the DOM. there should be no moe than 1
<span class="hidden-readable">
just after the equation image in the answer
- save the question, save the quiz
- preview the quiz
> expect just 1 <span class="hidden-readable"> in the DOM just
after the equation image
- no combination of edit, save, edit, ... should cause > 1
<span class="hidden-readable">
after the equation image
=== with the new_math_equation_handling flag on ===
- preview and edit the quiz you created with the flag off
> expect it to look A-OK
- create a new quiz
- use the rce's equation editor to put an equation everywhere
you can possible think of in a quiz
- the text
- answers
- comments on the answers
> expect the equations to look right no matter what
- edit the quiz and all the places where there are equations
> yep still ok
- save the qustion
> still ok
- save the quiz
> still ok
- preview the quiz, to completion to see answer comments
> looks good _and_ equations are mathjaxified
- edit everything again
> still looks good everywhere
Change-Id: I1319d007509f6e8cbc9c9af81e3939e365b0fa92
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/253507
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
closes OUT-4014
flag=improved_outcomes_management
test-plan:
- Enable account and course mastery scales FF
- With Improved Outcomes Management FF Enabled
- Go to Account > Outcomes
- You should see a header with Outcomes title and 3 buttons
- Click on Import Outcomes button and verify that
import modal appear
- Go to Course > Outcomes and repeat the process
- With Improved Outcomes Management FF Disabled
- Repeat the process and verify that the header disappears
Change-Id: I8c7a99e50982b3203c240a95ecd641484078f871
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/253127
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Chrystal Langston <chrystal.langston@instructure.com>
Reviewed-by: Pat Renner <prenner@instructure.com>
QA-Review: Pat Renner <prenner@instructure.com>
Product-Review: Pat Renner <prenner@instructure.com>
Change-Id: I32e51e2a33391981c6955fa3a2c978c8f5d19231
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/253001
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
Change-Id: I7f40ed058b50882121da69f0cb05966854b8e920
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/250924
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
closes: LS-1265
flag=new_file_url_rewriting
- gets the verifier, if present, forwarded to the view ping-back url so
it doesn't fail for one student viewing another student's file.
Before, when clicking on a pdf and viewing it in canvadoc, the viewing
of the file succeeds, but the ping-back to log access failed with a
401. The pin-back now succeeds.
- gets the verifier added to the iframe src when the file is being
viewed locally. You'll see this when stud1 views a .txt file from
stud2. plain text files aren't canvadoc viewable, so they're viewed
in a vanilla iframe.
- stops rewriting non /preview file URLs as download URLs.
?download_frd=1 is reserved for that. Before, when users deleted
"/download" from a link using the html editor in the RCE, canvas put
it back. Not any more. They shouldn't need to any more either,
since...
- updates the RCE so links to files do not include /download in the
URL. When clicking on a file in the tray, the generated link no
longer incfludes /download (and canvas won't put it back)
Embedded images use /preview. Using Image Options to convert the
image to a link removes /preview, and no longer replaces it with
/download.
There's some weird file URL handling on in canvas. If the URL is
/preview, it is not logged as a page view. There are comments
indicating that /download will log access, though not always actually
download the file, and that download_frd is used for that. I found
this to be hard to confirm, /download seemed to download for me a lot.
It might be in conjunction with wrap=1, or the inline class name?
This change sets the "new_file_url_rewriting" flag, which enables
these changes, to on in ci and dev.
This change scares me a little and I really want to know that it's
OK.
test plan:
- ensure new_file_url_rewriting is enabled (which it should be
unless you're in test or prod environments)
- it's nice to have canvadocs enabled too
- do everything you can think of that revolves around files/attachments
and make sure it still works. No, I/m not kidding
- link files in the RCE
- try file types that will be viewed in canvadocs (.pdf),
in google docs (.rtf), and in a vanilla iffame (.txt)
> expect clicking on the link to open the file in another tab
- embed images in the RCE
> expect the image to be shown, and the <img src> to be /preview
(when loading a page with an image, the image will not show up in
recent history, if that's on)
- using Image Options, convert an image to a link
> expect the image to be displayed in a new tab when the link is
clicked
- link a file, then add "download_frd=1" to the href's query_string
> click on the link and expect the file to be downloaded, not viewed
- I think there's some special handling WRT student submissions, so
try all ^that in a submission.
- All ^that should work if student1 links/embeds user files and
images, then
> expect student2 to be able to view them all
(discussions are good for this)
> expect existing content behavior to be the same as it ever was.
Change-Id: Ieae7e4daf549ececb982007b6ce97c8c091c099c
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/249094
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
closes OUT-3768
flag=account_level_mastery_scales
Test plan:
with account_level_mastery_scales on and off
- verify account and course outcomes page can be viewed
- verify outcomes can be viewed, created, edited, deleted
- when FF is on, view and form should not include rubric
criteria or scoring method
- when rubrics are aligned
- verify changing outcome prompts warning that
aligned rubrics will be updated
- when aligned rubric is assessed
- verify that the "some students have been assessed" warning
appears when FF is off
- verify warning does not appear when FF is on, because
we will not be updating scoring params
- on rubrics page and assignments page
- verify that outcome scoring details are still displayed
when choosing an outcome in the "Find Outcome" dialog
(when creating/editing a rubric)
- when FF is off, this data should come from the outcome
- when FF is on, this data should come from the mastery
scale if present
- on question banks page
- verify as with rubrics, when aligning an outcome to a
question bank
Change-Id: Ia1e7cb6f53a341121ca8b94d23a2801c331ce533
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/245151
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Pat Renner <prenner@instructure.com>
Reviewed-by: Augusto Callejas <acallejas@instructure.com>
QA-Review: Brian Watson <bwatson@instructure.com>
Product-Review: Jody Sailor
test plan:
- enable Direct Share feature
- ensure Canvas jobs are running
- on the modules page, select the kebab menu next to a module
and choose "Copy To...", and ensure the module can be
copied to another course
- on the modules page, select the module kebab menu and
choose "Send To...", and ensure the module can be sent
to another teacher in the account
- As that teacher, ensure the module can be imported
into a course
- on the modules page, select the kebab menu next to module
items of all shareable types (assignments, discussions,
pages, quizzes) and ensure "Copy To" and "Send To" work'
(and module items other than these types do not have the
options available)
- repeat the previous step using newly added objects
(that were added to the module after the page load,
without reloading the page) and ensure "Copy To" and
"Send To" appear and work for the four types given,
and do not appear for all other types
- with the direct_share feature turned off, "Copy To"
and "Send To" do not appear in the menu for existing
or newly created items
flag = direct_share
closes LS-1254
Change-Id: If44f9e3a7b364828caa71bb49b9e9ec37433f70f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/244185
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
- should ignore rules on the modules page if all the
associated assignments are deleted (so the rule is empty)
- should not block module progression if an unlocked
assignment is unpublished (and thus not visible)
test plan:
* set up a mastery paths trigger assignment
(easiest would be a quiz) with a score range
releasing two items
* unpublish one of the items to be released
* add all items to a module
* as a student, take the trigger assignment
and get the required grade to unlock the items
* should be able to continue through the
module progression "Next" button
on the bottom of the trigger assignment page
* now delete the unlocked items
(so the trigger assignment doesn't unlock anything)
* it shouldn't show a message to new students
that their progress is blocked until the empty trigger
assignment is graded
refs #LS-1270
closes #LS-1282
Change-Id: Id88c55c1561c3c813556177a76015a8a0d42dde6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/244508
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
fixes FOO-745
test plan:
- `Setting.set('web_app_manifest_url', '/web-app-manifest/manifest.json')`
- load any page
- the manifest.json returned should have a valid icon path
- the corresponding call to fetch the icon should succeed
(/dist/images/apple-touch-icon-XXX.png).
- upload a custom mobile icon to your account theme.
- it should be returned correctly in the manifest.json
Change-Id: Icae019f41c64291c45a6c9c37796a4cb29f272aa
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/243732
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
QA-Review: Ahmad Amireh <ahmad@instructure.com>
Product-Review: Ahmad Amireh <ahmad@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
this commit removes Canvas's ability to talk to the
conditional_release service. before applying this patch set,
if you have data stored in a conditional_release service, run
the following to import its data into your canvas database:
ConditionalRelease::Assimilator.run(root_account)
test plan:
- smoke test all mastery paths functionality (editing,
unlocking, path selection, mastery path stats)
closes LS-1071
Change-Id: I2e33129a5af50c1b92ba8ba7a233e0a3ad66ecc4
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/242961
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Test plan:
-verify planner is always enabled when a student has an enrollment
flag=none
fixes VICE-331
Change-Id: I6ffb90de94737d01afbac36eee0f36a967ace179
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/242462
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Davis Hyer <dhyer@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Davis Hyer <dhyer@instructure.com>
test plan:
* navigate to any course
* inspect the "section-tabs" element
* if the course is visible to students, there will be no title
attribute.
closes LS-1206
flag = none
Change-Id: Ib710eb32f26b7e6e2381c79e883ae935e034a4c8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/242686
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
fixes FOO-692
flag = none
note that we don't support controlling these settings through the API
since it's not part of the requirements
\ test plan \
\ --------- \
- as a site admin, verify you can toggle Google Analytics and FullStory
for a root account other than the siteadmin account (details below)
- as an account admin, verify you do NOT see the privacy controls
=======================================================================
If you want to fully QA this, I'll walk you through enabling the two
offenders first and then checking that they're running.
== Google Analytics
To enable GA, configure the `google_analytics_key` in the console and
restart your Rails server:
Setting.set('google_analytics_key', 'asdfasdf')
To confirm that GA is disabled, its snippet should not be included in
the DOM. You can use this query to get at that element:
[].filter.call(
document.head.querySelectorAll('script'),
x => x.innerHTML.match(/window\.ga/)
)
== FullStory
To enable FS in the first place, you must first enable the feature flag
"enable_fullstory" at the site_admin level and then configure your
dynamic_settings.yml as shown in g/230591. Be sure to restart Rails.
To confirm that FS is disabled, its snippet should not be included in
the DOM. You can use this query to get at that element:
[].filter.call(
document.head.querySelectorAll('script'),
x => x.innerHTML.match(/FS\.identify/)
)
Change-Id: Ib7493f6dc342f4d96cb0c6fa944b7e56e8a45d29
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/242531
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Ahmad Amireh <ahmad@instructure.com>
On modules index, the icons associated with each content type are
<i> elements. Becuase <i> elements should not have aria-labels,
this commit moves the icon's label to a SR-only span. This change
also makes the icon label readable by JAWS; before, JAWS ignored
the aria-label. Also removes redundant
module_item_translated_quiz_type function.
Fixes LS-627
flag = none
Test plan:
- Go to /courses/:id/modules/
- Turn on VO, navigate through page
- Should read icon type, item name, due date, points, and status
- Repeat for JAWS
Change-Id: Id180f67b2683e05a0de7fc55a6881244c5420e04
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/242034
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
QA-Review: Clint Furse <cfurse@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
closes SAS-1474, SAS-1452
canvas server-side, when:
* a canvas request would generate a redirect to an inst-fs file
* but the request also includes a `X-Canvas-File-Location` header
* and the request is session authenticated
then the server instead responds with a JSON object with:
* a `location` field containing the nominal redirect target
* a `token` field containing a token that can be used as a value for
an `Authorization: Bearer <token>` header when requesting the file
a service worker is then added that intercepts non-navigation GET
requests to those endpoints. it adds the X-Canvas-File-Location header
to the request, and then issues a followup request for the returned
location with the Authorization header added. in effect, it's following
the redirect but with the Authorization header injected. inst-fs can
then recognize the Authorization header as a means of user
authentication in the absence of cookies.
finally, the service worker is installed only if:
* the plugin setting controlling it is enabled
* the browser is Safari 13+
other browsers are able to use simpler work arounds when cookie blocking
is enabled and can thus take advantage otherwise.
test-plan:
* have canvas and inst-fs both served over https
* for safari, be using 13.1 or newer with tracking prevention enabled
* leave the service worker disabled through the inst-fs plugin setting
* have an image uploaded to inst-fs
* visit the image's preview page in the files UI:
- in safari: observe the image fails to load
- in chrome: observe the image successfully loads
* enable the service worker via the plugin setting
* refresh the image's preview page:
- in safari: observe the image now successfully loads
- in chrome: the image still successfully loads, but does so without
involving the service worker
Change-Id: Ie28f2cad40f67549bfbb4c7c6604f215581fbe18
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/237135
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
closes OUT-3735
flag=none
test-plan:
- Enable the outcome_alignment_non_scoring_content FF
- Within a course, create a group (under People)
- Navigate to the group and create a page within it
- Visit the newly created page and make sure no errors occur
Change-Id: I23e3dbb126e3177a6e037250c81307d5eb44fb2e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/241455
Reviewed-by: Augusto Callejas <acallejas@instructure.com>
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Michael Brewer-Davis <mbd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
also add native support for choosing from
multiple assignment sets
test plan:
* enable native conditional release (see g/239985)
* set up a course with assignments assigned to "Mastery Paths"
so they're only visible to students with overrides
* use the editor to create a trigger assignment that can
release the hidden assignments, setting up a
scoring range that has an "or" option (by clicking the "&"
between multiple assignments) that won't automatically
assign students but rather present a choice
* as a student, submit to the trigger assignment
* as a teacher, grade the trigger assignment with a
score that will trigger the "or" path
* as the student, confirm that the modules page reveals
a link to a page that allows the student to choose
one assignment set or the other
* confirm that choosing an assignment set will
reveal its assignments to the student
* confirm that as a teacher, viewing the trigger
assignment page shows a "Mastery Paths Breakdown"
that can be interacted with to show which students
fell into each scoring range
* all other native conditional release functionality
not listed here should be in-line with current functionality
via the full service (apart from course copy support)
closes #LS-1065
Change-Id: Iede1689b3896380d4da155fa7ae325796d85f934
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/240607
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
fixes USERS-369
the large amount of Access Tokens was making ERB rendering take longer
than it did for the JS to be executed, while that was expecting elements
to be in the DOM that weren't.
Instead of wrapping the whole file itself (profile.js) to execute on
DOMContentLoaded or such, I opted to introduce a new API parallel to
js_bundle that abstracts this if only to preserve the history of that
file.
| TEST PLAN |
| ---- ---- |
- before you check out this patch, repro the issue by creating a ton of
access tokens in the console and visit the settings page
1000.times { User.first.access_tokens.create! }
- don't open your dev console, go to the settings page and hit Edit
Settings and verify it does nothing
- check out the patch, rerun webpack and (hard) reload the page
- Edit Settings should be ok now
Change-Id: I51bb8cdb9cd91107166c6d4c0835c3709a6f10f0
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/239958
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Charley Kline <ckline@instructure.com>
Product-Review: Charley Kline <ckline@instructure.com>
QA-Review: Charley Kline <ckline@instructure.com>
fixes KNO-443
flag = smart_alerts
- corrected threshold options, we were missing the 48h one
- changed wording a bit on the settings page to make it clearer
- threshold is now a number indicating hours, not a number/string with
time unit
- the setting is now per account not root account and modifiable by
regular admins
- test plan -
- ---- ---- -
- enable the smart alerts feature on the root account
- verify you can change the threshold setting to 12h/24/36h (default)
Change-Id: I817f16169539b08de8bbc815009fe3ef157f8dac
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/237021
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Caleb Guanzon <cguanzon@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
closes OUT-3593
flag=outcome_alignment_non_scoring_content
Test plan:
- with quiz_api, outcomes, canvas running,
provision outcomes for account
- in canvas rails console:
Account.first.provision_outcomes
- in a course, create some outcomes and groups
- sync canvas outcomes to outcomes service
- following instructions in outcomes-service canvas.rake
re: canvas docker-compose config, run in outcomes-service:
dc run --rm api bundle exec rake \
canvas:dump_canvas_data[outcomes.docker,db.canvas.docker]
dc run --rm api bundle exec rake canvas:sync[outcomes.docker,true]
- enable "Outcome alignment to non-scoring content" FF
- create canvas course with wiki page
- on wiki page show page, add outcomes to the page
- verify that outcomes are retained on reload
- in another course without outcomes, verify that outcomes widget does
not appear
Change-Id: Ie3af07642d818eaa529bff76b1ac7d81e575622b
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/235665
Reviewed-by: Augusto Callejas <acallejas@instructure.com>
Reviewed-by: Pat Renner <prenner@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Augusto Callejas <acallejas@instructure.com>
Product-Review: Jody Sailor
fixes KNO-490
flag=none
test plan:
- create a user, set their avatar url to "" via console
> user.update_attributes(avatar_image_url: "")
- add the user to a conversation
- fetch all conversation participants via api
- easiest way:
- log into your local as an admin
- paste into your browser: http://localhost:3000/api/v1/conversations?include[]=participant_avatars
- no curl/tokens necessary \o/
- the user's avatar should be set to empty string, not
"http://localhost:3000"
qa risk: low
Change-Id: I9f766e3f8ac5e5a6ef075b597e8e1f85fad956da
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/237863
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Drake Harper <drake.harper@instructure.com>
QA-Review: Drake Harper <drake.harper@instructure.com>
Product-Review: Drake Harper <drake.harper@instructure.com>
flag = calendar_conferences
Conferences created in calendar events are generic for the
conferences page. This change:
* Ties the conference name/schedule date to the calendar event
* Updates it when the calendar event is updated
* Removes LTI Conferences from the Conferences Page
Test Plan:
* Verify Conferences Page loads successfully.
* Add a calendar event with both of the following:
* Plugin Conference (e.g. Big Blue Button)
* LTI Conference (e.g. MS Teams)
* Verify on the Conferences Page
* Plugin Conferences from the calendar event appear
* They include the correct start date/time.
* LTI Conference does not appear on the page
* Update the calendar event with different name and start times
* Verify updates propagate to the Conference Event
Change-Id: I7a73d9f626f036f66efaf9cf34d7b9ced26e134e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/236615
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Steve Shepherd <sshepherd@instructure.com>
closes CAL-38
flag=calendar_conferences
Test plan:
- enable calendar conferences and BBB
- add a BBB conference to a calendar event
- from the course conferences page, delete
the BBB conference
- verify delete is successful
- reload calendar, verify that event no longer
has associated conference
Change-Id: I8ed0c91ec8f555c3ffaff47409ac51868500936e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/237016
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ken McGrady <kmcgrady@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
fixes KNO-442
flag = smart_alerts
| TEST PLAN |
| ---- ---- |
- enable the "Smart alerts" account feature
- go to account settings and verify you see the Smart Alerts section
- you should also see a control for the threshold parameter
Change-Id: I525a639d401d16af706a248c121e23461607665a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/236657
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ben Nelson <bnelson@instructure.com>
QA-Review: Ben Nelson <bnelson@instructure.com>
Product-Review: Ben Nelson <bnelson@instructure.com>
closes LA-942
flag = none
Test Plan:
- Enabled Assignment Allowed attempts feature
- create an assignment with limited attempts
- as a student, submit the assignment
- attempt to submit again and the submission button should be disabled
- ScreenReader should now read the button as "dimmed" and should not
be able to be clicked via screenreader shortcut
Change-Id: I05e2b3816de5bf63aa7aa1b915e8076e5efc4438
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/235237
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
QA-Review: Daniel Sasaki <dsasaki@instructure.com>
Product-Review: Clint Furse <cfurse@instructure.com>
refs CAL-4
flag=calendar_conferences
Test plan:
- enable FF "Add Conferences from Calendar"
and "Allow Conference Selection..."
- enable BigBlueButton with dummy settings at
/plugins/big_blue_button
- create two courses, one with multiple sections
- add LTI tool for conference selection to one course
- open add calendar event dialog at /calendar
- switch context to one of the courses
- verify that conferencing options appear (two options
if in course with LTI; one option otherwise)
- click more options to open detailed edit page
- verify that conferencing options appear the same
way
- add a conference
- save the conference
- verify that conference appears on the calendar
- repeat in the other context to verify other select UI
- add a conference before clicking "more options" and
verify that it is included in the more options page
- verfy that updating the conference and then cancelling
on the more options page does not save the update
- in the course with multiple sections, select "use a different
date for each section"
- verify that the conference for the parent event is shown
for each of the child events in the calendar
- verify that the conference can't be edited from the child events
- verify that updating the parent event conference from the More
Details page also updates the child events (as seen in
the calendar)
Change-Id: I9a7dccc9962d3c056f6a6a5fdb8a501ce8960c18
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/235298
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ken McGrady <kmcgrady@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
closes CAL-4
flag=calendar_conferences
Test plan:
- enable FFs ("Add Conferences fro Calendar" and
"Allow Conference Selection LTI placement"
- enable BigBlueButton at /plugins/big_blue_button
- enroll a user in multiple courses
- add conference LTI tool to one course
- from calendar, add an event for one of the courses
- verify that option to add calendar event is present
- for course with LTI tool, should be dropdown between LTI and BBB
- for course without, should be button for BBB
- add BBB conference
- verify that conference link is added and button hidden
- save event
- verify that conference link shows on the event "show" dialog
(on clicking in calendar, before clicking edit)
- verify that removing the event and saving persists
- add LTI conference in that course's context
- verify that dialog launches to go through LTI workflow
- verify that conference is added, saved, can be removed
- verify that when conference is selected, dropdown is shown
allowing switching to BBB
Change-Id: I4892d49efcfd41e9c3a223faf071b677e26ba8fb
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/234639
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
Reviewed-by: Ken McGrady <kmcgrady@instructure.com>
Reviewed-by: Davis Hyer <dhyer@instructure.com>
closes CAL-2
flag=conference_selection_lti_placement
Test plan:
- create an api access token from user settings
- add an LTI tool with conference placement
(including FF, see g/232853) to a course.
You will need the course id and the tool id.
- create an LTI conference via the API, e.g.:
> curl http://canvas.docker/api/v1/courses/${COURSE_ID}/conferences \
-H 'Content-type: application/json' \
-H 'Authorization: Bearer ${ACCESS_TOKEN}' \
-d '{
"web_conference": {
"title": "Something",
"conference_type": "LtiConference",
"lti_settings": {
"tool_id": ${TOOL_ID}
}
}
}'
- view the conferences created via the api
> curl -H 'Authorization: Bearer ${ACCESS_TOKEN}' \
http://canvas.docker/api/v1/courses/${COURSE_ID}/conferences
Change-Id: I5d1da73c76590395b7d37c58deaf4b1a69cff9b4
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/233227
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Steve Shepherd <sshepherd@instructure.com>
test plan:
* SubmissionsApi#for_students should work as before
closes #LA-906
Change-Id: I8fe9b6c297461eb6cc7b075ef74c180e77fc480e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/233560
Reviewed-by: Simon Williams <simon@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
test plan:
* the courses api should load nicknames and favorite
info as before
closes #LA-912
Change-Id: Id42f70e76f58e899c9d6f5321d0c35bbca92ca86
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/233663
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jon Willesen <jonw+gerrit@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
closes USERS-458
flag=mobile_qr_login
This commit changes how we're adding the link to render the mobile
QR code modal. We're going to be using the profile tab approach
instead of adding it directly to the global profile tray. This
will allow it to exist not only in the global profile tray, but
the user profile, and even the global mobile nav. The QR for mobile
link tab will show up for any active path under '/profile'
Test Plan:
- Ensure your version of canvas has an up to date
instructure_misc_plugin
- create a developer key
- add https://sso.canvaslms.com/canvas/login as its only redirect URI
- In a rails console
- a = Account.default
- a.settings[:ios_mobile_sso_developer_key_id] = <dev key global id>
- a.save!
- a.account_domains.create!(name: 'sso.canvaslms.com')
With the :mobile_qr_login feature flag enabled:
*Web View*
- Navigate to '/'
- Open the profile tray and click 'QR for Mobile Login'
- Ensure the QR code image is generated with the title and expire tag
- Navigate to '/profile'
- Click on 'QR for Mobile Login' on the left hand side section tabs
- Ensure the QR code image is generated with the title and expire tag
*Mobile Web View*
- Shrink browser horizontally until Canvas web view is rendered
- Click on the down carrot menu at the top of the global nav
- Click on 'QR for Mobile Login' option at the bottom
- Ensure the QR code image is generated with the title and expire tag
- Click on the hamburger menu in the top left
- Select the Account drop-down
- Click on 'QR for Mobile Login'
- Ensure the QR code image is generated with the title and expire tag
- 'QR for Mobile Login' link tab should only appear for paths
under '/profile'
With the :mobile_qr_login feature flag disabled:
- Verify the 'QR for Mobile Login' link tab does not appear
in any of the above locations previously tested
- Hitting the '/profile/qr_for_Mobile' path directly renders
a 404
Change-Id: If69d5f3a7526f7aa84cfae22d0747e5afd2d617b
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/232750
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Charley Kline <ckline@instructure.com>
QA-Review: Charley Kline <ckline@instructure.com>
Product-Review: Peyton Craighill <pcraighill@instructure.com>
This change
1. moves the feature flag from RootAccount to SiteAdmin, as it should
not be manipulated by any of our institutions
2. hides the mobile login qr code from fullstory using their fs-exclude
class name
3. hides the users' avatars by adding a data-fs-exclude attribute to all
instances of the instui Avatar component, which we an then filter on
in the fullstory UI (because instui doesn't let us add a className)
4. hides the users' avatars that are not Avatar by adding .fs-exclude
Note: I am hiding all <img> elements via the FullStory UI, but this does
not hide Avatar, which puts the image in as a background-image
closes UXS-97
flag=enable_fullstory
test plan:
- you can really only test in beta where fullstory can capture
sessions and see that user avatars and the qr code are hidden
Change-Id: Ic8b73a2d7cd0474c1fd9a5337f747b76e5f67d06
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/232666
QA-Review: David Tan <dtan@instructure.com>
Reviewed-by: Augusto Callejas <acallejas@instructure.com>
Reviewed-by: Alex Anderson <raanderson@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
closes TALLY-775
flag = datadog_rum_js
test plan:
* This change does not have any behavior without
two code tweaks, as described below.
* To verify the behavior after tweaks:
1. Visit the described page
2. Inspect the `head` of the document
3. Look for a `script` tag with id `datadog-rum-js`
4. When present, the page is including the Datadog code.
5. When absent, the page is not including the code.
* "Verify the script is included" will refer to the code
being included on the page.
* For more thorough verification, Datadog access is needed.
* A server restart _might_ be necessary between steps, as
some settings might be cached.
1. Add the following to `config/dynamic_settings.yml`
config:
canvas:
datadog-rum:
application_id: "asdf"
client_token: "asdf"
sample_rate_percentage: 50.0
2. Enable the `datadog_rum_js` release flag
3. In a known controller action which renders a page,
add this code:
opt_in_datadog_rum_js
4. In a different controller action which renders a page,
add this code:
request_datadog_rum_js
5. Visit the "opt in" page
* Inspect, refresh and repeat several times
* Verify the script is present roughly 50% of the time
6. Visit the "request" page
* Inspect, refresh and repeat several times
* Verify the script is present 100% of the time
7. Configure the sample rate to 0.0
8. Verify the script is never loaded on either page
9. Configure the sample rate to 100.0
10. Disable the release flag
11. Verify the script is never loaded on either page
Change-Id: I5fcde3d385553f5240f5f613eb15cf7d082d27bb
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/231784
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
Reviewed-by: Gary Mei <gmei@instructure.com>
Reviewed-by: Keith Garner <kgarner@instructure.com>
closes UX-31
flag=enable_fullstory
test plan:
1. LOG OUT BETWEEN TESTS
2. to determine if fullstory was enabled, you can:
a. use devtools to look for the fullstory script
in the HEAD. It will be after the
<!-- fullstory snippet --> comment, making it easy to find
b. lok for a network request for edge.fullstory.com/s/fs.js
3. to your dynamic_settings.yml, add
config:
canvas:
fullstory:
sampling_rate: 1.0
app_key: 'anything'
- do not enable the flag
- log in
> expect fullstory not to be enabled
- enable the flag
- log in
> expect fullstory to be enabled
- change sampling_rate to 0.0
- log in
> expect fullstory not to be enabled
Change-Id: I27885ebafea3066a8996a45f990118584f2bf56c
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/230591
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Reviewed-by: Gary Mei <gmei@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
fix n+1's on enrollment term, favorites and nicknames
test plan:
* user dashboard should load nicknames as before
* also favorites (when "Course Favorites From Dashboard"
feature is enabled)
closes #LA-821
Change-Id: Idf4b71ee54ca2f5b826c86ea4f1d8637532a1d28
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/230099
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
fixes QUIZ-7185
flag=newquizzes_on_quiz_page
test plan:
- with the newquizzes_on_quiz_page FF enabled:
- as a teacher/admin:
- on the Quizzes page, create a New Quizzes quiz and a
Classic Quizzes quiz
- on the Quizzes, Assignments, and Modules pages, a SR
should read "New Quiz" when hovering a filled rocket
icon for new quizzes and "Quiz" when hovering a
hollow rocket icon for classic quizzes
- as a student:
- on the Quizzes, Assignments, and Modules pages, all icons
for new and old quizzes should be the filled rocket icon,
and should read "Quiz" when hovered by a SR
Change-Id: I19ec8711f45295a1a1bb8b503e2ecf77c5d87500
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/227977
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Han Yan <hyan@instructure.com>
QA-Review: David Tan <dtan@instructure.com>
Product-Review: Kevin Dougherty <jdougherty@instructure.com>
closes QUIZ-7308 QUIZ-7309 QUIZ-7310
flag=none
Test Plan
Import, and verify that 'Canvas Course Export', 'Copy A Course',
'Common Cartridge 1.x Package', 'QTI .zip file' import paths create
New Quizzes on import in the following scenarios.
With the "New Quizzes migration during course import/copy" and "New
Quizzses Importing" Feature Flags enabled, as well as selecting
"Import assessment content as New Quizzes on Import.
With the "New Quizzes migration during course import/copy", "New
Quizzses Importing", and "New Quizzes migration by default" Feature
flags enabled
With the "New Quizzes migration during course import/copy", "New
Quizzses Importing", and "New Quizzes migration required" Feature
flags enabled
Change-Id: Ie48a108dbffe2aa307fd502b108dcc7827043903
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/223905
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Han Yan <hyan@instructure.com>
QA-Review: David Tan <dtan@instructure.com>
Product-Review: Kevin Dougherty <jdougherty@instructure.com>
closes OUT-3401
flag = none
test plan:
- check out/update canvas plugins needed for sharding:
* multiple_root_accounts
* demo_site
* canvas_geoip
- check out/update canvas plugin needed for provisioning:
* uuid_provisioner
- check out/update quiz repo:
* quiz_api
- check out/update outcomes service:
* outcomes-service
- add the following to the postgres container section
of your docker-compose.override.yml in canvas:
===
ports:
- "5432:5432"
environment:
VIRTUAL_HOST: db.canvas.docker
===
- update canvas configuration by adding example
dynamic_settings to existing config/dynamic_settings.yml
and by copying example uuid_provisioner.yml
- in canvas rails console, enable the auto provision setting:
> Setting.set('auto_provision_outcomes_service', 'true')
- start up canvas, outcomes-service and quiz_api
- create a new root account from canvas siteadmin
http://canvas.docker/accounts/site_admin/root_accounts:
* account name: outcomes
* account domain: outcomes.canvas.docker
- after a few minutes, verify in the outcomes rails console that a new
shard has been created and registered for the second account, but
not the first
> ap AccountRegistry.all
- create a course with outcomes in outcomes.canvas.docker
- in the outcomes api docker container, dump canvas data and sync
into the provisioned outcomes shard:
> bundle exec rake canvas:dump_canvas_data[outcomes.outcomes.docker]
> bundle exec rake canvas:sync[outcomes.outcomes.docker,true]
- enable the outcome alignment feature flag:
- http://canvas.docker/accounts/site_admin/settings
- Feature Options tab
- Find "Outcome alignment to non-scoring content" feature flag
- Switch to "ON"
- return to course created in new canvas account
- create a canvas page in the course
- load the newly created canvas page
- confirm that an outcome alignment widget appears, and that
it opens a side tray with course outcomes when attempting to align
Change-Id: Ide6891493ea3c926d155d4aea9bc7aff5bdaa6fb
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/227463
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
Reviewed-by: Pat Renner <prenner@instructure.com>
QA-Review: Michael Brewer-Davis <mbd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
closes OUT-3459
flag = none
test plan:
- check out/update canvas plugins needed for sharding:
* multiple_root_accounts
* demo_site
* canvas_geoip
- check out/update canvas plugin needed for provisioning:
* uuid_provisioner
- check out/update quiz repo:
* quiz_api
- check out/update outcomes service:
* outcomes-service
- update canvas configuration by adding example
dynamic_settings to existing config/dynamic_settings.yml
and by copying example uuid_provisioner.yml
- in canvas rails console, enable the auto provision setting:
> Setting.set('auto_provision_outcomes_service', 'true')
- start up canvas, outcomes-service and quiz_api
- create a new root account from canvas siteadmin
http://canvas.docker/accounts/site_admin/root_accounts:
* account name: outcomes
* account domain: outcomes.canvas.docker
- after a few minutes, verify in the outcomes rails console that a new
shard has been created and registered for the second account, but
not the first
> ap AccountRegistry.all
- create a course with outcomes in outcomes.canvas.docker
- enable the outcome alignment feature flag:
- http://canvas.docker/accounts/site_admin/settings
- Feature Options tab
- Find "Outcome alignment to non-scoring content" feature flag
- Switch to "ON"
- return to course created in new canvas account
- create a canvas page in the course
- load the newly created canvas page
- open the javascript console
- confirm that the outcome alignment jwt appears when running:
> ENV.canvas_outcomes.jwt
Change-Id: Ib519611fe319a61e5b9bd37e35b0dd58e4cd0cda
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/227139
Reviewed-by: Pat Renner <prenner@instructure.com>
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Michael Brewer-Davis <mbd@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
flag = none
closes QUIZ-7191
test plan:
1. In canvas create a new and old quiz (optionally other assignment types).
2. Add the assignments from step 1 to a module.
3. On the assignments page, SR should read "Quiz" for both types of quiz.
4. On the modules page, SR should read "Item type: Quiz" for both types.
5. On the modules page, the new quiz icon should be filled in.
6. All other icons should look and sound the same as before.
Change-Id: Ie5df2c7f472b7f516a059f35908c63c62c5e463b
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/223182
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Tyler Burraston <tburraston@instructure.com>
QA-Review: Laura Gonzalez-Horwitz <lgonzalez-horwitz@instructure.com>
Product-Review: Kevin Dougherty <jdougherty@instructure.com>
test plan:
* create a wiki page with a broken canvas link
* set the page as the front page of course
* if a student follows the broken link from the
front page (e.g. /courses/X) it should still
send the broken link notification to the teacher
as if they had followed it from the page directly
(e.g. /courses/X/pages/URL)
closes #KNO-182
Change-Id: Ib4d561997084d7aa167f3a30cf30815f7221b8dc
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/221660
Reviewed-by: Carl Kibler <ckibler@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Carl Kibler <ckibler@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Fixes USERS-149
flag=none
Add safeguards in the courses_controller create method to
make sure that the caller can manage course visibility.
I had to be careful to check _all_ the visibility settings
in the API call, not just the one that the UI sets.
Also, fix up the UI so that the option to make a newly-
created course public doesn't appear if the user does not
have the manage_course_visibility permission.
Test plan:
* Try to create a new course and make it public from a user
with the Change Course Visibility permission
* It should work
* Now try it from a user that does NOT have that permission
* The option to make it public shouldn't even appear
* Extra credit: hack app/views/shared/_new_course_form.html.erb
(line 60) so that the "make public" checkbox appears even
when the permission isn't granted
* Then even when checking that box that you shouldn't be
seeing to try to make the new course public, the resulting
course should still only have "Course" visibility
Change-Id: I48ed471885a6f3357e17aa09aef33fb098861b6f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/218527
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Tested-by: Jenkins
QA-Review: Steve Shepherd <sshepherd@instructure.com>
Product-Review: Charley Kline <ckline@instructure.com>
test plan:
* configure a tool with a
module_group_menu placement
(similar to the module_index_menu type)
* enable the "Import Commons Favorites" feature
* should launch the tool though a cog dropdown
for a specific module into a tray
* the selected resources posted to the tool
should only list the one module you selected
* closing the tray after a message has been posted
should cause the page to refresh
flag=commons_favorites
closes #LA-286
Change-Id: Idbaa746fc98d4ac4097da8488b7120a6acedc23f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/218212
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Tested-by: Jenkins
Reviewed-by: Carl Kibler <ckibler@instructure.com>
QA-Review: Carl Kibler <ckibler@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
test plan:
* configure a tool with an module_index_menu placement
(similar to the wiki_index_menu type)
* enable the "Import Commons Favorites" feature
* should launch the tool though a cog dropdown
in the header of the modules page into a tray
* closing the tray after a message has been posted
should cause the modules page to refresh
flag=commons_favorites
closes #LA-71 #LA-72
Change-Id: I4ab15bf71da574482b107cbbba295cb4557f4fa8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/217828
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Tested-by: Jenkins
Reviewed-by: Carl Kibler <ckibler@instructure.com>
QA-Review: Carl Kibler <ckibler@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Closes USERS-18
flag=none
Per the ticket, there's no more need to be able to force RTL for
a locale, so the FF responsible for that was ripped out.
Test plan:
* The "Turn on RTL Even For Non-RTL Languages" feature
flag should no longer appear in account settings
* Inspect the main Canvas page's HTML
* The <html> tag should include the attr dir="ltr"
* Change your language to Hebrew or Arabic (caution,
be sure you know how to switch back to English if you
cannot read that language!)
* Canvas should look correct for that language, with
the text flowing from right to left on the page
* The <html> tag should include the attr dir="rtl"
Change-Id: Ib54645661c73a8c89fc76897b80b3e1f562b9553
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/216938
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Tested-by: Jenkins
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Steve Shepherd <sshepherd@instructure.com>
It looks like there was no reason we were Rails.cache.fetching
this most of the time. Becaus inside the rails.cache.fetch
we would not actually cause any db other expensive reads unless
We were passed a `user` that was not an actual user model
(Or something else that .respond_to?(:short_name))
Reviewers: am I missing something here? Is there some reason we
Need to always cache this/read it from cache?
Change-Id: I6f8d3db7b691aea79785566444a253f99a8572ce
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/216275
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
because the methods that call context_user_name are expecting back
possibly unsafe strings and not html they call "h" on it to escape it
so it actually shows to users in the UI as "Ryan Shaw <i>(he/him)</i>"
this fixes it by just showing "Ryan Shaw (he/him)"
test plan:
* the user submission page should show names like that ^
Change-Id: I047bd5066e39833a675b54c1a9b0ae8e0f3ac8e5
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/216273
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
Tested-by: Jenkins
Product-Review: Ryan Shaw <ryan@instructure.com>
test plan:
* have a course with two course sections and two discussion topics
set to only be visible to one section respectively
* viewing the modules page as a student in one section should
only show the discussion they're assigned to, and should
not pollute the cache for another student
closes #LA-145
Change-Id: I5efd1f9aea62e5f5c56dd757893e3dba1219d1b0
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/215835
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
closes: WOKE-5
Test plan:
Preconditions:
* go to the settings page for the domain root account
* go to your user settings page, click “edit settings”
* you should not see anything about “Pronouns”
turn on:
* you should not see a section about “Pronouns”
* go to a root account, enable the “Pronouns” feature flag
* go back to the settings page for the domain root account
* you should now see a section about “Pronouns”
* check the box to enable it
* add a couple options
* save
Pick one for yourself:
* go to a user’s profile page, you should see a <select> where you can
pick one of the options the school allowed
* you should see an
Make sure it show up in inbox and stuff
* go to conversations and discussions and all the places we started
Showing pronouns, they should display your pronouns after where it
Shows your name
Make sure you can still unset yours after the account turns off the
Setting:
* go back to the account settings page & turn off the “Enable Personal
Pronouns” checkbox
* save
* go to inbox or somewhere and verify that it still shows your pronouns
* go to your user profile page
* it should still display that you are “He/Him” (or whatever pronouns
You picked above)
* click “Edit Settings”
* the select box to pick a pronoun should only have an option of
“None”
* hit save
* now your pronouns should not show up on that page nor should
They show up anywhere else in the UI
Change-Id: I7f51c9ca2ec82cb0a3cbdca3bf37c7bc2a69d4f9
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/215336
Reviewed-by: Matthew Lemon <mlemon@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins
QA-Review: Steven Burnett <sburnett@instructure.com>
Product-Review: Steven Burnett <sburnett@instructure.com>
The way this was, it would be executed before main.js but because it did
not have a prefetch issued for it, we might be blocked waiting for it
to download when main had already been downloaded.
Test plan:
If you look at a profile you should see https://cl.ly/06e7016eae7a
Instead of https://cl.ly/a2e99a1ed9a4
(See how variables.js is downloaded _after_ main in the second?)
Change-Id: I4f6e55325a22fda316b9f5f9202bdabb76372530
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/214898
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
test plan:
* should be able to mark the checkbox when creating
a global announcement for an account (other than site
admin) to queue a job to send the announcement in
a notification to all applicable users
closes #CORE-3384
Change-Id: I0540196164be283f3acc6c6b5232a945e1916fbe
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/212448
Tested-by: Jenkins
Product-Review: Lauren Williams <lcwilliams@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
closes ADMIN-2778
flag=none
test plan:
- confirm 'Accessible Course Menu' feature flag is gone
- course sidebar menu maintains all recent a11y changes:
* aria-current="page" on current page
* uses course color
* high contrast mode works right
* basically, compare it to production behavior
Change-Id: Iae20776effa9421ed26c963f6d148ed0b118fab3
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/214631
Tested-by: Jenkins
Reviewed-by: Rex Fleischer <rfleischer@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
QA-Review: Mysti Lilla <mysti@instructure.com>
Product-Review: Carl Kibler <ckibler@instructure.com>
Allow numberHelper to return numbers with embedded 'e's, but make sure
they're not run through the number localizer on output (as it gets
unexpected results and scientific notation is expected to be in english
format anyway)
Test Plan:
- Make a quiz with a numeric question
- Set the answer to 1e21 or higher using e notation
- See it save properly
- Take the quiz, entering the correct answer
- Expect it to display and grade correctly
Closes QO-526
Change-Id: I8173532db87e77dee925528f30225256344b69f3
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/213295
Reviewed-by: Jonathan Holt <jholt@instructure.com>
Tested-by: Jenkins
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Kevin Dougherty <jdougherty@instructure.com>
closes QUIZ-6791
test plan:
- test the ps with quiz_lti patch
- make sure quiz migration works
- quiz shell is created
- quiz shell status is updated when quiz migration is done
Change-Id: Ia002ceb48ded582849301e3efd8631396d9ffe95
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/210548
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Kevin Dougherty <jdougherty@instructure.com>
refs COMMS-2501
Test Plan:
- have a couple users in a course
- have a couple add pronouns
- go to a discussion
- post a couple replies
- notice the pronoun shows next to their name
- also spot check places that context_user_name is
used in
Change-Id: I3b255918e3ca01190ca794ab59f5bd4f5a878321
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/213748
Reviewed-by: Matthew Lemon <mlemon@instructure.com>
Tested-by: Jenkins
QA-Review: Steven Burnett <sburnett@instructure.com>
Product-Review: Steven Burnett <sburnett@instructure.com>
closes ADMIN-2978
flag=a11y_left_menu
test plan:
- Enable a11y_left_menu flag. Ensure colors of 'hidden' course nav
items matches the non-hidden ones. Also check high contrast.
- No check needed with flag off - no code changes for it.
Change-Id: I13f4a312067ed0b2289c5dfb5eae5ce8bb23c9cc
Reviewed-on: https://gerrit.instructure.com/212793
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Carl Kibler <ckibler@instructure.com>
fixes ADMIN-2965
flag=none
test plan:
- with 'a11y_left_menu' flag OFF, ensure course nav for active page
has an 'aria-current="page"' attribute and no others do.
- enable 'a11y_left_menu' flag and repeat.
- also, check Voiceover says 'Current page' when you tab over that
menu item. that's the whole point overall
Change-Id: I0f8e2abde93461c88c5f7ebc6a1f86b7cffc923d
Reviewed-on: https://gerrit.instructure.com/212732
Tested-by: Jenkins
Reviewed-by: Charley Kline <ckline@instructure.com>
QA-Review: Charley Kline <ckline@instructure.com>
Product-Review: Daniel Sasaki <dsasaki@instructure.com>
Test Plan
- Go to the conversations page
- Compose a new message
- Notice that the media upload button is displayed, and you can click
it to upload/record media
fixes COMMS-2487
flag = none
Change-Id: I03331f8770228580e8a82ab74b05b6f9956d6900
Reviewed-on: https://gerrit.instructure.com/212589
Tested-by: Jenkins
Product-Review: Landon Gilbert-Bland <lbland@instructure.com>
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
fixes: COREFE-349
this will make it so our javascript, specifically the global “$”
variable from jQuery, is loaded before custom account JS runs
test plan:
* you may have to test this in firefox or some other browser besides
chrome because I could never reproduce the original problem in chrome
* upload a file as the custom javascript file in the theme editor with
something like:
$(function(){console.log(‘it worked’, $)})
* save that and apply it to your account
* you should see the it worked message always logged to your console
and should not ever see a “$ is undefined” error in the console
Once this is on beta:
* we should specifically test the schools that we know had this problem
originally and see if it is resolved for them
Change-Id: Ic0f245cb649f3cf0148f4b0c9b263aa3b46aad57
Reviewed-on: https://gerrit.instructure.com/212390
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
fixes: GH-1508
fixes: https://github.com/instructure/canvas-lms/issues/1508
Test plan:
* make sure streaming is turned on
* as a teacher:
* go to /courses/x
* look at /error_reports
* you should not see a `you tried to add something to js_env after
js_env has been rendered` error.
* go back to /courses/x
* click the “ Course Setup Checklist”button
* it should work
* the css for it should work and it should be styled correctly
Change-Id: Ib1cae481ac0c5bc9bb2e56591fc3fc56d0dcb2de
Reviewed-on: https://gerrit.instructure.com/211388
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
test plan:
* for courses that have the chat LTI tool enabled it should show up
exactly as before
* for courses that have no lti tools, profile a page load,
* make sure you don't see anything like this in the logs:
Redis (0.261ms) get active_external_tool_for/courses/6961-xyz/chat
SQL ContextExternalTool Load (1.0ms) SELECT "context_external_tools"...
Redis (0.253ms) get shard_7549:account_chain_ids/accounts/7549000...
SQL ContextExternalTool Load (0.9ms) SELECT "context_external_tools"...
Redis (0.295ms) set active_external_tool_for/courses/6961-xyz/chat
Change-Id: Ia660a6f2eee6d08a3aabca9fa6643efd82b21040
Reviewed-on: https://gerrit.instructure.com/210798
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
The only 2 “context”s where we actually need this is “course” or “group”
Any other page, we can bail early at the
@context.try_rescue(:allow_media_comments?) check and not have to
query the other stuff from redis/posgres
Long term, Steven said that he is going to work to get this out of
The global INST object completely and only query it when someone
Actually goes to record a video
Test plan:
* kaltura should work exactly the same as before
* pages not in a “course” or “Group” context should load faster
Change-Id: I1f8d776b59e15b8552895afaecbaff2c7ac4f6bf
Reviewed-on: https://gerrit.instructure.com/210326
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
test plan:
- install analytics 2 LTI tool
- enable new analytics feature
- verify links to new analytics exist in the following places:
1. course right side nav
2. course people page student kebab menu
3. course user page (with and without user profiles)
- for 2 and 3 above, links should only appear for students
- the /api/v1/courses/X/users?include[]=custom_links API
should not include analytics links for students
(assuming the tool configuration sets required_permissions)
fixes ADMIN-2900
flag=analytics_2
Change-Id: Iddefdb6c119f0d50240144b6e507a4428fcf8af6
Reviewed-on: https://gerrit.instructure.com/209758
Tested-by: Jenkins
Reviewed-by: Mysti Lilla <mysti@instructure.com>
QA-Review: Mysti Lilla <mysti@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Closes: COREFE-302
This will actually start executing the JS as soon as it comes in
the <head> instead of waiting until after the </html> for it to start.
What this means is that for any page that is streamed, we will start
running our javascript sooner, as soon as the <head> is sent to the
browser. So we can begin executing code while the server is still
working on sending back the rest of the document.
Note: this change makes it necessary for any endpoint that is streamed
to have a check for DOMContentLoaded before doing anything that assumes
elements will be there. I added this `@instructure/ready` helper do to
that in all the places I could see. If the DOM is already loaded,
`@instructure/ready` run the callback immediately (not in a setTimeout)
so theoretically load/execution order should be _exactly_ the same for
any response that is not streamed, even if it is wrapped
in a “ready(…)” callback
QA test plan:
* click around in prod mode, especially on pages that are streamed
make sure there are no thrown javascript errors or pages that
fail to render
* try both on a fast network as well as simulating a slow network with
browser caching turned off (if you don’t know how to change your
network speed simulation settings in Chrome, I can show you)
* specifically look at pages that are streamed
(like courses/x/discussions/y, /courses, courses/x/modules)
Change-Id: I49a74ab480095e50cfa08dca8e074848dce12012
Reviewed-on: https://gerrit.instructure.com/203198
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
test plan:
* generate a peer review notification
* the link should have a full url with host
closes #CNVS-46754
Change-Id: I6e1f7b028e79adbabbb102f5b644dc91bf76b286
Reviewed-on: https://gerrit.instructure.com/206925
Tested-by: Jenkins
Product-Review: James Williams <jamesw@instructure.com>
Reviewed-by: Gary Mei <gmei@instructure.com>
Reviewed-by: Jeremy Neander <jneander@instructure.com>
QA-Review: Jeremy Neander <jneander@instructure.com>
closes ADMIN-2809
flag=direct_share
Test plan
- Ensure you can create a content export
and share content between users
- Users cannot create shares for other
users or share content they do
not have access to
Change-Id: Ic3c748ad800f85eddd24ac6f0995a363619eed2b
Reviewed-on: https://gerrit.instructure.com/204338
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Test Plan:
- Create a quiz with at least one numeric and one formula question
- Set points, numbers, answers to include decimals or be over 1000 in
several combinations
- Change locale to one with known thousand/decimal separators
(French uses comma for decimals and space for thousands)
- Take the quiz and ensure that numbers and dates are properly localized
all the way through
Closes QO-505
Change-Id: I1bba47e5db666bcf7eb7c477422b1b49ebf8328e
Reviewed-on: https://gerrit.instructure.com/203001
Tested-by: Jenkins
QA-Review: Tyler Burraston <tburraston@instructure.com>
Product-Review: Kevin Dougherty III <jdougherty@instructure.com>
Reviewed-by: Bryan Petty <bpetty@instructure.com>
fixes ADMIN-2577
flag: Accessible Sidebar Menu
test plan:
- Check left side menu in Courses with regular mode and High Contrast
first, to make sure nothing changed or broke.
- Enable the 'Accessible Sidebar Menu' release flag
- As teacher or admin:
- Check criteria #1-6 from the jira ticket to ensure nothing missed
- Check High Contrast also, ensure it works correctly
- Disable 'Announcements' and ensure the eye-off icon doesn't wrap
weirdly and is all on one line
- Unused nav items also get icon and slightly different tooltip
- Tooltips for unused & hidden nav items show when navigated to with
keyboard
- Check student view also, to verify those items don't show
- As admin:
- Go edit the theme, and check that the theme preview for the nav
works (it required an adjustment for extra padding) so
the new outlining wasn't cut off)
Change-Id: I778a155bce0bb32117abf8ee5d7fe327a7fb0b34
Reviewed-on: https://gerrit.instructure.com/199404
Tested-by: Jenkins
Reviewed-by: Jon Willesen <jonw+gerrit@instructure.com>
QA-Review: Daniel Sasaki <dsasaki@instructure.com>
Product-Review: Daniel Sasaki <dsasaki@instructure.com>
now that we have streaming working, by loading google analytics
like this in the <head> it will load sooner but not block any of our
scripts from running.
this commit also upgrades us to use the analytics.js instead of the
legacy ga.js library.
it also actually imports it as a named export instead of just relying
on it being on the jQuery global `$` object
note: I actually took the time to set this up with a testing google
analytics account and verified that it got all the page views recorded
as before. Doing so even exposed one place where we were currently
sending PII to google analytics (in the “Act As” page) and I fixed that
https://cl.ly/e869a25266fc
test plan:
* in the console do: Setting.set('google_analytics_key', 'testing123')
but replace “testing123” with a real valid google analytics account id
* google analytics tracking data should post to your google analytics
account exactly the same as it did before this commit
Change-Id: I3ca51642c622ce72992159646f9d9338c58b44ba
Reviewed-on: https://gerrit.instructure.com/203581
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
add flags for 6.0, even though it doesn't actually do anything yet
Change-Id: If8aba4d9f92e8a8ec890deadba7a94e21e01a804
Reviewed-on: https://gerrit.instructure.com/202686
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
send them back to hopefully get a new fresh verifier
test plan:
* have an environment with a files domain
* using a developer console preserving logs, download a file,
and note the initial redirect url to the files domain
(should include a "sf_verifier" parameter)
* wait 5 minutes for the verifier to expire and then directly
access that files domain url
* it should still work (after redirecting back to original
domain and getting a new sf_verifier)
closes #CORE-3196
Change-Id: I1dafa045acb3be95ce55863fdd72c70adcdb6fe8
Reviewed-on: https://gerrit.instructure.com/203244
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
send the head tag before we start rendering
the rest of the response for the following
high traffic endpoints:
context#roster_user
courses#index
eportfolio_categories#show
eportfolio_entries#show
eportfolios#show
gradebooks#grade_summary
submissions#show
Change-Id: I2bb2e068c4c0633964aee05c27d3e6207e1cf472
Reviewed-on: https://gerrit.instructure.com/199707
Tested-by: Jenkins
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
In order to get ready for streaming. Rather than having to have every
route that wants to be able to stream worry about adding a
provide_blank(:auto_discovery) so that it doesn’t block and wait there,
we can just handle these all in a way that if you want to have something
there in the <head> you can do it in your controller,
but if you do nothing streaming will just work like you’d expect it to
Test plan:
* all of the <link rel=“alternate” …> tags these made should all be
There on all pages as before
* so for example:
* go to the dashboard page
* view-source
* you should see something like this in the <head>
<link rel="alternate" type="application/atom+xml"
title="User Atom Feed (All Courses)"
href="/feeds/users/user_xyz123.atom"
/>
Change-Id: I97879d6142141dd7d9ba438a110f012313f6a699
Reviewed-on: https://gerrit.instructure.com/202408
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
With this change, anything that was js_bundle’ed by the time we render
_head.html.erb will be included in the <head> so that if we are
streaming, it will get flushed to the browser earlier and the browser
knows about it as soon as possible. But then if someone js_bundle’s
something inside the erb view, that is fine too and it will go at
the bottom of the page in foot.html.erb exactly as it was before.
Test plan:
* if you view-source, you should see that most of the
<link rel=“preload” tags for our webpack chunks are in the <head>
and not in the footer where they used to be
* everything should function the same, aka builds should pass
Change-Id: I6ae57546adb3b7358bc346943a1490a574c89f68
Reviewed-on: https://gerrit.instructure.com/202372
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
fixes GRADE-2160
Test plan:
- Create a course and assignment with Anonymous Peer reviews enabled
- Add 2 students with immediate notifications for peer reviews enabled
- Have both students submit to assignment
- As a student, go to Dashboard and click the Anonymous Peer Review link
under Recent Activity
- Check student's messages for Anonymous Peer Review notification and
follow the link
- Neither link should result in error
Change-Id: Ibd0cb0e72a5d370dfef15b1462a84a8b2a727b40
Reviewed-on: https://gerrit.instructure.com/199808
Tested-by: Jenkins
Reviewed-by: Jeremy Neander <jneander@instructure.com>
Reviewed-by: Adrian Packel <apackel@instructure.com>
Reviewed-by: Gary Mei <gmei@instructure.com>
QA-Review: Adrian Packel <apackel@instructure.com>
Product-Review: Keith Garner <kgarner@instructure.com>
Fixes: CORE-3190 (again) we tried fixing this jira in g/201294 but it
still Doesn’t work for schools that have a custom JS file
We used to not load any of our webpack code on the mobile login screen
and so we needed to load a bare copy of jQuery so that accounts with
Custom JS files could rely on it.
But as of a while ago, we do load our own webpack bundles on that
Page, which means we now set a global window.jQuery variable. Which
means by loading a second copy, it was causing things to break because
things that relied on the global window.jQuery variable would get one
copy of jQuery and anything that used webpack to
`import $ from ‘jquery’` would get a different copy.
and the module ‘jquery-ui-touch-punch’ was just relying on looking for
the global window.jQuery and so it broke because `jqueryUI mouse` was
not present in that copy of jquery.
Test plan:
* you have to do this with a fully minified prod webpack build like on
portals
* have a custom js file set up in the theme editor that does something
Like `alert(‘I got loaded and this is jQuery version ’ + $.fn.jquery)`
* go to the mobile login page on a mobile device or using a browser with
The mobile device simulator
* your custom JS should load (aka it should alert)
* no errors should be present in the console
* click on the “forgot password” link
* it should work
Change-Id: I0c38d2bf08f748d60a8df2d993907edb1e1bf331
Reviewed-on: https://gerrit.instructure.com/201656
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
Tested-by: Jenkins
QA-Review: Clay Diffrient <cdiffrient@instructure.com>
Product-Review: Clay Diffrient <cdiffrient@instructure.com>
Closes: CORE-3167
Currently: we have a feature where people can register an LTI tool to
show up on any page load to:
a) Assignment create and edit.
b) Discussion topic create and edit.
c) Quiz create and edit.
So that means that on every page load to any of those pages (some of the
most common pages in canvas) we do an additional XHR request to see
what tools are registered to that Course/Acccount/User to see if we
should show anything in that LTI placement on the page.
That takes a non-trivial amount of time and I wanted to see if I could
help in 2 ways:
1. the xhr request to see what tools are registered represents a good
chunk of the total requests we handle on our app servers, can we
help that?
2. fetching the XHR counts against our New Relic load times, can we do
it sooner so it is ready sooner?
To help #1 I just put an expires_in 10.minutes on the http response for
that controller action because it is something that does not change
that often. For anyone trying to test adding new ones and see it show up
immediately, they just need to do a “hard refresh” in the browser
(command+shift+R)
To help #2 I used prefetch_xhr to send the fetch request for the data
sooner, meaning the complete page should load faster for users and this
should never be the thing we are waiting on for newRelic to consider
the page loaded.
Test Plan:
1. Configure a new LTI at the account / course level with a
assignment_edit launch.
2. Verify that the launch happens in three different contexts:
a) Assignment create and edit.
b) Discussion topic create and edit.
c) Quiz create and edit.
3. For each context above (#2) verify the launch happens as it did
before.
4. Look in your browser network panel. You should see that the request
To: …/lti_apps/launch_definitions?placements%5B%5D=assignment_view
Is of type: “Fetch” instead of “XHR” and it happens sooner in the
Waterfall.
5. If you hit the page again, you should see that the “time” is < 1ms
because it was loaded from the browser’s cache
6. Review api docs at:
doc/api/file.assignment_external_tools.html
experiment with options and verify apps work as expected.
Change-Id: I2986fa281d1f85d4e544b763647b8e3137d42e00
Reviewed-on: https://gerrit.instructure.com/199384
Reviewed-by: Mark Valentine <mvalentine@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins
QA-Review: Trevor Byington <tbyington@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
fixes ADMIN-2718
Test plan
- Set up a link in a course to a group
(/groups/:id) and an item in a group
(/groups/:id/pages/:page)
- Have a student who has access to the
course, but not the group
- Click on the links as the student and
verify the teacher gets the inaccessible
notification instead of the "doesn't exist"
message
Change-Id: I9675ff948a3d492197e774b6071b920fcecd8fee
Reviewed-on: https://gerrit.instructure.com/198871
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Lauren Williams <lcwilliams@instructure.com>
Test Plan:
- Given a quiz in a locale with different number formatting
- Change the points of a question to '1234.5' in that locale
- See it accept and format points correctly on the question and the
header
Closes QO-442
Change-Id: I75c353716718377bb26c1088a4db58aaa7c8f721
Reviewed-on: https://gerrit.instructure.com/198543
Tested-by: Jenkins
Reviewed-by: Jonathan Holt <jholt@instructure.com>
QA-Review: David Tan <dtan@instructure.com>
Product-Review: Kevin Dougherty III <jdougherty@instructure.com>
Test Plan:
- Given a quiz with decimal and/or thousands of points
- View the show page in a locale that has different number
- See Points Possible displayed correctly
Closes QO-441
Change-Id: I438b2df24f401251c6b212dc5f8b670e604e7d65
Reviewed-on: https://gerrit.instructure.com/198164
Tested-by: Jenkins
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Kevin Dougherty III <jdougherty@instructure.com>
fixes CORE-3034
This reverts commit 626140841b.
Reason for revert: Images are too small, and Inst-FS doesn't currently support specifying the resolution.
Change-Id: I3e7b1180e4e8ada363862887fc851037a9b566f6
Reviewed-on: https://gerrit.instructure.com/196445
Tested-by: Jenkins
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
fixes COMMS-2099
TEST PLAN
* Create a course.
* Add two or more students to the course.
* Create an assignment with file upload submission type. Note the
assignemnt id in the url.
* Masquerade as one of the users and submit the assignment. Use a zip
file and an image file (or any other canvadocable mime type) as the
submission files.
* Masquerade and submit the assignment as your other students, using
different canvadocable file types (e.g. pdf, png, jpeg).
* As the instructor/site admin Navigate to the /graphiql endpoint.
* run the following query substituting in the assignment id:
{
assignment(id: "<your_assignment_id>") {
submissionsConnection {
nodes {
_id
user {
name
}
}
}
}
}
* Using those submission ids, run the following query for each
submission id to view the submission preview urls:
{
assignment(id: "<your_assignment_id>") {
submissionsConnection {
nodes {
_id
user {
name
}
attachments {
submissionPreviewUrl(submissionId: "<submission_id>")
displayName
}
}
}
}
}
* Note that the zip file does not have a preview url and verify that the
other attachments do.
Change-Id: Ic8e8c0be994f1d6e4979755674a9e8c3d35c038a
Reviewed-on: https://gerrit.instructure.com/196418
Tested-by: Jenkins
Reviewed-by: Cameron Matheson <cameron@instructure.com>
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
Product-Review: Steven Burnett <sburnett@instructure.com>
fixes CORE-2811
test-plan:
* turn on course_card_images feature flag
* upload a large image for a course
* load the course dashboard
* check that the image being returned is a thumbnail
Change-Id: I5866a6839b1125dff944ae6249736b662a075687
Reviewed-on: https://gerrit.instructure.com/194600
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
fixes CORE-2932
same list of domains as scripts (i.e. don't auto include LTI tools),
but without the inline-eval and inline-unsafe tags
Change-Id: I7a31e4b47be29ff7413911c8e20bd416b6c04a4e
Reviewed-on: https://gerrit.instructure.com/194240
Tested-by: Jenkins
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
this is to make sure that we don't get into a case where we have
downloaded "main" and all the chunks for the splitpoints for our
js_bundles but still have to wait to actually execute any scripts
while the moment locale and timezone files download.
by putting preloads for these before any of the other preloads,
they will be downloaded first so as soon as "main" comes back it can
start executing
test plan:
* pages should load a little faster on first time visit since they
can start executing the "main" javavascript entry sooner
Change-Id: Ib75b3ee80d9d1418d5d39d9e40a1f839459e265e
Reviewed-on: https://gerrit.instructure.com/193996
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
closes: CORE-2904 CORE-2905 CORE-2906
This will send the XHR requests for the dashcards and for all the stuff
in the planner dashboard sooner. As in, as soon as the html document
comes back from the server, instead of waiting until all the js bundles
have downloaded and executed. This should remove a round-trip from
the dashboard page and you should notice the planner and dashcard
dashboards complete loading a lot faster. By sending the requests
sooner, our app servers can work on them while the browser is
downloading all the rest of the JS that it needs to run the page. And
by having our app servers work on that at the same time the browser
works on the JS, the entire page will complete loading faster.
Test plan:
* go to the planner dashboard
* you should see 4 requests with the type “fetch” in the network panel
in the waterfall right at the same time the html document is returned
* you should not see any more XHRs sent from axios on page load for the
planner dashboard (it should use the prefetched ones)
* in a prod environment, where you have multiple app server processes
handling requests, the planner dashboard should complete loading a lot
faster
* In that same prod like environment, go to the dashcard dashboard
* same thing, it should issue a “fetch” request right with the html
document comes back from the server and not issue an second
XHR once the JS is loaded.
* it should be complete loading significantly faster too.
Change-Id: I0503c1a4d913fd1baa4dad22b9a88333ff747c0d
Reviewed-on: https://gerrit.instructure.com/192161
Tested-by: Jenkins
QA-Review: Mysti Lilla <mysti@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Reviewed-by: Brent Burgoyne <bburgoyne@instructure.com>
Somehow, one of our developers got into a state where ENV.MOMENT_LOCALE
for them is "en-US", even though that should never happen. From that
same browser when hitting our prod app servers it says
MOMENT_LOCALE is “en”
So since we can’t figure out how one would ever get into that situation,
I don’t know how to reproduce it so can’t make a spec that does. But
this is here, just in case, so it doesn’t give us a 500 error if that
does ever happen to anyone else.
Change-Id: I5d6ec11d46ec0ceebe69ac267facbd2f03f1b017
Reviewed-on: https://gerrit.instructure.com/194040
Tested-by: Jenkins
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Closes: CORE-1143
Test plan:
* load canvas in prod mode in a non-English language. Click around
And make sure everything works
* in prod mode, do a test to compare load time to what’s on beta.
* page load time and js bundle size should be smaller
* click around in the quizzes client apps and the ember grade book
And make sure those things work
Change-Id: I93c28c4a6d22db95cd1c7e59cd3f5221d46fe1ed
Reviewed-on: https://gerrit.instructure.com/143422
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
Change-Id: If4237e1515552a09d212611ba913070ae9bc927f
Reviewed-on: https://gerrit.instructure.com/191312
Tested-by: Jenkins
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
closes ADMIN-2605
test plan:
- view Faculty Journal, with enough students that it paginates.
- Verify the pagination links have aria-label attributes of Page 2,
Next Page, etc.
- Check screenreaders (VoiceOver and NVDA on FF) read it nicely
Change-Id: Ib405735a4adf050781e061e5ba76970eae658332
Reviewed-on: https://gerrit.instructure.com/188192
Tested-by: Jenkins
Reviewed-by: Rex Fleischer <rfleischer@instructure.com>
QA-Review: Daniel Sasaki <dsasaki@instructure.com>
Product-Review: Daniel Sasaki <dsasaki@instructure.com>
test plan:
* before checking this commit out, copy some
content into a course
* after checking it out, make sure re-copying
the course overwrites the content from
the earlier copy (tl;dr migration identifiers
are being changed but not for old exported/copied courses)
* make sure course copies/imports/exports still work
closes #CORE-2718 #CORE-2720
Change-Id: I7515c7ec2943afaaf502432f1510d3e580f13ced
Reviewed-on: https://gerrit.instructure.com/188371
Tested-by: Jenkins
QA-Review: Rob Orton <rob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
this should speed things up by reducing the amount of traffic over the
Wire for our JS/CSS/images from our cdn for most browsers/users
(everyone besides IE 11 supports brotli). Should especially help people
on mobile connections and in remote areas.
For example, our vendor webpack bundle went from 850KB to ~500KB
closes: CORE-2755
Test plan:
* with the dev CDN set up in canvs_cdn.yml
* run: RAILS_ENV=production bundle exec rake canvas:compile_assets
* then run: bundle exec rake canvas:cdn:upload_to_s3
* then run:
RAILS_ENV=production bin/rake brand_configs:generate_and_upload_all
* then run RAILS_ENV=production bundle exec rails s
now go to canvas in your browser
* from any browser that supports brotli compression, the assets you get
From the CDN should come from /br/dist/whatever
(instead of /dist/whatever)
* everything should work the same but you should notice smaller file
Sizes in the network panel for your js and css assets
Now go to canvas in a browser that doesn’t support brotli, like IE 11
* you should see that it gets its css and js files from
<cdn host>.com/dist/whatever (and not from /br/dist/whatever)
* you should notice that the assets you are looking at are gzipped
Just like before, and you can compare against those in chrome and see
That the gzip version of those files is bigger than the brotli version
Change-Id: I81d28fa31c307d745ecd9b84f1fd55c07fba88ca
Reviewed-on: https://gerrit.instructure.com/188866
Tested-by: Jenkins
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
closes: CORE-2588 CORE-2591
This completely removes the legacy RCE codepath. So you will need to
Have an https://github.com/instructure/canvas-rce-api running to use
sidebar in any Rich Content Editors.
Test plan:
* smoke test to make sure that the editor and sidebar work as it did
When you had the RCS feature flag on.
* there should not be any more settings or feature flags around turning
on the RCS service
Change-Id: I1c3e7f5a45eed5e010d8e425ae561e45f739fd3a
Reviewed-on: https://gerrit.instructure.com/186525
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
the will_paginate gem doesn't provide SR-friendly page link titles
like 'Page 1'. We are now providing a custom link renderer that does
I18n and friendlier links.
fixes ADMIN-2423
test plan:
- enable 'Faculty Journal' feature in account and enroll enough
users in a course to force pagination (>20). [i have a script
if you want it]
- View Faculty Journal in the account's admin nav
- Numbered page's links have: title="Page 1"
- Previous and Next links have title="Previous Page" and "Next Page"
respectively
Change-Id: I05adb2f778166ce17fb72e0e4ab7270e01df83c5
Reviewed-on: https://gerrit.instructure.com/185608
Tested-by: Jenkins
Reviewed-by: Rex Fleischer <rfleischer@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Rex Fleischer <rfleischer@instructure.com>
Product-Review: Carl Kibler <ckibler@instructure.com>
* send a CSP applying only to frames in the main page
* send a CSP applying to both frames and scripts with attachments
* tools only get included in the frame-src directive
* include the files domain in both for now
* search for course context on a file through submissions, if possible
Test Plan:
- Enable CSP feature flag
- Configure a csp_logging host in dynamic_settings.yml (see example)
- Have a files domain configured
- Turn whitelist on
- Upload html file containing a violation like
<script src="https://www.google.com/nonexistent.js/"></script>
- Preview the file
- The page should load, but your browser console should show that
the JS was blocked
- The browser network log should show a violation reported to the
violation service
- Embed an iframe in RCE stuff referencing some other site (like
YouTube)
- it should get blocked
- Turn the whitelist off
- Retry; the JS or iframe should (attempt) to load, but a violation
should still be reported
- Repeat all of the above, but this time be a student uploading an
html file as a submission for an assignment, and then view the
submission in speedgrader as a teacher/admin
Change-Id: I19823844b3d87fd19e43c17284cf7b987df26e74
Reviewed-on: https://gerrit.instructure.com/182000
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes GRADE-2058
Test plan:
NB: In the test plan below, "anonymized" refers to links of the form:
assignments/<assignment ID>/anonymous_submissions/<anon ID>
as opposed to the standard, "non-anonymized" form:
assignments/<assignment ID>/submissions/<user ID>
Note that the above format is solely for submissions and submission
comments: rubrics behave a bit differently, as described below.
Setup:
- Create the following assignments corresponding to test sections:
1. An assignment with anonymous peer reviews
2. An assignment with non-anonymous peer reviews
3. An assignment with anonymous peer reviews + a rubric
4. An assignment with non-anonymous peer reviews + a rubric
- For each assignment, assign some peer reviews
- Have the Network panel in your browser's developer tools handy so you
can see the requests being sent, as described below
Testing (1):
- As a peer-reviewer, open the assignment
- The 'Assigned Peer Reviews' links should be anonymized
- Select one to peer-review
- Check that leaving a comment sends an anonymized request
- As that student, open your own submission details page
- This URL should *not* be anonymized
- Leaving a comment should send a non-anonymized request
- As a grader, open the submission details page for a student
- The links should *not* be anonymized
Testing (2):
- As a peer-reviewer, open the assignment
- The peer review links and comment requests should *not* be
anonymized
- As a grader, open the assignment
- Same here; links should not be anonymized
Testing (3):
- Take a mighty breath and gird yourself for battle
- As a peer-reviewer, open the assignment
- Click "Show Rubric" and submit a rubric assessment
- Check that the parameters of the sent request include:
- rubric_assessment[anonymous_id]: <anonymous ID>
- They should *not* include rubric_assessment[user_id]
- Unlike with submissions, the URL will not change for
anonymous rubric assessments (since it includes no
data directly identifying the user)
- As a grader, open the assignment
- Submit a rubric assessment
- Check that the parameters of the sent request include:
- rubric_assessment[user_id] (i.e., same as before)
A note on testing rubrics: as far as I can tell, students can't edit a
peer review rubric after they've submitted it. To work around this in
testing, you can set the workflow_state of the relevant RubricAssessment
to 'assigned' (instead of 'completed') and it'll be editable again.
Testing (4):
- Same as (3), but in both cases we should send
rubric_assessment[user_id] as before
Finally:
- Do some smoke testing for assignments (3) and (4) in SpeedGrader to
make sure we haven't broken rubrics there
- Note that SpeedGrader will not currently attempt to anonymize
rubric assessments as described above even if anonymous grading
is enabled, which is fine for now since peer reviewers can't
access SpeedGrader
Change-Id: I25d9350a6a486fd5ba84b9c784017eac45d24098
Reviewed-on: https://gerrit.instructure.com/184406
Tested-by: Jenkins
Reviewed-by: Jeremy Neander <jneander@instructure.com>
Reviewed-by: Gary Mei <gmei@instructure.com>
QA-Review: Gary Mei <gmei@instructure.com>
Product-Review: Jonathan Fenton <jfenton@instructure.com>
fixes third-party cookie disabling on latest Safari
test plan:
* in an environment with a files domain set up,
have an inline html file referencing an image with a
relative link
* upload the html file and image to a course
* add the html file as a module item
* view the module item in an up-to-date version of Safari
* should load the image correctly
closes #CORE-2450
Change-Id: I201b8f60e29016d579844de7a37fccabc285da52
Reviewed-on: https://gerrit.instructure.com/184511
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
closes ADMIN-2334
Test plan
- In a course with a student enrolled
- Set up an assignment, a quiz, a wiki page
and a discussion topic
- In the body of the above, make sure to set
up at least one notifiable bad link (a link
to a course the student doesn't have access
to, something that 404s like offline_web_exports
if it's not turned on, something unpublished.
deleted doesn't work, because it redirects
right now)
- Set up an instructor with immediate, daily,
weekly and no notifications for Content
Link Errors
- As the student, visit the links
- Check /messages for the instructor(s) to ensure
the notifications were received (or not) as
expected and the notifications look right
according to ADMIN-2334
- (If you need to send daily/weekly notifications
you can do `DelayedMessage.where(workflow_state:
'pending').update_all(send_at: 1.day.ago)` and
then `SummaryMessageConsolidator.process` when
jobs are running to kick them off
Change-Id: Ia324b1f5360dda91641f22ff1a6a2ba528aa4669
Reviewed-on: https://gerrit.instructure.com/179823
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Mysti Sadler <mysti@instructure.com>
Product-Review: Christi Wruck
fixes CORE-2320
check if it's enabled, not if it has (possibly inherited) settings
test plan:
* have canvas auth, don't set up the sessions plugin
* /login/canvas should have a remember me checkbox
Change-Id: Ia29d0f4a4cd7a8bd04f58ad331f01303f5aa8647
Reviewed-on: https://gerrit.instructure.com/180627
Tested-by: Jenkins
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
fixes CNVS-45018
Test plan:
- Create a pass/fail assignment
- Open the assignment as a student
- You should not get an error
Change-Id: Icac1ee7acb7b03700190f612ed642793a292cfda
Reviewed-on: https://gerrit.instructure.com/179464
Reviewed-by: Keith Garner <kgarner@instructure.com>
QA-Review: Adrian Packel <apackel@instructure.com>
Product-Review: Keith Garner <kgarner@instructure.com>
Tested-by: Jenkins
closes QO-453
Test plan:
Create quiz with each question type
Preview the quiz
- verify that all form elements are
read correctly with labels
Take the quiz
- verify that all form elements are
read correctly with labels
Change-Id: Ieed3912cadf750754f4aaef0ebc545312709249b
Reviewed-on: https://gerrit.instructure.com/177125
Reviewed-by: Omar Khan <okhan@instructure.com>
QA-Review: Omar Khan <okhan@instructure.com>
Tested-by: Jenkins
Product-Review: Nathan Nuclear <nathan@instructure.com>
test plan:
* create a pass/fail assignment
* submit to the assignment
* the "Complete" and "Incomplete" in the sidebar
should be lolcalized
closes #CNVS-44743
Change-Id: I03d7e87f8b63b5bde31a5bbe3516a6a38c6098c8
Reviewed-on: https://gerrit.instructure.com/176352
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
* Adds a validation on the backend to
prevent a new submission when necessary
* Adds indicators to the UI that are shown
when allowed_attempts are set on an
assignment
Test Plan:
* Set allowed_attempts and extra_attempts for an
assignment and student, using the instructions from
the test plan on PFS-11440
* Validate that the UI is updated to show Attempts and
Allowed Attempts in the following locations:
- Student assignment submission page
- Teacher assignment page
- Student Assignment Details page
* Create multiple submissions as a student until you
reach the max allowed for that student. Validate that
the "Submit Assignment" button is now disabled.
* Use the API to try and submit an assignment (since
the UI won't let you):
https://canvas.instructure.com/doc/api/submissions.html#method.submissions.create
Validate that the submission errors out and is not created.
* Validate that if "allowed_attempts" is not set on an assignment,
that there are no changes to the UI on the pages listed above.
refs PFS-11441
Change-Id: I76a81d4d3c58ca5266645a3cb7b3d3cbc5bedb22
Reviewed-on: https://gerrit.instructure.com/173320
Tested-by: Jenkins
Product-Review: Bryce Stevenson <bstevenson@instructure.com>
QA-Review: Marisa Jense <mjense@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
fixes COMMS-1752
Test Plan
* Create two modules
* Lock a module as a prereq saying must done in order
* Create a bunch of assignments for module
* Mask as a student and notice that assignments with
prereqs cannot be accessed and wil lead the user back to the
prereq assignment
Change-Id: I44ba88e93d775880a3b730a94fcbb2e5f0f48c6e
Reviewed-on: https://gerrit.instructure.com/173725
Tested-by: Jenkins
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Aaron Hsu <ahsu@instructure.com>
Product-Review: Aaron Hsu <ahsu@instructure.com>
Closes ADMIN-257
Test Plan:
* Ensure that you are able to reorder/drag-n-drop dashcards
without having to enable any feature flags
Change-Id: Ia09c4ee821eb6a867a9521fdff5ccda5c599bcca
Reviewed-on: https://gerrit.instructure.com/166529
Tested-by: Jenkins
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
Reviewed-by: Carl Kibler <ckibler@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Carl Kibler <ckibler@instructure.com>
closes OUT-2548
"n Number of Time" outcomes can generate rollups with
a nil score because only result scores above mastery are used
to calculate the final rollup score. Exclude those nil scores
when calculating average and median. If all scores are rejected,
then the aggregate score should be nil.
test plan:
- in a course, create an outcome with the "n Number of Times"
calculation method
- create an assignment
- align the outcome to the assignment via a rubric
- submit to the assignment with two student users
- assess the rubric submissions, selecting the 0 point tier
- confirm that the LMGB page loads without error, both
with "Course Average" and "Course median" selected
Change-Id: Ic64a1c89afc04a998a311694786e295ae81adc29
Reviewed-on: https://gerrit.instructure.com/170947
Reviewed-by: Frank Murphy III <fmurphy@instructure.com>
Reviewed-by: Neil Gupta <ngupta@instructure.com>
Tested-by: Jenkins
QA-Review: Brian Watson <bwatson@instructure.com>
Product-Review: Neil Gupta <ngupta@instructure.com>
test plan:
* have a course with a student and observer
in the same section
* set the student enrollment to restrict them
from viewing users outside of their section
* the student should not now be able to see
the observer in the course user list
closes #ADMIN-1574
Change-Id: I02f25f75edcc7d99eba6967054561b26488fea0b
Reviewed-on: https://gerrit.instructure.com/170050
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Test plan
- As an observer (who is observing a student
either through the observer role linked to
a student or through an observer enrollment
linked to a student enrollment
- Verify that you can see the setting in user's
notification settings
- Verify that when you send a submission graded
or submission grade changed notification
(email, html email, twitter, text, summary)
you get the student's name in the notification
- Other notifications should be updated in the
future, but will be on other commits
Change-Id: Ia05b42b8d0a80e5aa41de2cc5151caa258142fda
Reviewed-on: https://gerrit.instructure.com/167854
Tested-by: Jenkins
Product-Review: Matthew Goodwin <mattg@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
closes QO-411
test plan:
- create quiz, adding math to all
RCE-enabled text inputs
- save the quiz and re-edit; verify
that MathML content (hidden-readable field)
is present below every rendered equation
image
- preview the quiz as an instructor; verify
that MathML content is present below every
rendered equation
- take the quiz as a student; verify...
- view the results as a student; verify...
Change-Id: I73305358b4ac559479f3182209fe17a93fbc8ce5
Reviewed-on: https://gerrit.instructure.com/167018
Tested-by: Jenkins
Product-Review: Nathan Rogowski <nathan@instructure.com>
Reviewed-by: Omar Khan <okhan@instructure.com>
QA-Review: Omar Khan <okhan@instructure.com>
Fixes: CORE-1964
This reverts commit 72d558f095
this restores the commit (aka, reverts that ^ revert) that was causing
us bugs on caturday. the root cause of the bug was that
["active_record_types", [], self].cache_key
and
["active_record_types", nil, self].cache_key
return the same string.
how to replay the buggy scenerio:
(as a student, in a course with annnouncements):
* right after having "touched" the course (so there's nothing cached),
* have one person go to /courses/:course_id/assignments/syllabus
* in the controller action for that, it will do:
`return unless tab_enabled?(@context.class::TAB_SYLLABUS)`
that will call Course::uncached_tabs_available(only_check: @context.class::TAB_SYLLABUS)
which would have called @course.active_record_types(only_check: [])
(because @context.class::TAB_SYLLABUS is not one of the `tabs_that_can_be_marked_hidden_unused`)
which woud have written `{}` to redis at ['active_record_types', [], self].cache_key
* now, as a different student, go to /courses/:course_id/annnouncements
it will call `tab_enabled?(@context.class::TAB_ANNOUNCEMENTS)`
that will call Course::uncached_tabs_available(only_check: @context.class::TAB_ANNOUNCEMENTS)
which will call @course.active_record_types(only_check: [:announcements])
it will do a cache read for ['active_record_types', [:announcements], self].cache_key
since it it a fresh cach, that will not be found
then it would have done a cache read for the "everything" cache at
['active_record_types', nil, self].cache_key
THAT WOULD HAVE RETURNED THE CACHED `{}` SINCE `nil.cache_key` and `[].cache_key` ARE THE SAME!
* the user would be told the announcement page is not enabled for that course
the fix is to explicitly not allow Context::active_record_types to ever
be called with `only_check: []`
and for good measure, we don't allow the implicit conversion of
nil.cache_key to "" and instead use "everything" for the cache cache_key
I added specs to spefically catch this bug so that it doesn't happen again.
To see the difference, compare the latest patchset of this commit against
patchset 1. patchset 1 is the original version of this code without this
fix.
Change-Id: I513104b90dd94227a04c151ee02a22f4a4ac2832
Reviewed-on: https://gerrit.instructure.com/167400
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Change-Id: I11f0e7eeb75504bacb4afd8ab41e58b4e49d2695
Reviewed-on: https://gerrit.instructure.com/167265
Tested-by: Jenkins
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
Reviewed-by: Carl Kibler <ckibler@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
closes PLAT-3774
Test Plan:
- Go to a root account, see that the confusion is gone
- Go to a subaccount, things are the same
Change-Id: I9f1cd14fd04135a19027f3bfd25360a043263649
Reviewed-on: https://gerrit.instructure.com/167219
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Tested-by: Jenkins
Product-Review: Marc Phillips <mphillips@instructure.com>
This will now show the last message that the user was part of in
the activity stream instead of the last message sent to anyone in
the parent conversation.
Fixes COMMS-1468
Test Plan:
* Have a course with at least one teacher and two students
* As the teacher, send a message to both students
* Go to student 1's dashboard and select the activity stream. Notice
the timestamp for the message
* Wait for 60 seconds
* As student 2, reply to the message (only reply to the teacher).
* If you have redis caching setup, flush the cache here by running
`redis-cli` in a terminal, then running `flushdb`
* As student 1, reload your dashboard and notice the timestamp for
the conversation hasn't been changed.
Change-Id: I51968966643f351faaf46bcdfce542ec77617039
Reviewed-on: https://gerrit.instructure.com/165893
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
Tested-by: Jenkins
Product-Review: Landon Gilbert-Bland <lbland@instructure.com>
fixes COMMS-1429 COMMS-1433
Test Plan:
- Create an assignment assigned to "everyone", and publish it.
- Have one or more students submit.
- Edit the assignment and assign to only student(s) who have not submitted and save.
- Note that you can now unpublish the assignment. Unpublish it.
- Edit the assignment again and add an override for "everyone else" back in and save.
- Note that you can publish the assignment both from the index page and
the show page
Change-Id: I35f8ed1ef0ddc0b4f790084ab9cff263ec2f7144
Reviewed-on: https://gerrit.instructure.com/165701
Tested-by: Jenkins
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
QA-Review: Aaron Kc Hsu <ahsu@instructure.com>
Product-Review: Steven Burnett <sburnett@instructure.com>
test plan: go to /graphiql and confirm the useFallback
argument to avatarUrl functions as expected
on a user with no defined avatar
i.e.,
{
legacyNode(_id: 2, type: User) {
... on User {
name
avatar_url:avatarUrl(useFallback:false)
}
}
}
should return null for avatar_url
closes ADMIN-1426
Change-Id: Ic388bd4130fbbb892b37462852be2861d8af5c93
Reviewed-on: https://gerrit.instructure.com/163869
Reviewed-by: Cameron Matheson <cameron@instructure.com>
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Mysti Sadler <mysti@instructure.com>
Tested-by: Jenkins
Product-Review: Jeremy Stanley <jeremy@instructure.com>
neither the web app nor the mobile apps use it
refs ADMIN-1426
test plan: specs
Change-Id: I73b31a396fe75a21501ed6f30ed5134d6e84846b
Reviewed-on: https://gerrit.instructure.com/163306
Tested-by: Jenkins
Reviewed-by: Carl Kibler <ckibler@instructure.com>
Reviewed-by: Mysti Sadler <mysti@instructure.com>
Reviewed-by: Steven Burnett <sburnett@instructure.com>
QA-Review: Mysti Sadler <mysti@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Closes: CORE-1781
This removes the need to precacluate permissions for the dashboard card
response by instead just calculating the permissions for the tabs we are
actually going to show (ie: only discussions, assignments,
announcements, and files). Since there is a lot less work to just
calculate those 4, and since we’re only showing a max of 20 courses,
it’ll be faster/easier to maintain to just lazy-compute them.
It also changes the logic in the Course::tabs_available method to not
even do the permission check if we’ve already ruled out that we want to
show this tab, thus preventing a ton of permission lookups that don’t
need to happen.
And lastly, it adds the ability to just check the active_record_types
We care about so we don’t do more ‘count’ SQL queries than we need to.
So the net result is that the request to load the dashcards should be
a lot faster since we only check the permissions we absolutely have to.
and we don’t preload or compute anything that we don’t.
Test plan:
* the XHR for /dashboard-cards when you go to the dashboard page
Should only include course links to the tabs that are shown on the
dashcards. (ie: only discussions, assignments, announcements, & files)
* app server/db/redis server load from the dashboard page should go down
Change-Id: I1869b0ca3c3b894a76a9c76ebb74cc4371911753
Reviewed-on: https://gerrit.instructure.com/161982
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins
QA-Review: James Williams <jamesw@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Closes PLAT-3704
Test Plan:
- Navigate to a sub account's settings page and verify the
'Students can see originality score' select box has defaulted
to 'Parent account setting'
- In the root account change the value of the same setting to
'Never'
- In the sub account create an assignent with a plagiarism platform
tool and verify the visibility option is 'Never'
- In the sub account settings change the same setting to 'After
the Due Date'
- In the sub account create an assignment with a plagiaris platform
tool and verify the visibility option is 'After the Due Date'
Change-Id: I3d9456d90eba7d43e7355da6459c78563f9fdecd
Reviewed-on: https://gerrit.instructure.com/163214
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Jesse Poulos <jpoulos@instructure.com>
ENV.current_user.avatar_is_fallback will be set if the
avatar_image_url is a fallback and not set by the user,
so projects that don't want to display fallbacks can
distinguish these cases
test plan:
- as a student with no avatar image, create a personal
ToDo in the planner dashboard
- the circle icon on the item should have your initials,
not the generic gray face icon
fixes ADMIN-1086
Change-Id: I30cdf579dc74491d5af8c98770227da6c3bddd7a
Reviewed-on: https://gerrit.instructure.com/157262
Tested-by: Jenkins
Reviewed-by: Mysti Sadler <mysti@instructure.com>
QA-Review: Ed Schiebel <eschiebel@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
fixes ADMIN-1276
Test plan
- Create a discussion topic and an assignment in a course
- Have a student submit the assignment
- Have another student or teacher reply to the discussion
and make a comment on the submission
- Load the planner and ensure the new info shows up for
the item in question (and show the new activity dot)
- As the student, view the unread entry (view the
discussion or the submission comment from their link
directly) and ensure the item no longer has the new
activity dot
- Also ensure that if you mark a peer review as
complete: false that it will still mark itself as
complete: true when you complete the peer review
Change-Id: I5d7c05795f21fc6669dc376d180ac194e4045970
Reviewed-on: https://gerrit.instructure.com/160679
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Carl Kibler <ckibler@instructure.com>
QA-Review: Jon Willesen <jonw+gerrit@instructure.com>
Product-Review: Mysti Sadler <mysti@instructure.com>
Change-Id: Ic36dd2407a5e32bf816d731991dabbf6eb3168c1
Reviewed-on: https://gerrit.instructure.com/162911
Tested-by: Jenkins
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Re-used files in attachments in submissions will re-use the same
attachment, making it impossible to identify which Submission a
document belongs to, and thus which Assignment. This commit also
adds a callback url for DocViewer to use when posting audit events
back to Canvas.
refs GRADE-1507
Test Plan
- Drop a debugger statement before the redirect_to_url call in
canvadocs sessions controller.
- Launch a DocViewer session from within Canvas.
- Inspect the opts object once the debugger statement stops you.
- Verify that there is indeed a submission id.
Change-Id: If985646b6b8f4bf3507c68dec0f66a91c167b329
Reviewed-on: https://gerrit.instructure.com/161838
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Daniel Lee <dlee@instructure.com>
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: Gary Mei <gmei@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
Fixes: CORE-1793
Test plan:
* set your language to arabic
* the interface should be RTL
Change-Id: I68e6fbf5b0371924fa27355499ad978ee37acdff
Reviewed-on: https://gerrit.instructure.com/162624
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
QA-Review: Ryan Shaw <ryan@instructure.com>
Refs ADMIN-191
Closes ADMIN-1305
Test Plan:
* With student planner enabled
* Having an assignment with submissions
* As a student (reviewer) that's assigned as a
peer reviewer to another student's submission
* GET /api/v1/planner_items
* The peer review task should be included in the
results, with the `plannable_type` set as
"assessment_request" and the `plannable` being
the submitting student's submission
* The `assignment` object should be present on
the `plannable` submission
Change-Id: Ifcba8b2631c6ab28f73791962bc739b2b25e5016
Reviewed-on: https://gerrit.instructure.com/157513
Tested-by: Jenkins
Reviewed-by: Mysti Sadler <mysti@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Dan Minkevitch <dan@instructure.com>
When talking to DocViewer, include relevant data for the current user as
well as the filter of users whose comments should be shown. This commit
enables functionality for anonymous annotations.
closes GRADE-1427
closes GRADE-1456
Test Plan 1: Moderated Assignments
1. Create a moderated assignment and allow for at least two provisional
graders in addition to the final grader. Then, leave at least one
annotation and one comment per provisional grader, final grader, and
the student.
2. When "Graders cannot view student names" is checked, verify that
no instructor or admin can see the students identity on annotaions.
Instead, the student's name should show up simply as 'Student'.
3. When "Graders cannot view each other's names" is checked, verify that
non-admin, non-final-grader provisional graders cannot see each
other's names on annotations. Instead, they should see a generic
grader name such as "Grader 1".
4. When "Final grader can view other grader names" is unchecked, verify
the final grader cannot view the other graders' names on annotations.
Instead, they should see a generic grader name such as "Grader 1".
5. Smoke test the settings listed in steps 2, 3, and 4 in various
combinations of being on or off.
6. While the assignment is still in moderation, verify the student can
only see their own annotations.
7. When grades are published for the assignment, verify the assignment
no longer shows any anonymous annotations.
Test Plan 2: Anonymous, Not Moderated Assignments
1. Create an anonymous assignment. Submit to the assignment as a student
and leave some annotations as the student and as an instructor.
2. Verify the student can only see their own annotations while the
assignment is still muted.
3. An instructor *should* be able to see any annotations made by an
instructor, but DocViewer has not implemented this functionality
on their side yet. As a result, just verify that an instructor
can see the student's annotations but they are anonymized while
the assignment is muted.
4. Unmute the assignment and verify the annotations are no longer
anonymized, and the student can now see annotations from instructors.
Test Plan 3: Normal, Not Anonymous Assignments
1. Do a general smoke test of not anonymous, not moderated assignments
to verify annotations still show up as expected.
Change-Id: I181a6ace3c00ca93ab8e6c7608a034b521ed78b7
Reviewed-on: https://gerrit.instructure.com/161486
Reviewed-by: Derek Bender <djbender@instructure.com>
Tested-by: Jenkins
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: Derek Bender <djbender@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
test plan:
* the dashboard should still work
closes #CORE-1746
Change-Id: Id522cf740eed9e60a7410f0222bb1a76add2fcb0
Reviewed-on: https://gerrit.instructure.com/161484
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
fixes RECNVS-563
allow canvas to proxy bytes straight from inst-fs same as it did for s3.
test-plan:
- have canvas set up with inst-fs
- upload a small html file to inst-fs through canvas
- preview the file in canvas
- bytes should be served from canvas directly instead of being
redirected to inst-fs
Change-Id: I36daa2cbe6be6807e8104e404523836ffcdc2974
Reviewed-on: https://gerrit.instructure.com/161102
Tested-by: Jenkins
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
test plan:
* regression test dashboard
closes #CORE-1733
Change-Id: I301e8670c9fccd1a2340adce01379f0c6d3b7c01
Reviewed-on: https://gerrit.instructure.com/161174
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Closes ADMIN-1320
Test Plan:
Part A:
* With student planner enabled
* As a student with a past/completed enrollment
* Visit the user dashboard
* The option for "List View" should be available
in the dropdown to change the dashboard view
Part B:
* With student planner enabled
* As a student with a future enrollment
* Visit the user dashboard
* The option for "List View" should be available
in the dropdown to change the dashboard view
Change-Id: I5b425c23797a266427587a5f64e8580bff683915
Reviewed-on: https://gerrit.instructure.com/160366
Tested-by: Jenkins
Reviewed-by: Ed Schiebel <eschiebel@instructure.com>
QA-Review: Carl Kibler <ckibler@instructure.com>
Product-Review: Dan Minkevitch <dan@instructure.com>
Ungraded surveys are different from graded quizzes in that they never
get a real Submission, so the code in the Submission model that
completes the planner override is never exercised. Have to special case
this in the Quizzes::QuizSubmission model
fixes ADMIN-1275
test plan
- create an ungraded survey in a course your student is enrolled in
- have the student take the survey
- have the student load the planner
> expect the survey to be marked complete
- create an ungraded survey in a course your student is enrolled in
- have the student load planner
- have the student use the checkbox to complete then un-complete the
ungraded survey
- have the student take the survey
- have the student return to planner
> expect the survey to be marked as complete
Change-Id: Ia54a7a02cca666ab315655fecbdb996a1c605417
Reviewed-on: https://gerrit.instructure.com/160344
Tested-by: Jenkins
Reviewed-by: Mysti Sadler <mysti@instructure.com>
QA-Review: Mysti Sadler <mysti@instructure.com>
Product-Review: Ed Schiebel <eschiebel@instructure.com>
closes ADMIN-143
Test plan
- Have a graded quiz, discussion and wiki page
- Try to create planner overrides for the
assignments for all of them
- Ensure the planner override gets created for
the quiz/discussion/wiki page instead
- Have a group discussion
- Try to create a planner override for one of
the child topics
- Ensure the planner override gets created for
the parent topic
- Have an announcement and create a planner
override for it
- Make an api call for the override and ensure
it shows up as "announcement" in the type
instead of discussion_topic
Change-Id: I7940f27508453cdc03366eda10d59e5ca1fbf110
Reviewed-on: https://gerrit.instructure.com/156904
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Mysti Sadler <mysti@instructure.com>
The user marks an item as complete, then incomplete, then submits the
assignemt. Currently, the planner_override.marked_complete is used to
set the item to incomplete. The behavior we want if for the submission
to override the student's uncheck, until they uncheck it again.
This is a corner case, probably seen only in a demo
environment.
Update planner_override.marked_complete when the
submission is submitted. The ugly part is that we have to look at the
submission's assignment for discussion_topic and quiz to find
the right override until assignments are handled more uniformly.
closes ADMIN-1262
test plan:
- have an assignment
- have student check as complete, then uncheck as incomplete
- have student submit the assignment
- have the student refresh the planner
> expect planner to show assignment as complete
- have the student uncheck the assignment as incomplete
- have the student refresh the planner
> expect planner to show the assignment as incomplete
- have the teacher grade the assignment
- have the student refresh the planner
> expect the assignment to still be unchecked as incomplete
- repeat with a graded discussion, a quiz that requires grading,
and an auto-graded quiz
Change-Id: I59be1e39ef35ecbd8bd60d3075d023154de49609
Reviewed-on: https://gerrit.instructure.com/159125
Tested-by: Jenkins
Reviewed-by: Mysti Sadler <mysti@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Christi Wruck
Show pairing code generation button only when self registration
is turned on
Refs: MBL-10903, MBL-10904
Test Plan:
- The feature flag for generating a pairing code should
now be gone
- Turn on self registration in your account
- Go through the pairing code generation and observer
sign up process
- Everything should still work
- Turn off self registration
- The generate pairing code button should no longer be visible
Change-Id: I1431d358bbe24078c24fce98d727f150aa5ab847
Reviewed-on: https://gerrit.instructure.com/157514
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
Tested-by: Jenkins
Product-Review: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
when item (assignment or wikipage) can be marked done in exactly
one module, its mark-done status will reflect as completed in
planner, and vice versa.
closes ADMIN-966
test plan:
- Set assignment as having "mark done" requirement in ONE module
- Verify that marking done in module shows complete in planner and
marking un-done then un-completes it in planner.
- Add to second module, also with "mark done" requirement. Planner
status will no longer be affected by its done status.
Change-Id: Ifaed71b3397a995a0385e4add033c556600966cc
Reviewed-on: https://gerrit.instructure.com/157184
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Carl Kibler <ckibler@instructure.com>
Refs MBL-10896
Test Plan
- You should have the feature flag on for pairing codes
- In account authentication settings under the canvas
authentication section enable self registration
for all accounts
- Go to a student and generate a pairing code
- In a private browser window go to the login page
- Click on the Need a canvas account link
- At the new page click on the Parents sign up here
link
- Fill out the form with the pairing code
- It should create the parent account
Change-Id: Id56d955ca3735a10d761428fba01d263cd463282
Reviewed-on: https://gerrit.instructure.com/157333
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Tested-by: Jenkins
This patchset fixes two issues related to passing the enrollment type
to docviewer.
The first issue is that since admins are not enrolled in
a course, they had no enrollment to share. We now look to see if the
user is an admin. Other enrollment types are now checked as well.
The second issue is that mobile speedgrader currently isn't passing
along the enrollment_type parameter. Temporarily we'll try to look up
which course an attachment is part of and guess the role. (This may
change as we coordinate with mobile to get better behaviour.)
fixes GRADE-1364
fixes GRADE-1365
test plan:
- As an admin, view a student's submission in speedgrader, ensure
DocViewer launches.
- Ensure mobile speedgrader can launch DocViewer
Change-Id: I4512d99ccecd3b38bd57ab9d4c803084b053bc8c
Reviewed-on: https://gerrit.instructure.com/157025
Reviewed-by: Adrian Packel <apackel@instructure.com>
Tested-by: Jenkins
Reviewed-by: Gary Mei <gmei@instructure.com>
Reviewed-by: Derek Bender <djbender@instructure.com>
QA-Review: Spencer Olson <solson@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
Unmuting an anonymous assignment will now cause that assignment to show
in the UI as though it is not anonymous. In addition, posting grades for
a moderated anonymous assignment will now cause that assignment to show
in the UI as though it is not anonymous.
closes GRADE-1310
closes GRADE-1313
Test Plan:
1. Verify unmuting an anonymous assignment causes that assignment to no
longer be anonymized in the UI. You can do this by spot checking
gradebook (old/new/individual) and SpeedGrader. In addition,
re-muting an unmuted anonymous assignment should cause the assignment
to become anonymized in the UI.
2. Verify posting grades for a moderated, anonymous assignment causes
that assignment to no longer be anonymized in the UI (even if the
assignment is muted).
Change-Id: I113c61b4e7fa0eb8909448d8ba7cffb22600e17c
Reviewed-on: https://gerrit.instructure.com/156151
Reviewed-by: Gary Mei <gmei@instructure.com>
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: James Butters <jbutters@instructure.com>
Tested-by: Jenkins
Product-Review: Sidharth Oberoi <soberoi@instructure.com>
closes OUT-2144
test plan:
- create a course-level outcome with default rubric criterion
- create an assignment that is aligned to that outcome
- create two sections in a course (in Settings)
- create 6 student users, split evenly between the two sections
- masquerade as each student and submit to the assignment
- in speedgrader, assess the rubrics with the following scores:
1st section students: 5, 3, 0
2nd section students: 4, 2, 1
- perform an authenticated API call using a tool like Postman
to fetch the average aggregate score:
> /api/v1/courses/<course id>/outcome_rollups?aggregate=course
- confirm the average score is 2.5
- perform the same call again, but fetch the median aggregate score:
> /api/v1/courses/<course id>/outcome_rollups?aggregate=course&aggregate_stat=median
- confirm the median score is 2.5
- determine the "section_id" values for each of the two sections above
by running this in a Rails console:
> CourseSection.last(2).map(&:id)
- append "§ion=<section id>" to the average aggregate score call
above, and confirm the average scores:
1st section: 2.67
2nd section: 2.33
- append ""§ion=<section id>" to the median aggregate score call
above, and confirm the median scores:
1st section: 3
2nd section: 2
Change-Id: I5701fd3edc1ff423caf4735406ee1bc3b5b1b011
Reviewed-on: https://gerrit.instructure.com/156486
Reviewed-by: Frank Murphy <fmurphy@instructure.com>
Tested-by: Jenkins
Reviewed-by: Matt Berns <mberns@instructure.com>
QA-Review: Dariusz Dzien <ddzien@instructure.com>
Product-Review: Augusto Callejas <acallejas@instructure.com>
closes CORE-1577
Test Plan:
- With no custom login page logo set, the login page alt
text should be "Canvas by Instructure"
- Set a custom logo for the login page in the theme editor
- Alt text for the custom logo should be the account name
Change-Id: I8061a7fce3bfbe175e0e2e4b0cc9366fbf1ff391
Reviewed-on: https://gerrit.instructure.com/156340
Tested-by: Jenkins
Reviewed-by: Ryan Shaw <ryan@instructure.com>
QA-Review: Rohan Cheeniyil <rcheeniyil@instructure.com>
Product-Review: Nathan Rogowski <nathan@instructure.com>
fixes stuff
Test Plan:
- go through canvas
- anywhere you see wiki page notice it now
says page
- cheer
Change-Id: I51211da87fc3c54f1d957da9b11e32808868eb2d
Reviewed-on: https://gerrit.instructure.com/154269
Tested-by: Jenkins
Reviewed-by: Landon Gilbert-Bland <lbland@instructure.com>
QA-Review: Steven Burnett <sburnett@instructure.com>
Product-Review: Christi Wruck
Refs MBL-10412
Test Plan:
- As an admin go into the account feature
flags and turn on the feature flag for
Observer pairing codes
- As an admin go into the root account authentication
settings
- Turn on the ability for observers to create accounts
- As a student generate a pairing code on the /profile/settings
page
- As a parent go to the login page
- Click the create account for parents link
- Use the pairing code to sign up
- Once you are in the dash board you should
see the course your student is enrolled in
Change-Id: I22bbad7eb4e5c342ed15390802e8ab2b6377d3a8
Reviewed-on: https://gerrit.instructure.com/154050
Tested-by: Jenkins
Reviewed-by: Brent Burgoyne <bburgoyne@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Matthew Sessions <msessions@instructure.com>
Remove the old Anonymous Grading course flag; update checks for it to
instead look at whether a given assignment (or quiz) is anonymous.
closes GRADE-957
Test plan:
Course flag:
- Check that the relevant course flags are now 'Anonymous Grading (OLD)'
(which should not be able to be enabled) and 'Anonymous Grading' (the
"new" setting previously called Anonymous Marking)
- The old flag should be hidden for any course or account that does not
have a value in the database for it already
Assignments:
- Create an anonymous assignment and a non-anonymous assignment
- Test the assignments:
- SpeedGrader: student names should be visible for the non-anonymous
assignment only
- Log in as a student and upload submissions for the assignments
created above; as a teacher, download them and make sure that the
anonymous assignment does not include the students' names in
its filenames
Anonymous surveys:
- Create two quizzes with a type of Graded (or Ungraded) Survey, and
enable anonymous submissions for one of them but not the other
- Log in as one or more students and answer both surveys
- As a teacher, open the "Moderate This Survey" link for each survey:
- Student names should be shown for the non-anonymous survey but
replaced by "Student 1" and so forth for the anonymous survey
- The history page (accessible by clicking the name of a student who
has filled out the survey) should show the student's name for the
non-anonymous survey but only "Student" for the anonymous survey
Change-Id: Iaa0bc4e40b938056b8e9dfd6d13aff7e6b2ee7bd
Reviewed-on: https://gerrit.instructure.com/152985
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
Pass the role of a user (Teacher, Student, TA) to DocViewer. This role
should only be passed when annotations are enabled.
closes GRADE-1219
Test Plan
- Create an assignment that takes doc files (or any DocViewer file).
- Submit an assignment as a student.
- Put a debugger statement before the redirect_to in
canvadoc_sessions_controller#show.
- Navigate to SpeedGrader.
- In the console after the debugger is tripped, verify that the opts
hash contains enrollment_type with value 'teacher'.
- Navigate to Submission Details of that submission as a student.
- Click View Feedback.
- In the console after the debugger is tripped, verify that the opts
hash contains enrollment_type with value 'student'.
Change-Id: I51c5cf60f90a73143c2f270126ef259426111632
Reviewed-on: https://gerrit.instructure.com/152836
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
Tested-by: Jenkins
Reviewed-by: Neil Gupta <ngupta@instructure.com>
QA-Review: James Butters <jbutters@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
closes OUT-2300
test plan (dev-qa):
- create a new outcome
- create a new rubric and align the outcome
- align the rubric to a new assignment, ensure you
choose the box to remove points from rubric
- assess a student
- go to the LMGB
- the outcome_rollups response should include a
hide_points field in the json
- hide_points should be 'true' on the rollup for the new outcome
with the newly created outcome
- attach the newly create outcome to a different assignment, one
that doesn't have its points hidden on the rubric association
- assess the student
- return to lmgb
- hide_points should be 'false' for the rollup on the new outcome
Change-Id: I0f9accb4ff0cc76f40c08ce08e21091e35df6af8
Reviewed-on: https://gerrit.instructure.com/153547
Tested-by: Jenkins
Reviewed-by: Michael Brewer-Davis <mbd@instructure.com>
Reviewed-by: Augusto Callejas <acallejas@instructure.com>
Product-Review: Michael Brewer-Davis <mbd@instructure.com>
QA-Review: Michael Brewer-Davis <mbd@instructure.com>
fixes RECNVS-481
test-plan:
- create a simple test html file
- in a canvas instance with inst-fs enabled and a files domain
- as a teacher in the course, upload the html file to a course's files
area; note the new attachment's ID
- masquerade as a different user that has permission to view the file
(e.g. a student)
- open the network tab and go to
/courses/:course_id/files/:attachment_id
- the iframe source should be a canvas url that redirects to a files
domain url that then redirects to an inst-fs URL.
- the files domain url should have an `sf_verifier` query parameter.
it should be a JWT and decoding the JWT should reveal
`real_user_id`, `user_id`, and `oauth_host` claims
- the inst-fs url's JWT when decoded should reveal corresponding
`user_id`, `acting_as_user_id`, and `host` claims
- NOTE: the html file will download instead of displaying on the iframe
on the page. this is a bug but is unrelated to this commit.
Change-Id: Iad97e9ca1007a7ceaf3e2e111df08c0339d58d78
Reviewed-on: https://gerrit.instructure.com/152950
Tested-by: Jenkins
QA-Review: Collin Parrish <cparrish@instructure.com>
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
refs RECNVS-481
just rearrange the code to give an interface more amenable to extension.
minimal functional change in this commit. expected change in function:
* user_id in files domain redirect and files domain session is global
* files domain gives explicit 401 when verifier is invalid (tampered or
expired) rather than ignoring it and proceeding as if absent
test-plan:
- in a canvas environment with a files domain configured
- have a course with an uploaded file
- be logged in as a user with permission to access that file
- attempt to preview the file in the course's files area; the access to
the file should redirect through the files domain and should work
- copy the files domain url redirected to from the previous step, and
change the user_id to a different user, then attempt to access it;
should get an unauthorized response
Change-Id: Id0d04b80c856037b852139342f79b56f82888fa6
Reviewed-on: https://gerrit.instructure.com/151071
Tested-by: Jenkins
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes GRADE-976
test plan:
* Make sure the AMM flag is off
* All AMM features should be visible and work
* The Anonymous Marking and Moderated feature flags should be visible
* Toggling the AMM feature flag should do nothing
Change-Id: Ie0c52c23748389c6f5df5b85e8580bdf474c0a52
Reviewed-on: https://gerrit.instructure.com/152067
Reviewed-by: Adrian Packel <apackel@instructure.com>
Tested-by: Jenkins
Reviewed-by: Derek Bender <djbender@instructure.com>
QA-Review: James Butters <jbutters@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
This flag will let DocViewer know that any subsequent instructor
annotations should be hidden from viewers.
closes GRADE-1190
Test Plan
- Create an assignment, with anonymous instructor annotations
checked.
- Put a debugger statement in canvadoc_sessions_controller before
the redirect occurs.
- Ensure that the opts hash contains
anonymous_instructor_annotations and is set to true.
- In the debugger, type and enter 'continue'.
- Go to the submissions detail page of a submission.
- Open a preview of the submission.
- When the debugger is tripped again, verify that the opts hash
contains anonymous_instructor_annotations and is set to true.
Change-Id: I6611f06c08b03aad528942994e425d39c8014d24
Reviewed-on: https://gerrit.instructure.com/152428
Tested-by: Jenkins
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
QA-Review: James Butters <jbutters@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
to be used in conjunction with include[]=avatar_url,
this omits the fallback to the gray avatar-50.png image
and returns null instead, for clients who wish to provide
their own fallback
test plan:
- enable avatars in account settings
- have some users, some with defined avatar images and some without
- in the API endpoints that list users in an account and a course,
- ensure avatar_url is present in the results when
include[]=avatar_url is in the request
- ensure all users have a defined value there
(those with no custom avatar url will have a fallback value
such as /images/messages/avatar-50.png)
- ensure users with no custom avatar have a null value for
avatar_url when include[]=avatar_url&no_avatar_fallback=1
parameters are supplied (and users with avatars defined
continue to have the correct url there)
refs ADMIN-1081
Change-Id: I94dafe926054c0d20f6434bca9f49f1b57092a11
Reviewed-on: https://gerrit.instructure.com/151963
Reviewed-by: Dan Minkevitch <dan@instructure.com>
Tested-by: Jenkins
QA-Review: Luke Kingsley <lkingsley@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Closes ADMIN-1091
Test Plan:
* With two different users
* One with an active student enrollment
* One with a completed/inactive student enrollment
* In an account with Student Planner enabled
* The user with the active student enrollment should be able to
select the student planner as their dashboard
* The user without the active student enrollment should not
Change-Id: Ib1ceb377286069a43426f094ff5b5f28d82f8d95
Reviewed-on: https://gerrit.instructure.com/152388
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Luke Kingsley <lkingsley@instructure.com>
Product-Review: Dan Minkevitch <dan@instructure.com>
fixes RECNVS-471
fixes RECNVS-479
allows API requests from access tokens issued by whitelisted developer
keys to receive additional claims in the JWTs of inst-fs links in the
response. these additional claims are a workaround to cause inst-fs to
accept the link as if authenticated despite the client not having an
inst-fs session or presenting inst-fs with the access token.
updated API clients will need to present their API token when accessing
inst-fs links. once the clients associated with a developer key are
updated, the developer key will be removed from the whitelist. this is
only a temporary workaround.
test-plan:
- have inst-fs configured and enabled with your canvas instance
- generate a new access token for your user
- in the rails console of your canvas instance, set:
Setting.set('instfs.whitelist_all_developer_keys', 'true')
- using something without a session, like postman, POST to
/api/v1/courses/:course_id/files with a valid preflight and
authenticated via the access token (e.g. using the `Authorization`
header)
- the `upload_url` in the response should be an inst-fs link
- the `upload_url` should include a `token` query parameter with a JWT
as the value
- decoding the JWT from the `upload_url`, it should include
`legacy_api_developer_key_id` and a `legacy_api_root_account_id`
claims
- in the rails console of your canvas instance:
Setting.remove('instfs.whitelist_all_developer_keys')
- repeat the upload preflight attempt from above
- this time, the JWT should not include the `legacy_api_*` claims
Change-Id: I911d18c031d9ba90de808e260e4644beaef69ff9
Reviewed-on: https://gerrit.instructure.com/151690
Tested-by: Jenkins
Reviewed-by: Jonathan Featherstone <jfeatherstone@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
Closes ADMIN-1003
Test Plan:
* As a student
* Go to the dashboard
* Switch to a different view from the dashboard
view dropdown/select
* Reload the page to verify that the view you
chose persisted to the database
* As an admin in the same account
* Go to the account settings
* Set the "Default Dashboard View" to something
other than what the student has selected
* Save the setting
* Reloading the student's dashboard should have
the same view as before
* As the admin
* Check the "Overwrite all users' existing default
dashboard preference" option underneath the
default dashboard view select
* Save the settings
* Reload the student's dashboard
* It should show the view the admin set in the account
settings, overwriting whatever default view the
student had set prior
Change-Id: I0882212b8e96e777bb532ce3ba03ac1e1e04bf40
Reviewed-on: https://gerrit.instructure.com/149426
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Ed Schiebel <eschiebel@instructure.com>
Tested-by: Jenkins
Product-Review: Christi Wruck
Adds the `context_codes` param to the planner/items
endpoint to allow filtering for contexts like the
existing calendar endpoint allows.
This is primarily for laying the foundation
so that the planner items endpoint
can be used for both the planner and the calendar
since they share the same data.
closes ADMIN-930
Test Plan:
* Ensure planner APIs still return things correctly
without context codes
* Send various context_codes to the API and ensure
only items from that/those context_codes are returned
Change-Id: I3747ef82c382ca56b80ea97e740b70072179057b
Reviewed-on: https://gerrit.instructure.com/147880
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Luke Kingsley <lkingsley@instructure.com>
Product-Review: Mysti Sadler <mysti@instructure.com>
fixes RECNVS-462
in a production-like environment, the redirect to inst-fs happens after
a redirect to the files domain. on the files domain, the user's session
is not preserved and @current_user and logged_in_user are not set. but
in their place a value indicating the user is placed in the session.
when that value is present and the current user is absent, inst-fs
should use the session value in generating JWTs.
note: currently the session value only indicates the @current_user and
any information about the logged_in_user, if different, is lost when
arriving at the files domain. this will be fixed in a separate commit;
until it is, inst-fs will not work with a files domain while
masquerading.
test-plan:
- have a canvas environment with a files domain and inst-fs enabled
- upload an image to a course
- open the network tab in the developer tools then preview the image
- there should be a `preview` request to the current domain, which
redirects to the files domain
- there should be the request to the files domain, which redirects to
inst-fs
- there should be the request to inst-fs that returns with a 200 and the
image (i.e. the preview works)
- the JWT in the inst-fs request should include the correct user_id
claim when decoded
Change-Id: Ic804b52e24739a06355df5584d3f189ae8340366
Reviewed-on: https://gerrit.instructure.com/151070
Tested-by: Jenkins
Reviewed-by: Michael Jasper <mjasper@instructure.com>
QA-Review: Collin Parrish <cparrish@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
1. If Anonymous Moderated Marking is enabled, check the assignment's
anonymous grading setting to determine whether to anonymize names in
SpeedGrader, instead of always anonymizing assignments. If not enabled,
revert to checking the (old) "Anonymous Grading" course flag.
2. On the assignment edit page, make sure not to show the "Moderate" if
the assignment doesn't have moderated grading enabled (in addition to
the other conditions).
closes GRADE-1133
Test plan:
Testing SpeedGrader anonymity:
(Note that the "hide student names" setting in SpeedGrader's options
menu, if enabled, will force anonymity regardless of the assignment's
settings. If student names are showing up anonymous regardless of what
you do, make sure that setting is off.)
- Enable AMM for the root account
- Create an assignment with anonymous grading enabled and one without
- In SpeedGrader, the anonymous assignment should anonymize user names
while the non-anonymous one should not
- Disable AMM and make sure SpeedGrader anonymity is now determined
based on the course's Anonymous Grading setting (the *old* anonymous
grading setting) as it was before
Testing the Moderate link for an assignment:
("Never" and "always" in this plan mean that it should behave that way
regardless of the status of the AMM flag.)
- Create an assignment with moderated grading disabled:
- On the edit page, the "Moderate" button should never appear
- Create a moderated assignment and set the current user as final grader
- On the edit page, the "Moderate" button should always appear
- Create a moderated assignment and set a different user as final grader
- On the edit page, the "Moderate" button should appear if AMM is OFF
but be hidden if it is ON.
Change-Id: I4159dbe271cb76791aa93bb6ad07acdc333cdf53
Reviewed-on: https://gerrit.instructure.com/149863
Tested-by: Jenkins
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Jeremy Neander <jneander@instructure.com>
QA-Review: Anju Reddy <areddy@instructure.com>
Product-Review: Keith T. Garner <kgarner@instructure.com>
Cody Cutrer