Closes PLAT-3748
Test Plan:
- Create an LTI key with customizations
- Verify the disabled placements are persisted
to the database
- Verify the scopes are persited to the database
- Verify the LTI key flow works as expected
Change-Id: I97217b09cfb10b3732d6ded478b95a8999c6b4e5
Reviewed-on: https://gerrit.instructure.com/166691
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Marc Phillips <mphillips@instructure.com>
QA-Review: Marc Phillips <mphillips@instructure.com>
Closes PLAT-3767, PLAT-3796
Test Plan:
- Make a request to the create endpoint. In addition
to including the 'tool_configuration' param, provide
a 'developer_key' param that looks like the following:
{
name: 'some name',
email: 'test@test.com',
notes: 'notes'
scopes: [some valid scopes]
require_scopes: true,
test_cluster_only_true,
}
- Verify the developer key that gets created as part of
the request had those fields set correctly
- Verify the scopes must be valid scopes
- Validate this works when both when providing the
tool settings as a URL and as a JSON blob
- Verify the same things for the update endpoint
Change-Id: I3313e90c36ece876f3b3be76de916a25b4ae06af
Reviewed-on: https://gerrit.instructure.com/166245
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: Marc Alan Phillips <mphillips@instructure.com>
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes PLAT-3454
test plan:
* you can either test in production RAILS_ENV
or turn on eager_loading and disable class_cache in development
* The scopes list in the developer keys page should show all
expected scopes
Change-Id: I4018cdd8d4f08d32f549cfab5f4a135c2144c403
Reviewed-on: https://gerrit.instructure.com/152398
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
fixes PLAT-3311
test plan:
* run the rake task "doc:api"
* request the scopes from api/v1/accounts/:account_id/scopes
- you should get back a json object that includes the localized name
* request the scopes from api/v1/accounts/:account_id/scopes passing
the query param "group_by=resources_name"
- you should get back a json object with the scopes grouped by
localized resource_name
Change-Id: I2cab1822baef7cdda6471096153d60d4f7fe1e2b
Reviewed-on: https://gerrit.instructure.com/150233
Tested-by: Jenkins
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
refs PLAT-3024
test plan:
* request the scopes from api/v1/accounts/:account_id/scopes
- you should get back a json object that matches the documentation
* request the scopes from api/v1/accounts/:account_id/scopes passing
the query param "group_by=resources"
- you should get back a json object with the scopes grouped by
resource
Change-Id: I4562121a44e3baccc7de8e56e19629377f1931df
Reviewed-on: https://gerrit.instructure.com/148623
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
fixes PLAT-3176
fixes PLAT-3179
fixes PLAT-3181
fixes PLAT-3177
Test plan:
* Create a DeveloperKey
* Create an AccessToken
* Ensure that everything can be accessed as normal
* Set require_scopes to true on the DeveloperKey
* Ensure that nothing can be accessed
* Add some scopes to the AccessToken from the list of available scopes
TokenScopes::SCOPES
* Ensure that the endpoints associated with those requests work but that
others don't
* Ensure that HEAD requests work for GET endpoints
* Ensure all api endpoints behave normally when scopes are not turned on
for developer key
Change-Id: I0e7c1758ae2d51743490f243cfa21714255c8109
Reviewed-on: https://gerrit.instructure.com/143026
Tested-by: Jenkins
Reviewed-by: Simon Williams <simon@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
wdransfield