phased out AssessmentQuestion#context, did some ground work for #5026
and #5027
Change-Id: Ice4567a0f069dd49da8ce57bf0c8325b0b062115
Reviewed-on: https://gerrit.instructure.com/5303
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Reviewed-by: Brian Whitmer <brian@instructure.com>
* Daily job to evaluate alerts
* Spawns a new job for each root account (for parallelization).
It could be broken down to per-course level if needed (i.e.
if there is a *huge* root account).
* Evaluating criteria at a course level using efficient queries.
* UI for CRUD on alerts
* Render existing alerts
* Delete existing alerts
* Create a new alert
* CRUD for criteria, recipients, repetition
* Validations
* Improve instructure_helper's formErrors to support passing errors
for specific elements
* Improve Rails' :include to be able to :exclude an :include
inherited from a named scope
* Specs!!
* Note that we want to slowly roll this out, so there is a setting on
root accounts to enable it
So I ran an alert with just an interaction criterion on a test
cluster against 50,000 courses, and it took less than 10 minutes
without any parallelization. That seems like acceptable
performance to me (since there are only just over 3000 courses
in production that would even be elligible to have alerts sent
right now). Of course, that's probably skewed because I'm sure
a bunch of those 50,000 courses were essentially empty.
Change-Id: Ie028ef206c9155b9a72fb2a820f3e0e516de562a
Reviewed-on: https://gerrit.instructure.com/4799
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
Basically, being an admin doesn't imply full access. Instead, it
only implies :read_as_admin, which only lets you see things like
course name and section names.
Add two new role overrides:
* :read_course_content implies :read on the course
* :manage_content is now a full fledge RoleOverride instead of
an internal permission implicitly given to Teachers and Admins
Actually start using :view_all_grades override so that Admins
without it won't see grades (replaces :read_as_admin that was
granted to concluded teachers; :view_all_grades is always granted to
concluded teachers, but not to Admins).
Spiffy up several helper functions to take an array of permissions,
and return if any of them are true.
Make sure not to show course tabs that the user does not have access
to.
Fix up lots of permission checks, especially around viewing users
(:read_roster, :manage_students, or :manage_admins might allow you
to see the users in a course; :read_roster only allows you to see
prior enrollments if it was granted to you as an account admin).
Change-Id: Iafcab7956649e9d28e17bd5eedcb155a9ea76af4
Reviewed-on: https://gerrit.instructure.com/5092
Reviewed-by: JT Olds <jt@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
simplifies RoleOverride lookup logic, and the query once again uses
the already existing index
Change-Id: I2b165b7debc9aa7aa6fd032d7917cbbc23b4361c
Reviewed-on: https://gerrit.instructure.com/5063
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: JT Olds <jt@instructure.com>
Refs #4952
* Fix saving role overrides for Site Admin account roles
* Add the following permissions:
* read_course_list (for listing or searching courses)
* view_statistics (for viewing account statistics)
* manage_user_notes (instead of being implied-ish by read_reports)
* Hide UI elements that provide access to features that are not
allowed
* Remove lots of not applicable stuff from Site Admin settings
Change-Id: I7414368b472ba655d04118db30c1bb46542deb37
Reviewed-on: https://gerrit.instructure.com/5054
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
closes#4332
* Allow :become_user to be granted to any root account admin role,
not just site admin roles.
* Adjust policy on User objects to properly grant :become_user:
* You can always become yourself (stop masquerading)
* Site admins can become any user besides other site admins
* Root account admins can only become users that are not account
admins, and that belong to accounts that this root account admin
has permissions to
* Adjust masquerading code to check for :become_user on the user
object itself, rather than checking just on the site admin account
* This means we have to figure out the target user before checking
permissions
* Because the permission check already checks for becoming another
site admin user, that special case was removed in the
masquerading code
* Special case the UI to not show the "become" link for the
current user (i.e. you can't become yourself, and you can't
become the user that you already are)
Change-Id: I69bc855b8ee24098b9a63b0b1c8d7edf2063b625
Reviewed-on: https://gerrit.instructure.com/4614
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
So, we have several account level permissions, we just weren't
respecting them. Most notably is :manage_account_settings instead
of :manage, the generic permission.
Account users get all the generic permissions (:create, :read,
:update, :delete, :manage) because there are still lots of course
level things that check those permissions. We still want to keep
those intact until we fix all those other checks, so for account
level things we need to use specific permissions as much as possible.
Things that are either odd or not correctly checked (due to having
to work with courses as a context with the generic permission):
* Listing and searching Courses, and viewing Statistics, is
available to any account admin, because there aren't specific
permissions for them
* Rubrics are not linked to without :manage_outcomes, but are
accesible via direct URI
* External tools is available to any account admin
* Account reports uses the :read_reports permission, which is
described in the UI as "View usage reports for the course"
Change-Id: Ia0f9409659dfc421f1199f7c8ab93b43edcde511
Reviewed-on: https://gerrit.instructure.com/3735
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
RoleOverride.permission_for was accounting for 25% of all objects
allocated when loading my dashboard, this small tweaks drops it to 4%
Change-Id: Id837e0243c5450c7e3b206b70375df2c97e742e3
Reviewed-on: https://gerrit.instructure.com/2652
Reviewed-by: Zach Wily <zach@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
account admins can create "Alerts" from the account
settings page that show up as sticky messages on the
user dashboards. The alerts stay until the end_at
date, or until the user clicks the "close" link. If
you add an alert to the site_admin account then it's
considered a global alert and will go to all root
accounts.
fixes#3738
Change-Id: I47e6eaf717145af24d847d4387e0ad5c36800094
Reviewed-on: https://gerrit.instructure.com/2293
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Zach Wily <zach@instructure.com>
In /accounts/*/role_overrides
The value was being saved correctly, but the UI was incorrect and super
confusing. It'd always show a bold "explicit" green checkmark, rather
than the semi-transparent check/cross depending on the actual default.
refs #3711
Change-Id: Ide0a0603b6c820ea0ec94646c4327239d980b09c
Reviewed-on: https://gerrit.instructure.com/2194
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Whitmer <brian@instructure.com>
Once we're storing these permissions caches in a shared memcache
cluster, we can flush them only when they've actually been invalidated.
But until then, we have to flush on each request, in case a role
override was changed on a different app server.
Change-Id: I4479605b96a4fcf36a686033939be4a158aa9699
Reviewed-on: https://gerrit.instructure.com/2224
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Whitmer <brian@instructure.com>
Rob Orton