- Output a smaller version of a LTI 1.3 launch payload for
each NRPS v2 member when the NRPS request includes a `rlid`
query parameter.
- Most claims and custom params from the launch payload are
excluded either because:
- They describe the context and would thus be redundant, or
- They pose performance problems (N+1 queries, usually), or
- They are absent from the spec example, e.g.
`https://purl.imsglobal.org/spec/lti/claim/version`, or
- They require additional development and thus need to be
handled as a separate task.
- See `memberships_provider.rb` ~line 68 for list of
custom params supported in this commit. (More coming later.)
- Vast majority of the patch has to do with tests against
`JwtMessage`, which was modified to allow claims to be turned
on/off via a new white/blacklist mechanism in `AppUtil`.
- Custom param white/blacklisting is handled directly in
`VariableExpander` to satisfy the LTI rule that unsupported
params should just be echoed as-is. This (instead of keeping
all the white/blacklist support in `JwtMessage` ensures
consistent behavior w/r/t `VariableExpander`'s more sophisticated
features, specifically its suport for expanding variables embedded
into larger strings.
Closes LTIA-40
Test Plan
- Configure a LTI 1.3/Advantage tool with the supported set of
custom params listed in `memberships_provider.rb` starting ~line 68.
If using the POST
`/api/lti/accounts/:account_id/developer_keys/tool_configuration`
API, this is done by setting
`tool_configuration.settings.custom_fields` to a JSON object where
keys are the param name to be rendered into LTI payloads and values
are the $-prefixed custom param names themselves. Include several
nonsense entries as well as unsupported entries e.g.:
```
// ... snip ...
"tool_configuration": {
"settings": {
// ... snip ...
"custom_fields": {
"person_name_full": "$Person.name.full",
"person_name_display": "$Person.name.display",
"person_name_family": "$Person.name.family",
"person_name_given": "$Person.name.given",
"canvas_user_isrootaccountadmin": "$Canvas.user.isRootAccountAdmin"
"unsupported_param_1": "$unsupported.param.1",
"unsupported_param_2": "$unsupported.param.2"
}
// ... snip ...
}
// ... snip ...
}
// ... snip ...
```
- Place this tool into a course, ensure the course has several active
members.
- Launch the tool in order to observe the course context's LTI
identifier. Use that identifier as the value of the NRPS `rlid`
parameter, e.g. a GET to:
`/api/lti/courses/1/names_and_roles?rlid=4dde05e8ca1973bcca9bffc13e1548820eee93a3`
- Each `members` array element in the response should have a
`message` array with a single element being the simplified
representation of a LTI 1.3 launch payload, were that user to launch
the context referenced by `rlid`.
- The `message` entry should have two top level claims:
- `"https://purl.imsglobal.org/spec/lti/claim/message_type": "LtiResourceLinkRequest"`
- `"https://purl.imsglobal.org/spec/lti/claim/custom": <object>`
- The `custom` claim should include an entry for each `custom_fields`
key/value pair configured above, with supported entries being
correctly expanded and nonsense and unsupported entries being echoed
as-is.
- Repeat for a group context in the same course (still using the
course's LTI ID as the `rlid` value). Results should be the same,
though scoped to group membership.
Change-Id: If2591c62c494756d65774e3115abeca19935c988
Reviewed-on: https://gerrit.instructure.com/169090
Tested-by: Jenkins
Product-Review: Karl Lloyd <karl@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Marc Phillips <mphillips@instructure.com>
QA-Review: Bill Smith <bsmith@instructure.com>
refs AMS-1444
test plan:
- sortable name is available to LTI tools as a
variable expansion
Change-Id: I21b94845a34ff668caa37619de2d5eede4fd0099
Reviewed-on: https://gerrit.instructure.com/167591
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: Jared Crystal <jcrystal@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
closes #PLAT-3681
Change-Id: I0d55e46e52a592d83b005fb4fda5b4c8bd3fd148
Reviewed-on: https://gerrit.instructure.com/163056
Tested-by: Jenkins
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Closes PLAT-2222
Test Plan:
- Create an assignment with anonymous_grading set to
true.
- Launch a tool that uses the new
'com.instructure.Assignment.anonymous_grading'
substitution in a context of the assignment.
- Verify the parameter value is 'true'
- Set the anonymous_grading attribute of the
assignment to false.
- Launch the tool again and verify the parameter
value is 'false'
Change-Id: I8de86dd166a4bbae68b63aef08b0e4dc6dc9fbbf
Reviewed-on: https://gerrit.instructure.com/160935
Reviewed-by: Han Ngo <hngo@instructure.com>
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: Nathan Mills <nathanm@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-3629
Test Plan:
- Install an LTI 1 tool in a course
- Modify the tool via the Rails console:
`tool.settings['use_1_3'] = true; tool.save!`
- Add the tool to a module item
- Launch the tool and verify a JWT is sent as the 'id_token'
- Verify the JWT contains all required LTI 1.3 claims (minus
security claims).
- Verify all claim data is accurate
- Verify the JWT contains all extensions Canvas sends
from the same placement in LTI 1.1
- Verify custom variables are sent and expanded
- Create an External Tool assignment with the same tool
- View the assignment and verify a JWT is sent as the
'id_token'
- Verify the JWT contains all required LTI 1.3 claims (minus
the security claims).
- Verify the JWT contains all extension Canvas sends in LTI 1
(ext_ LTI 1 params) as extension claims.
Note: For now the id_token is signed with a placeholder secret.
Change-Id: I7df3d150055bb30010bb509e4d40dde82a406631
Reviewed-on: https://gerrit.instructure.com/158907
Tested-by: Jenkins
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
Product-Review: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: Marc Alan Phillips <mphillips@instructure.com>
Closes PLAT-3106
Test Plan:
- Create several groups in a course.
- Install a tool that uses the new $com.instructure.Course.groupIds
variable expansion.
- Launch the tool from the coures nave and verify the
param value is a list of Canvas ids for each group in the course.
- Launch the tool from an assignment and verify the same thing.
- Verify groups that are soft deleted are not included.
Change-Id: I36cc73525361c54505c5f0d4c4df57a549c97718
Reviewed-on: https://gerrit.instructure.com/140804
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
fixes PLAT-3154
test plan:
the updated documentation should make it clear how the
ext_roles and Canvas.xuser.allRoles variable expansion work.
Change-Id: I6482bf6c6b4e19cd61f36db0b9d34cf2ea94b978
Reviewed-on: https://gerrit.instructure.com/141781
Tested-by: Jenkins
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
Closes: GRADE-861
Test Plan
- Verify there are no N+1 queries when loading speedgrader
caused by originality reports
- Verify there are no N+1 queries when loading gradebook
caused by originality reports
- Verify originality reports are copied to all submissions
in a group when they are created or updated in a group
assignment.
- Verify online upload originality reports are displayed
correctly in speedgrader, gradebook, student grade page,
and submission details page.
- Verify originality reports display properly in gradebook
and speed grader when there are multiple submissions
and each has a different originality report.
- Verify the "resubmit to plagiarism tool" button still
appears in speedgrader.
- Verify originality reports for group assignments are displayed
correctly.
- Verify text entry originality reports are displayed correctly.
- Verify originality report launches work correctly from speedgrader
and gradebook.
Change-Id: I459bbf0a165bb131d58fc153feb0dce3d0bf07af
Reviewed-on: https://gerrit.instructure.com/141321
Tested-by: Jenkins
Reviewed-by: Keith T. Garner <kgarner@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Refs CNVS-41279
Test Plan:
Verify the new documentation is clear that
Canvas.xuser.allRoles does not scope roles
to the launch context.
Verify that the Canvas.membership.roles
expansion now has a default name
(not required to address this issue,
just more convenient for the TP).
Change-Id: I182b2dbd51e47063b959c4568f9d1880d044d7ae
Reviewed-on: https://gerrit.instructure.com/140784
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Closes PLAT-3036
Test Plan:
- Create an assignment that uses a plagiarism tool and is a group
assignment. The tool should use both new variable expansions.
- Verify all originality report launches show the correct
group id and name for the current user.
Change-Id: Id2908ff649e4e931f6a76992871ebebe7558d88b
Reviewed-on: https://gerrit.instructure.com/139504
Tested-by: Jenkins
Reviewed-by: Marc Alan Phillips <mphillips@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
test plan
- specs should pass
Change-Id: Iafc7c9b8ca64f32568e658b600e19c2e6f9045ca
Reviewed-on: https://gerrit.instructure.com/138026
Tested-by: Jenkins
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
fixes PLAT-2961
Reverts d3d4cc58e0 but also adds
functionality with new variable expansion
Test plan:
* Ensure $Canvas.course.previousContextIds works as it did before
* Ensure $Canvas.course.previousContextIds.recursive works the way the
new changed intended
Change-Id: I737c2bdca2936e092fb6a929adb009cdc79b89d5
Reviewed-on: https://gerrit.instructure.com/136245
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
Product-Review: Andrew Butterfield <abutterfield@instructure.com>
Closes PLAT-2953
Test Plan:
- Create an assignment associated with a plag tool
that uses the `text entry` submission option
- As a student submit to the assignment
- With the tool attempt to request the submission
via the LTI API and verify the submission
is received
- With the tool attempt to create an originality report
for the submission _without_ specifying an attachment
id (since there is no attachment for the assignment)
- Verify the report is created and is visible in the
following locations:
* Speedgrader
* gradebook
* student grades page
Note that for parity it does not need to be visible in the
submission details page.
- Attempt to edit the the report via each of the 3 update endpoints
(let me know if you don't know what 3 those are) and verify
update works. When testing these first create other originality
reports for other assignemnts in the course to verify the correct
originality report is updated.
- Verify that clicking on originality reports from each part of the UI
initiates an LTI launch to the tool
- Verify that the entire plagiarism platform flow still works for
file upload assignments
Change-Id: I318f605dace31c92ae3954f26ec2aefa3e8ad90e
Reviewed-on: https://gerrit.instructure.com/135409
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Allows for lti launch where you can expand the display name of
a user in lti tools for use.
closes PLAT-2776
Test Plan:
- Create an lti config that uses Person.name.display
- Do an lti launch and verify that the expanded value as a param
- For LTI 2, create a tool proxy that includes the Personl.name.display
capability
- Repeat step 2
Change-Id: I7f919bb9af2bb1efb42d8a3bd76cfb3b69378152
Reviewed-on: https://gerrit.instructure.com/134518
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Marc Alan Phillips <mphillips@instructure.com>
test plan:
* add a new custom field, `term_name=$Canvas.term.name`, to an external tool
* open launch link to external tool
* verify that `custom_term_name` was part of the launch request and is correct
Closes: CNVS-38498 CORE-25 CORE-338
test plan:
* turn on high contrast
* using ie11, make sure that all the links and things that should
be the brand-primary color look right. (Dark, not light, blue)
* make sure they also look good in edge 15 and chrome with HC on.
Change-Id: I83cb35aa40c774bcd8e4c0a1a18b8cb0875e9a0c
Reviewed-on: https://gerrit.instructure.com/129911
Tested-by: Jenkins
Reviewed-by: Clay Diffrient <cdiffrient@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Ryan Shaw <ryan@instructure.com>
Closes PLAT-2792
Test Plan:
- Install a tool that uses the new
'com.instructure.Editor.contents' and
'com.instructure.Editor.selection' varaiable
expansions in a content item launch.
- Navigate to a page that uses the RCE
- Enter some content in the editor and highlight
a portion of that content.
- Do a launch and verify the complete contents of the
editor is sent as com.instructure.Editor.contents and
the selected content is sent as com.instructure.Editor.selection.
Change-Id: Id2b3104b6324aa62d9ae3025b593de367eb5d6a3
Reviewed-on: https://gerrit.instructure.com/129005
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Karl Lloyd <karl@instructure.com>
refs PLAT-2840
Test plan:
1. Install an LTI tool with the variable substitution:
`com.instructure.brandConfigJSON`
2. Ensure that it appears on launch as the brand config JSON
3. Ensure it is well documented within variable expander writeup
4. Tests pass
Change-Id: I4bfa7db8e89fa0f0ae2b0a81a610b97e556d69e9
Reviewed-on: https://gerrit.instructure.com/128374
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Jeff Belser <jbelser@instructure.com>
fixes PLAT-2840
Test plan:
* Install a tool with the following variable substitutions
com.instructure.brandConfigJSON.url
com.instructure.brandConfigJS.url
* Ensure that they are subtituted on launch
* Ensure that the variable expander documentation includes these
substitutions
Change-Id: I0c0287b8b4bd029c9dd0619a5f08d8a3b9306c02
Reviewed-on: https://gerrit.instructure.com/126806
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Andrew Butterfield <abutterfield@instructure.com>
Closes PLAT-2738
Test Plan:
- Install two lti tools that use the new
'com.instructure.PostMessageToken' variable expansion.
- Visit a page with two LTI tools launched (this happens when
launching a tool in a course that has chat enabled).
- Have one tool send a resize post message and verify the correct
tool is resized. The post message should include the token
for the value of 'token':
<script type="text/javascript">
parent.postMessage({
subject: 'lti.frameResize',
height: 12000,
token: '<%= @wrapper_id %>'
}, '*');
</script>
- Verify the proper tool is resized.
Change-Id: Ie7e976c5cd53ef5c61cd86c471ba416045a0fb68
Reviewed-on: https://gerrit.instructure.com/119858
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-2715
Test Plan:
- Verify the default tool consumer profile contains
the com.instructure.Assignment.lti.id capability.
- Install a plagiarism detection tool that uses an
LTI launch for display originality reports. The
message in the resource handler associated with
the originality report launch should have the
com.instructure.Assignment.lti.id enabled. The
message associated with the
`Canvas.placements.similarityDetection` capability
should also have the the new capability enabled.
- Associated the tool with an assignment. Verify that
a parameter named com_instructure_assignment_lti_id
is sent in the launch from the create/edit UI. Its
value should match the ext_lti_assignment_id param.
- Create an originality report and do the associated
tool launch.
- Verify a com_instructure_assignment_lti_id parameter
is sent. The value should match the ext_lti_assignment_id
sent in the assignment creattion config launch.
Change-Id: I722dd16a6cc5e62a447f76f10e9f0f582a11a33a
Reviewed-on: https://gerrit.instructure.com/119029
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-2699
Test Plan:
- Add an LTI2 tool that uses `Context.title` in one of its
message's enabled_capability array.
- Launch the tool from a course and verify that the `context_title`
param is set to the name of the course.
- Launch the tool from an account and verify that the `context_title`
param is set to the name of the account.
Change-Id: I6e734b36022bbd3e7f4ab2dc920271ea8da6df71
Reviewed-on: https://gerrit.instructure.com/117863
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-2688
Test Plan:
- Install an plagiarism detection tool that uses
LTI launches for displaying originality reports.
The message handler for these launches should have
com.instructure.OriginalityReport.id,
com.instructure.Submission.id,
and com.instructure.File.id in it's enabled
capability array.
- Create an originality report with the tool and
launch the originality report.
- Verify that parameters for each of these three
capabilities are send and set correctly.
Change-Id: I2cb246e3a48f5e63a60ff6a0d90a003aaf9c8d62
Reviewed-on: https://gerrit.instructure.com/116377
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-2690
Test Plan:
- Test the following variable substitutions. Each should get set
to their corresponding service URL (the endpoint of the each
service can be found in the tool consumer profile or in each
lti api controller).
Change-Id: I37f756cabd0e38e7ea850cdfff7c37e4b8886a85
Reviewed-on: https://gerrit.instructure.com/116480
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
refs PLAT-2640
test plan:
we should be able to pass certification
Change-Id: I4508af544e1dcacec42180d96865e7ef841c8ff8
Reviewed-on: https://gerrit.instructure.com/116171
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
Closes PLAT-2606
Test Plan:
- Install an LTI2 tool and verify
that the tool consumer profile now contains
all variable expansions in the enabled capability
section.
- Include these capabilities as parameters, do a
launch, and verify that the applicable expansions
are replaced.
Change-Id: Ia97f0184c94eeeb33c5851c715770f209a21c3c2
Reviewed-on: https://gerrit.instructure.com/113014
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Weston Dransfield <wdransfield@instructure.com>
test plan:
This commit adds privacy level contro to content item selection requests
for the following fields:
lis_person_contact_email_primary, lis_person_name_given,
lis_person_name_full, lis_person_name_family, lis_person_sourcedid,
lis_course_offering_sourcedid, and context_label
These fields should appear for the same privacy levels as they do for a
basic lti launch. If the same tool is used in both a basic lti launch request
and a content item selection request, the above fields should either be
present on both launches or absent on both launches (depending on the
privacy level currently selected for the tool).
This commit also refactors how content item selection launches are
constructed, so it would be good to run a basic regression test on
content item selection launches in general.
fixes PLAT-2447
Change-Id: If55e9c84b3ddd91bdf700a8bbbb02d8f9a7e6e1f
closes PLAT-2447
Test Plan:
Verify the following parameters are sent in all
content item selection requests when the tool is
set to the specified privacy level:
* Privacy Level: 'Name Only'
- lis_person_name_given
- lis_person_name_family
- lis_person_name_full
* Privacy Level: 'Email-only'
- lis_person_contact_email_primary'
* Privacy Level: 'Public'
- lis_course_offering_sourcedid (must be LTI course)
- All params in email only and name only
* Privacy Level: 'Anonymous'
- None of the above params
Change-Id: I0794501e8a112fd910f35c1b93606e54fd0d2a19
Reviewed-on: https://gerrit.instructure.com/110966
Tested-by: Jenkins
Reviewed-by: Brad Humphrey <brad@instructure.com>
Product-Review: Brad Humphrey <brad@instructure.com>
QA-Review: Brad Humphrey <brad@instructure.com>
closes PLAT-2445
Test Plan:
Do a content item selection request and verify the 'context_label'
param is present and set the the course code.
Change-Id: I2e92aec4605c79a919b73fd164dc6ad9df14df37
Reviewed-on: https://gerrit.instructure.com/110696
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Brad Humphrey <brad@instructure.com>
Reviewed-by: Brad Humphrey <brad@instructure.com>
closes QUIZ-1705
test plan:
- we should see custom_canvas_course_uuid field in lauch parameter set
Change-Id: If5385d34003f22c4b9ade63e56aa5adfaf6a93c8
Reviewed-on: https://gerrit.instructure.com/110480
Tested-by: Jenkins
Reviewed-by: John Corrigan <jcorrigan@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: Michael Hargiss <mhargiss@instructure.com>
Product-Review: John Corrigan <jcorrigan@instructure.com>
fixes CNVS-35919
also, prefer SIS pseudonyms over non-SIS pseudonyms from any given
account
test plan:
* have a non-SIS pseudonym and a SIS pseudonym on a user
* do an LTI launch
* the LTI tool should get the info from the SIS pseudonym
Change-Id: I60a3c48a32eae94db93b0e72f1f0f6c5b6a5f5c2
Reviewed-on: https://gerrit.instructure.com/107785
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Reviewed-by: Tyler Pickett <tpickett@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Tested-by: Jenkins
Product-Review: Cody Cutrer <cody@instructure.com>
Closes PLAT-2419
Test Plan:
Generate documentation and verify the
ToolProxyBinding.memberships.url variable substitution
has a note about being for future use.
Change-Id: If380aa043da8249e5d5237e73c24692284d9ca21
Reviewed-on: https://gerrit.instructure.com/106668
Tested-by: Jenkins
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Add docs on how to update them
Update everytime we run doc:api
Change-Id: I3c7aa55d051fa5474e267897138ab01c3c7c3fb8
Reviewed-on: https://gerrit.instructure.com/102177
Reviewed-by: Jesse Poulos <jpoulos@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Brad Horrocks <bhorrocks@instructure.com>
fixes PLAT-2324
test plan:
output to test:
the lti message parameters :
`lis_person_contact_email_primary`
variable expansions:
`Person.email.primary`
`vnd.Canvas.Person.email.sis`
- test that the above outputs behaviour hasn't changed
- add <lticm:property name="prefer_sis_email">true</lticm:property>
to the extension settings portion of the xml config
- make sure you don't have an sis email
- the behavior shouldn't change
- set an sis email address
- you should now get the sis email for
`lis_person_contact_email_primary`
- test that the behaviour of `vnd.Canvas.Person.email.sis` hasn't
changed
Change-Id: Iaca2e036170ed1173309fd4596a4d6e1b016b6dd
Reviewed-on: https://gerrit.instructure.com/103195
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Matthew Wheeler <mwheeler@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
fixes PLAT-2243 PLAT-2244 PLAT-2224
test plan:
-from a rails console create a ToolConsumerProfile associated to a
developer key with custom capabilites and services
-request the TCP using the developer key
-it should include the custom capabilites and services
-request a TCP without dev credentials
- it should work as before
-install a LTI2 tool using custom services and capabilities
-it should install
-install an LTI2 tool the normal way
-it should still work
Change-Id: Icbbab37737ba1b4c621caadb15fec79ad8ac5776
Reviewed-on: https://gerrit.instructure.com/101673
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
test plan
- add a custom variable expansion for $vnd.Canvas.root_account.global_id
* it should be substituted for root_account.uuid in any LTI launch
- the capability vnd.Canvas.root_account.global_id should appear in the
tool consumer profile
- install an LTI 2 tool that requests the capability
vnd.Canvas.root_account.global_id
* launches should come with
vnd_canvas_root_account_id=<root_account.uuid>
fixes PLAT-2267
Change-Id: I23be140c22c0edd8e20460f648c51cc570a45e80
Reviewed-on: https://gerrit.instructure.com/102077
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Brad Humphrey <brad@instructure.com>
Fixes PLAT-2246
Test Plan:
- Install an lti2 tool without
the 'Context.id' capability
enabled.
- Launch the tool and verify that
the context_id param is absent.
- Install an lti2 tool with the
'Context.id' capability
- Launch the tool and verify that
the context_id param is present.
- Verify the Context.id capability
is preseint in the TCP.
Change-Id: I164f2ca675d77c9ad743d0dad0f8d4ee7364444c
Reviewed-on: https://gerrit.instructure.com/101478
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Fixes PLAT-2235
Test Plan:
- Get the Canvas TCP and verify it contains all
capabilities listed in lib/lti/capabilities_helper.rb:3
in its capability_offered section.
- Install an LTI2 tool, launch it, and verify
none of the following parameters are sent in
the launch:
* launch_presentation_document_target
* launch_presentation_locale
* tool_consumer_instance_guid
* lis_course_section_sourcedid
* roles
* lis_person_sourcedid
- Each of the above params now have an associated
capability offered by Canvas. If a TP wants
one of the above parameters sent in their
tool launch they must include the associated
capability in their enabled_capability section
of the tool proxy.
Verify adding the associated capability in the
tool profile causes the paramter to be sent
in the tool launch. See variable_expander.rb
docs for a mapping of capabilities to
variable names
Change-Id: I027d079d9d3cf53715fcf8ca4d9d8759af02cb88
Reviewed-on: https://gerrit.instructure.com/101336
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Fixes: SIS-2719
Test Plan:
1. Tests pass
2. Install a tool that has a placement in the context of a course
3. Include the following custom variable in the xml config
course_name=$Canvas.course.name
4. Ensure that on launch the variable is properly expanded to the
name of the course
Change-Id: I0bea24f4986aa9985f4c4f2117ca985b1ac3da15
Reviewed-on: https://gerrit.instructure.com/100812
Tested-by: Jenkins
Reviewed-by: Brad Humphrey <brad@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Brad Humphrey <brad@instructure.com>
Before this fix, there was not a way to determine the launching users sis
added email address without accessing API. This causes pain for some
integrations that relied on the lis_person_sourced_id since that value can
change if the user changes their default email (i.e. stars a different email).
This update adds a way to send the users institution assigned email during an
LTI launch.
Test plan:
1) create a course
2) create a user and enroll them in the course
3) create another user via SIS and enroll them in the course
4) install a tool with the $Person.email.sis custom field
5) launch the tool as each user added in 2 and 3
6) verify that
1) the default value of "$Person.email.sis" is passed in
the launch parameters for the user that *was not* added via SIS and
2) the value of the email assigned to the user that *was* added via SIS is
passed in the launch
Fixes PLAT-2164
Change-Id: Ibbc15c8a3108d51aac680f7b4cd778e2677927b9
Reviewed-on: https://gerrit.instructure.com/99503
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Before this fix, there was not a way to determine the workflow_state of the
course without accessing API. This fix adds a way to send the course
workflow_state during an LTI launch.
Test plan:
1) create a course
2) install a tool with the $Canvas.course.workflowState custom field
3) launch the tool and verify that the course workflow_state is passed in
the launch parameters
Fixes PLAT-1956
Change-Id: I933ddcd45c689ecd054e692c7e4dc993874dc995
Reviewed-on: https://gerrit.instructure.com/94987
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
The variable expansion documentation has instances of information being
outright incorrect, or just confusing. Furthermore, there are no examples
of how to invoke custom fields via variable expansion. For everything
(except the `Canvas.file` type variables), I've documented what is actually
returned as well as an example of what the data might look like. I've also
added examples of how tools can be configured to use custom fields (via
API, UI, or XML).
Test Plan:
Test plan:
1) run localhost Canvas
2) build the API docs (docker-compose run --rm web bundle exec rake
doc:api)
3) navigate to the following:
<your host url>/doc/api/file.tools_variable_substitutions.html
4) check for spelling, grammar, accuracy of information and that any links
work
Fixes PLAT-2022
Change-Id: I754bc2c5e48d4cdd4738c6d03d4d7e3c12a621b1
Reviewed-on: https://gerrit.instructure.com/96801
Tested-by: Jenkins
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Fixes MBL-6967
Test Plan:
- Set up an lti tool with the custom expansion of
Canvas.user.isRootAccountAdmin
- On LTI launch it should be true for root account
admins and false for non root account admins
Change-Id: I96b12a1f7eb3b7819a9040895216cf222d53c133
Reviewed-on: https://gerrit.instructure.com/95499
Reviewed-by: August Thornton <august@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Matthew Sessions <msessions@instructure.com>
This gets some of the infrastructure in place to handle this process
along with the start export method.
Change-Id: Id757a111aeb64c307021eb621e0624b0b3d8b7eb
Fixes: PLAT-1755 PLAT-1758
Reviewed-on: https://gerrit.instructure.com/93853
Tested-by: Jenkins
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Tyler Pickett <tpickett@instructure.com>
Fixes#880 Github issue
fixes PLAT-1770
test plan:
add a tool installed at the account level with the
"Canvas.externalTool.url" variable expansion
the substituted value should be the tools context not the launch
context i.e. if the tool is launched from a course below the
account it is installed on it should be a url for the account.
also the returned url should be the correct api endpoint for the
tool
Change-Id: Ibb166240c96fb01b31bc2d5055b67f16e107878c
Reviewed-on: https://gerrit.instructure.com/88539
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
fixes PLAT-1621
Test plan:
* Install a tool with collaboration placement and
$Canvas.api.collaborationMembers.url custom variable
* Ensure that the variable is substituted for the collaboration update
launch but not for collaboration create or show
Change-Id: I5826ed51d4d4a6a1099cb8077cd9748333e7417e
Reviewed-on: https://gerrit.instructure.com/83544
Tested-by: Jenkins
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Andrew Butterfield <abutterfield@instructure.com>
Refs CNVS-30048
Test Plan:
- Pretty much good
Change-Id: Ia3b93b987b84b233c33891011db7995cae07c8b5
Reviewed-on: https://gerrit.instructure.com/83140
Tested-by: Jenkins
Reviewed-by: Brad Humphrey <brad@instructure.com>
QA-Review: Michael Hargiss <mhargiss@instructure.com>
Product-Review: Chris Wang <cwang@instructure.com>
Aids us in Quizzes 2.0 to make it easier to show context to teachers
Closes CNVS-30048
Change-Id: I8f551c98fff3bdc3c753d4e72bf91ad5971fcc63
Reviewed-on: https://gerrit.instructure.com/82740
Tested-by: Jenkins
Reviewed-by: Chris Wang <cwang@instructure.com>
Reviewed-by: Mike Nomitch <mnomitch@instructure.com>
QA-Review: Michael Hargiss <mhargiss@instructure.com>
Product-Review: Chris Wang <cwang@instructure.com>
Dan McCallum