fixes VICE-1026
flag=notification_update_account_ui
test plan:
- make sure that in your site admin feature flags,
Account level notification preferences UI update is
- in your root account settings page, go to notifications tab,
check Display one time pop-up warning on Notification Preferences page.
- now, as a user who hasn't seen the popup warning before,
visit /profile/communication
- verify that you see 2 alerts, where the second alert
shows the privacy notice
- close this privacy notice alert
- reload the page, and verify that you no longer see
the privacy notice alert
- as a different user, visit your course notification overrides page
- verify that you do not see the privacy notice alert
- now, visit your profile notifications page
- verify that you see the privacy notice alert
- dismiss the alert, and reload the page
- verify that you no longer see the privacy notice alert
Change-Id: I06552231f48a716333384f59e616e074d10c5030
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256566
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Davis Hyer <dhyer@instructure.com>
QA-Review: Davis Hyer <dhyer@instructure.com>
Product-Review: Davis Hyer <dhyer@instructure.com>
closes INTEROP-6110
flag=none
Change GradebookService to find the active user when the specified
was merged.
When user A is merged to user B, the name and roles API
(api/lti/courses/:course_id/names_and_roles) returns the user B (active)
with the lti_id of user A.
Using this lti_id, and attempting to grade a line item using the score
api (api/lti/courses/:course_id/line_items/:line_item_id/scores), an
unauthorization error is raised.
If the user is deleted we need to check to see if there has been a
user_merge. If there has been a merge, return the merged user, otherwise
we return `nil`, so we'll not not return the deleted user anymore.
test plan:
* In Course context, we need to have two users with Student enrollment;
* Accessing the name and roles API, we will see the two active members with
their lti_id;
* Merge one user in the other one (User A -> User B);
* Accessing the name and roles API, we will see the user B active with
the lti_id from user A;
* If the course doesn't have line items, we can use the line items endpoint
(api/lti/courses/:course_id/line_items) to create one;
* Accessing the scores API using the user A lti_id, the response of the
request should be successful instead of unauthorized (as is happening
today);
Change-Id: I3d23b9ce96c725b91e920e73705ba952140090fb
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/255789
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
QA-Review: Mysti Lilla <mysti@instructure.com>
Product-Review: Wagner Goncalves <wagner.goncalves@instructure.com>
fixes INTEROP-6390
flag=none
Test plan
- Perhaps best to test this on test with one of the
problematic courses...
- But I guess set it up with a smaller number of
courses and ensure it still looks correct
Change-Id: Ibb7d1716451c11146bc3069d4e5b0ac24a35be1f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256656
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Evan Battaglia <ebattaglia@instructure.com>
QA-Review: Evan Battaglia <ebattaglia@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
fixes FOO-1409
flag = none
no more client_apps, canvas_quizzes now lives as part of canvas-lms
proper inside app/jsx/, which makes the build leaner and leaves us with
one less thing to reason about
logical changes:
- converted from AMD to ES modules
- upgraded to recent react + react-router
- dropped RSVP in favor of native Promises
- used CanvasModal instead of home-grown Dialog
- removed dead code; notifications in particular were fishy as there had
no dependents at all and did not even show up in the graph
- ported tests to Jest, added more unit ones and two integration ones
- removed "config.onError" and now throws errors where appropriate
- disabled console statements in non-dev
:: test plan ::
- create a (old-school) quiz containing all types of questions
- as 3 distinct students, take the quiz and try to randomize your
answers
at this point it's helpful to have a reference to compare the screens; I
replicated the quiz on my production sandbox for this
- go to /courses/:id/quizzes/:id/submissions/:id/log
- verify it looks OK
- click on a specific question in the stream and verify the question
inspector widget works OK
- go back to stream and push "View table"
- verify the table and its controls are OK
- go to /courses/:id/quizzes/:id/statistics
- verify it looks OK
- click on ? in the discrimination index chart and verify it displays
a dialog with help content
- click on "X respondents" in one of the charts and verify it displays
a dialog with the respondent names
- verify the interactive charts do interact as expected (no logic
changed here so just a quick glance)
- link to "View in SpeedGrader" for essay-like questions works
Change-Id: I79af5ff4f1479503b5e2528b613255dde5bc45d3
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256118
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
refs DE-225
flag=none
By specifying RSPEC_PROCESSES, we can now run multiple
rspec processes in a single container. This change modifies
the existing database setup to create 1 database per rspec
process. This also impacts results.xml using a 1 results.xml
per rspec process.
Rename database key to db for redis configurations to match
current version of redis.
test plan:
- rspec runs as expected in single threaded mode
- rspec runs as expected in multi threaded mode
- results.xml contains valid results with no duplciate tests
- reruns only run for failing threads
- reruns work in single and multithreaded mode
Change-Id: Ib2e549d467e8a6d8fef9914f2733d9ddfa460e99
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/255120
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
QA-Review: Kyle Rosenbaum <krosenbaum@instructure.com>
Product-Review: Kyle Rosenbaum <krosenbaum@instructure.com>
closes QUIZ-8081
flag=new_quizzes_modules_support
test plan:
- create a module in a course
- create some classic quizzes and some new quizzes in the course
- on the modules page (also test by making modules the course home page),
click the + to add content to a module
- with the FF disabled, only classic quizzes
should show when Quiz is selected from the dropdown
- with the FF enabled, both classic quizzes and
new quizzes should show together (alphabetized)
when Quiz is selected from the dropdown
Change-Id: Ice394a3af4d88eed9441e9d7be71e87b8486e56d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256199
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Bryan Petty <bpetty@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Susan Sorensen <susan.sorensen@instructure.com>
closes FOO-1467
flag=none
TEST PLAN:
1) disable inst-fs
2) network errors should get
reported as service errors because
we already have error paths for those.
Change-Id: Ib8cd10d05156b809e78602d24a6a6d92f10465ab
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256728
Reviewed-by: Simon Williams <simon@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
ActiveRecord::ConnectionAdapters::SchemaStatements#foreign_key_for
needed to update its signature because
ActiveRecord::ConnectionAdapters::IndexDefinition#defined_for? was
updated in https://github.com/rails/rails/commit/fd18b98 to only take
keyword args.
PostgreSQLAdapter#translate_exception signature changed too
Change-Id: Ib642f6fa63b11fe5955e8e271112166aa089d226
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256301
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes FOO-1435
flag = none
instead of the bundler inferring the source file that an extension is
meant for based on filepath, a plugin is now expected to explicitly map
each source file to the extension file in its package.json manifest
{
"canvas": {
"source-file-extensions": {
"path/to/a.js": "path/to/extension-to-a.js"
}
}
}
this allows extensions to continue working even when the path of the
source file no longer matches that of the extension inside the plugin
== test plan
- visit a page that contains an extended module and verify the extension
is still applied
Change-Id: Ida7d75b87aedc519502c969e6912a335af69abc0
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256222
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
fixes EVAL-1411
flag=none
Test plan:
- Have a course with a student with a name like:
Student "/> <img src=x onerror=alert(2)>
- Open Gradebook
- You should not get a Javascript alert
- Change the option for student name sort order and check that you still
don't get an alert
Change-Id: I65358d13821cb96d98b59f4179e455b580338b8a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256677
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
Reviewed-by: Kai Bjorkman <kbjorkman@instructure.com>
QA-Review: Syed Hussain <shussain@instructure.com>
Product-Review: Syed Hussain <shussain@instructure.com>
For a11y reasons, convert the 'All Courses' text at the top of
All Courses page from h2 to h1. The other headings on the page are
all h2.
fixes LS-1736
flag = none
Test plan:
- Go to All Courses page and inspect the heading at the top
- Expect heading to be h1
Change-Id: I67713f7742fc555bd84446b6fd6ee6c3de9370f1
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256660
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Nate Armstrong <narmstrong@instructure.com>
Product-Review: Jackson Howe <jackson.howe@instructure.com>
closes FOO-1464
flag=none
TEST PLAN:
1) scrub a launch by forcing a silly url
2) you get a flash error rather than an app-level
500
Change-Id: I38ac55d85f505e62fc7368da6026e19cf4573a06
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256673
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
closes FOO-1462
flag=none
TEST PLAN:
1) hit the deny endpoint with no session info
2) you should get a 400, not a 500
Change-Id: I0cf286e283bdad12c9bd65a6a53b8bd052a3d3ef
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256669
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
closes FOO-1463
flag=none
TEST PLAN:
1) update a psuedonym through the API
but pass no login parameters.
2) you should get a 400 for a bad request,
not a 500 from an explosion
Change-Id: Ic5a9a87cc6c54337dfbdc91d756aa5196dfe1b03
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256670
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
refs DE-397
When upgrading packages through yarn, the yarn.lock file tends to become bloated with multiple versions of the same packages, even if the latest version is compatible with all of them. Enforcing the yarn deduplicator allows us to keep the file as tidy as possible.
Test Plan:
1. Ensure that the linter passes when the file is properly deduped.
2. Ensure that the linter fails when the file needs to be deduped.
Change-Id: Ib606f7ab2c40dcb29bec7ba1c8cb7af2c8611f97
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256675
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
QA-Review: Aaron Ogata <aogata@instructure.com>
Product-Review: Aaron Ogata <aogata@instructure.com>
refs DE-397
De-duplicating yarn.lock is necessary for some future InstUI upgrade work. In order to do this, we need to patch karma-webpack to avoid watching too many files within our JS job. We also need to pin babel-plugin-dynamic-import-node to the latest to work around a breaking change that causes “request of a dependency is an expression”.
Both of these version pins are work arounds and will be addressed by our efforts to upgrade webpack to v5.
Test Plan:
1. Ensure that “yarn dedupe-yarn” does not produce any file changes.
2. Ensure that the “JS (Karma)” job does not produce any warnings like “request of a dependency is an expression”
3. Ensure that the “JS (Karma)” job does not produce any warnings like “System limit for number of file watchers reached”
4. Ensure that Canvas front-end builds & behaves properly
Change-Id: I94d77bd775bc12f9f96ac44640c862ff3e3dee79
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256674
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Ahmad Amireh <ahmad@instructure.com>
QA-Review: Ahmad Amireh <ahmad@instructure.com>
Product-Review: Ahmad Amireh <ahmad@instructure.com>
Addresses mis-handling of the `include=concluded` query parameter when
filtering destination courses for direct share or course copy.
fixes LS-1787
flag = direct_share
Test plan:
- Create a course with at least one assignment
- Create a second course with an end date in the past
- Ensure a teacher has an active enrollment in both courses
- In Course 1, select the "Copy To..." option for an assignment
- In the tray that appears, ensure that Course 2 appears in the
typeahead list
- Ensure that you have at least 2 eligible courses in the tray
(repeat step 2 if you have to)
- Type something in the typeahead that would only match a subset of
the eligible courses
- Verify results are filtered to only those courses
Change-Id: I326f3c14be6c6874998c42a53a01fef7089339a2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256672
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Nate Armstrong <narmstrong@instructure.com>
QA-Review: Robin Kuss <rkuss@instructure.com>
Product-Review: Jeff Largent <jeff.largent@instructure.com>
closes QUIZ-8106
flag=none
test plan:
- complete a NQ student submission
- in speedgrader, launch a student submission
- in devtool/network, make sure `context_id` and `resource_link_id` are
different, and `resource_link_id` is assignment.lti_resource_link_id
Change-Id: I30b2e929bd31e1241776c1ad838432bd8e2e5cec
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256408
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Stephen Kacsmark <skacsmark@instructure.com>
QA-Review: Mark McDermott <mmcdermott@instructure.com>
Product-Review: Han Yan <hyan@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
closes FOO-1460
flag=none
TEST PLAN:
1) try to launch a misconfigured tool
via "retrieve"
2) you should get the flash error or a 401,
not a 500 due to double rendering
Change-Id: I0d1fac07a867905ebabf5aec25bb4bf929748d42
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256668
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Ethan Vizitei <evizitei@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
flag=none
fixes VICE-1042
test plan:
- In your root account settings page,
check Enable Profiles and save
- visit /profile
- Open your screenreader
- verify that it reads the hidden h1 as User Profile
Change-Id: Ia7f770d4d9a1fb5ed6dfde15fb61a9daf5820127
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256551
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Davis Hyer <dhyer@instructure.com>
QA-Review: Davis Hyer <dhyer@instructure.com>
Product-Review: Davis Hyer <dhyer@instructure.com>
Also adds the interface to CourseType, EnrollmentType, and GroupType
fixes VICE-1086
flag=react_inbox
Test Plan:
- navigate to /graphiql
- run the following query:
```
query MyQuery {
legacyNode(_id: <user_id>, type: User) {
... on User {
id
email
enrollments {
course {
assetString
}
assetString
}
groups {
assetString
}
}
}
}
```
- the result should return the asset strings for the specified resources
Change-Id: If56d5d63fdf0af5658ee52aa6bb2d823b0ee59eb
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256657
Reviewed-by: Jeffrey Johnson <jeffrey.johnson@instructure.com>
QA-Review: Jeffrey Johnson <jeffrey.johnson@instructure.com>
Product-Review: Jeffrey Johnson <jeffrey.johnson@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
This adds an additional check in the git install_hooks script to see if
the hook is already set as executable before attempting to chmod it. So
if it's already setup manually, or outside of Docker first, and file
write permission hasn't been granted to Docker, it doesn't fail even
though it's already done.
This also adds a new environment variable:
- CANVAS_SKIP_DOCKER_USERMOD: If defined, the Docker image build
disables the inefficient usermod functionality, even if you're running
Linux, the same way it does everywhere else. You would want to use
this if you have solved Docker bind-mounted filesystem permissions
another way.
flag=none
Test Plan:
- On Linux, export CANVAS_SKIP_DOCKER_USERMOD=1;
- ./script/docker_dev_setup.sh
- Verify app containers still run with "docker" user as UID 9999.
- Verify no changes on OSX.
Change-Id: I5bdb4ce21e9a41dec2bb99d4284ac73a067f5899
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/256275
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Bryan Petty <bpetty@instructure.com>
Product-Review: Bryan Petty <bpetty@instructure.com>
Reviewed-by: James Butters <jbutters@instructure.com>
Jenkins