only require the exact rails gems that are needed, instead of the
whole enchilada. this slightly speeds up running individual tests,
but massively reduces lockfile churn when we update gems
Change-Id: I6c360ed03d41e02563a460e669b2cee7ee7e8cca
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/326235
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
closes VICE-3643
flag=none
test plan:
- Specs pass.
- There are plenty of tests testing sending notifications,
we can trust in them to make sure everything is working
correctly.
- To verify that this fix removes the N+1, the best way to do it
is to run manually in the rails console the queries that this
would normally generate and check that there is no N+1.
To do that, do a:
u = User.eager_load(:active_pseudonyms).take
That should do a query to the user table and LEFT OUTER JOIN
with pseudonyms preemptively.
Then, you can do:
u.suspended?
That shouldn't generate a query. If it does, the N+1 is
still there.
qa risk: low
Change-Id: I89ec1ba0a7b7443ccca995445da56351b407bda1
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325730
Reviewed-by: Aaron Suggs <aaron.suggs@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Caleb Guanzon <cguanzon@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
google-api-client is deprecated and unmaintained; need to use
the service specific gem. this gets us on the latest APIs, and
importantly unblocks us on updating other common dependencies
(most notably a step towards updating faraday, but also retriable)
Change-Id: I646da7dc68b8c5f6068142608c19771dafbef127
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325392
QA-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
it was disabled a year ago due to a broken API. the Google Drive LTI
is the way to do this now. this commit removes now unused related code
from the view, controllers, and the google_drive library
Change-Id: Ieccef46036c847f27e98dc8297da10d04b6721f9
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325750
Tested-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
closes OUT-5824
flag=outcome_service_results_to_canvas
This PS is for hackweek Q3 2023.
Test Plan:
- Run the outcome results report and student competency report from the
root account
- Observe there are no errors and that the learning outcome group
title and learning outcome group id columns are included
- Repeat steps for a sub-account
Change-Id: If8fecdfae1f2c7b45ac803c642711a66c4b04b93
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/323738
QA-Review: Martin Yosifov <martin.yosifov@instructure.com>
Product-Review: Kyle Rosenbaum <krosenbaum@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Dave Wenzlick <david.wenzlick@instructure.com>
refs AE-57
flag=none
test plan:
- connecting with an access key still works
- connecting with a role (if present) works too
Change-Id: Id04406d85a657c071cabe0dc37e2df642a726bec
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325723
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
this doesn't happen _frequently_ but it happens often enough
with long-running queries that it annoys admins
test plan:
* specs pass
flag=none
refs FOO-3720
Change-Id: If6e66235d83208d801a95bf9b62b339cce466508
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325661
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jason Perry <jason.perry@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
if the secondary lockfile already exists, but a pinned version
changed, it may through a slightly different error
Change-Id: I998fbf3225d8acf59ff33023ef778a8861c679c4
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/325094
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
no new cops, but a few fixes to existing cops (notably
Style/RedundantReturn)
Change-Id: I64a744c3d81e25329c1612e4622ca96783b0801d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/324942
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
fixes AE-377
* use a basic timeout of 1 second in canvas_rails_switcher.rb
* fix configuration of timeouts in dynamic settings (it's just a
single timeout, not a separate read and write timeout)
* avoid a circular boot problem when consul fails at boot before
Canvas::Errors is loaded
* actually avoid trying to contact Consul at all when the circuit
breaker has tripped
* reposition consul fail safes - so that they'll trip the circuit
breaker if they have to be used
Change-Id: I971beaf0a9982f3f18390b558e71b4b3bc230b16
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/324688
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Allows accounts to have a default grading scheme attached.
Works for nested sub_accounts.
flag=default_account_grading_scheme
closes EVAL-3367
[pin-commit-multiple_root_accounts=34042244337234b7993bc85351a443fc103f69b8]
Test Plan:
- Tests Pass
- In the Rails console
- Find a grading scheme
- Find a sub-account
- `sub_account.grading_scheme = grading_scheme`
- `sub_account.save`
- Should be no errors
- Find a course in that sub account
- `course.grading_scheme = nil`
- `course.save`
- `course.default_grading_scheme`
- Should return sub accounts default grading scheme
- `sub_account.grading_scheme = nil`
- `sub_account.save`
- `account.grading_scheme = grading_scheme`
- Verify that `sub_account.default_grading_scheme` and
`course.default_grading_scheme` both return the root accounts
grading scheme
Change-Id: I5b4a374e3e43f06ab06148f9c0f9f35a343bc606
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/323569
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Migration-Review: Cody Cutrer <cody@instructure.com>
Reviewed-by: Derek Williams <derek.williams@instructure.com>
Reviewed-by: Spencer Olson <solson@instructure.com>
QA-Review: Cameron Ray <cameron.ray@instructure.com>
Product-Review: Cameron Ray <cameron.ray@instructure.com>
This commit removes the canvas_link_migrator gem from canvas, instead
pulling in the gem from rubygems. This code now lives at:
https://github.com/instructure/canvas-link-migrator
flag=none
refs LF-373
Change-Id: I96221dfefacc8712262ab15e27d0de53817a7178
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/323277
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
QA-Review: Mysti Lilla <mysti@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
Build-Review: Andrea Cirulli <andrea.cirulli@instructure.com>
As a developer, I’d like to know which Sentry errors my team is
responsible for. Since Canvas is owned by multiple teams, it can take some
effort to determine which team is responsible for a particular sentry
error.
The code_ownership gem can help. It lets us define YAML configs with path
globs of which teams own which files. As an error bubbles up, it uses the
stack trace to know which team best "owns" the error.
In this commit, we add an `inst.team` tag to the error that will be
sortable / filterable in Sentry.
The next step is to add CodeOwnership config and definitions to the
canvas-lms rails app.
This is a Hack Week project.
refs VICE-3684
Test plan:
- specs pass
flag=none
Change-Id: Ifdd5cac0e33c92b2c9112e70b3c7e3a9a9d4e023
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/323629
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Omar Soto-Fortuño <omar.soto@instructure.com>
Build-Review: Isaac Moore <isaac.moore@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Omar Soto-Fortuño <omar.soto@instructure.com>
Product-Review: Omar Soto-Fortuño <omar.soto@instructure.com>
just in case the connection drops immediately after creation, but before the
FKs are added, or callbacks called
Change-Id: I738cb0ba84e87859ce55a30ac562e9c146bdbb44
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322799
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Change-Id: I4f8b1aaaecabd0b231cd32d24a213e1d45df450d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/323142
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Jacob Burroughs <jburroughs@instructure.com>
README updates as well
closes LF-380
flag=none
Test plan
- Canvas migrations should still
work properly with links as before
- Quizzes people are okay with the
methods
Change-Id: I0c1816391e625c86ba531cff9394ea78915cf8d8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322237
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Paul Gray <paul.gray@instructure.com>
QA-Review: Paul Gray <paul.gray@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
otherwise, parallelized reports will keep launching new runners
until the report completes, even though the user will not be able
to see the result. if the user deleted the report because it was
not scoped properly and was taking too long, this only makes
the problem worse
test plan:
- start a large parallelized report such as a user access report
- delete the report via the account reports API
- after currently running jobs exit, no new jobs for the report
will launch
flag=none
fixes FOO-3676
Change-Id: Icd7558e4c7746a0e7fb6223e118b0b1ca9220bb7
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322922
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jason Perry <jason.perry@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
refs LF-380
flag=none
Test plan
- Set up a course with several kinds of links
to other Canvas assets (files, media files,
wiki pages, discussion topics, etc)
- Run an import from an existing Canvas export
package
- Run a course copy
- Run a BP course copy
- Verify links look correct after the migration
- Make sure warnings from links come through
still
Change-Id: I3d607b43a26ac03c563b604b2320dbc17ea7513a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322403
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
QA-Review: James Logan <james.logan@instructure.com>
refs LF-380
flag=none
Test plan
- Set up a course with several kinds of links
to other Canvas assets (files, media files,
wiki pages, discussion topics, etc)
- Run an import from an existing Canvas export
package
- Run a course copy
- Run a BP course copy
- Verify links look correct after the migration
Change-Id: I1df3c611fd03813d45cc5b299a664f2f47aaac58
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322508
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Paul Gray <paul.gray@instructure.com>
QA-Review: Paul Gray <paul.gray@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
the job id will make it possible to find logs for an account report
that goes wrong (but not wrong enough to end up in Sentry)
make use of some helpers already deployed for sis imports for
this purpose
test plan:
- run migrations
- run an account report
- the Delayed::Job id for the job that performed the report
should be stored in account_report.job_ids (check the
jobs logs to see that it matches)
- run a parallelized account report such as grade_export_csv
- the AccountReportRunners should record a job id as well
closes FOO-3665
flag=none
Change-Id: I26b61ff66abb8a34ed3aeba889ff66f6eaf87d20
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319508
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Michael Hulse <michael.hulse@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
Migration-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
This reverts commit 0e703b84c0.
why:
- Previously, work was done to add the oauth_consumer_key and
oauth_consumer_key_sign to LTI 1.3 launches that are associated with a
1.1 tool.
- This work is important, as it improves the migration experience for
tools.
- However, the previous attempt at this did not account for tools within
production Canvas having invalid URLs/domains. While we do validate
URLs now, we didn't always, so there are some bad tools still hanging
out in the wild.
- Additionally, while the previous commit did add a feature flag, it
didn't add it properly, meaning that even though the flag was off, it
was still looking up the association, it just wasn't adding the
property to the 1.3 Message. This commit does it properly now.
fixes INTEROP-8124
flag=include_oauth_consumer_key_in_lti_launch
test-plan:
- The first half of this test plan is taken verbatim from the previous
commit:
------ Start Old Test Plan
- Clone Xander's handy dandy Remix 1.1/1.3 test tool and run it locally.
https://github.com/xandroxygen/lti_1p1_test_tool
- Run the tool and then install it locally by following the directions
for both 1.1 and 1.3.
- Launch the 1.3 tool and make sure that under the 1.1 claims section,
there is an oauth_consumer_key with value key and an
oauth_consumer_key_sign section. You don't have to check the
signature, as the algorithm for it is unit tested using values from
IMS's examples from the spec itself.
- Now delete the 1.1 tool and launch the 1.3 tool again. You should
still see the oauth_consumer_key info.
------ End Old Test Plan
- Now, to test that things won't broke when there are malformed tools,
do the following:
- Create a new course.
- Manually create a new tool in the rails console in this course with
malformed data. We have to bypass some rails validations to mock prod.
```ruby
tool = Course.last.context_external_tools.new(url: "http://url path>};/invalidurl}",
domain: "url path>};"
settings: {
"text"=>"LTI 1.1 Tool with Garbage Data",
"visibility"=>"public",
"custom_fields"=>{"user_id"=>"$Canvas.user.id"},
"course_navigation"=>
{"enabled"=>true,
"url"=>"http://url path>};/invalidurl}/launch?placement=course_navigation",
"text"=>"LTI 1.1 Garbage Data",
"selection_width"=>500,
"selection_height"=>500,
"message_type"=>"basic_lti_request",
"visibility"=>"none"},
"vendor_extensions"=>[]
})
tool.save(validate: false)
```
- Launch the LTI 1.3 test tool from this new course. You should NOT see
an oauth_consumer_key & oauth_consumer_key_sign in the LTI 1.1 claims.
More importantly, the launch should succeed without a 500.
- Delete the manually created tool and launch the 1.3 tool again. All
should be the same as above.
Change-Id: Icea1ed5fd0a316fac51ba87591ea79b2002d5a9d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322172
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Product-Review: Ryan Hawkins <ryan.hawkins@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Fixes FOO-3452
flag=none
We don't want to translate the column heading values
in any of the CSVs generated by the account_reports,
because they will most likely be used to import into
some customer ETL, and if the heading values change
depending on the locale the report was run in, it
might possibly confuse the code that's processing the
CSV files.
Test plan:
* Switch to a non-English locale
* Run an account report
* Examine the generated CSV
* The first row containing the column names should
be in English, not in the language of the locale
you are working in
Change-Id: Ia6bf87784f205fa33018e636c0f6ddd5b368a30f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322721
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Charley Kline <ckline@instructure.com>
Product-Review: Charley Kline <ckline@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
refs LF-380
flag=none
Test plan
- Specs pass
- Course links work in course
copy
Change-Id: I37bc765783d17ab1d5beff3589c9683635442610
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322496
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Paul Gray <paul.gray@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
QA-Review: Paul Gray <paul.gray@instructure.com>
either used at boot, or on every request (recaptcha)
refs AE-380
Change-Id: I3e75b6063591c4704a01fda807273ca36a93cb44
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322308
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
The canvas errors gem uses a callback to send to error_reports,
so using CanvasErrors now also reports to Sentry.
fixes VICE-3546
flag=none
Test plan:
1. IMP errors should still generate error_report.
2. IMP should send errors to sentry.
Change-Id: If420bdb4c87d05cd1e2d0bd89577e912d6301ba8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322198
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Build-Review: Andrea Cirulli <andrea.cirulli@instructure.com>
Product-Review: Chawn Neal <chawn.neal@instructure.com>
refs LF-380
flag=none
Test plan
- Set up a course with several kinds of links
to other Canvas assets (files, media files,
wiki pages, discussion topics, etc)
- Run an import from an existing Canvas export
package
- Run a course copy
- Run a BP course copy
- Verify links look correct after the migration
Change-Id: I5dcb2c0680a8136c2d67b0db755942ff2ed8067d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322131
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
QA-Review: James Logan <james.logan@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
flag=none
fixes LF-450
Test Plan:
-Set byebug breakpoint in kaltura_media_file_handler.rb:add_media_files
*Before client.startSession(CanvasKaltura::SessionType::ADMIN)
-Have a course with attachments that don't have media objects
*At least one must not be rejected by
*attachments.reject(&:active_media_object_by_media_id)
-Export course
-Start debugging delayed jobs
-Import to new course
*(Do not course copy)
-Step through client.startSession
*If I do not step through it, it fails
-Continue to the first line of bulkUploadCsv
-Stop notorious
-Continue debug session
-In UI, validate error is
*Failed to get bulkUpload result from Kaltura
Change-Id: If6e85fba127698e5a525b19019a3e22b856439b6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322225
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Eric Saupe <eric.saupe@instructure.com>
QA-Review: Eric Saupe <eric.saupe@instructure.com>
Product-Review: Jacob DeWar <jacob.dewar@instructure.com>
refs LF-380
flag=none
Test plan
- Set up a course with several kinds of links
to other Canvas assets (files, media files,
wiki pages, discussion topics, etc)
- Run an import from an existing Canvas export
package
- Run a course copy
- Run a BP course copy
- Verify links look correct after the migration
Change-Id: Ic7c9eff96ce0e6f75963ea2ec9d8c20929cc1bc2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320567
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
Reviewed-by: Paul Gray <paul.gray@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
Product-Review: James Logan <james.logan@instructure.com>
QA-Review: James Logan <james.logan@instructure.com>
QA-Review: Paul Gray <paul.gray@instructure.com>
Build-Review: Andrea Cirulli <andrea.cirulli@instructure.com>
This will help people quickly identify a syntax error in a config file
such as dynamic_settings.yml in their development environment.
flag=none
Test plan:
- Specs Pass
Change-Id: Icd4597424da4c3a44570c0de1258edc52bce378c
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322203
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Stephen Kacsmark <skacsmark@instructure.com>
Product-Review: Stephen Kacsmark <skacsmark@instructure.com>
closes LF-390
flag=none
test plan:
- Using backend stragegy S3Backend
- Create a course image with a nil filename
(Save a normal image and nil the resulting attachment filename)
- Publish and enroll in that course
- Load your card dashboard and check that it gets to load
Change-Id: I92461bd774824ddc0778c2d929e69e583a930e86
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/321158
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Eric Saupe <eric.saupe@instructure.com>
QA-Review: Eric Saupe <eric.saupe@instructure.com>
Product-Review: Luis Oliveira <luis.oliveira@instructure.com>
This reverts commit b4eafd838e.
Reason for revert: This commit is causing issues within Canvas and Sentry is down, so we can't see just how bad they are. They seemed pretty bad when we could see them though.
Change-Id: I672876dd6dd6fe22d5b5c1fb010b1050db3c5a7a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320360
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Ryan Hawkins <ryan.hawkins@instructure.com>
why:
- Admins were running the Dev Key Report in beta and noticed that
a discrepancy between the keys shown in the UI vs the report.
- This was due to a difference in the scope used in the API vs the
report. Apparently, there was a point in time where new keys created
at the account level defaulted to invisible, so filtering by visibility
does not work properly. This was likely fixed in 1a5f8ad01a, so new
keys don't have this issue.
- Now the report and the UI match up
test-plan:
- Before checking out this commit, do the following:
- Create a new developer key at the account level
- Go into the Rails console and update it to not be visible:
`DeveloperKey.find(<blah>).update!(visible: false)`
- Run the report
- Note that the key you just created isn't there, but does show up
in the UI.
- Check out this commit
- Run the report again. The key should now show up in the report.
fixes INTEROP-8106
flag=none
Change-Id: Ib4c8270efefad600e01945a9a9e965085fbe2b62
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320406
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
manually done. the big one was the explicit locale assignment
in set_locale_with_localizer needs undone in a controller callback
then using with_locale everywhere, specs no longer need to be concerned
about being in an uncertain locale
Change-Id: I5a1d2c907a6f52ee4d8c2307b8c789a1f1ea436e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320112
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
I'm not sure why rubocop didn't find these; I found them manually
Change-Id: Id2654b6d2a4a2827d56dfd0baef7a7d668591144
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320149
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
why:
- the spec says send it
- we are not doing that now
- instead, do it right
- (Also, it will help tools migrate from 1.1 to 1.3, which is currently
a bit of a pain point)
test-plan:
- Clone Xander's handy dandy Remix 1.1/1.3 test tool and run it locally.
https://github.com/xandroxygen/lti_1p1_test_tool
- Run the tool and then install it locally by following the directions
for both 1.1 and 1.3.
- Launch the 1.3 tool and make sure that under the 1.1 claims section,
there is an oauth_consumer_key with value key and an
oauth_consumer_key_sign section. You don't have to check the
signature, as the algorithm for it is unit tested using values from
IMS's examples from the spec itself.
- Now delete the 1.1 tool and launch the 1.3 tool again. You should
still see the oauth_consumer_key info.
closes INTEROP-8050
flag=include_oauth_consumer_key_in_lti_launch
Change-Id: I31b5082e76ec3408b4706f4abb4e3d9ab6890b45
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319394
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
[skip-stages=Flakey]
Change-Id: I6abefdfa9fed6dd4525c8786e93efa548b3710f2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319603
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Jacob Burroughs <jburroughs@instructure.com>
Migration-Review: Jacob Burroughs <jburroughs@instructure.com>
This will move the URI out of the event message and into a tag, where it
is easier to analyze.
refs AE-140
flag=none
Change-Id: I01394fcbcddf0a1bda881cc0be1ab96d82034df2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319693
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
When CanvasHttp connects to a host with an invalid peer certificate, log a
warning to Sentry so we can address it.
Note: This still does not fail requests for invalid certificates -- once
we've fixed any offenders, we can allow connections to fail.
closes AE-140
flag=none
test plan:
- in the console, call `CanvasHttp.get "https://expired.badssl.com"`
- expect to see an appropriate message logged to Sentry
- in the console, call `CanvasHttp.get "https://wrong.host.badssl.com"`
- expect to see an appropriate message logged to Sentry
- in the console, call `CanvasHttp.get "https://google.com"`
- expect to see no message logged to Sentry
- expect all connections above to succeed
- if the above expectations fail because badssl.com has valid certs and
google.com has an invalid cert, pinch yourself -- you may be in an
alternate timeline
Change-Id: I3b9a27384b4a6002800d14a6d311470ee8194b3b
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318552
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Isaac Moore <isaac.moore@instructure.com>
refs AE-297
and also include binstubs in the path in docker
this will help ensure people are running the correct version of bundler
Change-Id: I68e7f6a43efd89ff257a9307aa4f6709acef05f8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318776
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
refs AE-297
and also add this to `bundle check`
Change-Id: Ia0369485787e70f9d9a5f1e93cb76cddab3d6c93
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318750
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
refs LF-283
flag=none
QA-risk: medium
[fsc-timeout=30]
Test plan
- Upload files in the RCE and make sure
their content types make sense
- (It looks like 'video' was sort of the
default recently because the old
code didn't seem to be getting the
data it was expecting)
- We want the full content type with
a slah to make LF-283 work better
- Check other places we might be using
the uploader and see if it's working
there too (I can't think of other places
we're using it :( )
Change-Id: I7f155ee2c2bd7c2dfdc62e097748c5c8ecb9e513
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318822
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Luis Oliveira <luis.oliveira@instructure.com>
QA-Review: Luis Oliveira <luis.oliveira@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
flag=none
Change-Id: Id854603d7b92b3e26126944a49d739e1601d981d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318640
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
so that you can run things from other working directories
Change-Id: Ifb01d4fdb70cfb6c4e14943963cabaaabe9f6893
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318396
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
depending on order, the default gemfile might not be set properly because it
was still doing its regular selection logic
Change-Id: I425bd529526e43c5cd752c2570f554638b9524dd
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318329
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
refs AE-45
flag=none
test plan:
- specify `canvas_security` values in `vault_contents.yml`
- confirm they're loaded correctly when calling `CanvasSecurity` methods,
like `services_encryption_secret`, `services_signing_secret`, and
`services_previous_signing_secret`
Change-Id: Ib088eb2c123bcc32cfd6d67729916a6d7c5c2529
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/314607
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
Build-Review: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
why:
- Customers would like a way to easily see what keys they have in their
account, what permissions those keys have, and where those keys came
from, all in a machine and human-readable format. Thus, a CSV report!
closes INTEROP-7944
flag=none
test-plan:
- Have a consortium setup.
- Create a key in the consortium parent account. Make sure the key is
visible. It doesn't matter whether it is on or off.
- Create two keys in both the cross-shard and same-shard
consortia child. Ensure you have at least one LTI key, either from the
parent or in the child account. Additionally, select some scopes for
the API key so that they show up in the report.
- Run the report in both accounts. You should see the inherited key in
both reports and the keys specific to the child accounts in their
respective reports.
- Make the parent key invisible and remove all scopes from the API key.
- Rerun the report and make sure that the parent key doesn't show up
anymore and that the API shows as having access to "All" API
endpoints.
Change-Id: I34ea4b894d21024321db7c8de17faf49d2c98686
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/312364
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Evan Battaglia <ebattaglia@instructure.com>
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
Migration-Review: Isaac Moore <isaac.moore@instructure.com>
we used to allow data protocols in src attributes
in the following tags: audio, video, source, and
track. this patch re-enables that ability
fixes LF-18
flag=none
test plan:
*pre-req: have an access token that you can use to
make an API request
-prep a POST request to:
http://canvas.docker/api/v1/courses/<id>/pages
-in the wiki_page[body] field of the request, add an
audio, video, source, and track tag
-for each tag, add a src="data:anything" attribute
-make the request
>confirm that the src attributes aren't stripped from the
body field in the response
qa risk: low
Change-Id: I52db5ad1fcefd410d8c7339a9bd27300080196c6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317903
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
QA-Review: Jackson Howe <jackson.howe@instructure.com>
Product-Review: Jake Oeding <jake.oeding@instructure.com>
refs MAT-1350
flag=none
qa risk: very low
Test plan
- Using local files and s3 files
make sure you can upload a file
- Make sure images still have
thumbnails like they shoud
Change-Id: Ifbdd2c547b28333bece8ae246a2fa54d25a316cf
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317829
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Sarah Gerard <sarah.gerard@instructure.com>
QA-Review: Sarah Gerard <sarah.gerard@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Actually use Bundler to write them out. this ensure that all
constraints are checked with the gem's Gemfile. Had to resolve
several issues with gems along the way.
also removed RedCloth from canvas_stringex, because it's never
used
Change-Id: I614be19e147bdfd3e351e7f032fd6f9b0c1926be
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317781
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Andrea Cirulli <andrea.cirulli@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
Build-Review: Aaron Ogata <aogata@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
this includes a fix for https://github.com/ruby-i18n/i18n/issues/639,
and thus we need to adjust a spec
Change-Id: I5b1425245f942dcdfdcfa34863ec43c1afe6ff0f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317518
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
so that switchman can tranpose the sub-queries
refs AE-164
Change-Id: I0bb0be10cd7c47126767d94e0bdb83cd0b3d16bf
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316973
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes VICE-3244
flag=none
test plan:
- Specs pass.
- Enroll a user in a course and note his ID.
- As a teacher, create a new Announcement (or
anything else that will trigger a notification).
- Notification should be sent, you can verify on
/users/[ID]/messages
- As an admin, go to /users/[ID] and click on Suspend User.
- Try creating another announcement.
- Notification shouldn't be sent.
qa risk: low
Change-Id: Ia8a484901c76391c92f6d3f4e51a9046426b0f87
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316576
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Chawn Neal <chawn.neal@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Caleb Guanzon <cguanzon@instructure.com>
test plan:
- hard-delete the developer key linked to an access token
- run a user access token report
- the report should complete (with an empty column for the
missing developer key's name)
flag=none
fixes FOO-3388
Change-Id: If44a65ec99846bada0685edaa32047021ca1897d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316449
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
test plan:
- existing tests pass
flag=none
refs EVAL-3055
Change-Id: I80bebc17e49473d9bb9a8b94ce55f9047b1b3f6f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316537
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Cameron Ray <cameron.ray@instructure.com>
QA-Review: Cameron Ray <cameron.ray@instructure.com>
Product-Review: Cameron Ray <cameron.ray@instructure.com>
still need to ensure gem dependencies are consistent, but this should
prevent unexpected breakage during tests
Change-Id: I39420479fd3fe4f7e49a12a418eca033fcdc7564
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/314979
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
I was able to replace one of our custom cops with a built in one
(just had to make it ignore older migrations).
Then I had to manually fix a couple of (important!) offenses
Change-Id: I000310bb6b065034384ba3a33ef5e37e22b9be5a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/315855
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
many can be converted to heredocs, and most the rest can be simply
re-arranged to chained method calls without line continuations
[skip-stages=Flakey]
Change-Id: Ib96722c0d8108ed2783129fb909bff7a18617ffd
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/315684
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Change-Id: Iff3b5b8275989863fd35f94fbb5d18ef97fd84be
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/314969
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Cody Cutrer