* fix a bug in Api.map_ids that was causing a worthless SELECT for each id given
* pre-load all the assignments and manually set them on the
submissions, to avoid those individual queries
* if sis ids are given, resolve them to AR ids all in one query, rather
than individually
* allow excluding attachments and discussion_entries using the
response_fields/exclude_response_fields functionality
Change-Id: Ib48016f8440959a08637385f0ccaa23d40e7adde
Reviewed-on: https://gerrit.instructure.com/5975
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
"Mute Assignment" links in gradebook and speedgrader
stop all announcements, emails, and stream items for grades
and comments from appearing until the teacher unmutes the
assignment.
Change-Id: Id74b305b568ff86e2a0e6f9319cfa40bb98b1bcd
Reviewed-on: https://gerrit.instructure.com/5779
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Zach Pendleton <zachp@instructure.com>
use src from <content> element to download, instead of constructing our
own url (fragile!). also, use https instead of http.
Change-Id: I9e2ca48558b63522bc730309d64411208ad92f9c
Reviewed-on: https://gerrit.instructure.com/5922
Reviewed-by: Zach Wily <zach@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Jacob Fugal <jacob@instructure.com>
Thanks to Gabe O'Brien for the initial patch
Change-Id: I0b589e9cceb531607b8609d71f6da3687829a116
Reviewed-on: https://gerrit.instructure.com/5883
Reviewed-by: Zach Wily <zach@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
this matches the expected behavior of all the plugin lambda blocks,
which is that no args will be passed in
Change-Id: I60cfc3dd411d6e7b0655c8ba7307f524c9601930
Reviewed-on: https://gerrit.instructure.com/5839
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
these are syntax errors in 1.9.x
Change-Id: I7cbd66643cb371e4be9f8da0365bf1e988ee5de8
Reviewed-on: https://gerrit.instructure.com/5833
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
- New rake task `rake jst:compile` to precompile
JavaScript templates into functions.
Add handlebars templates to app/views/jst and
they'll get compiled to public/javascripts/jst
- New rake task `rake jasmine` and `jasmine:ci` to
run JavaScript specs.
Add specs to spec/coffeescripts and they'll get
compiled into spec/javascripts
- Added Guard gem `$ guard` that watches
coffeescript and handlebars files and compiles
them when changes are made.
- Created Handlebars Ruby class that precompiles
the templates into JavaScript functions
- Added JS Template constructor to abstract
our tempting API
Change-Id: Ie993d0fc50d49b161ed94dbc066c4475cefdc427
Reviewed-on: https://gerrit.instructure.com/5813
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
notable changes:
* nothing is processed as a sis-import blocking error now. bad imports now
result in warnings, while just skipping bad data
* we no longer check for duplicates before going to the database
Change-Id: Iedc96b29d92caccdc6a71ae1de8100a1c82dd137
Reviewed-on: https://gerrit.instructure.com/5724
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Also had to change the export/importing of blti links
from canvas
refs #4153
Change-Id: Iae2d6e9c677d310d7e824fa78885c8aca2c1af83
Reviewed-on: https://gerrit.instructure.com/5703
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
This also fixed some problems with the web content
part of the importer and made the spec run the full
migration from a cc package
refs #4153
Change-Id: I1700043b578fe79586104cf13b260c78c3166194
Reviewed-on: https://gerrit.instructure.com/5702
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
This will allow a UI where the user doesn't need to identify
the type of package they're uploading. For now it's only used
for common cartridge/canvas cartridge packages.
refs #4153
Change-Id: I2488777316660c9af60f544884429de7355f358f
Reviewed-on: https://gerrit.instructure.com/5701
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
you only need one of the following:
Student Name, ID, SIS User ID, SIS Login ID
per row in the gradebook csv uploads
fixes: #5725
Change-Id: Ic5785d14b146d68603654beba122ca1f73cd9c1e
Reviewed-on: https://gerrit.instructure.com/5771
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
Stop storing recent messages in conversation stream, as streams
don't exist on user level and so can't reflect user differences
in deleted messages.
Change-Id: I4750f7c58bf80e9f06060eb089fe83cfc5668d2b
Reviewed-on: https://gerrit.instructure.com/5646
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
users can always read their own profile, and also the profiles of any
user who they have :view_statistics permissions on. when accessing their
own profile, users get their calendar ics feed url back as well.
closes#4756, #4746
Change-Id: Icfbbe3514a4b2425bcb041c726dc35ac4cdd3d12
Reviewed-on: https://gerrit.instructure.com/5649
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
in the process fixed the public_feed action doing the work to render
both formats, as well a related i18n error
refs #4746
Change-Id: Ic58a98e67c0df15632d8a7393c1f6fe881d9680f
Reviewed-on: https://gerrit.instructure.com/5640
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Reviewed-by: Mark Suman <marks@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
Finding users is a bit different, since the user's sis information is
actually stored on the pseudonym. Before, we were working around this in
the submissions api. I've generalized it to work everywhere that uses
the Api find functionality, and in the process fixed the page views api
so that it works with sis ids.
This is necessary as we add more user apis, like the upcoming
/users/:user_id profile API.
Also added the /users/self shortcut to query the various user apis for
the user accessing the api.
Also for consistency, deprecate users/activity_stream in favor of
users/self/activity_stream
Change-Id: Icb0776231070b838bb341893d12b1061b90c5d04
Reviewed-on: https://gerrit.instructure.com/5628
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
also streamlined conversations json and made it more consistent
Change-Id: I422d9eaf5e2e8d228c184302cb2e95d2755f50d4
Reviewed-on: https://gerrit.instructure.com/5399
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
These two fields will make it much easier to part what the stream item
is and what its action should be.
closes#5531
Change-Id: I73949d296724391d036dbe7d0043021f73380cb0
Reviewed-on: https://gerrit.instructure.com/5457
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
It wasn't handling removing the association on the transition to deleted state.
Change-Id: Ia9f0714b8eba200531b5e2764c1c4f152f8ff8be
Reviewed-on: https://gerrit.instructure.com/5380
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
Also clear old whitespace that was missed before this fix
closes#5448
Change-Id: I6096685223c43bfec9fd0c669c737af422687e10
Reviewed-on: https://gerrit.instructure.com/5354
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: JT Olds <jt@instructure.com>
update_all's update hash doesn't have any magic performed on bare Time
objects; it assumes any Time object it's given is already in UTC. using
a TimeWithZone object (regardless of timezone), which Fixnum#ago and
friends happen to return, is still fine.
Change-Id: I297b2a3211b896b5225ebcfaaee3c1eb56e55fb6
Reviewed-on: https://gerrit.instructure.com/5351
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
this required changing the data format, so a version column is added to
the table and backwards compatibility code is included. import/export is
aware of this as well.
Change-Id: I753060a6886e3896cbfbad69d16bcc2f1310d466
Reviewed-on: https://gerrit.instructure.com/5296
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
the tmp file was getting closed before FileInContext does its thing.
Change-Id: Ib2145552e18f9162c0ae87e5626bb5c6a12a3a0b
Reviewed-on: https://gerrit.instructure.com/4772
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
A qti-specific import allowed this before, but now it can
be configured for other migration types
closes#5044
Change-Id: I96e63725ca42937980c73f80f794848848cd59b1
Reviewed-on: https://gerrit.instructure.com/5268
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
* Daily job to evaluate alerts
* Spawns a new job for each root account (for parallelization).
It could be broken down to per-course level if needed (i.e.
if there is a *huge* root account).
* Evaluating criteria at a course level using efficient queries.
* UI for CRUD on alerts
* Render existing alerts
* Delete existing alerts
* Create a new alert
* CRUD for criteria, recipients, repetition
* Validations
* Improve instructure_helper's formErrors to support passing errors
for specific elements
* Improve Rails' :include to be able to :exclude an :include
inherited from a named scope
* Specs!!
* Note that we want to slowly roll this out, so there is a setting on
root accounts to enable it
So I ran an alert with just an interaction criterion on a test
cluster against 50,000 courses, and it took less than 10 minutes
without any parallelization. That seems like acceptable
performance to me (since there are only just over 3000 courses
in production that would even be elligible to have alerts sent
right now). Of course, that's probably skewed because I'm sure
a bunch of those 50,000 courses were essentially empty.
Change-Id: Ie028ef206c9155b9a72fb2a820f3e0e516de562a
Reviewed-on: https://gerrit.instructure.com/4799
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
optimize crosslisting itself:
* use ids where possible to avoid unnecessarily loading up objects
* Don't worry about keeping track of if we need to save; we're gonna
save anyway
* update account associations on any account change, not just root
account change (if you re-crosslist a section from one sub-account
to another sub-account, the users may no longer be associated with
the first sub-account).
optimize sis imports:
* really batch up update_account_associations
Change-Id: Ic0fbe1601afcbcd3e6540e69febc2e6a1a94157f
Reviewed-on: https://gerrit.instructure.com/5137
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: JT Olds <jt@instructure.com>
* Attempt to cache the course/section between rows
* On section change, calculate the new account associations *once*,
and use the new User#update_account_associations incremental mode
for strictly new enrollments
* Keep the account_assocations account_chain cache intact between
calls
* Fall back to global update_account_associations if too few
enrollments in the section, if not a strictly new enrollment, or
if the user is already going to be globally updated
Change-Id: I884a394aef4f4b81f4472ee3a57f89c1f72ae371
Reviewed-on: https://gerrit.instructure.com/5136
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: JT Olds <jt@instructure.com>
* Manually cache account chains (query cache gets dumped after every
update or delete)
* Use batch queries and preloads to make the number of queries
constant wrt how many users are getting updated
* Simplify calculation - find the root account ids, and merge the
account chains together
* Fix depth to be defined as the minimum depth to reach that account
(rather than whichever path happened to be processed last)
* Add incremental mode to only add accounts, rather than re-calculate
all associations (only for User)
* Don't auto-create the default section during
update_account_associations; it costs a query and possibly an
insert, causes angst with schools that don't want it, etc.
Instead, always create associations against a 'nil' section so
that a course has the proper associations.
Change-Id: I7d476d45f41d9c3e382fac9b5c0c0aaa5369b956
Reviewed-on: https://gerrit.instructure.com/5135
Tested-by: Hudson <hudson@instructure.com>
Tested-by: Selenium <selenium@instructure.com>
Reviewed-by: JT Olds <jt@instructure.com>
Previously we were trying to be too smart about when we'd do the updates, and
we were missing some cases - like when a start_date is moved to the future.
Now we'll just run the update any time the dates change, which should catch
those edge cases. The update was also put in a strand to avoid any race
conditions caused by someone doing a lot of close-together updates of those
dates.
Change-Id: I655ac530ee04725ff1aad2118b7a35649759571f
Reviewed-on: https://gerrit.instructure.com/5118
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Whitmer <brian@instructure.com>
We decided that this doesn't make sense, and is way too noisy.
Change-Id: I1ce7d9caa499ed6237b44278256993740db9fcd6
Reviewed-on: https://gerrit.instructure.com/5124
Reviewed-by: Brian Whitmer <brian@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
if an enrollment belongs to a course/section pair, and then the section is
crosslisted to another course while the enrollment data stays with the
original course/section pair, the next time that enrollment gets imported
canvas shouldn't bail, but should instead pick the new crosslisted course
Change-Id: Ieb93ab19be6ee620fcf39463fc31db82048f3ea8
Reviewed-on: https://gerrit.instructure.com/5125
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
Previously we were allowing 'active' to override any term date restrictions.
Now we interpret 'active' to mean 'active excluding any other date-based
restrictions'.
Also fixed a bug that was causing inactive to be treated as active.
Change-Id: Idf435e7b5c129c410f828b6393d7d50fc366fbde
Reviewed-on: https://gerrit.instructure.com/5119
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Conflicts:
app/controllers/context_controller.rb
config/assets.yml
spec/integration/files_spec.rb
spec/models/user_spec.rb
also removed test "ContextController GET 'inbox_item' should exclude
recipients if protect_recipients" since ContextMessage inbox items
aren't used any more on this branch.
Change-Id: I99d0e4914cb1bf9617993c1cb1afdbca0e9ba32f
allowing api_key to replace authenticity_token for normal cookie
sessions would open us up to a CSRF attack, by allowing a malicious user
to use the api_key without explicitly having the user credentials.
fixes#5162
Change-Id: Ia2604a6930d660dd04a8783fc983a3fe381ff48d
Reviewed-on: https://gerrit.instructure.com/5028
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
so developers can run rake i18n:generate_js without having a dirty assets.yml
Have to be magical about merging though two using erb in the real assets.yml.
Also split _core.js into _core_en.js (committed to repo) and everything else
in _core.js (not in repo), for the same reason.
Change-Id: I4749ee5818b9e7d4e1244c6e8295790bb1235e34
Reviewed-on: https://gerrit.instructure.com/4972
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
data.filename was not being populated, so the filename field
of the multipart request was empty, causing rack to just throw
it away. NOTE: rack throws away fields if you provide filename=""
with content-disposition file.
fixes#5154
Change-Id: If6f0a3a818aaa2f97ee4aded4bea80063209b12a
Reviewed-on: https://gerrit.instructure.com/4840
Tested-by: Hudson <hudson@instructure.com>
Tested-by: Selenium <selenium@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
periods were being interpreted as the beginning of a file extension,
rather than part of the sis id. fixing this meant completely changing
our routing, unfortunately, since rails resourceful routing is very
oriented on numeric ids, with format extensions.
the .json extension is now optional for api requests, in api v2 we'll
drop it completely. there is the unfortunate edge case that a sis id
ending in ".json" can't be send through the v1 api -- except...
we also now support hex encoding sis ids in the api calls. this allows
arbitrary strings to be used. in theory this could just use uri
encoding, which is also "supported", but there are bugs in various
releases of apache and the rack/rails stack that make this impossible to
use with some characters, such as "." and "/".
the api documentation has been updated as well
Change-Id: Ifa4b529dffee0f30ef5384f94c64aa6e8f8f2542
Reviewed-on: https://gerrit.instructure.com/4940
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
External tools were not working if there were query parameters
in the URL (http://dr-chuck.com/ims/php-simple/tool.php?a=1&b=2).
This should now work correctly.
Change-Id: Ibc0b0d61deed508058cadd07bbc2387194926f9e
Reviewed-on: https://gerrit.instructure.com/4936
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Brian Palmer