flag=none
fixes LF-450
Test Plan:
-Set byebug breakpoint in kaltura_media_file_handler.rb:add_media_files
*Before client.startSession(CanvasKaltura::SessionType::ADMIN)
-Have a course with attachments that don't have media objects
*At least one must not be rejected by
*attachments.reject(&:active_media_object_by_media_id)
-Export course
-Start debugging delayed jobs
-Import to new course
*(Do not course copy)
-Step through client.startSession
*If I do not step through it, it fails
-Continue to the first line of bulkUploadCsv
-Stop notorious
-Continue debug session
-In UI, validate error is
*Failed to get bulkUpload result from Kaltura
Change-Id: If6e85fba127698e5a525b19019a3e22b856439b6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322225
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Eric Saupe <eric.saupe@instructure.com>
QA-Review: Eric Saupe <eric.saupe@instructure.com>
Product-Review: Jacob DeWar <jacob.dewar@instructure.com>
refs LF-380
flag=none
Test plan
- Set up a course with several kinds of links
to other Canvas assets (files, media files,
wiki pages, discussion topics, etc)
- Run an import from an existing Canvas export
package
- Run a course copy
- Run a BP course copy
- Verify links look correct after the migration
Change-Id: Ic7c9eff96ce0e6f75963ea2ec9d8c20929cc1bc2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320567
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: James Logan <james.logan@instructure.com>
Reviewed-by: Paul Gray <paul.gray@instructure.com>
Product-Review: Paul Gray <paul.gray@instructure.com>
Product-Review: James Logan <james.logan@instructure.com>
QA-Review: James Logan <james.logan@instructure.com>
QA-Review: Paul Gray <paul.gray@instructure.com>
Build-Review: Andrea Cirulli <andrea.cirulli@instructure.com>
This will help people quickly identify a syntax error in a config file
such as dynamic_settings.yml in their development environment.
flag=none
Test plan:
- Specs Pass
Change-Id: Icd4597424da4c3a44570c0de1258edc52bce378c
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/322203
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Stephen Kacsmark <skacsmark@instructure.com>
Product-Review: Stephen Kacsmark <skacsmark@instructure.com>
closes LF-390
flag=none
test plan:
- Using backend stragegy S3Backend
- Create a course image with a nil filename
(Save a normal image and nil the resulting attachment filename)
- Publish and enroll in that course
- Load your card dashboard and check that it gets to load
Change-Id: I92461bd774824ddc0778c2d929e69e583a930e86
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/321158
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Eric Saupe <eric.saupe@instructure.com>
QA-Review: Eric Saupe <eric.saupe@instructure.com>
Product-Review: Luis Oliveira <luis.oliveira@instructure.com>
This reverts commit b4eafd838e.
Reason for revert: This commit is causing issues within Canvas and Sentry is down, so we can't see just how bad they are. They seemed pretty bad when we could see them though.
Change-Id: I672876dd6dd6fe22d5b5c1fb010b1050db3c5a7a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320360
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Ryan Hawkins <ryan.hawkins@instructure.com>
why:
- Admins were running the Dev Key Report in beta and noticed that
a discrepancy between the keys shown in the UI vs the report.
- This was due to a difference in the scope used in the API vs the
report. Apparently, there was a point in time where new keys created
at the account level defaulted to invisible, so filtering by visibility
does not work properly. This was likely fixed in 1a5f8ad01a, so new
keys don't have this issue.
- Now the report and the UI match up
test-plan:
- Before checking out this commit, do the following:
- Create a new developer key at the account level
- Go into the Rails console and update it to not be visible:
`DeveloperKey.find(<blah>).update!(visible: false)`
- Run the report
- Note that the key you just created isn't there, but does show up
in the UI.
- Check out this commit
- Run the report again. The key should now show up in the report.
fixes INTEROP-8106
flag=none
Change-Id: Ib4c8270efefad600e01945a9a9e965085fbe2b62
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320406
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
manually done. the big one was the explicit locale assignment
in set_locale_with_localizer needs undone in a controller callback
then using with_locale everywhere, specs no longer need to be concerned
about being in an uncertain locale
Change-Id: I5a1d2c907a6f52ee4d8c2307b8c789a1f1ea436e
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320112
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
I'm not sure why rubocop didn't find these; I found them manually
Change-Id: Id2654b6d2a4a2827d56dfd0baef7a7d668591144
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/320149
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
why:
- the spec says send it
- we are not doing that now
- instead, do it right
- (Also, it will help tools migrate from 1.1 to 1.3, which is currently
a bit of a pain point)
test-plan:
- Clone Xander's handy dandy Remix 1.1/1.3 test tool and run it locally.
https://github.com/xandroxygen/lti_1p1_test_tool
- Run the tool and then install it locally by following the directions
for both 1.1 and 1.3.
- Launch the 1.3 tool and make sure that under the 1.1 claims section,
there is an oauth_consumer_key with value key and an
oauth_consumer_key_sign section. You don't have to check the
signature, as the algorithm for it is unit tested using values from
IMS's examples from the spec itself.
- Now delete the 1.1 tool and launch the 1.3 tool again. You should
still see the oauth_consumer_key info.
closes INTEROP-8050
flag=include_oauth_consumer_key_in_lti_launch
Change-Id: I31b5082e76ec3408b4706f4abb4e3d9ab6890b45
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319394
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
[skip-stages=Flakey]
Change-Id: I6abefdfa9fed6dd4525c8786e93efa548b3710f2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319603
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Jacob Burroughs <jburroughs@instructure.com>
Product-Review: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Jacob Burroughs <jburroughs@instructure.com>
Migration-Review: Jacob Burroughs <jburroughs@instructure.com>
This will move the URI out of the event message and into a tag, where it
is easier to analyze.
refs AE-140
flag=none
Change-Id: I01394fcbcddf0a1bda881cc0be1ab96d82034df2
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/319693
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
When CanvasHttp connects to a host with an invalid peer certificate, log a
warning to Sentry so we can address it.
Note: This still does not fail requests for invalid certificates -- once
we've fixed any offenders, we can allow connections to fail.
closes AE-140
flag=none
test plan:
- in the console, call `CanvasHttp.get "https://expired.badssl.com"`
- expect to see an appropriate message logged to Sentry
- in the console, call `CanvasHttp.get "https://wrong.host.badssl.com"`
- expect to see an appropriate message logged to Sentry
- in the console, call `CanvasHttp.get "https://google.com"`
- expect to see no message logged to Sentry
- expect all connections above to succeed
- if the above expectations fail because badssl.com has valid certs and
google.com has an invalid cert, pinch yourself -- you may be in an
alternate timeline
Change-Id: I3b9a27384b4a6002800d14a6d311470ee8194b3b
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318552
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Build-Review: Isaac Moore <isaac.moore@instructure.com>
refs AE-297
and also include binstubs in the path in docker
this will help ensure people are running the correct version of bundler
Change-Id: I68e7f6a43efd89ff257a9307aa4f6709acef05f8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318776
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
refs AE-297
and also add this to `bundle check`
Change-Id: Ia0369485787e70f9d9a5f1e93cb76cddab3d6c93
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318750
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
refs LF-283
flag=none
QA-risk: medium
[fsc-timeout=30]
Test plan
- Upload files in the RCE and make sure
their content types make sense
- (It looks like 'video' was sort of the
default recently because the old
code didn't seem to be getting the
data it was expecting)
- We want the full content type with
a slah to make LF-283 work better
- Check other places we might be using
the uploader and see if it's working
there too (I can't think of other places
we're using it :( )
Change-Id: I7f155ee2c2bd7c2dfdc62e097748c5c8ecb9e513
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318822
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Luis Oliveira <luis.oliveira@instructure.com>
QA-Review: Luis Oliveira <luis.oliveira@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
flag=none
Change-Id: Id854603d7b92b3e26126944a49d739e1601d981d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318640
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
so that you can run things from other working directories
Change-Id: Ifb01d4fdb70cfb6c4e14943963cabaaabe9f6893
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318396
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Isaac Moore <isaac.moore@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
depending on order, the default gemfile might not be set properly because it
was still doing its regular selection logic
Change-Id: I425bd529526e43c5cd752c2570f554638b9524dd
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/318329
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
closes AE-283
this eliminates script/sync_lockfiles.rb and integrates its
functionality directly into `bundle install`, `bundle check`, etc.
it also generalizes a few pieces so that the same approach is used
for all use cases:
* syncing versions between the main Gemfile and gems in gems/
* maintaining separate lockfiles for no plugins/including
private plugins
* maintaining separate lockfiles for multiple Rails versions
(crossed with the previous bullet)
The differences between them are just small variations on how strict
versions must match between lockfiles, and requiring pinning of
versions not in the default lockfile.
For full details, checks the docs on BundlerLockfileExtensions
This does change the strategy for filtering private plugin dependencies
out of the committed lockfile(s) - instead of filtering based on hash
of source, simply don't even include private plugin gems in the gemfile
when building the filtered lockfile (i.e. dynamic Gemfile, rather than
monkeypatching bundler to filter out -- semi-succesfully -- private
plugins from the Definition).
It also changes the "default" lockfile for Canvas that gets checked
in to be Gemfile.lock, so that other tools that are not
multi-lockfile aware can find it (such as rubocop, dependabot, and
others). This will be the lockfile corresponding to the current
default rails version for Canvas, and without private plugins.
Change-Id: I7ba398381974acbc4445f34fa3b788e8a07c5ce6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317888
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
refs AE-45
flag=none
test plan:
- specify `canvas_security` values in `vault_contents.yml`
- confirm they're loaded correctly when calling `CanvasSecurity` methods,
like `services_encryption_secret`, `services_signing_secret`, and
`services_previous_signing_secret`
Change-Id: Ib088eb2c123bcc32cfd6d67729916a6d7c5c2529
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/314607
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Isaac Moore <isaac.moore@instructure.com>
Product-Review: Isaac Moore <isaac.moore@instructure.com>
Build-Review: Isaac Moore <isaac.moore@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
why:
- Customers would like a way to easily see what keys they have in their
account, what permissions those keys have, and where those keys came
from, all in a machine and human-readable format. Thus, a CSV report!
closes INTEROP-7944
flag=none
test-plan:
- Have a consortium setup.
- Create a key in the consortium parent account. Make sure the key is
visible. It doesn't matter whether it is on or off.
- Create two keys in both the cross-shard and same-shard
consortia child. Ensure you have at least one LTI key, either from the
parent or in the child account. Additionally, select some scopes for
the API key so that they show up in the report.
- Run the report in both accounts. You should see the inherited key in
both reports and the keys specific to the child accounts in their
respective reports.
- Make the parent key invisible and remove all scopes from the API key.
- Rerun the report and make sure that the parent key doesn't show up
anymore and that the API shows as having access to "All" API
endpoints.
Change-Id: I34ea4b894d21024321db7c8de17faf49d2c98686
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/312364
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Evan Battaglia <ebattaglia@instructure.com>
Reviewed-by: Tucker Mcknight <tmcknight@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Alexis Nast <alexis.nast@instructure.com>
Migration-Review: Isaac Moore <isaac.moore@instructure.com>
we used to allow data protocols in src attributes
in the following tags: audio, video, source, and
track. this patch re-enables that ability
fixes LF-18
flag=none
test plan:
*pre-req: have an access token that you can use to
make an API request
-prep a POST request to:
http://canvas.docker/api/v1/courses/<id>/pages
-in the wiki_page[body] field of the request, add an
audio, video, source, and track tag
-for each tag, add a src="data:anything" attribute
-make the request
>confirm that the src attributes aren't stripped from the
body field in the response
qa risk: low
Change-Id: I52db5ad1fcefd410d8c7339a9bd27300080196c6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317903
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jackson Howe <jackson.howe@instructure.com>
QA-Review: Jackson Howe <jackson.howe@instructure.com>
Product-Review: Jake Oeding <jake.oeding@instructure.com>
refs MAT-1350
flag=none
qa risk: very low
Test plan
- Using local files and s3 files
make sure you can upload a file
- Make sure images still have
thumbnails like they shoud
Change-Id: Ifbdd2c547b28333bece8ae246a2fa54d25a316cf
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317829
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Sarah Gerard <sarah.gerard@instructure.com>
QA-Review: Sarah Gerard <sarah.gerard@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Actually use Bundler to write them out. this ensure that all
constraints are checked with the gem's Gemfile. Had to resolve
several issues with gems along the way.
also removed RedCloth from canvas_stringex, because it's never
used
Change-Id: I614be19e147bdfd3e351e7f032fd6f9b0c1926be
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317781
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Andrea Cirulli <andrea.cirulli@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
Build-Review: Aaron Ogata <aogata@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
this includes a fix for https://github.com/ruby-i18n/i18n/issues/639,
and thus we need to adjust a spec
Change-Id: I5b1425245f942dcdfdcfa34863ec43c1afe6ff0f
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/317518
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Aaron Ogata <aogata@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
Build-Review: Cody Cutrer <cody@instructure.com>
so that switchman can tranpose the sub-queries
refs AE-164
Change-Id: I0bb0be10cd7c47126767d94e0bdb83cd0b3d16bf
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316973
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Jacob Burroughs <jburroughs@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
fixes VICE-3244
flag=none
test plan:
- Specs pass.
- Enroll a user in a course and note his ID.
- As a teacher, create a new Announcement (or
anything else that will trigger a notification).
- Notification should be sent, you can verify on
/users/[ID]/messages
- As an admin, go to /users/[ID] and click on Suspend User.
- Try creating another announcement.
- Notification shouldn't be sent.
qa risk: low
Change-Id: Ia8a484901c76391c92f6d3f4e51a9046426b0f87
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316576
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Chawn Neal <chawn.neal@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Caleb Guanzon <cguanzon@instructure.com>
test plan:
- hard-delete the developer key linked to an access token
- run a user access token report
- the report should complete (with an empty column for the
missing developer key's name)
flag=none
fixes FOO-3388
Change-Id: If44a65ec99846bada0685edaa32047021ca1897d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/316449
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: August Thornton <august@instructure.com>
QA-Review: Jeremy Stanley <jeremy@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
Jacob DeWar