fixes: PS-1538
**test plan
configure and launch lti tool, upon lti tool launch the
lti_context_id for user should be set, and if course launch
the lti_context_id on course object, if account launch, then
lti_context_id on account. Once these are set, api calls to the
corresponding object can be made using the syntax lti_context_id:id
Change-Id: Icdf02e4f99691be417c024adb2a2751ba2aa9335
Reviewed-on: https://gerrit.instructure.com/35380
Reviewed-by: Brad Humphrey <brad@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Adam Phillipps <adam@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
When preparing user content for public consumption via the API, we were
hardcoding a media_type of mp4, which prevented clients using API
endpoints (specifically the mobile client) from playing audio comments
which only had mp3 sources.
This adds a new path through media_download that prefers mp3 for audio
media but falls back to the old mp4 behavior. We also maintain backwards
compatibility with other callers using the file_extension based
filtering.
NTRS-43
Test Plan:
- With both a 'wav' and an 'mp3' sample file:
- Create an announcement and upload an audio file via the RTE
- Wait for transcoding to complete in Kaltura
- The file should play properly in the web browser
- Open the same announcement in the iOS mobile app
- The audio file should play properly on the phone
Change-Id: I26735096ea4336cf1acc04eb9649d322f68fa515
Signed-off-by: Paul Hinze <paulh@instructure.com>
Reviewed-on: https://gerrit.instructure.com/33318
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
refs CNVS-10087
test plan
- hit assignments api with valid iso8601 BC date
example: -2014-10-01T00:00:00-06:00
- should return 400
Change-Id: Ifc70bb3ce268f2fadc8ed4060ec7925164da5a19
Reviewed-on: https://gerrit.instructure.com/33789
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
refs CNVS-10087
test plan
- specs should pass
Change-Id: Ia28a3ec65c24d2e70a5073b5da2caab8b282da9f
Reviewed-on: https://gerrit.instructure.com/33115
Reviewed-by: Anthus Williams <awilliams@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
also add helper method to create error reports
refs CNVS-10087
refs CNVS-9618
test plan
- specs should pass
Change-Id: I74f40dd16a85a0d95f9b152f6750ec98aade2ba5
Reviewed-on: https://gerrit.instructure.com/33114
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Anthus Williams <awilliams@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
QA-Review: Rob Orton <rob@instructure.com>
refs CNVS-10087
test plan
- assignments PUT and CREATE request will not
change, but will create error_report when dates
are not is08601 formatted dates
Change-Id: I83e3621c0604cf91e180f5e59bea2d6e6a164c61
Reviewed-on: https://gerrit.instructure.com/32328
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Reviewed-by: Anthus Williams <awilliams@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Rob Orton <rob@instructure.com>
fixes CNVS-10638
test plan:
* open outcome gradebook
* select a section
* click on "export report"
* download and open the export
* verify that the export format matches the Jira documentation
* verify that the export data matches the data from your browser
Change-Id: I35bd78719880026b71b30da5794c9afe7dd31868
Reviewed-on: https://gerrit.instructure.com/31774
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Reviewed-by: Jon Willesen <jonw@instructure.com>
Product-Review: Braden Anderson <banderson@instructure.com>
test plan
- run specs
Change-Id: I185717113fe0f6e49c7cae800597ea530d4f6a61
Reviewed-on: https://gerrit.instructure.com/30812
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Reviewed-by: Jon Willesen <jonw@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
refs CNVS-6040
This gem will help us output json error responses in the API using error
codes, since by itself ActiveRecord::Errors just deals in human-readable
i18n'd strings, and doesn't store detailed machine-readable information
on the error.
BetterErrors is mostly compatible, there's a few differences that mean I
had to change some unrelated code:
* errors[field_name] always returns an array, even if there's only one
error on the field. This is an improvement IMO.
* errors is indexed by symbol, not by string
* iterating over the errors object now yields
|attr, error_object| rather than |attr, string_message|
This includes a backport of the gem to rails 2.3.
On rails 3, we just use the vanilla gem.
The error codes aren't yet documented in the API docs, support for doing
that will come in a subsequent commit.
test plan: specs, plus you can hit the one api endpoint i've converted
so far -- account authorization configs. try to create an invalid
config, such as adding both cas and ldap configs to the same account,
and verify the error response formatting
Change-Id: Iaadd843ca9ff3f52c64e0256d82b64595c5559fb
Reviewed-on: https://gerrit.instructure.com/26178
Reviewed-by: Brian Palmer <brianp@instructure.com>
Product-Review: Brian Palmer <brianp@instructure.com>
QA-Review: Brian Palmer <brianp@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
fixes CNVS-10527
the include[] parameter on the outcome result endpoint can now
include 'outcomes', 'users', and 'courses'
test plan
- fetch outcome results using the api
- verify that the 'linked' section is not present
- ensure that outcomes are included when requested
- with the aggregate parameter not set...
- ensure that users are included when requested
- ensure that requesting course inclusion results in an error
- with the aggregate parameter is set to 'course'...
- ensure that courses are included when requested
- ensure that requesting user inclusion results in an error
Change-Id: I80714c0c8c9534d5853bc1c0e9258919913afa60
Reviewed-on: https://gerrit.instructure.com/28826
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Matt Fairbourn <mfairbourn@instructure.com>
Reviewed-by: Braden Anderson <banderson@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
fixes CNVS-10679
this commit refactors quiz into a quizzes namespace. it contains various
shims to facilitate the data migration of polymorphic relationships
('Quiz' -> 'Quizzes::Quiz'). JIRA contains several tickets linked to
the above tickets in regards to removing these shims after the data
migration, as well as the strategies on reverting the shims once the
data migration is complete.
Change-Id: I30c566d60a87af6ee83e9d0041fdcb909ead6a89
Reviewed-on: https://gerrit.instructure.com/28573
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Derek DeVries <ddevries@instructure.com>
QA-Review: Myller de Araujo <myller@instructure.com>
Product-Review: Josh Simpson <jsimpson@instructure.com>
fixes CNVS-10341
test plan:
* before applying this commit, if possible:
* create a discussion
* add a reply as a student
* after applying this commit:
* open the discussion as the student
* verify that you can edit the reply you added before, but not
those from other users
* add a new reply
* without refreshing, verify that you can edit your new reply
* refresh the page
* verify that you can still edit your reply
* test basic canvas functionality (sorry)
Change-Id: Ifa654f7d853fd167d5bfbaee6184657209d58272
Reviewed-on: https://gerrit.instructure.com/28413
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Zach Pendleton <zachp@instructure.com>
Reviewed-by: Jon Willesen <jonw@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Product-Review: Braden Anderson <banderson@instructure.com>
fixes: CNVS-8996
Added a grade change audit UI for searching grade change events. This allows the
user to search based off of the grader, student, course id, and assignment id.
In addition to each parameter a date range can be selected.
Currently assignment and course can only be searched if the ID is known. This
is because there is no way to query for courses based on a name with the api.
Note: The submission after_save :grade_change_audit needed to be after the
simply_versioned call because the grade change audit uses that to grab the
previous grade. This was a bug in the grade change audit log api. This
fixes that issue also.
Test Case:
- Create a course with an assignment and student.
- Grade the assignment for the student.
- Change the grade for the student a few times.
- Open the admin tools. Select the Logging tab and then pick the grade change
activity option in the drop down.
- Search for the grader. The results from the grade changes should show
accordingly.
- Search for the student. The results from the grade changes should show
accordingly.
- Search for the course id. The results from the grade changes should show
accordingly.
- Search for the assignment id. The results from the grade changes should
show accordingly.
- Perform each search type again, testing the date range capabilities.
- Make sure you cannot search with an invalid date range, grader, and student.
- Enter an invalid course id, no results should be returned.
- Enter an invalid assignment id, no results should be returned.
Change-Id: Ie5a4d34dbb60627374035071c68ec4d404e80135
Reviewed-on: https://gerrit.instructure.com/26868
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Nick Cloward <ncloward@instructure.com>
Product-Review: Nick Cloward <ncloward@instructure.com>
QA-Review: Nick Cloward <ncloward@instructure.com>
Tested-by: Nick Cloward <ncloward@instructure.com>
fixes CNVS-10040
test plan
- fetch outcome results using api, specifying some users from the
context in the user_ids parameter
- ensure that only the specified users are returned, even if they
don't have an outcome result
- fetch course aggregate results, specifying some users
- ensure that only the specified users' scores are used in the
resulting average
- try to fetch outcome results using the api, specifying some users
who are not in the context
- ensure that an error is returned
- fetch some outcomes using the api without the user_ids param
- ensure that results for all users are returned
Change-Id: I9e0e3fa37a7087a9808f3ab7c1859410620eab3d
Reviewed-on: https://gerrit.instructure.com/28149
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Matt Fairbourn <mfairbourn@instructure.com>
Reviewed-by: Zach Pendleton <zachp@instructure.com>
Product-Review: Joel Hough <joel@instructure.com>
test plan:
- The quiz api should work like it normally does when you don't pass
an 'Accept: application/vnd.api+json' header.
- The quizzes index page and quiz edit page should work like they
always do.
- Testing the Quizzes API for "jsonapi" style:
- For all requests, you MUST have the "Accept" header set to
"application/vnd.api+json"
- Test all the endpoints (PUT, POST, GET, INDEX, DELETE) like you
normally would, except you'll need to format the data according to
the next few steps:
- For "POST" and "PUT" (create and update) requests, you should send
the data like: { "quizzes": [ { id: 1, title: "blah" } ]
- For all requests (except DELETE), you should get back a response
that looks like: { "quizzes": [ { quiz you requested } ]
- For the "delete" action, you should get a "no content" response
and the request should be successful
Change-Id: Ie91deaeb6772cbe52a0fc46a28ab93a4e3036061
Reviewed-on: https://gerrit.instructure.com/25997
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Caleb Guanzon <cguanzon@instructure.com>
Product-Review: Stanley Stuart <stanley@instructure.com>
existing API users need API endpoints to return [] when given a page
past the end of the collection, rather than returning a 404. hopefully
this workaround is temporary...
test-plan:
- request /api/v1/courses/:course_id/users
- note the page number in the rel=last url of the Link header in the
response
- request /api/v1/courses/:course_id/users?page=<1 more than that>
- should return an empty array of results
- should not respond with a 404
Change-Id: Ic8639c7acd2bd07835e8216dd74c1cff0ed51c10
Reviewed-on: https://gerrit.instructure.com/27650
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
Allows users to start a "quiz-taking session" via the API by creating
a QuizSubmission and later on completing it.
Note that this patch isn't concerned with actually using the QS to
answer questions. That task will be the concern of a new API controller,
QuizSubmissionQuestions.
closes CNVS-8980
TEST PLAN
---- ----
- Create a quiz
- Keep a tab open on the Moderate Quiz (MQ from now) page
Create the quiz submission (ie, start a quiz-taking session):
- Via the API, as a student:
- POST to /courses/:course_id/quizzes/:quiz_id/submissions
- Verify that you receive a 200 response with the newly created
QuizSubmission in the JSON response.
- Copy the "validation_token" field down, you will need this later
- Go to the MQ tab and verify that it says the student has started a
quiz attempt
Complete the quiz submission (ie, finish a quiz-taking session):
- Via the API, as a student, prepare a request with:
- Method: POST
- URI: /courses/:course_id/quizzes/:quiz_id/submissions/:id/complete
- Parameter "validation_token" to what you copied earlier
- Parameter "attempt" to the current attempt number (starts at 1)
- Now perform the request, and:
- Verify that you receive a 200 response
- Go to the MQ tab and verify that it says the submission has been
completed (ie, Time column reads "finished in X seconds/minutes")
Other stuff to test (failure scenarios):
The first endpoint (one for starting a quiz attempt) should reject your
request in any of the following cases:
- The quiz has been locked
- You are not enrolled in the quiz course
- The Quiz has an Access Code that you either didn't pass, or passed
incorrectly
- The Quiz has an IP filter and you're not in the address range
- You are already taking the quiz (you've created the submission and
did not call /complete yet)
- You are not currently taking the quiz, but you already took it
earlier and the Quiz does not allow for multiple attempts
The second endpoint (one for completing the quiz attempt) should reject
your request in any of the following cases:
- You pass in an invalid "validation_token"
- You already completed that quiz submission (e.g, you called that
endpoint earlier)
Change-Id: Iff8a47859d7477c210de46ea034544d5e2527fb2
Reviewed-on: https://gerrit.instructure.com/27015
Reviewed-by: Derek DeVries <ddevries@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Myller de Araujo <myller@instructure.com>
Product-Review: Ahmad Amireh <ahmad@instructure.com>
The api_user_content function was returning absolute urls when
adding the verifier parameter, but HtmlRewriter only works
properly with relative urls (doing a regex gsub). This was
causing corruption of existing absolute urls (which were
probably introduced by a prior bug).
Fortunately, the api_user_content function translates relative
urls into absolute urls in a later step, so this just fixes a
bug and doesn't change the interface of api_user_content
function.
fixes CNVS-9882
test plan:
- put a link to an image in the course's files a discussion
topic and save.
- inspect the image element; the src attribute should be a
relative link
- edit the discussion topic and click "switch views." Change
the relative url for the src attribute to an absolute url
and save.
- inspect the image element again; the src attribute should be
an absolute link.
- edit the discussion topic. The image should display normally. make a text edit and save.
- the image should still display normally in the discussion
topic.
Change-Id: Ifc056b5507d70ef63bbe07a2245e08cad7bbd605
Reviewed-on: https://gerrit.instructure.com/27472
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Braden Anderson <banderson@instructure.com>
QA-Review: Steven Shepherd <sshepherd@instructure.com>
Product-Review: Jon Willesen <jonw@instructure.com>
fixes CNVS-8791
fixes CNVS-8795
* "without_count: true" -> "total_entries: nil"
* move order clauses to the pagination target, rather than being in the
pagination call
* clean up implementation of first/last page links in Api.paginate
test-plan:
- have an account report with at least two instances
- fetch /api/v1/accounts/:account_id/reports/:report
- response should have most recent report instance first
- have two subaccounts under an account
- fetch /api/v1/accounts/:id/sub_accounts?recursive=true&per_page=1
- Links response header should not have a link with rel=last
- fetch /api/v1/accounts/:id/sub_accounts?recursive=false&per_page=1
- Links response header should have a link with rel=last embedding
page=2
- load /error_reports
- should have most recent reports first
- fetch /api/v1/conversations/batches
- should have oldest batch first
Change-Id: Ifef79b193720a09ad7fe059ed23e930c97d10f59
Reviewed-on: https://gerrit.instructure.com/26535
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
refs CNVS-5305
with folio pages, we can just trust and use page.first_page and
page.last_page
test-plan:
* /api/v1/courses
- should have "first" link regardless of page (first, last, in
between)
- should have "last" link regardless of page (first, last, in
between)
* /api/v1/search/recipients?context=course_123
- should have "first" link regardless of page (first, last, in
between)
- should not have "last" link when there's a next page
- should have "last" link on last page (no next page)
* exercise the conversation receipient search when the search results
have just one hit
- should not throw an error
* load gradebook2 when there's only one page of enrollments
- should not throw an error
Change-Id: If6dfa972db22a91350ee820ccbfe25008f6b0e90
Reviewed-on: https://gerrit.instructure.com/26538
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes CNVS-9321, CNVS-9322
test plan:
* regression test current behavior for
/api/v1/courses/X/students/submissions
* as a student, teacher, and observer (and combinations of the two)
check submissions?student_ids[]=all. Ensure the expected data is
returned
* BEHAVIOR CHANGE: if you pass an id for student_ids[]= that cannot
be returned (not enrolled, or you don't have access to), it should
401 in all cases, instead of sometimes 401 and sometimes returning
no results
* BEHAVIOR CHANGE: if you pass more (valid) ids than api_max_per_page
(defaults to 50, you can change it lower for testing purposes), it
should return a 400 with explanation, rather than silently not
returning submissions for users later in the list than the max
Change-Id: I5c9a4a84101f3787770d0d425df1deab37e32e6a
Reviewed-on: https://gerrit.instructure.com/26051
QA-Review: Cody Cutrer <cody@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
if the response is json and paginated, make sure it honors the per_page
parameter. also, make sure we don't accidentally allow arbitrarily large
per_page values.
test-plan:
[check this per endpoint]
- have more than <max> entries (e.g. apps in the app center)
- fetch <endpoint>
- should get a page with <default> results
- link with rel="next" should embed per_page=<default>
- fetch <endpoint>?per_page=<max+1>
- should get a page with <max> results
- Link header should have a link with rel="next". that link should
embed per_page=<max>
- fetch <endpoint>?per_page=1
- should get a page with 1 result
- link with rel="next" should embed per_page=1
[endpoints]
/api/v1/courses/:course_id/app_center/apps
default: 72
max: 72
/api/v1/courses/:course_id/app_center/apps/:app_id/reviews
default: 15
max: 50
/conversations/discussion_replies.json
default: 15
max: 50
/courses/:course_id/users/:user_id/usage.json
default: 50
max: 50
/courses/:course_id/group_unassigned_members.json
default: 15
max: 100
/courses/:course_id/outcomes/:outcome_id/results
default: 10
max: 50
/courses/:course_id/question_banks/:question_bank_id/questions
default: 50
max: 50
/courses/:course_id/quizzes/:quiz_id/moderate.json
default: 50
max: 50
/api/v1/courses/:course_id/activity_stream
default: 21
max: 50
Change-Id: Iacb0b413de1175fb70d9b073fccef3e70082e60e
Reviewed-on: https://gerrit.instructure.com/26095
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
closes CNVS-9074
In rails2, we explicitly override `render :json` to use Oj and the
ParamsParser middleware to parse with Oj.
In rails3, we enable the oj backend for ActiveSupport::JSON. However,
sadly that's not enough because of the screwy state of JSON in Rails 3
and Rails 4.0.x. So we pull in the rails-patch-json-encode gem to fix
performance. If this ends up causing issues as we continue working
toward Rails 3.2, we'll remove this gem. A good explantion of the issues
is in the README: https://github.com/GoodLife/rails-patch-json-encode
In my local (rails2) benchmarking, json response generation is 12-14x faster
*with stringify ids* enabled. It'll be slightly faster without, but
stringify is becoming the norm. json parsing is a smaller win, 2-3x
faster, but still significant enough to warrant patching ParamsParser
(said patch goes away in rails3).
test plan:
* no behavior changes are expected
* regression testing of the api, both the json responses and sending
json to put/post requests
* regression testing of the web ui in areas that use the api and ajax
calls
Change-Id: I632549baaa4e51dd0ee67dede911941877911102
Reviewed-on: https://gerrit.instructure.com/25458
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Brian Palmer <brianp@instructure.com>
test plan:
- specs pass
Change-Id: I8f504612795352eecd65420f01335edbcb7fd544
Reviewed-on: https://gerrit.instructure.com/25530
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Stanley Stuart <stanley@instructure.com>
QA-Review: Stanley Stuart <stanley@instructure.com>
now that we have SIGHUP, we were changing everything to it anyway,
so just let caching in-proc be the default
Change-Id: Id1b44722522ac9693b17695da7107c99a359d5ac
Reviewed-on: https://gerrit.instructure.com/25020
Reviewed-by: Cody Cutrer <cody@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
fixes CNVS-7597
when given this header, data structures passed to render :json are
pre-processed before serialization to json such that any integer values
in 'id', 'foo_id', or 'foo_ids' fields (also 'ids' fields, but we don't
have any of those currently that I'm aware off), at any level (e.g.
within a nested data structure), are cast to strings.
test-plan:
- full regression testing of both the UI (as it makes API calls) and
the documented API
- no UI behavior should change
- API behavior should change only as described above
Change-Id: I4e0a68957038be063cf488dd9ec2262452dea3cf
Reviewed-on: https://gerrit.instructure.com/23956
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
QA-Review: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
test plan:
- consult the API documentation for the new Get Module Item Sequence
endpoint, and also the Module Item Sequence return type
- test retrieving the sequence information of a module item
of each type
- the ModuleItems for the prev, current, and next items
in the sequence should be returned
- any Modules referenced should also be returned
(e.g., there should be three of them if you're testing
on an item that is the only item in its module,
and previous and next items in other modules exist)
- verify that no more than 10 item sequences are returned
when an item appears in modules more than 10 times
- test as a student, ensuring that unpublished modules
and unpublished module items are excluded from the results
fixes CNVS-7616
Change-Id: I75365dc3f169d35767525686815f9cd93e595bdb
Reviewed-on: https://gerrit.instructure.com/23578
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
QA-Review: Hannah Bottalla <hannah@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
test plan:
* exercise paginated api endpoints (including the search endpoint)
- ensure the link headers now include current (for the current page)
refs CNVS-7508
Change-Id: Id271c3a05b726de9ce619bd0100af84db199d4f1
Reviewed-on: https://gerrit.instructure.com/23365
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Hannah Bottalla <hannah@instructure.com>
Reviewed-by: James Williams <jamesw@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
in both requests and responses
test plan:
* in all group and group membership apis, it should be able to use
the sis id of the group instead of the canvas id (sis ids are only
supported on account level groups)
* in api responses that return groups, it should include the
sis_group_id if the calling user can read sis data at the root
account level
Change-Id: I439bf2d33661ed128a75c759c304c897fe0fc38b
Reviewed-on: https://gerrit.instructure.com/21612
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
refs CNVS-2500, closes CNVS-6577
Test plan:
* make sure the assignment groups index api action still works
- be sure to include assignments
* test with and without overrides
* make sure gradebook2 still works (focus on anything related to
assignment due dates)
Change-Id: I440a8fdeffdb497884356f08c19b5b7792566a3a
Reviewed-on: https://gerrit.instructure.com/22102
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Simon Williams <simon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Cameron Matheson <cameron@instructure.com>
fixes CNVS-6576
Test plan:
* run the SubmissionsApiController#for_students action as a teacher
(it's part of gb2)
* make sure some/all of the submissions have attachments
* you should see a reasonable amount of queries (not hundreds or
thousands)
* make sure gradebook2 correctly displays student submission data
Change-Id: If301a70eb001f7876aa94e476b2c76dfa664ae05
Reviewed-on: https://gerrit.instructure.com/21790
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
QA-Review: Amber Taniuchi <amber@instructure.com>
Product-Review: Cameron Matheson <cameron@instructure.com>
if a file_id is given to show_relative in addition to a file_path, but
that file_id is invalid, treat is just like as if they'd given an
incorrect-but-valid id (i.e. doesn't match the path).
fixes CNVS-6148
test-plan:
- create a file
- get a link to the file that includes both the file_id and file_path
- change the file id to an invalid string
- should still load the file
- should not generate a page error
Change-Id: Ifed3fbd9ef9fe2c5a4fd951f2de5facdf38e28d0
Reviewed-on: https://gerrit.instructure.com/21556
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
QA-Review: Jeremy Putnam <jeremyp@instructure.com>
Product-Review: Jacob Fugal <jacob@instructure.com>
fixes CNVS-6168
test plan:
- as a teacher:
- upload a file to your own files
(/users/self/files)
- use the RCE embed-image button to embed this image in various
places, including but not limited to:
- wiki page
- assignment description
- discussion topic
- discussion reply
- as a student:
- make sure the embedded images are visible
Change-Id: I93b103041f44a385b1652f2bd48aeb4b9dec8147
Reviewed-on: https://gerrit.instructure.com/21549
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
test plan:
- have a course with a quiz
- in rich content (like a wiki page), use the wiki sidebar
to insert a link to the quiz list and a link to the quiz
- retrieve the wiki page via the pages API
- the quiz list link should have added attributes
* data-api-returntype="[Quiz]" (with brackets)
* data-api-endpoint: valid API link to the quiz index
- the quiz link should have added attributes
* data-api-returntype="Quiz"
* data-api-endpoint: valid API link to the quiz
- the API documentation should mention "Quiz" in the list
of supported data-api-returntype values, found in the
"Basics" section under "API Endpoint Attributes"
fixes CNVS-6115
Change-Id: If405f6779f1b3f3719503a9987cceaf29a508ed8
Reviewed-on: https://gerrit.instructure.com/21080
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
test plan:
- in rich text somewhere (wiki page, assignment, etc.),
embed a link to launch an LTI tool.
a suitable test tool can be found at
http://lti-tool-provider.herokuapp.com
- retrieve that text through the appropriate API
(pages, assignments, etc.)
- the link should have added data-api-return-type
(SessionlessLaunchUrl) and data-api-endpoint attributes.
- the data-api-endpoint should contain a link to the
generate-sessionless-launch API. hit this link with
curl or postman or whatever (authenticating with your
token as is normal for API requests)
- the above API should return a URL with a big scary
verifier in it. (you should be able to launch *that*
URL to get into the LTI tool without a Canvas session)
fixes CNVS-5944
Change-Id: I2e51312341b08f87ff2be7bee57370318be72b65
Reviewed-on: https://gerrit.instructure.com/21075
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
Rails 3 doesn't handle them, so just ignore them.
also fix api usage of pluck depending on an include
Change-Id: Ia39b8ef6e5f442f4f7b873ae3bd6839f0422b906
Reviewed-on: https://gerrit.instructure.com/20071
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Mark Ericksen <marke@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
closes CNVS-5218
test plan: insert audio and video comments into rich text that goes
through the api (for instance assignment descriptions, and discussion
entries). modify the content multiple times, the audio and video should
still play correctly. use the api to pull the same content, modify it,
and push it back through the api. the content should still play
correctly.
Change-Id: Id38ef78aaa478c66ae2314b30d33ec3f2199a6bd
Reviewed-on: https://gerrit.instructure.com/19598
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
QA-Review: Clare Strong <clare@instructure.com>
test plan:
* create an assignment, link an attachment
in the description, and save
* open the assignment editor up again and save it
* delete the attachment and re-upload another
file with the same name
* preview the assignment
* the link should take you to the updated
attachment instead of failing
fixes #CNVS-5216
Change-Id: I7258d4ca35f6d34594bd32bd77e86c2e61262ea4
Reviewed-on: https://gerrit.instructure.com/19594
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
test plan:
* create an object with html user content (such as an
assignment description)
* include a file download link (e.g.
"/courses/:id/files/:file_id/download")
* retrieve the object through the API
* confirm that the translated link (that includes
a verifier param), still has "/courses/:id"
rather than just "/files/:file_id/download"
* include a file preview link (e.g.
"/courses/:id/files/:file_id/preview")
* retrieve the object through the API
* confirm that the translated link has
"/courses/:id" and still has "/preview"
as well as a verifier param
* confirm that following the link in the browser
results in downloading the file
closes #CNVS-5213 #CNVS-5214 #CNVS-5215
Change-Id: Ib2bb6b1857055dbfe2d1b9e0873600beaa70bf75
Reviewed-on: https://gerrit.instructure.com/19512
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
Product-Review: Bracken Mosbacker <bracken@instructure.com>
changes the user content html rewriter so links
to files that were deleted and replaced will still
be translated correctly (rather than pointing to
the old deleted file)
test plan:
* upload a file
* create an assignment
* add a link to the file in the assignment description
* delete the file
* edit the file locally and re-upload it
* edit the assignment and save it
* should still be able to click on the link
and receive the updated file
fixes #CNVS-4799
Change-Id: I527756f02d7b38dda36dbcc3cfae32a3980a25b3
Reviewed-on: https://gerrit.instructure.com/18992
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
closes CNVS-4705
* use the fake_arel gem to get a good portion of the way there
* override fake_arel's AR override even more to get proper behavior
of select and group merging
* add even more Rails 3 query methods to Scope (except, reorder,
pluck, uniq)
* fix some spots in our code that break with the new semantics
test plan:
* test all the things!
Change-Id: I4290d00db407f3250570df4e89c8c78283fe5f5f
Reviewed-on: https://gerrit.instructure.com/18427
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Clare Hetherington <clare@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
test plan:
- view the API docs
- use the PUT /courses/:course_id/modules endpoint to:
- publish multiple modules
- unpublish multiple modules
- delete multiple modules
- verify the return (the IDs of the modules that were processed)
- modules that were already [un-]published should silently
succeed
- modules that could not be found (invalid IDs) will be
omitted from the return
- a success status (200) will be returned if any modules
are set to (or already in) the requested state
- a not-found status (404) will be returned if no module IDs
provided could be found inside the given course
- verify nothing funny happens if you pass non-numeric IDs
(should just be treated like any nonexistent object)
- and while you're at it, verify ids that start with a number
(e.g., "123abc") don't match that number (123)
fixes #CNVS-3666
Change-Id: I0dd63eed0c270169790fb01f7c134951772895c2
Reviewed-on: https://gerrit.instructure.com/17639
Tested-by: Jenkins <jenkins@instructure.com>
QA-Review: Adam Phillipps <adam@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
introduces a new BookmarkedCollection module with behavior similar to
PaginatedCollection in the simple case.
the primary advantage is that assigning to current_page (e.g. from the
:page parameter to paginate) expects a bookmark token value and
automatically deserializes into current_bookmark. the library client can
then use current_bookmark to skip forward in the collection, rather than
using (current_page - 1) * per_page as the number of items to skip. the
client then calls set_next_bookmark on the pager if there's more
results, and it automatically derives the bookmark for the next page and
serializes it into next_page, for use by Api.paginate, etc.
in addition to the PaginatedCollection.build analog, you can simply wrap
an existing scope to change it from something that will paginate by page
number into something that will paginate by bookmark.
finally, the key reason to use bookmarked pagination is to enable
composition of collections. you can merge multiple collections into one
collection which when paginated will pull results from each
subcollection, in order, to produce the page of results. you can also
concatenate multiple collections into one collection which when
paginated will exhaust the collections in order with seamless transition
from one to the next when a page spans both.
with collection merging available, you can paginate an association where
you'd like to use with_each_shard. one collection is created per shard,
and then they are merged together. this process is automated for you in
the BookmarkedCollection.with_each_shard method.
fixes CNVS-1169
Change-Id: Ib998eee53c33604cb6f7e338153428a157928a6d
Reviewed-on: https://gerrit.instructure.com/16039
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
QA-Review: Clare Hetherington <clare@instructure.com>
generates more sane finder options and omits a "OR false" from every
query.
test plan:
* general API regression tests
* self, default, and site_admin are now valid account strings
for places where you need an account id in the api
Change-Id: I00afbee9fa2e3d732db009a4a0c7350e9f845c37
Reviewed-on: https://gerrit.instructure.com/14585
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Brandon Broschinsky