fixes#9422
when a submission was graded via grade passback, it was being
assigned a grader_id of 4 because grade passback isn't sending
any grader information.
this fix replaces a potential call to nil.id with nil.try(:id),
which will properly return nil instead of 4.
Change-Id: I9d131043e716a2b4d04e7fba1104d04cd0b15ff3
Reviewed-on: https://gerrit.instructure.com/12266
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
fixes#6227
test plan: Make a non-SIS course. Verify that teachers and designers can
still delete and reset the course, but TAs cannot.
They shouldn't see the buttons to do so, either.
Change-Id: I413a7646eaf7132b6b41d51bce4b05bb1b490b1c
Reviewed-on: https://gerrit.instructure.com/12151
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
refs #3341
there is some backend support for anonymous peer reviews but it was never
finished and exposed in the UI, except for when posting a peer review via ajax.
this removes the visible traces of the feature until it can be completed.
test plan:
- leave a peer review comment on an assignment
- when the comment is inserted into the page, the author should be your name,
rather than 'Anonymous'
Change-Id: I8ecaf4ab8941b4c0f3f80605445d7361ed2b2747
Reviewed-on: https://gerrit.instructure.com/12171
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
API documentation and examples for Calendar Events and Appointment Groups.
Clean up some value_as_boolean usage, and fix a couple little issues in
the calendar APIs
test plan:
* build documentation
* it should generate and be correct
* run API specs
* they should pass
Change-Id: I4c57ac91a99e4eb04f5ba1741bb4f5968d0a0b14
Reviewed-on: https://gerrit.instructure.com/12209
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
a masquerading user should not be able to see a list of the masqueradee's
google docs file. additionally, a masquerader should not have the google docs
tab as an option for file upload submission.
test plan:
- in an account with google docs enabled
- in a course with a file upload assignment
- masquerade as a student who has google docs enabled
- go to the assignment tab and click submit
- google docs should not be an option
- stop masquerading, and log in as the student
- go to the assignment tab and click submit
- you should be able to successfully commit and file from google docs
Change-Id: I31ca6e7ca4b89331c9eabca7130eb7fc47417875
Reviewed-on: https://gerrit.instructure.com/12170
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
fixes#8845
originally, this issue was that if a student was concluded from a course
they would still show up in the list of students to be added to both
collaborations and conferences. this commit fixes that and also prevents
the student view student from showing up in the list of students when
creating a new conference.
test plan
- be a teacher in a course with a few students and collaborations and
conferences enabled
- go to a collaboration and a conference and see the students listed
there (when starting a new collaboration/conference)
- conclude a student from the course
- click student student view, then leave student view
- back in the collaborations and conferences, the concluded student
should no longer be listed, and test student should not be listed
Change-Id: I08da39a79ef1508e53064adf54bfacac0c527457
Reviewed-on: https://gerrit.instructure.com/12100
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Sam Olds <sam@instructure.com>
There is some wording that should change as well, but I think we're
redoing the settings page soon so I'm going to leave that alone for now.
Test plan:
* Click on the page to edit your profile, the URL should be
/profile/settings instead of /profile/edit
Change-Id: Ida9ff2b24c1dc53b07cdf6c17a99152f8c5956af
Reviewed-on: https://gerrit.instructure.com/12134
Reviewed-by: Jon Jensen <jon@instructure.com>
Tested-by: Cameron Matheson <cameron@instructure.com>
A complete api for folder and file management
Also updates the alphabetical sorting features to escape
a backslash caused errors when casting a string to a
bytea in postgres
Test Plan:
* CRUD yourself some files
* CRUD yourself some folder
closes#9163
Change-Id: I0b937f9273077b66ab9d6c37171bec1fcc5380dd
Reviewed-on: https://gerrit.instructure.com/12085
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
fixes#9386
Test plan:
* Click on the 'Profile' link in the header, you should go to the
profile settings page
- There should not be a 'Profile' tab in the left nav
* Enable the 'enable_profiles' account setting for your user's
account. Clicking on 'Profile' should now take you to the new-style
profile page
Change-Id: Ie2bcd41ae98ec93d6a423e00936d79fac291be0c
Reviewed-on: https://gerrit.instructure.com/12132
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Florence <ryanf@instructure.com>
Users can validly be nil for wikis/discussions from content
imports. This makes the UI a little nicer for those cases
Test Plan:
* Import content from a .zip that has wiki pages in it
* The wiki page history should say Content Importer instead of having no name
* The individual revision page should say it was imported at a time
closes#8053
Change-Id: I5e382c3186d439b2e820c4b4c9103566792f4da3
Reviewed-on: https://gerrit.instructure.com/11897
Reviewed-by: Simon Williams <simon@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
fixes#9252
test plan: Set up a course A with at least one file. Clone course A to
make course B. Then copy course B back into course A. Also try copying a
course into itself. None of these actions should cause loading
/courses/A/files or /courses/B/files to break. You can also check the db
directly to verify that root_attachment_id doesn't equal id for any of
the rows.
Change-Id: Iee662358d8cc68f30ef7116cdb1bfa46eb99d996
Reviewed-on: https://gerrit.instructure.com/12061
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Mark Ericksen <marke@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
test plan:
* create two courses via SIS CSV
* enroll a user in course 1 via SIS CSV by course_id only
* xlist course 1's default section to course 2
* enroll another user in course 1 via SIS CSV by course_id only again
* the user should end up in the xlisted section in course 2
Change-Id: I3a114d70a109594a56915b705de77b87a177e966
Reviewed-on: https://gerrit.instructure.com/12122
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
fixes#9370
a typo (instance_eval instead of class_eval) was causing submission comments to
not check permissions, so peer reviewers were receiving extra comments in ajax
responses.
test plan:
- submit an assignment, and comment on it
- also comment as the teacher
- set up a peer review
- load the page as the peer reviewer, it should not show the other comments
- make a comment as the reviewer. the other comments should not appear
Change-Id: I067e323a813ff836cfcadb5400e313de47be0e37
Reviewed-on: https://gerrit.instructure.com/12101
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
adds (root) account-level setting for (default) user file quotas. defaults
to 50 MB.
test plan:
1. on a root account, change the default user quota to something other
than 50 MB (e.g. 1 MB)
2. as a user in that account:
1. go to /users/self/files/quota . you should see the new quota
2. attempt to upload files. once you have hit/exceeded the quota, you
should not be able to upload additional files
3. as a user in multiple (root) accounts:
1. go to /users/self/files/quota . your quota should be the sum of the
root account user quotas
2. attempt to upload files. once you have hit/exceeded the quota, you
should not be able to upload additional files
note that the previous behavior does not change in that one file can exceed
your quota. e.g. if your quota is 1 MB, you can upload a 2 MB file. only
then will you be prevented from uploading additional files
Change-Id: If7f5903fb54eb2b62d80a2b4ee8adfcc48a63683
Reviewed-on: https://gerrit.instructure.com/12005
Reviewed-by: Joe Tanner <joe@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
fixes#8673
test plan:
- set up a course with students and observers
- link an observer to a student
- as a student, go to Inbox and click the address book icon
- verify that the only Observers that show up are those that
are linked to you
Change-Id: I2d9dfac1717c43b4327b48ef43efcffba34b30b1
Reviewed-on: https://gerrit.instructure.com/11971
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
fixes#9159
the student view student was showing up as one of the users listed on the
collaborations page, but adding the student view student to a collaboration
resulted in an error. this simply removes the student view student as an option
on the page and disallows the student view student from using collaborations.
test plan:
- in a course with collaborations enabled
- enter student view
- go to the collaboration page, you should receive an unauthorized message
- leave student view
- go to the collaborations page
- the student view student should not be in the list
- select all and create
- the collaboration should work
Change-Id: I574f4f2caa6b0627dcd1a91acd4cb3699be4583a
Reviewed-on: https://gerrit.instructure.com/11927
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
In a group graded discussion assignment, when creating the child topics for
each group, the new discussion topics were touching their root topics, kicking
off a new job to refresh the subtopics. This created a race condition where
duplicate subtopics for the group could get created, in addition to a lot of
unnecessary jobs. This commit moves the touch to only happen when an entry in
a subtopic is updated, tightens up some conditions in the way soft-destroys
cascade between assignment and discussion, and adds a unique index on
context+root_topic to prevent this from happening in the future.
test plan:
- ensure that creating a group discussion assignment still creates all
necessary sub-topics for the groups
- in a course with many student groups, create a new group discussion
assignment.
- each group should only have one unique topic for this assignment
- delete a group discussion assignment, it should delete all associated topics
at the course and group levels
- also try initiating the delete from the root topic. the assignment and sub
topics should be deleted
Change-Id: I9b0fb79c2c2b3b9512802a781b8ea0f4364af541
Reviewed-on: https://gerrit.instructure.com/11712
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
This course.destroy call was marking the workflow_state of the course as
sticky, so that it could never be un-deleted via a SIS import ever
again.
I think an argument could be made that actually courses whose
workflow_state is currently sticky because of a UI change, shouldn't
even be deleted by a full batch delete. That's a big change from how
batch deletes currently work, though, and might cause issues with
manually published courses.
sections and enrollments also get batch deleted, but their
workflow_state fields aren't sticky.
refs #9200
test plan: import a course via sis as active, then upload a full batch
sis that doesn't include the course. the course should now be deleted.
then import the course again, and see that it's no longer deleted.
Change-Id: I14925e60fd4bd24dafaf8143a555eec6cccc9236
Reviewed-on: https://gerrit.instructure.com/12014
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
adds bools to ConversationMessage to track if there are any attachments or
media comments. this differs from the existing columns in that it
includes forwarded messages as well
fix UI so that we properly display attachments/media comments in forwarded
messages (already present in JSON, just a display issue)
test plan:
1. start a conversation with a user
2. send an attachment
3. send a media comment
4. forward the attachment message to a different user
5. the attachment should be displayed and the conversation should have an
attachment indicator icon
6. forward the media comment message to a different user
7. the media comment should be displayed and the conversation should have
a media comment indicator icon
Change-Id: I5136a7e36db97046635af956153a0d0347071413
Reviewed-on: https://gerrit.instructure.com/12011
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
fixes#9309
test plan:
* using the api, add a user as an account admin and pass the
notify=0 param. verify that no email is sent to that user;
* make another account admin api call, but omit the notify=0
param; verify that an email is still sent.
Change-Id: I450c08196d1acafae7cb5bec40a2e0e479e11341
Reviewed-on: https://gerrit.instructure.com/12008
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jacob Fugal <jacob@instructure.com>
fixes#8881
disallow peer reviewers from seeing comments from the teacher or from other
peer reviewers on a submission they are reviewing.
test plan:
- enable peer reviews on an assignment, and have >1 reviewer per submission
- leave a comment as a teacher
- leave a comment as one of the reviewers, you should not see the teacher's
comment
- as the second reviewer, you should not see either of the previous comments
Change-Id: I5fb112ea20858748eb399408236ebb319e0b9cbc
Reviewed-on: https://gerrit.instructure.com/12029
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
fixes#9288
for file upload submission, peer reviewers could see the turnitin score and
report, which should only be visible to the teacher and the student who
submitted the work.
test plan:
- create a file upload assignment with turnitin enabled
- have two students submit the assignment
- wait for turnitin scores
- assign the students to peer review each other
- as one of the students, open the peer review
- you should see the preview to view the file, but not the turnitin score
Change-Id: Ibaf2a84d65401e0ab85d75422f9fb2eead5d72d0
Reviewed-on: https://gerrit.instructure.com/12026
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
refs #9130
Test plan:
Open the calendar in an account that hasn't had calendar2 enabled.
It should open up calendar2.
Change-Id: I2d6dac25fa5bc01892914f7a615a886d8d31a6eb
Reviewed-on: https://gerrit.instructure.com/12012
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Return the HTML as an ext ics attribute for those few clients that
support it (Outlook), and return better-formatted plain text for all
other clients.
closes#9107
Also refactor a bit.
test plan: add assignment and calendar events to the calendar with
links, formatted text, etc in their descriptions. Export the calendar
feed. In Outlook, you'll see the full HTML of the event. In most other
clients, you'll see a plain-text version of the description, but it'll
be much better formatted than it was before.
Change-Id: I50af1c407483d84c65ca285cbf364b6a303e0379
Reviewed-on: https://gerrit.instructure.com/11891
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Rob Orton <rob@instructure.com>
fixes#8360
there was a race condition where the delayed job that was created after
a submission was graded or an assignment's points were changed could have run
before the original transaction finished, meaning it would have recomputed the
grades with an incorrect score. this ensures that the delayed job is not
created until after the transaction commits.
test plan: this is difficult to test, and was confirmed using timing data from
logs, but you could try setting a breakpoint in the old code after the delayed
job was created in the callback and confirming that it ran with old data.
Change-Id: Iaff08f080702df6e0817a2075898428bfd19e67e
Reviewed-on: https://gerrit.instructure.com/11960
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
This fixes image links to /equation_images/X, among other things.
As part of this, I refactored the attachment.rb secure setting to be a
domain.yml (HostUrl) setting that can be used app-wide to determine
whether to use http or https when the code doesn't have access to a Request.
Fixes#8784
I also started down the road of having notification emails/sms/etc use
https links instead of http, but there is still work to do there, refs #9190
test plan: Use the rich text editor to post to a discussion or any other
rich text field that can be retrieved via the api, and include an
equation using the equation editor. Then retrieve that post through the
api, and verify that the url to the equation image includes the canvas
hostname and protocol (http://canvas.example.com/equation_images/X
instead of just /equation_images/X)
Change-Id: Iac28bf99d2d3b33c17d5b3eb128aa6d8488570fe
Reviewed-on: https://gerrit.instructure.com/11867
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
test plan:
- create an appointment group with a slot limit
- fill the appointment group slots with student reservations
- view the scheduler list with a student who has not signed up for the appointment
- there should no longer be a message that says "You can sign up for this."
Change-Id: Iac6366da683ef194bd5f0957187c7f92d06cb9ff
Reviewed-on: https://gerrit.instructure.com/11768
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cameron Matheson <cameron@instructure.com>
test plan:
- try to create a calendar event with a title greater than 255 characters
Change-Id: I104d749f81471175bf0b114b23a3a881074b6cef
Reviewed-on: https://gerrit.instructure.com/11864
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Ryan Shaw <ryan@instructure.com>
If a survey or practive quiz was copied the quiz data wasn't
being generated cause the question count to be 0.
Test Plan:
* Create a survey with a question and publish it
* copy the course
* the new course should have the survey and the displayed question count should be correct
closes#9135
Change-Id: I19f0ab03fd58122208f4e1aff46e399fc6e12a80
Reviewed-on: https://gerrit.instructure.com/11846
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
fixes#9250
This isn't realistic on such a large table where many users have so many
rows, and when page views are moved to another data store that'll make
it even more difficult.
test plan: merge two users together. verify that the merge works, but
page views from the old user won't be moved to the new user.
Change-Id: I0d5cb73acaebc9ed38a16bd0952a64f6b5284f5a
Reviewed-on: https://gerrit.instructure.com/11948
Reviewed-by: Zach Wily <zach@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
fixes#9209, #9216, #9217, #9227
visual changes:
* restore bootstrap form styles
* change "course code" to "join code"
* made dialog buttons consistent with rest of app
* fix observer submit button wording
* remove verbiage around minimum age (before validation)
* fix link to home page (logo)
behavioral change:
* only enforce min age for signups without a join code. once they fail
validation, display an error and hide the form
test plan:
* go through signup flows, ensure visual stuff above is correct
* ensure users with a course code can sign up with any age
* ensure users without a course code must be >= 13
Change-Id: I3d02a6f1a768ab054c825db30fb73a81f4eb5e59
Reviewed-on: https://gerrit.instructure.com/11939
Reviewed-by: Ryan Shaw <ryan@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
test plan:
- make a course publicly available
- try to view its syllabus page without being logged in
Change-Id: I16c39a47006669c847ca57508fb4752769aa95f1
Reviewed-on: https://gerrit.instructure.com/11886
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
fix issue where new submission comments cause conversations to be marked
as unread for everyone, including the comment author.
slight cleanup, and also make no_submission_comments_inbox compatible with
assignment muting.
test plan:
1. as a teacher, send a message to the student
2. the conversation should be unread for the student, but read for the
teacher
3. as a student, submit an assignment
4. as the teacher add a comment to the submission
5. as the teacher, confirm that the submission appears in the
conversation, but is NOT marked as unread
6. as the student, confirm that the submission appears in the
conversation, and IS marked as unread
7. as the student, add a comment to the submission
8. confirm that it is NOT marked as unread for the student
9. confirm that it IS marked as unread for the teacher
Change-Id: I73376e563ccbaea092cf1d22d5d16f186bf5dfac
Reviewed-on: https://gerrit.instructure.com/11848
Reviewed-by: Mark Ericksen <marke@instructure.com>
Tested-by: Jon Jensen <jon@instructure.com>
Test Plan:
* Create a free-form rubric on an assignment
* Grade a submission in speed-grader and note that the comment is saved
* copy the course and try to grade the assignment
* the comment should be available when using the rubric
closes#8907
Change-Id: I949a9ffa310eacb211aee572d37dce8eea10ce41
Reviewed-on: https://gerrit.instructure.com/11879
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
test plan:
1. create a course
2. enable self enrollment
3. reset the course
4. it should work
Change-Id: Ib9c1f1b971538d0277e42a31d4b441b49be21146
Reviewed-on: https://gerrit.instructure.com/11810
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Joe Tanner <joe@instructure.com>
External Tool extension previously needed their own urls,
custom fields, and text. Now they use the settings from
the main tool config as the defaults. So an extension
only needs a hash to be enabled.
Test Plan:
* Add a tool by xml that has custom parameters and that only has the enabled property in the course_navigation settings
* Launch that tool and verify that it used the main tools launch url and custom parameters
closes#8786
Change-Id: If760bbfe5c1dc10814d2a4b900a53abceab08e2e
Reviewed-on: https://gerrit.instructure.com/11700
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
fixes#7676
test plan:
* get a site admin password wrong 11 times in a row from the same
computer
* it should error with "too many login attempts" for the next 5
minutes
Change-Id: I7e63e3ecf76f1a7a638d8a43110e787ed08af795
Reviewed-on: https://gerrit.instructure.com/11828
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Adds comments and changes how the custom callback
"on_send_to_external" gets code attached.
Previous callback version is deprecated in future
versions of Rails. This was changed as part of
work on canvas_zendesk_plugin which is
a separate project.
Testing Plan:
---------------------
Nothing to test. No change in behavior.
Tests for "canvas_zendesk_plugin" cover this as well.
Change-Id: I21fd4e20985b4a79b19578611d05e32c3b4b564f
Reviewed-on: https://gerrit.instructure.com/11004
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cameron Matheson <cameron@instructure.com>
test plan:
- create an assignment
- set lock until, due, and lock after dates
- convert it to a discussion via the Assignments page
- change the due date to after the old lock-after date.
this should work; you should not be constrained by the
lock-after date that is no longer visible or editable
Change-Id: I34a6594e3c4ae29c07eb7dc70a19d4b77abee1d9
Reviewed-on: https://gerrit.instructure.com/11763
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
test plan:
* add two sections to a course
* add a teacher or ta to a section, and limit them to that section
* as that teacher, go to GB2
* you should not be able to view any enrollments outside of that
section
Change-Id: I3d7dd17828cb79aaf162b0947640e2fa7da7952d
Reviewed-on: https://gerrit.instructure.com/11705
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
fixes#9156
Normally the instances are all deleted when the StreamItem is deleted,
but error conditions can leave orphaned instances around, which was
causing dashboard errors.
test plan: generate some stream items for a user, then manually delete
a relevant stream_items row from the database. Make sure the user can
still see the dashboard and query the activity stream from the api.
Change-Id: Iec4d19efa66a08ee0dc895125084b2e4879e12ab
Reviewed-on: https://gerrit.instructure.com/11800
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Zach Pendleton