canvas-lms

Commit Graph

Author	SHA1	Message	Date
Bracken Mosbacker	8bfce3955e	mark teacher-role content in common cartridge as unpublished Canvas has no ability to say an object is for teachers only, but now that Canvas can have things unpublished, this is a good mapping for that attribute in CC. Test Plan: * import a common cartridge with content marked as for a teacher * those items should be unpublished refs PLAT-764 Change-Id: I53eaf5311df887f06bda6fa67435de14ae2fb188 Reviewed-on: https://gerrit.instructure.com/45008 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> QA-Review: August Thornton <august@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com>	2014-12-03 17:34:03 +00:00
Nathan Mills	0a1b0b8210	verify tool proxy is valid fixes PLAT-766 test-plan: *specs pass Change-Id: I09ea186d5c9805fa18c889d65bb1b6214e24dcb9 Reviewed-on: https://gerrit.instructure.com/44433 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brad Humphrey <brad@instructure.com> Product-Review: Nathan Mills <nathanm@instructure.com> QA-Review: Nathan Mills <nathanm@instructure.com>	2014-11-27 07:32:16 +00:00
Benjamin Porter	aff0ad2ba2	SubmissionsController - reject files with illegal extensions When an instructor has limited the extensions that a student is allowed to submit, the Submissions Controller now rejects a submission that includes a file with a disallowed extension, giving the user an error message so they know what went wrong. The Javascript on the page also now does client side validation of the file extension to make user experience better and to lower the number of POSTs made to the server. Fixes CNVS-6121 Test Plan: 1. As a teacher, create an assignment in a course that accepts a file upload 2. Limit the file extensions so that you have a test file that would not be allowed 3. Now as a student, submit a file with a disallowed extension 4. Observe that the file is rejected for submission 5. Upload a file with an illegal file extension to the files area 6. Return to the assignment, and submit the file from the files area 7. Observe that the file is rejected Change-Id: I45cbbc66f0b5033b9265221afde5590a1eeeb11d Reviewed-on: https://gerrit.instructure.com/40784 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com> QA-Review: Sean Lewis <slewis@instructure.com> Product-Review: Simon Williams <simon@instructure.com>	2014-09-25 14:11:48 +00:00
Cameron Matheson	a1f400e754	remove scribd closes CNVS-13380 closes CNVS-8057 closes CNVS-5156 Test plan: * scribd should no longer exist * document previews should work in canvadocs Change-Id: I5ac60c3e986f030c3aea88e32d2992ec7b1c7a08 Reviewed-on: https://gerrit.instructure.com/37895 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> QA-Review: Anna Koalenz <akoalenz@instructure.com> Product-Review: Simon Williams <simon@instructure.com>	2014-09-11 18:42:15 +00:00
Jeremy Stanley	ff0542a9f9	include referenced modules' items in selective import test plan: 0. have a course with a module containing an assignment, quiz, discussion topic, wiki page, file, and course-context external tool item 1. have other assignments, quizzes, etc. in the course that are not part of the module 2. export the course to a common cartridge 3. import the course, selecting only the module 4. verify that items referenced by the module are included (and those not referenced by the module aren't) fixes CNVS-15226 Change-Id: I7fbed812a0b2edc3fad2bb75eb9aaab905923935 Reviewed-on: https://gerrit.instructure.com/40537 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jon Willesen <jonw@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Cosme Salazar <cosme@instructure.com>	2014-09-09 16:30:23 +00:00
Joel Hough	d5dba5ffee	bounced email handling fixes CNVS-15150 test plan 1. setup outgoing email through amazon ses test account 2. setup bounce_notifications.yml with sqs test creds 3. set a user's email address to 'bounce@simulator.amazonses.com' 4. cause three messages to be sent to that user 5. ensure that they are sent 6. wait for the bounce notification processor to run (~5 min) 7. casue another message to be sent to that user 8. ensure that message is not sent 9. repeat steps 3-8 using a different user and the address 'suppressionlist@simulator.amazonses.com' 10. repeat steps 3-7 using a different user and the address 'success@simulator.amazonses.com' 11. ensure that the fourth message is sent successfully 12. make sure no error reports or job failures are reported for the bounce notification processor Change-Id: I060659c73a8b750c16f287e94f4198d8cb8633e5 Reviewed-on: https://gerrit.instructure.com/40254 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brad Horrocks <bhorrocks@instructure.com> Reviewed-by: Cody Cutrer <cody@instructure.com> QA-Review: Steven Shepherd <sshepherd@instructure.com> Product-Review: Joel Hough <joel@instructure.com>	2014-09-04 16:48:13 +00:00
Brad Humphrey	817f5429b4	change tool proxy root_account to context also, clean up ims-lti usage with pluralized lti methods test plan: - registrations should still work - registrations without resource handlers and using a default message handler should still work fixes PLAT-566 PLAT-567 Change-Id: Icd9feca44ba9f5600d89a4943b0b93b34aeb78a5 Reviewed-on: https://gerrit.instructure.com/38182 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Nathan Mills <nathanm@instructure.com> Product-Review: Brad Humphrey <brad@instructure.com> QA-Review: Brad Humphrey <brad@instructure.com>	2014-08-07 19:57:40 -06:00
Bracken Mosbacker	6a71a0b9fc	make importer recognize new thin common cartridges This is a new profile with just LTI links and web links. This makes it so that those packages are recognized. Test Plan: * Import the package in the ticket * It should import and not fail closes PLAT-586 Change-Id: Iab3c4ec1aebec5d1e0fef4a883b42ac546e1bf68 Reviewed-on: https://gerrit.instructure.com/38830 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brad Humphrey <brad@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com>	2014-08-07 14:31:07 +00:00
James Williams	829478bc38	add support for tar and tar.gz archives in content migrations also add limits for byte size and file count to prevent zip/tar "bombs" test plan: * import the package referenced in the ticket * should import successfully * content migration regressions closes #CNVS-14303 #CNVS-14428 Change-Id: Ia424b5260e34f35b62ca47f7aafa77118c4f5b5b Reviewed-on: https://gerrit.instructure.com/37881 Reviewed-by: Jeremy Stanley <jeremy@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Trevor deHaan <tdehaan@instructure.com> Product-Review: James Williams <jamesw@instructure.com>	2014-08-01 12:36:27 +00:00
Jeremy Stanley	6b7f0b3dc4	ignore zip entries containing '..' elements or symlinks extract core unzip functionality into canvas_unzip gem, and put security logic there. use this gem instead of shelling out to `unzip` (which does not have the option to skip symlinks). test plan: 1. import 'evil_course_2.imscc' from CNVS-14338 * there should be an import warning * you should get a blank syllabus body and definitely not see sensitive system data 2. import 'evil_sis_import.zip' from CNVS-14346 * a file called '/tmp/pwn3d' should not have been created on your app server 3. sanity check the parts of canvas that unzip things: * course copy * course import * zip content imports via the API * zip file uploads from files page * assignment submission comments download/upload * sis imports fixes CNVS-14338 fixes CNVS-14346 Change-Id: I38fa141653eb7bc483e99a28a135831b8cb3b2a6 Reviewed-on: https://gerrit.instructure.com/37959 Reviewed-by: Cody Cutrer <cody@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com>	2014-07-24 15:41:21 +00:00
Nathan Mills	a91d9c09d0	add lti2 models and registration endpoints fixes PLAT-522 PLAT-429 PLAT-545 PLAT-540 PLAT-498 test-plan you can register an lti2 tool Change-Id: If045b694213e1019f8a595b63a7e33ea4ac28e64 Reviewed-on: https://gerrit.instructure.com/37095 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Bracken Mosbacker <bracken@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Reviewed-by: Brad Humphrey <brad@instructure.com>	2014-07-18 16:42:10 +00:00
James Williams	5d2c8941be	reorder matching questions with images if possible test plan: * import the package referenced in the ticket * matching questions that would have before tried to put the images on the right hand side should now have the two sides reversed closes #CNVS-13362 Change-Id: Iae3483da9d2f976204d15806b5b9d69bf56a481e Reviewed-on: https://gerrit.instructure.com/37666 Reviewed-by: Jeremy Stanley <jeremy@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Hilary Scharton <hilary@instructure.com>	2014-07-17 15:41:45 +00:00
Bracken Mosbacker	7e4bfacec6	add common cartridge 1.3 variant support Test Plan: * Import the flat manifest fixture file * There should be: * 2 discussions with titles that say you should see them * 1 assignment * a module with 5 module items closes PLAT-560 Change-Id: I975546e59dcdd731b2e0149c52fb7dd33f5e70e8 Reviewed-on: https://gerrit.instructure.com/37545 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: James Williams <jamesw@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com>	2014-07-11 14:26:19 +00:00
Jeremy Stanley	a6d81ff0a1	import points_possible from CC 1.3 assignments test plan: - take the flat manifest attached to CNVS-13219 and find the <gradable> tag - add a points_possible attribute to it, for example <gradable points_possible="101"> - import the manifest as a common cartridge - the imported assignment should have the specified points possible refs CNVS-13503 fixes CNVS-13576 Change-Id: Ifc546c47cada7fcf7ec817395ceb525028406bf1 Reviewed-on: https://gerrit.instructure.com/36269 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: James Williams <jamesw@instructure.com> QA-Review: Nathan Rogowski <nathan@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com>	2014-06-16 20:27:28 +00:00
James Williams	2d123f0b96	cc 1.3 importing qti from inside manifest also fix a couple other minor cc issues test plan: * import the test packages referenced in the ticket * should reference the images correctly in the first package * should import a quiz in the second fixes #CNVS-13340 Change-Id: I39dca77953d2b46703fa5163240329b039075ec3 Reviewed-on: https://gerrit.instructure.com/35815 Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com>	2014-06-04 16:36:07 +00:00
James Williams	9c70e3e8b4	parse cc assignment extension data test plan: * importing the example package with cc assignment data should bring in canvas specific assignment data (like grading type) * cc and canvas package import regressions closes #CNVS-13270 Change-Id: Ic053837aa7642212bc0360f5e5ecf2cd27a88d9b Reviewed-on: https://gerrit.instructure.com/35747 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Bracken Mosbacker <bracken@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com> QA-Review: Clare Strong <clare@instructure.com>	2014-06-03 20:28:27 +00:00
James Williams	424451d34e	consolidate multiple external tools on cc import test plan: * import the common cartridge package referenced in the ticket and other common cartridge packages with external tools * instead of having many copies of an external tool with the same settings and domain, merge them together into one * each module item should still work with their individual url and config, even though they're pointing to the same external tool fixes #CNVS-13144 Change-Id: Idabe9ac95ea0605feb6dd9121a171b5e45e05a2e Reviewed-on: https://gerrit.instructure.com/35193 Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Reviewed-by: Brad Humphrey <brad@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com>	2014-05-23 23:22:37 +00:00
James Williams	3181ac8b11	improve cc 1.3 support test plan: * import the test assignment fixtures as a common cartridge file * there should be an assignment in the course * also test import of flat manifest xml files closes #CNVS-5906 #CNVS-13219 Change-Id: I0b765ed0d140516f78a5f4fb5dbe9b81ac77ecd4 Reviewed-on: https://gerrit.instructure.com/35394 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com> QA-Review: Clare Strong <clare@instructure.com>	2014-05-23 21:11:59 +00:00
James Williams	2ba4531f73	migration refactor: account question banks import test plan: * course migration regressions (canvas cc, course copy) * in addition: use the content migrations api to queue a content migration for an account ("/accounts/:account_id/content_migrations") to import a qti/cc package. * confirm that the question banks from the package that would have been normally imported into a course are now imported into the account closes #CNVS-12529 Change-Id: I2ef306341d2f7defe03c63a981679a3987f1aaa0 Reviewed-on: https://gerrit.instructure.com/34303 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: James Williams <jamesw@instructure.com>	2014-05-12 16:30:10 +00:00
Raphael Weiner	8be0ae37d7	Move google_docs code into a gem fixes: CNVS-12329 Change-Id: I044725c93582cbca39a61e036bb5f0385e069c1e Reviewed-on: https://gerrit.instructure.com/32990 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com> QA-Review: Trevor deHaan <tdehaan@instructure.com> Product-Review: Simon Williams <simon@instructure.com>	2014-04-25 21:50:43 +00:00
Raphael Weiner	c8d7b9f915	Further decoupling of google_docs from models and controllers. fixes: CNVS-12328 test plan: - as admin enable the google_doc plugin - as student visit `/profile/settings` - click 'Google Docs' under the 'Other Services' section - click 'Authorize Google Doc Access' in modal - when redirect to google, click 'Allow access' - verify success banner displays Change-Id: I2b45ffa38ac0d1d810fb988335f4cd39154ae2a6 Reviewed-on: https://gerrit.instructure.com/32949 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com> QA-Review: Trevor deHaan <tdehaan@instructure.com> Product-Review: Simon Williams <simon@instructure.com>	2014-04-25 21:50:34 +00:00
Raphael Weiner	7054118441	Refactor google docs to be standalone not mixin. fixes: CNVS-12096 Change-Id: I6fa7d6d57bfc9063b49334a8e528aaaa9fc7f8c2 Reviewed-on: https://gerrit.instructure.com/32715 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Braden Anderson <banderson@instructure.com> QA-Review: Trevor deHaan <tdehaan@instructure.com> Product-Review: Simon Williams <simon@instructure.com>	2014-04-10 17:31:39 +00:00
Jeremy Stanley	a3cf4748cc	check size of actual zip contents against quota because the zip central directory can lie test plan: 1. Create a huge file (say a gigabyte) where every byte is the same. 2. Zip it. The repeating data will be compressed. The ZIP will be tiny but will uncompress to a huge file. 3. Edit the zip file binary. Open it with a hex editor and change the file size in the directory. Make the file appear to be small enough to fit into the course quota. (The zip file format is documented at http://www.pkware.com/documents/casestudies/APPNOTE.TXT or ask the committer for help) 4. Try to import the zip file into a course (migrations/ import zip file into folder) 5. You should receive a quota error. fixes CNVS-10722 Change-Id: Ib1bd1c432ef900f0c6c61ebe6eab2881f8515104 Reviewed-on: https://gerrit.instructure.com/29704 Reviewed-by: Mark Severson <markse@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Nathan Rogowski <nathan@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com>	2014-02-06 19:29:27 +00:00
Jeremy Stanley	6d22b1f738	fix "invalid byte sequence in US-ASCII" in topic attachment test plan: - create a new discussion - attach a non-ASCII file - save the discussion - it shouldn't explode Change-Id: I9ada9dbf2bf25e63baab22f6117171436d4808c6 Reviewed-on: https://gerrit.instructure.com/27832 Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Matt Fairbourn <mfairbourn@instructure.com> Reviewed-by: Bracken Mosbacker <bracken@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com>	2013-12-31 21:30:21 +00:00
James Williams	01b49ad827	add selenium tests for content migrations and course copy Change-Id: I551613d44e58e6ea4e5eed55f7c6559d76d33674 Reviewed-on: https://gerrit.instructure.com/23567 Tested-by: Jenkins <jenkins@instructure.com> Product-Review: Bryan Madsen <bryan@instructure.com> QA-Review: Bryan Madsen <bryan@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com>	2013-09-05 12:35:04 +00:00
James Williams	fb09ce461c	import assessment questions and banks only for selected quizzes test plan: * import the package referenced in the ticket * only select certain quizzes * confirm that question banks are created only for those quizzes that you selected fixes #CNVS-7633 Change-Id: Ib19eef3fc0e69b56e1cb0eab89938e24c13bfa4b Reviewed-on: https://gerrit.instructure.com/23584 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> Product-Review: Jeremy Stanley <jeremy@instructure.com> QA-Review: August Thornton <august@instructure.com>	2013-08-29 15:24:54 +00:00
James Williams	00ac080c15	don't re-import quiz assessment questions in banks on second pass test plan: * import the qti file referenced in the ticket * should not get duplicated questions in the question banks fixes #CNVS-7607 Change-Id: I97391135349d170ac307168506a39afb0f078077 Reviewed-on: https://gerrit.instructure.com/23556 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Bracken Mosbacker <bracken@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com> QA-Review: August Thornton <august@instructure.com>	2013-08-22 15:01:43 +00:00
Simon Williams	d96ba9c601	finish removing course.publish_grades_immediately this was removed from the UI in Mar 2011 but was never completely ripped out. we'd like to remove it now since it was adding extra complexity for no benefit. closes CNVS-5929 refs #3974 test plan: - create/update/delete an assignment from the index page, and the show page - grade an assignment (with and without muting) - test assignment notifications (with and without muting) - creating an assignment - editing an assignment - changing a due date (after 3 hours of being edited) - grading an assignment Change-Id: Ie455bed41154018b5bd2c9c0e69e1e3285a0ac09 Reviewed-on: https://gerrit.instructure.com/20778 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com> Product-Review: Simon Williams <simon@instructure.com> QA-Review: Simon Williams <simon@instructure.com>	2013-06-04 18:11:08 +00:00
Cameron Matheson	90f9369f8e	remove a bunch of fixtures Change-Id: I73ad19d2c2f39b19948c4629b7e2c9d1009bae33 Reviewed-on: https://gerrit.instructure.com/20907 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brian Palmer <brianp@instructure.com> Product-Review: Cameron Matheson <cameron@instructure.com> QA-Review: Cameron Matheson <cameron@instructure.com>	2013-05-28 17:59:10 +00:00
Bracken Mosbacker	3f94f55256	create course copy and zip migration workers Course copying and importing .zip files will now work the same as other content migrations. Test Plan: * Using the ContentMigration api test course copy and zip imports * Make sure the current course copy and zip import UIs still work * for course copy make sure selective options work closes CNVS-4228 Change-Id: I80a849471dffaf44d683e980cf0b73505b353d83 Reviewed-on: https://gerrit.instructure.com/19740 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: James Williams <jamesw@instructure.com> QA-Review: Clare Strong <clare@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com>	2013-05-17 22:34:15 +00:00
Jeremy Stanley	457bc0b15d	a new [image] button in tinyMCE's toolbar fixes CNVS_5151 test plan: by using the new image button in the tinymce toolbar, you should be able to: * insert an image from Canvas content (course or group files; whatever the context for the editor is) * test in wikis, discussions, quizzes, eportfolios... anywhere you can find a rich content editor * if you're in a course or group context, you should be able to add course/group files. otherwise (in account context, for instance) you will only see "my files". * also, pls to test that subfolders work * single-click an image to select it (and set size/alt text etc. before pressing Update) * double-click an image to select it and insert with the default alt-text and size * note that the size is constrained to the image's aspect ratio * insert an image from the user's own files * insert an image by URL * insert an image from Flickr via search * images inserted from flickr should link to the source flickr page (this is part of flickr TOS, and is not a new behavior, but should be tested explicitly) * make sure if you change to a different flickr image, the link is updated * also test that if you change a flickr image to a canvas image or url image that the flickr link goes away * NOTE: also test the old flickr search dialog on the wiki sidebar (the blue magnifying glass thing) for possible regressions. (the tinymce plugin that powers this thing was modified.) * create or edit alt text for any image type (note, it does not add uploading new files, that will come in another commit) Change-Id: I2d5f8ca9f2301168f442955fda791631ee886636 Reviewed-on: https://gerrit.instructure.com/14391 Reviewed-by: Bracken Mosbacker <bracken@instructure.com> Product-Review: Bracken Mosbacker <bracken@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Adam Phillipps <adam@instructure.com>	2013-05-06 19:20:14 +00:00
Eric Berry	6cbfef1db0	fixed issue where google doc collaboration links are broken i was unable to re-create this bug, however on the live server i was able to step through the code and determine the failure point. fixes CNVS-4404 Change-Id: Ied185dc829ec1e2b972a102da9426ffab6541895 Reviewed-on: https://gerrit.instructure.com/18423 Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Marc LeGendre <marc@instructure.com> Reviewed-by: Zach Pendleton <zachp@instructure.com>	2013-03-12 15:36:42 -06:00
Duane Johnson	428ebe53ec	support for lazy loading google docs (backend) Provides support for listing a user's google docs via ajax. The front end will be implemented later. Test Plan: 1. This shouldn't interrupt or affect the current way in which we load all google docs on page load. fixes CNVS-3592 Change-Id: Ia3a4283ab910f4759c3cc9880a5ff8d613f2463f Reviewed-on: https://gerrit.instructure.com/17560 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Ethan Vizitei <ethan@12spokes.com> QA-Review: Clare Hetherington <clare@instructure.com>	2013-02-20 15:30:59 -07:00
Duane Johnson	6f1ec3403b	refactor google_docs_specs and remove remote dependence In anticipation of adding a faster google docs listing, first refactor the specs. Test Plan: - google docs should behave as before refs CNVS-3592 Change-Id: Ic62d0cd170f491b5f36f516c0a71fde367dab0b2 Reviewed-on: https://gerrit.instructure.com/17548 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brian Palmer <brianp@instructure.com> QA-Review: Clare Hetherington <clare@instructure.com>	2013-02-08 12:56:35 -07:00
Simon Williams	6b2185cf36	remove course.allow_student_assignment_edits this was a course setting which allowed students to edit assignment descriptions only. unfortunately, it didn't work, because the form validation code assumed a title input field would be present and tried to require that it was there. closes CNVS-3267 test plan: - make sure the setting is not availble in course settings - make sure students cannot edit assignments - make sure teachers can still edit assignments Change-Id: Iebeaa00f357a59bff8462ecde79c57d68c04320f Reviewed-on: https://gerrit.instructure.com/17056 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Cody Cutrer <cody@instructure.com> QA-Review: Myller de Araujo <myller@instructure.com>	2013-01-31 09:20:58 -07:00
Zach Pendleton	247c7915c1	stop google docs endless authorization loop. fixes CNVS-3413 when submitting an assignment with a google doc, user was previously presented with an endless authorization loop; google docs list was never displayed. this commit restores proper behavior. test plan: * create an assignment that allows online submissions; * as a student, attempt to submit the assignment as a google doc (if you have not already authorized google docs access, you will need to do that first); * verify that the student is presented with a list of their available google docs and not asked to re-authorize their google docs access. Change-Id: Iba9ffda7e35a88aa67b856689680c894a44c4532 Reviewed-on: https://gerrit.instructure.com/17265 Reviewed-by: Brian Palmer <brianp@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Marc LeGendre <marc@instructure.com>	2013-01-30 12:58:16 -07:00
Jeremy Stanley	81954472cd	update rubyzip to 0.9.5 for non-ASCII filename support test plan: - import a Canvas course containing attachments with non-ASCII filenames, on ruby 1.9 (there must be at least two attachments) fixes #CNVS-3195 Change-Id: I0c7f19b6f7a477858bfba3cd2501bcbf16ba0567 Reviewed-on: https://gerrit.instructure.com/17006 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Bracken Mosbacker <bracken@instructure.com> QA-Review: Adam Phillipps <adam@instructure.com>	2013-01-22 09:29:05 -07:00
Jeremy Stanley	255e9d94b1	ruby 1.9: don't choke on course import with '~' filename work around the issue where creating a temp file whose basename starts with '~' fails on ruby 1.9 ruby issue: https://bugs.ruby-lang.org/issues/7547 test plan: try to import the course linked in the ticket fixes #CNVS-2922 Change-Id: Iafbbae05c90dbef22e73e6311379e3aeee0a5f32 Reviewed-on: https://gerrit.instructure.com/16796 Tested-by: Jenkins <jenkins@instructure.com> QA-Review: Adam Phillipps <adam@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com>	2013-01-21 14:16:11 -07:00
James Williams	f3131325fa	don't freeze on loading screen for content import with no items handles the case when the content migration import page is stuck on the loading screen when the content import doesn't have any items to select on the import page (and thus populateItem never gets run) test plan: * import the attached import (which only has questions, no course items to select) * should load the content import screen, (even though there's only one option: "Copy Everything" closes #CNVS-2662 Change-Id: I17ddeca10752f42000edc928995dd8766e9ff51c Reviewed-on: https://gerrit.instructure.com/16661 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com> QA-Review: Adam Phillipps <adam@instructure.com>	2013-01-09 14:14:29 -07:00
Ethan Vizitei	2b8a5a18fc	whitelist for xsd files for the cc module refs #CNVS-1125 this prevents any funky user input to the xml_schema action in the ContentExport controller from pulling up anything other than the items in the target xsd directory. TEST PLAN: tough to test from the outside because the existing pathing prevents very much monkeying with the file path, so most attack attempts would be prevented simply by naively interpreting the path as nonexistent for our routing config. If you find any way to get any other file in the system except the ones in that directory via the "/xsd/#{something}.xsd" url path then you win and I have more to fix. Change-Id: Iddb22c9bbd5778d67c3737c5425126419297a5d3 Reviewed-on: https://gerrit.instructure.com/15774 Reviewed-by: Cody Cutrer <cody@instructure.com> Tested-by: Jenkins <jenkins@instructure.com>	2012-12-04 11:54:16 -07:00
Ethan Vizitei	f1814d7762	Prevent malicious zip uploads refs #11857 don't allow zip files with more than 100000 files to get attached don't allow zip files that add enough data (with a minimum file size of 512) to go over the context quota also refactor unzip_attachment.rb a bit as long as we're in there because it's a bit dense and monolithic. There is still much that could be done there, but it's not one enormous method anymore. TEST PLAN: 1) login as any user with permissions to upload files. 2) attempt to upload a zip archive with more than the configured max number of files inside of it (currently 100,000) 3) you should get an error preventing this action from occuring and no new attachments should have been made to that context 4) navigate to some context where the attachment quota is known. 5) attempt to upload a zip archive to that context with enough size to exceed that quota. 6) you should get an error preventing any of the new attachments from being attached to that context. Change-Id: I35ce673e96fb98728cb36cfd27538fd802a249f2 Reviewed-on: https://gerrit.instructure.com/15671 Reviewed-by: Cody Cutrer <cody@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Clare Hetherington <clare@instructure.com>	2012-11-30 08:35:02 -07:00
Ethan Vizitei	7316b82dc0	refs #5773 fix plugin asset loading for 1.9.3 Ruby 1.9 uses a different YAML engine (although we reset it to the 1.8 engine in the delayed job plugin). This resulted in the yaml dump to the assets.yml file (for plugin asset inclusion) not producing quite the expected output format at server startup (before the delayed job plugin had loaded), which caused selenium tests to fail in the canvalytics plugin because they ONLY loaded the assets.yml file at startup rather than before each request like in development. A small regex change in the ruby block in assets.yml fixed the actual problem. While I was in here, I moved the ruby block into it's own class so that all the processing can be tested. the "subdoc" stuff in bundle_yml could probably still stand to be slimmed down a bit but this is a decent intermediate step. Change-Id: I9300c167130fb3305c7f37710b0e3cfcfda19f48 Reviewed-on: https://gerrit.instructure.com/15111 Reviewed-by: Jacob Fugal <jacob@instructure.com> Tested-by: Jenkins <jenkins@instructure.com>	2012-11-08 13:40:32 -07:00
Sterling Cobb	3f4fe6d295	Make course syllabus optional when copying courses fixes #9185 This adds a new version of export files and ensures older exports will work. We are now using a canvas_export.txt resource to identify if this is a canvas cartridge or a common cartridge. Test Plan 1. Copy a course 2. When copying, unselect copy all and course syllabus 3. The syllabus shouldn't be copied over. Change-Id: I37c9aa12aabe453ef4481c6f39b7b33c97b130bb Reviewed-on: https://gerrit.instructure.com/14971 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Jeremy Stanley <jeremy@instructure.com>	2012-11-08 09:29:50 -07:00
Dave Donahue	d0791b684b	add authenticity token to gradebook2 reupload form Fixes #9904 Test plan: 1. View GB2 in a course 2. On an assignment column, click the dropdown button, and click download submissions 3. Once downloaded, close the dialog, and click that same dropdown arrow again, and hit re-upload submissions 4. Choose the file you just downloaded. Prior to this change, uploading the file caused an InvalidAuthenticityToken error. With this fix, the file gets processed as it should, and you are taken to the summary page. Other notes: * Also adds selenium test for submission downloading and uploading on gradebook2 that covers behavior of this fix as well as the feature as a whole Change-Id: Ib0ddefbcd6f9bd4f40d28e51f4793752ae67a221 Reviewed-on: https://gerrit.instructure.com/14644 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Amber Taniuchi <amber@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com>	2012-11-01 16:53:14 -06:00
Joe Tanner	27edbc1e8b	Nested outcomes UI, closes #9158 test plan for course, account, and sub-account outcomes page: - using the 'New' buttons in the toolbar create, edit, and delete a bunch of outcomes and groups and nested groups - when editing an outcome, insert, edit, and delete the criterion ratings - find dialog - inside any top level standard group - select an individual outcome or a group to import - after importing, the outcome or group should show up in the seleced group of the main window and show it's details on the right - account standards - the account groups (the first level under 'Account Standards') should not be importable - pagination - add 20-30 outcomes and groups to a group - groups should load first and then the outcomes - a 'Loading more results' item should be displayed when fetching more pages - test out the 'Back' button Change-Id: Iba1bb0533fb962ac6d206179c82c388f5fee1d84 Reviewed-on: https://gerrit.instructure.com/13086 Reviewed-by: Zach Pendleton <zachp@instructure.com> Tested-by: Bryan Madsen <bryan@instructure.com>	2012-10-25 11:03:21 -06:00
Jake Sorce	5e0822c9c9	spec: write specs for g/14373/ Change-Id: I74c0f838a8cedbef03b6de8c3e60b0099a6e075c Reviewed-on: https://gerrit.instructure.com/14383 Reviewed-by: Sterling Cobb <sterling@instructure.com> Tested-by: Sterling Cobb <sterling@instructure.com> Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Shawn Meredith <shawn@instructure.com>	2012-10-15 10:24:57 -06:00
Sterling Cobb	3b0fada705	Alphabetize files and folders fixes #10036 This commit removes the ability to sort files and folders by dragging and replaces it with a default of alphabetizing every item. Test plan: Folder 1. Go the to files page http://localhost:3000/dashboard/files 2. Create a folder named "d_folder" then add a folder named "a_folder" 3. Ensure "a_folder" is before "d_folder" Files 1. Go the to files page http://localhost:3000/dashboard/files 2. Upload a file named "d_file.txt" then add a file named "a_file.txt" (must have characters in the file" 3. Ensure "a_file.txt" is before "d_file.txt" Change-Id: I3776ff996e338f8aa6fc3858b59e1460b8b1cdf0 Reviewed-on: https://gerrit.instructure.com/13554 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Zach Pendleton <zachp@instructure.com>	2012-09-28 14:49:05 -06:00
Jeremy Stanley	5b8524b14a	Batch file notifications; closes #9012 Test plan: (We need two users here because Canvas doesn't notify you about files you upload yourself. We'll call them Student and Teacher here, but they don't actually have to be these things.) * As Student, enable notifications for new files in Profile. * As Teacher, upload a file. * Within an hour or so (everything about notifications occurs in low-priority background tasks), Student should receive a notification for the file. * As Teacher, upload multiple files. * Student should eventually receive a notification that X number of files were added. Note that files are batched over a five-minute period; that is, if a file is added to a course within five minutes of a previous file, it will be counted in the same batch. Change-Id: I09b5f497cae1d726b7aaf85824e98e69e45b0c1b Reviewed-on: https://gerrit.instructure.com/12346 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Simon Williams <simon@instructure.com>	2012-07-20 14:45:12 -06:00
Bracken Mosbacker	062a4595be	add test to make sure files are import alphabetically Test Plan: * Upload a zip file * The files should be in alphabetical order in the course refs #8602 Change-Id: I703cce328d8dce46663379250dce2e6ce8a7c3a9 Reviewed-on: https://gerrit.instructure.com/11310 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Brian Palmer <brianp@instructure.com>	2012-06-06 13:08:13 -06:00
Bracken Mosbacker	d14f5d791a	create assignment for common cartridge lti config with assignment points Some vendors want to be able to create assignments when importing common cartridge packages with grade-writeback LTI tools. This allows them to set outcome points as a custom flag to do that Test Plan: * Import the CC fixture for the modified spec into a course * There should be an LTI assignment and a module item pointing to it closes #8887 Change-Id: I507e732b24ee392540b652499acb8dc305e42c69 Reviewed-on: https://gerrit.instructure.com/11303 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Cody Cutrer <cody@instructure.com>	2012-06-05 21:06:11 -06:00

1 2

71 Commits