flag=none
Test plan
- Install an LTI tool proxy that does
plagiarism
- Submit an assignment as a student
- Load /api/v1/courses/:course_id/
assignments/:assignment_id/submissions
/:user_id?include[]=webhook_info and
verify that you can see the
webhook_info in the API call
- Make sure you don't see it anywhere
without the webhook_info includes
flag (check as many submissions
APIs as you can remember)
Change-Id: I6113128cae9c3184d73437bc97935a2d4e33fcee
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/274333
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
flag=none
Test plan
- Set up an assignment with a Plagiarism tool proxy
(one with a subscription would help :) )
- Load an assignment with the API (most routes should
work, but try api/v1/courses/:course_id/assignments/
:assignment_id?include[]=webhook_info)
(There isn't a good way to avoid n+1s on this, so
I didn't actually try. I'm not that worried, since
I'm not adding this to the API documentation, but
people should avoid doing this on a list of assignments
- Verify you can see the current subscription info on
the assignment
Change-Id: I7647ef7d05b8766e8936dbb6ef72ec4d4abbe746
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/273929
Product-Review: Karl Lloyd <karl@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
Reviewed-by: Evan Battaglia <ebattaglia@instructure.com>
Fixes INTEROP-6252
flag=none
Test Plan:
- Install multiple plagiarism detection tools
in the same account with _different_ resource
type codes. Each tool should also have a different
endpoint
- Associate an assignment with one of the tools
- Submit and verify an event is sent to the tool
with the matching resource type code
- Verify events were not sent to the other tools
Change-Id: I5892451c2ac3af64254881319d6f1143703a5cb6
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/249776
Reviewed-by: Mysti Lilla <mysti@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes INTEROP-6130
flag=plagiarism_tool_subscriptions (removes it)
Test plan
- Have a Lti::ToolProxy for TurnItIn or Urkund
or some other Plagiarism service that does
not have an associated subscription
- Run the data fixup. Verify the tool has
a working subscription
Change-Id: I21a85321caf1a735e0034661e175da3423548967
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/246411
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Tucker Mcknight <tmcknight@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
fixes INTEROP-6125
flag=none
Test plan
- Set up an assignment with the plagiarism tool
- Test to make sure the live event sends with
the associated integration id from the ACTL
- Uninstall the tool and make sure it does
not send the associated integration id
- Play with different locations where the
tool is installed and make sure it works
as expected
Change-Id: I1fec2ee4744850cd7a0285fb0087a465b3448e46
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/246294
Reviewed-by: Xander Moffatt <xmoffatt@instructure.com>
QA-Review: Xander Moffatt <xmoffatt@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Product-Review: Mysti Lilla <mysti@instructure.com>
Closes PLAT-5768
Test Plan:
- Create an assignment configured with a plagiarism platform
tool.
- Submit to the assignment
- Run the fixup_plagiarism_subscriptions_after_shard_split
fixup and verify the subscription the subscription_id
of the AssignmentConfigurationToolLookup changes.
- Run resend_plagiarism_events_after_shard_split fixup
and verify Canvas resends the events for all
submissions associated with the assignment that have
not received an originality score.
One way this can be done is by setting the
'STUB_LIVE_EVENTS_KINESIS' variable to "true"
and watching the the Rails logs for events
Change-Id: I8493141b7bea93abffad49f89e3d1ed3a5640b24
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/236330
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
Reviewed-by: Mysti Lilla <mysti@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
The AssignmentConfigurationToolLookup (ACTL) represents that a given
assignment is connected with a given plagiarism detection (LTI2) tool.
This is a soft link, not a direct "tool_proxy_id" link to the tool
installation, though, since we can uninstall and reinstall tools and we
want those connections (actually LESS subscriptions) to be
reestablished. We used to figure out that a ACTL belongs to a give tool
by matching up product and vendor codes; but if the user installs the
tool in both a Course context and an Account context, we can get
confused, and one tool from either context can delete the subscriptions
created with the tool in the other context.
The solution is to store the context_type (Course or Account) in the
ACTL when setting up an assignment with a plagiarism detection tool.
Test plan:
- instrument the locations in the canvas code where a LESS subscription
is created and destroyed. You can comment out the calls and replace
with "puts" statements in lib/lti/assignment_subscriptions_helper.rb:
* replace `destroy_subscription` to not send to LESS, but log
(append to a file is easiest to see) with the ID
* replace `create_subscription` - make it log (append to a file)
and return a fake id like `rand(100000).to_s
* run both canvas web and jobs
- install a locally-running test tool (e.g.
web.lti-originality-report-example.docker:3000/register)
in a course context and add an assignment that uses the tool.
(note: sometimes when adding a tool it didn't show up in the
new assignment dropdown. restarting canvas may help)
- Check subscription id:
`AssignmentConfigurationToolLookup.where(assignment_id: a_id`
The ACTL should also have a context_type of "Course"
- install the test tool in a account context. check (by looking at ACTL)
that the subscription ID did not change, and that no subscriptions were
created or destroyed.
- delete the account-level test tool. observe that nothing changed.
delete the course-level test tool, observe that the subscriptions
have been deleted (looking at the logging you added).
- you can do other combinations like creating assignments with
an account-level tool.
- Test "Blueprint course" syncing still works by creating a blueprint
course, adding a tool and assignment with tool, making copies of the
course, and syncing the copies. Check that there is still only one
copy of the ACTL per course.
Fixes PLAT-5023
Change-Id: I6ded9ab91e223fc1cf6a9b7ed7f0df649823c95d
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/215171
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Refs PLAT-3991
Test Plan:
- Create multipel tool proxies in your account.
Note the vendor code and product code of the
proxies.
- Using the new documentation as a reference,
hit the endpoint to add a new service to the tool proxies
- Verify all tool proxies have the new service added
with the correct actions
Change-Id: If19c8ed0b8e788dab3025a7e33c5176386a8d885
Reviewed-on: https://gerrit.instructure.com/172604
Tested-by: Jenkins
QA-Review: Marc Phillips <mphillips@instructure.com>
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Reviewed-by: Marc Phillips <mphillips@instructure.com>
refs PLAT-2708
Test Plan:
- Create a developer key through the Canvas UI and
verify that a new vendor code text input is
available and optional.
- Verify each of the following:
* If a vendor is associated with a devloper key they
must use one of the associated developer keys
when registering.
* If a vendor is associated with a developer key
they may not register without using a
developer key.
* If a vendor is associated with a developer key
they may not use a developer key other than
one they are associated with to register.
* If a vendor is not associated with a developer key
they must register without a developer key.
Change-Id: I9c9974706f542c1442988634790656da1c407cb8
Reviewed-on: https://gerrit.instructure.com/118592
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Jesse Poulos <jpoulos@instructure.com>
Closes PLAT-2710
Test Plan:
- Install a plagiarism detection tool, associate it with an
assignment, and create a submission.
- Delete the tool
- Install the tool again in the same context.
- Using the tool proxy guid and secret from the second tool,
request an access token
- Verify you can request the submission for the assignment in
step one and create an originality report for it.
- Verify this is also true for other lti2 services (
subscription api, originality report api, etc).
Change-Id: I006b4a88b105e808dcf0fbbbc8087a83aabe5731
Reviewed-on: https://gerrit.instructure.com/117700
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes PLAT-2598
Test plan:
* Install the plagiarism detection tool in a course locally using docker
* Get a zip file from me with a bunch of exports
* In the course that has the plagiarism detection tool installed
* Import 'import.imscc'
* Ensure that the import completes without warnings or errors
* Import 'different_version.imscc'
* Ensure that the import completes with a warning about finding a
different version of the tool
* Import 'missing_data.imscc'
* Ensure that the import completes with a warning that has a link to
an error report
* In a course where the plagiarism detection tool is not installed
* Import 'registration_url.imscc'
* Ensure that the import completes with a warning that tells the user
the registration url they can use to install the missing tool
* Import 'import.imscc'
* Ensure that the import completes with a warning that tells the user
they need to install the tool but without a registration url
Change-Id: I3836c2caf602487de135b5a8732bba00b96b9342
Reviewed-on: https://gerrit.instructure.com/114139
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
Reviewed-by: Jeremy Stanley <jeremy@instructure.com>
Reviewed-by: Brad Humphrey <brad@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
closes PLAT-2020
Test Plan:
0. Install an LTI 2 tool and associate it with an
assignment. As a student create a submission
for the assignment.
1. Create an originality report via the api. Specify
the `tool_setting[resource_type_code]` param
with a value set to the `resoure_type` code of
a valid resource handler for your tool proxy.
The resource handler should have at least one
message handler. The message handler type
should be 'basic-lti-launch-request'
2. Verify the OriginalityReport created has
a `link_id` set to the resource link id
of a new Lti::ToolSetting.
3. From each of the following locations click the
originality report colored bubble and
verify your tool launches to the message
in the resource handler specified in step 1:
- submission details modal from gradebook page
- submission details page
- student grades page
- speed grader
4. Update the originality report via api and
repeat steps 2 and 3.
Change-Id: Ie40ea9e3423b8f8198dd3fdc3f5f4da76800998f
Reviewed-on: https://gerrit.instructure.com/113516
Reviewed-by: Brad Humphrey <brad@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
Closes PLAT-1924
Test Plan:
- Install a plagiarism detection tool
- Create multiple assignments associated with the tool
- Uninstall the tool
- Verify a delayed job for each subscription to delete
is enqued.
- Verify the subscriptions are deleted from Dynamo
once the jobs finish
Change-Id: I24983ce0692430fb072ca74933b80ba78fac1898
Reviewed-on: https://gerrit.instructure.com/105973
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Nathan Mills <nathanm@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes PLAT-2232
test plan:
- install an lti2 tool with the originality placement
- associate it to an assignment as a tool_settings_tool
- use the /api/lti/assignments/#{@assignment.id}/submissions/#{submission.id}
endpoint to get a submssion
- use the
/api/lti/assignments/#{@assignment.id}/submissions/#{submission.id}/history
endpoint to get the submission history
- make sure you can't access it without the placement enabled
- make sure you can't access it unless the tool is associated to the
assignment
- make sure you can't access it unless the tool is installed
- make sure you can't access it unless the tool is active
- make sure you can't access it if the tool is not in that context
Change-Id: I66d892658a67b04f532f37bda3206efb8666cde7
Reviewed-on: https://gerrit.instructure.com/104803
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Tested-by: Jenkins
Product-Review: Nathan Mills <nathanm@instructure.com>
Fixes: PLAT-2129 PLAT-2126
Test Plan:
- Verify you can create and retrieve a TCP
with the new subscription service and
capabilities.
- Install an LTI2 tool using the split secret
capability. The tool's security contract
should use the new webhook service.
Example security contract:
"tp_half_shared_secret"=>
"873f5...",
"tool_service"=>
[{"@type"=>"RestServiceProfile",
"service"=>"vnd.Canvas.webhooksSubscription",
"action"=>["GET", "POST"]}]}
- Do a POST request to /api/lti/subscriptions with the
following body:
{
"subscription":{
"EventTypes":[
"submission_created"
],
"ContextType":"course",
"ContextId":<valid course id here>,
"Format":"live-event",
"TransportType":"sqs",
"TransportMetadata":{
"Url":"http://sqs.docker"
}
}
}
- Verify a 401 is returned
- Using https://docs.google.com/document/d
/12x6Peif-I-0zvl2uMv2JVbQdZumGGqMtspWKYTqlL9o/edit
attempt to create each subscription type (in bold)
and verify 401s are returned in each case.
- Using the same document, verify that adding one of
the capabilities listed under a subscription types
allows you to create the subscription
- Verify that using the vnd.instructure.webhooks.root_account.all
capability allows you to create any subscription.
- Install an LTI2 tool in a course
- Attempt to create a subscription in another course and
verify a 401 is given.
Change-Id: I322e4bb2c49209afdc6f0a3c3a8b5c73e339996e
Reviewed-on: https://gerrit.instructure.com/102272
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Reviewed-by: Andrew Butterfield <abutterfield@instructure.com>
Product-Review: Weston Dransfield <wdransfield@instructure.com>
fixes PLAT-1966
test plan:
-get an lti2 OAuth2 access token
-attempt to use the originality reports endpoint with it
-it should work
-attempt to hit the endpoint with a canvas access token
-it should not work
- attempt to hit the endpoints unauthenticated
- it should not work
Change-Id: I4b7993b17f2931f7b0dc97a7d187c234490e87d2
Reviewed-on: https://gerrit.instructure.com/100148
Tested-by: Jenkins
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>
QA-Review: August Thornton <august@instructure.com>
Product-Review: Nathan Mills <nathanm@instructure.com>
Cody Cutrer