From 04e550132441621d6b2277adf23ca5449a856aa2 Mon Sep 17 00:00:00 2001 From: Calen Pennington Date: Wed, 31 Jul 2019 14:46:53 -0400 Subject: [PATCH] Convert add_users_to_cohorts to require_course_permission --- lms/djangoapps/instructor/permissions.py | 2 ++ lms/djangoapps/instructor/views/api.py | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lms/djangoapps/instructor/permissions.py b/lms/djangoapps/instructor/permissions.py index 690dca6817..a3c9e779d5 100644 --- a/lms/djangoapps/instructor/permissions.py +++ b/lms/djangoapps/instructor/permissions.py @@ -6,8 +6,10 @@ from bridgekeeper import perms from courseware.rules import HasAccessRule ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM = 'instructor.allow_student_to_bypass_entrance_exam' +ASSIGN_TO_COHORTS = 'instructor.assign_to_cohorts' VIEW_ISSUED_CERTIFICATES = 'instructor.view_issued_certificates' perms[ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM] = HasAccessRule('staff') +perms[ASSIGN_TO_COHORTS] = HasAccessRule('staff') perms[VIEW_ISSUED_CERTIFICATES] = HasAccessRule('staff') diff --git a/lms/djangoapps/instructor/views/api.py b/lms/djangoapps/instructor/views/api.py index d430ebfce7..b23c54f7e7 100644 --- a/lms/djangoapps/instructor/views/api.py +++ b/lms/djangoapps/instructor/views/api.py @@ -150,6 +150,7 @@ from .tools import ( from ..permissions import ( ALLOW_STUDENT_TO_BYPASS_ENTRANCE_EXAM, + ASSIGN_TO_COHORTS, VIEW_ISSUED_CERTIFICATES, ) @@ -1416,7 +1417,7 @@ def _cohorts_csv_validator(file_storage, file_to_validate): @ensure_csrf_cookie @cache_control(no_cache=True, no_store=True, must_revalidate=True) @require_POST -@require_level('staff') +@require_course_permission(ASSIGN_TO_COHORTS) @common_exceptions_400 def add_users_to_cohorts(request, course_id): """