Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Review changes

Browse Source
This commit is contained in:
Jesse Shapiro
2016-11-01 13:04:09 -04:00
parent bd9f859419
commit 088dab365a
1 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
common/djangoapps/student/auth.py
View File

@@ -7,6 +7,7 @@ to decide whether to check course creator role, and other such functions.
from django.core.exceptions import PermissionDenied
from django.conf import settings
from opaque_keys.edx.locator import LibraryLocator
from ccx_keys.locator import CCXLocator, CCXBlockUsageLocator
from student.roles import GlobalStaff, CourseCreatorRole, CourseStaffRole, CourseInstructorRole, CourseRole, \
CourseBetaTesterRole, OrgInstructorRole, OrgStaffRole, LibraryUserRole, OrgLibraryUserRole
@@ -17,6 +18,7 @@ STUDIO_EDIT_ROLES = 8
STUDIO_VIEW_USERS = 4
STUDIO_EDIT_CONTENT = 2
STUDIO_VIEW_CONTENT = 1
STUDIO_NO_PERMISSIONS = 0
# In addition to the above, one is always allowed to "demote" oneself to a lower role within a course, or remove oneself
@@ -25,11 +27,7 @@ def is_ccx_course(course_key):
Check whether the course locator maps to a CCX course; this is important
because we don't allow access to CCX courses in Studio.
"""
ccx_namespaces = (
'ccx-v1',
'ccx-block-v1',
)
return course_key.CANONICAL_NAMESPACE in ccx_namespaces
return isinstance(course_key, CCXLocator) or isinstance(course_key, CCXBlockUsageLocator)
def user_has_role(user, role):
@@ -72,10 +70,10 @@ def get_user_permissions(user, course_key, org=None):
course_key = course_key.for_branch(None)
else:
assert course_key is None
all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT
# No one has studio permissions for CCX courses
if is_ccx_course(course_key):
return 0
return STUDIO_NO_PERMISSIONS
all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT
# global staff, org instructors, and course instructors have all permissions:
if GlobalStaff().has_user(user) or OrgInstructorRole(org=org).has_user(user):
return all_perms
@@ -88,7 +86,7 @@ def get_user_permissions(user, course_key, org=None):
if course_key and isinstance(course_key, LibraryLocator):
if OrgLibraryUserRole(org=org).has_user(user) or user_has_role(user, LibraryUserRole(course_key)):
return STUDIO_VIEW_USERS | STUDIO_VIEW_CONTENT
return 0
return STUDIO_NO_PERMISSIONS
def has_studio_write_access(user, course_key):