From 088dab365a0a00b71a41088ad701eaa09c8ff9ce Mon Sep 17 00:00:00 2001 From: Jesse Shapiro Date: Tue, 1 Nov 2016 13:04:09 -0400 Subject: [PATCH] Review changes --- common/djangoapps/student/auth.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/common/djangoapps/student/auth.py b/common/djangoapps/student/auth.py index 62f5e39a85..efb93cde52 100644 --- a/common/djangoapps/student/auth.py +++ b/common/djangoapps/student/auth.py @@ -7,6 +7,7 @@ to decide whether to check course creator role, and other such functions. from django.core.exceptions import PermissionDenied from django.conf import settings from opaque_keys.edx.locator import LibraryLocator +from ccx_keys.locator import CCXLocator, CCXBlockUsageLocator from student.roles import GlobalStaff, CourseCreatorRole, CourseStaffRole, CourseInstructorRole, CourseRole, \ CourseBetaTesterRole, OrgInstructorRole, OrgStaffRole, LibraryUserRole, OrgLibraryUserRole @@ -17,6 +18,7 @@ STUDIO_EDIT_ROLES = 8 STUDIO_VIEW_USERS = 4 STUDIO_EDIT_CONTENT = 2 STUDIO_VIEW_CONTENT = 1 +STUDIO_NO_PERMISSIONS = 0 # In addition to the above, one is always allowed to "demote" oneself to a lower role within a course, or remove oneself @@ -25,11 +27,7 @@ def is_ccx_course(course_key): Check whether the course locator maps to a CCX course; this is important because we don't allow access to CCX courses in Studio. """ - ccx_namespaces = ( - 'ccx-v1', - 'ccx-block-v1', - ) - return course_key.CANONICAL_NAMESPACE in ccx_namespaces + return isinstance(course_key, CCXLocator) or isinstance(course_key, CCXBlockUsageLocator) def user_has_role(user, role): @@ -72,10 +70,10 @@ def get_user_permissions(user, course_key, org=None): course_key = course_key.for_branch(None) else: assert course_key is None - all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT # No one has studio permissions for CCX courses if is_ccx_course(course_key): - return 0 + return STUDIO_NO_PERMISSIONS + all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT # global staff, org instructors, and course instructors have all permissions: if GlobalStaff().has_user(user) or OrgInstructorRole(org=org).has_user(user): return all_perms @@ -88,7 +86,7 @@ def get_user_permissions(user, course_key, org=None): if course_key and isinstance(course_key, LibraryLocator): if OrgLibraryUserRole(org=org).has_user(user) or user_has_role(user, LibraryUserRole(course_key)): return STUDIO_VIEW_USERS | STUDIO_VIEW_CONTENT - return 0 + return STUDIO_NO_PERMISSIONS def has_studio_write_access(user, course_key):