Switch reset_due_date over to using a StaffAccessRule with query checking

2019-08-02 14:54:25 -04:00
parent 1aed6c882b
commit 32f154d3ea
1 changed files with 1 additions and 1 deletions
--- a/lms/djangoapps/instructor/views/api.py
+++ b/lms/djangoapps/instructor/views/api.py
@@ -2908,7 +2908,7 @@ def change_due_date(request, course_id):
@require_POST
@ensure_csrf_cookie
@cache_control(no_cache=True, no_store=True, must_revalidate=True)
-@require_level('staff')
+@require_course_permission(GIVE_STUDENT_EXTENSION)
@require_post_params('student', 'url')
 def reset_due_date(request, course_id):
    """