From 4377981486225dbae810dac7ac2cc9d79ecf264f Mon Sep 17 00:00:00 2001
From: Sven Marnach <sven@marnach.net>
Date: Wed, 2 Sep 2015 21:17:08 +0200
Subject: [PATCH] Optimise getting list of courses from Enrollment API for
 global staff.

---
 common/djangoapps/enrollment/tests/test_views.py | 8 ++++++--
 common/djangoapps/enrollment/views.py            | 5 +++--
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/common/djangoapps/enrollment/tests/test_views.py b/common/djangoapps/enrollment/tests/test_views.py
index 1da2df8af6..bd5a3ffbc2 100644
--- a/common/djangoapps/enrollment/tests/test_views.py
+++ b/common/djangoapps/enrollment/tests/test_views.py
@@ -32,7 +32,7 @@ from openedx.core.djangoapps.user_api.models import UserOrgTag
 from openedx.core.lib.django_test_client_utils import get_absolute_url
 from student.models import CourseEnrollment
 from student.roles import CourseStaffRole
-from student.tests.factories import UserFactory, CourseModeFactory
+from student.tests.factories import AdminFactory, CourseModeFactory, UserFactory
 from embargo.test_utils import restrict_course
 
 
@@ -353,11 +353,15 @@ class EnrollmentTest(EnrollmentTestMixin, ModuleStoreTestCase, APITestCase):
         self.client.login(username=self.OTHER_USERNAME, password=self.PASSWORD)
         self._assert_enrollments_visible_in_list([])
         # Create a staff user for self.course (but nor for other_course) and log her in.
-        staff_user = UserFactory.create(username='staff', email='staff@example.com', password=self.PASSWORD,)
+        staff_user = UserFactory.create(username='staff', email='staff@example.com', password=self.PASSWORD)
         CourseStaffRole(self.course.id).add_users(staff_user)
         self.client.login(username='staff', password=self.PASSWORD)
         # Verify that she can see only the enrollment in the course she has staff privileges for.
         self._assert_enrollments_visible_in_list([self.course])
+        # Create a global staff user, and verify she can see all enrollments.
+        AdminFactory(username='global_staff', email='global_staff@example.com', password=self.PASSWORD)
+        self.client.login(username='global_staff', password=self.PASSWORD)
+        self._assert_enrollments_visible_in_list([self.course, other_course])
         # Verify the server can see all enrollments.
         self.client.logout()
         self._assert_enrollments_visible_in_list([self.course, other_course], use_server_key=True)
diff --git a/common/djangoapps/enrollment/views.py b/common/djangoapps/enrollment/views.py
index c83b28135d..99b64fffac 100644
--- a/common/djangoapps/enrollment/views.py
+++ b/common/djangoapps/enrollment/views.py
@@ -32,7 +32,7 @@ from enrollment.errors import (
 )
 from student.auth import user_has_role
 from student.models import User
-from student.roles import CourseStaffRole
+from student.roles import CourseStaffRole, GlobalStaff
 
 
 log = logging.getLogger(__name__)
@@ -472,7 +472,8 @@ class EnrollmentListView(APIView, ApiKeyPermissionMixIn):
                     ).format(username=username)
                 }
             )
-        if username == request.user.username or self.has_api_key_permissions(request):
+        if username == request.user.username or GlobalStaff().has_user(request.user) or \
+                self.has_api_key_permissions(request):
             return Response(enrollment_data)
         filtered_data = []
         for enrollment in enrollment_data: