From 00d7760dc64b955597ed6aa90f70ec604754653c Mon Sep 17 00:00:00 2001 From: polesye Date: Tue, 10 Jun 2014 14:45:48 +0300 Subject: [PATCH 1/7] Add redirect. --- lms/static/js/ajax-error.js | 6 ++++++ lms/templates/courseware/courseware.html | 2 ++ 2 files changed, 8 insertions(+) create mode 100644 lms/static/js/ajax-error.js diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js new file mode 100644 index 0000000000..b3a651c0dd --- /dev/null +++ b/lms/static/js/ajax-error.js @@ -0,0 +1,6 @@ +$(document).ajaxError(function (event, jXHR) { + if (jXHR.status === 403) { + alert(gettext('You\'re logged out. Redirecting on login page.')); + window.location = '/accounts/login'; + } +}); diff --git a/lms/templates/courseware/courseware.html b/lms/templates/courseware/courseware.html index 4446b4ec7a..ee7975213c 100644 --- a/lms/templates/courseware/courseware.html +++ b/lms/templates/courseware/courseware.html @@ -49,6 +49,8 @@ ${page_title_breadcrumbs(course_name())} ## codemirror + + <%static:js group='courseware'/> <%static:js group='discussion'/> From 11c2bb19af0b20c83ffa97f0ce8ec7aa7b6132f0 Mon Sep 17 00:00:00 2001 From: polesye Date: Tue, 10 Jun 2014 15:09:08 +0300 Subject: [PATCH 2/7] Add url redirect to. --- lms/static/js/ajax-error.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js index b3a651c0dd..159ed28e20 100644 --- a/lms/static/js/ajax-error.js +++ b/lms/static/js/ajax-error.js @@ -1,6 +1,6 @@ $(document).ajaxError(function (event, jXHR) { if (jXHR.status === 403) { alert(gettext('You\'re logged out. Redirecting on login page.')); - window.location = '/accounts/login'; + window.location.href = '/accounts/login?next=' + window.location.href; } }); From 2c27c424f981206138c5319b9d34358c404b4c75 Mon Sep 17 00:00:00 2001 From: polesye Date: Tue, 10 Jun 2014 15:16:40 +0300 Subject: [PATCH 3/7] Update error code. --- lms/djangoapps/courseware/module_render.py | 5 ++--- lms/static/js/ajax-error.js | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/lms/djangoapps/courseware/module_render.py b/lms/djangoapps/courseware/module_render.py index 5c2db2b68b..880cf5d3e9 100644 --- a/lms/djangoapps/courseware/module_render.py +++ b/lms/djangoapps/courseware/module_render.py @@ -12,7 +12,6 @@ from opaque_keys import InvalidKeyError from django.conf import settings from django.contrib.auth.models import User from django.core.cache import cache -from django.core.exceptions import PermissionDenied from django.core.urlresolvers import reverse from django.http import Http404, HttpResponse from django.views.decorators.csrf import csrf_exempt @@ -629,13 +628,13 @@ def handle_xblock_callback(request, course_id, usage_id, handler, suffix=None): - location -- the module location. Used to look up the XModule instance - course_id -- defines the course context for this request. - Raises PermissionDenied if the user is not logged in. Raises Http404 if + Return 401 error if the user is not logged in. Raises Http404 if the location and course_id do not identify a valid module, the module is not accessible by the user, or the module raises NotFoundError. If the module raises any other error, it will escape this function. """ if not request.user.is_authenticated(): - raise PermissionDenied + return HttpResponse('Unauthorized', status=401) return _invoke_xblock_handler(request, course_id, usage_id, handler, suffix, request.user) diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js index 159ed28e20..9a1386b3f3 100644 --- a/lms/static/js/ajax-error.js +++ b/lms/static/js/ajax-error.js @@ -1,5 +1,5 @@ $(document).ajaxError(function (event, jXHR) { - if (jXHR.status === 403) { + if (jXHR.status === 401) { alert(gettext('You\'re logged out. Redirecting on login page.')); window.location.href = '/accounts/login?next=' + window.location.href; } From 2629b48de8de6139731b61af4e39de88027adfd0 Mon Sep 17 00:00:00 2001 From: polesye Date: Tue, 10 Jun 2014 17:30:49 +0300 Subject: [PATCH 4/7] Fix unit test. --- lms/djangoapps/courseware/tests/test_module_render.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lms/djangoapps/courseware/tests/test_module_render.py b/lms/djangoapps/courseware/tests/test_module_render.py index c9770ff691..4c549ea63b 100644 --- a/lms/djangoapps/courseware/tests/test_module_render.py +++ b/lms/djangoapps/courseware/tests/test_module_render.py @@ -159,7 +159,7 @@ class ModuleRenderTestCase(ModuleStoreTestCase, LoginEnrollmentTestCase): ] ) response = self.client.post(dispatch_url, {'position': 2}) - self.assertEquals(403, response.status_code) + self.assertEquals(401, response.status_code) @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE) From 2d8e1226c8741f043844d0cc821e0578ad14c20b Mon Sep 17 00:00:00 2001 From: polesye Date: Wed, 11 Jun 2014 10:38:14 +0300 Subject: [PATCH 5/7] Move js import into courseware js group. --- lms/envs/common.py | 1 + lms/static/js/ajax-error.js | 2 +- lms/templates/courseware/courseware.html | 2 -- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/lms/envs/common.py b/lms/envs/common.py index 250634269e..0f626775fd 100644 --- a/lms/envs/common.py +++ b/lms/envs/common.py @@ -830,6 +830,7 @@ courseware_js = ( 'coffee/src/' + pth + '.js' for pth in ['courseware', 'histogram', 'navigation', 'time'] ] + + ['js/' + pth + '.js' for pth in ['ajax-error']] + sorted(rooted_glob(PROJECT_ROOT / 'static', 'coffee/src/modules/**/*.js')) ) diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js index 9a1386b3f3..e1d0b48f86 100644 --- a/lms/static/js/ajax-error.js +++ b/lms/static/js/ajax-error.js @@ -1,6 +1,6 @@ $(document).ajaxError(function (event, jXHR) { if (jXHR.status === 401) { - alert(gettext('You\'re logged out. Redirecting on login page.')); + alert(gettext("You're logged out. Redirecting on login page.")); window.location.href = '/accounts/login?next=' + window.location.href; } }); diff --git a/lms/templates/courseware/courseware.html b/lms/templates/courseware/courseware.html index ee7975213c..4446b4ec7a 100644 --- a/lms/templates/courseware/courseware.html +++ b/lms/templates/courseware/courseware.html @@ -49,8 +49,6 @@ ${page_title_breadcrumbs(course_name())} ## codemirror - - <%static:js group='courseware'/> <%static:js group='discussion'/> From a52b25779d9394219ce12655a9474ca311c677e6 Mon Sep 17 00:00:00 2001 From: polesye Date: Mon, 23 Jun 2014 18:24:53 +0300 Subject: [PATCH 6/7] Use confirm dialogue. --- lms/djangoapps/courseware/module_render.py | 4 ++-- lms/static/js/ajax-error.js | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/lms/djangoapps/courseware/module_render.py b/lms/djangoapps/courseware/module_render.py index 880cf5d3e9..e3a7bcd8c2 100644 --- a/lms/djangoapps/courseware/module_render.py +++ b/lms/djangoapps/courseware/module_render.py @@ -628,13 +628,13 @@ def handle_xblock_callback(request, course_id, usage_id, handler, suffix=None): - location -- the module location. Used to look up the XModule instance - course_id -- defines the course context for this request. - Return 401 error if the user is not logged in. Raises Http404 if + Return 403 error if the user is not logged in. Raises Http404 if the location and course_id do not identify a valid module, the module is not accessible by the user, or the module raises NotFoundError. If the module raises any other error, it will escape this function. """ if not request.user.is_authenticated(): - return HttpResponse('Unauthorized', status=401) + return HttpResponse('Unauthenticated', status=403) return _invoke_xblock_handler(request, course_id, usage_id, handler, suffix, request.user) diff --git a/lms/static/js/ajax-error.js b/lms/static/js/ajax-error.js index e1d0b48f86..3e7202a156 100644 --- a/lms/static/js/ajax-error.js +++ b/lms/static/js/ajax-error.js @@ -1,6 +1,15 @@ $(document).ajaxError(function (event, jXHR) { - if (jXHR.status === 401) { - alert(gettext("You're logged out. Redirecting on login page.")); - window.location.href = '/accounts/login?next=' + window.location.href; + if (jXHR.status === 403 && jXHR.responseText === 'Unauthenticated') { + var message = gettext( + 'You have been logged out of your edX account. '+ + 'Click Okay to log in again now. '+ + 'Click Cancel to stay on this page '+ + '(you must log in again to save your work).' + ); + + if (window.confirm(message)) { + var currentLocation = window.location.href; + window.location.href = '/accounts/login?next=' + currentLocation; + }; } }); From 584da69bee344f27be4e4bd6165937ef88194e2c Mon Sep 17 00:00:00 2001 From: polesye Date: Tue, 24 Jun 2014 14:26:02 +0300 Subject: [PATCH 7/7] Fix unit test. --- lms/djangoapps/courseware/tests/test_module_render.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lms/djangoapps/courseware/tests/test_module_render.py b/lms/djangoapps/courseware/tests/test_module_render.py index 4c549ea63b..8933a83e7e 100644 --- a/lms/djangoapps/courseware/tests/test_module_render.py +++ b/lms/djangoapps/courseware/tests/test_module_render.py @@ -159,7 +159,8 @@ class ModuleRenderTestCase(ModuleStoreTestCase, LoginEnrollmentTestCase): ] ) response = self.client.post(dispatch_url, {'position': 2}) - self.assertEquals(401, response.status_code) + self.assertEquals(403, response.status_code) + self.assertEquals('Unauthenticated', response.content) @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)