From 8cbe263ca06d609991bfa1fcc53e5de45c936719 Mon Sep 17 00:00:00 2001 From: Carson Gee Date: Mon, 3 Feb 2014 14:30:09 -0500 Subject: [PATCH] Rename of feature AUTH_USE_MIT_CERTIFICATES to AUTH_USE_CERTIFICATES across platform. Caution! This is backwards incompatible --- cms/djangoapps/contentstore/views/public.py | 4 ++-- cms/envs/common.py | 2 +- cms/envs/dev_ike.py | 2 +- common/djangoapps/external_auth/tests/test_ssl.py | 13 ++++++++----- common/djangoapps/external_auth/views.py | 8 ++++---- common/djangoapps/student/views.py | 6 +++--- lms/djangoapps/branding/views.py | 2 +- .../commands/tests/test_git_add_course.py | 2 +- lms/djangoapps/dashboard/sysadmin.py | 4 ++-- lms/djangoapps/dashboard/tests/test_sysadmin.py | 2 +- lms/envs/cms/dev.py | 2 +- lms/envs/common.py | 2 +- lms/envs/dev.py | 2 +- 13 files changed, 27 insertions(+), 24 deletions(-) diff --git a/cms/djangoapps/contentstore/views/public.py b/cms/djangoapps/contentstore/views/public.py index 6e404eb0da..ef02445430 100644 --- a/cms/djangoapps/contentstore/views/public.py +++ b/cms/djangoapps/contentstore/views/public.py @@ -23,7 +23,7 @@ def signup(request): csrf_token = csrf(request)['csrf_token'] if request.user.is_authenticated(): return redirect('/course') - if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'): + if settings.FEATURES.get('AUTH_USE_CERTIFICATES_IMMEDIATE_SIGNUP'): # Redirect to course to login to process their certificate if SSL is enabled # and registration is disabled. return redirect(reverse('login')) @@ -38,7 +38,7 @@ def login_page(request): Display the login form. """ csrf_token = csrf(request)['csrf_token'] - if (settings.FEATURES['AUTH_USE_MIT_CERTIFICATES'] and + if (settings.FEATURES['AUTH_USE_CERTIFICATES'] and ssl_get_cert_from_request(request)): # SSL login doesn't require a login view, so redirect # to course now that the user is authenticated via diff --git a/cms/envs/common.py b/cms/envs/common.py index 4abea6ce13..ddd2270d86 100644 --- a/cms/envs/common.py +++ b/cms/envs/common.py @@ -43,7 +43,7 @@ FEATURES = { 'ENABLE_DISCUSSION_SERVICE': False, - 'AUTH_USE_MIT_CERTIFICATES': False, + 'AUTH_USE_CERTIFICATES': False, # email address for studio staff (eg to request course creation) 'STUDIO_REQUEST_EMAIL': '', diff --git a/cms/envs/dev_ike.py b/cms/envs/dev_ike.py index 95ae33e328..108a36510a 100644 --- a/cms/envs/dev_ike.py +++ b/cms/envs/dev_ike.py @@ -9,7 +9,7 @@ from .common import * from .dev import * -FEATURES['AUTH_USE_MIT_CERTIFICATES'] = True +FEATURES['AUTH_USE_CERTIFICATES'] = True FEATURES['USE_DJANGO_PIPELINE'] = False # don't recompile scss diff --git a/common/djangoapps/external_auth/tests/test_ssl.py b/common/djangoapps/external_auth/tests/test_ssl.py index 43a5b2b150..33422aad76 100644 --- a/common/djangoapps/external_auth/tests/test_ssl.py +++ b/common/djangoapps/external_auth/tests/test_ssl.py @@ -21,13 +21,14 @@ from edxmako.middleware import MakoMiddleware from external_auth.models import ExternalAuthMap import external_auth.views from student.tests.factories import UserFactory +from xmodule.modulestore.exceptions import InsufficientSpecificationError FEATURES_WITH_SSL_AUTH = settings.FEATURES.copy() -FEATURES_WITH_SSL_AUTH['AUTH_USE_MIT_CERTIFICATES'] = True +FEATURES_WITH_SSL_AUTH['AUTH_USE_CERTIFICATES'] = True FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP = FEATURES_WITH_SSL_AUTH.copy() -FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP['AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'] = True +FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP['AUTH_USE_CERTIFICATES_IMMEDIATE_SIGNUP'] = True FEATURES_WITHOUT_SSL_AUTH = settings.FEATURES.copy() -FEATURES_WITHOUT_SSL_AUTH['AUTH_USE_MIT_CERTIFICATES'] = False +FEATURES_WITHOUT_SSL_AUTH['AUTH_USE_CERTIFICATES'] = False @override_settings(FEATURES=FEATURES_WITH_SSL_AUTH) @@ -192,7 +193,8 @@ class SSLClientTest(TestCase): the user doesn't get presented with the registration page. """ # Expect a NotImplementError from course page as we don't have anything else built - with self.assertRaisesRegexp(NotImplementedError, 'coming soon'): + with self.assertRaisesRegexp(InsufficientSpecificationError, + 'Must provide one of url, version_guid, package_id'): self.client.get( reverse('signup'), follow=True, SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL)) @@ -200,7 +202,8 @@ class SSLClientTest(TestCase): self.assertIn('_auth_user_id', self.client.session) # Now that we are logged in, make sure we don't see the registration page - with self.assertRaisesRegexp(NotImplementedError, 'coming soon'): + with self.assertRaisesRegexp(InsufficientSpecificationError, + 'Must provide one of url, version_guid, package_id'): self.client.get(reverse('signup'), follow=True) @unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms') diff --git a/common/djangoapps/external_auth/views.py b/common/djangoapps/external_auth/views.py index ac645bc3ed..cfb655f4b2 100644 --- a/common/djangoapps/external_auth/views.py +++ b/common/djangoapps/external_auth/views.py @@ -253,7 +253,7 @@ def _signup(request, eamap, retfun=None): # save this for use by student.views.create_account request.session['ExternalAuthMap'] = eamap - if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP', ''): + if settings.FEATURES.get('AUTH_USE_CERTIFICATES_IMMEDIATE_SIGNUP', ''): # do signin immediately, by calling create_account, instead of asking # student to fill in form. MIT students already have information filed. username = eamap.external_email.split('@', 1)[0] @@ -362,7 +362,7 @@ def ssl_login_shortcut(fn): call. """ - if not settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']: + if not settings.FEATURES['AUTH_USE_CERTIFICATES']: return fn(*args, **kwargs) request = args[0] @@ -394,7 +394,7 @@ def ssl_login_shortcut(fn): def ssl_login(request): """ This is called by branding.views.index when - FEATURES['AUTH_USE_MIT_CERTIFICATES'] = True + FEATURES['AUTH_USE_CERTIFICATES'] = True Used for MIT user authentication. This presumes the web server (nginx) has been configured to require specific client @@ -408,7 +408,7 @@ def ssl_login(request): Else continues on with student.views.index, and no authentication. """ # Just to make sure we're calling this only at MIT: - if not settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']: + if not settings.FEATURES['AUTH_USE_CERTIFICATES']: return HttpResponseForbidden() cert = ssl_get_cert_from_request(request) diff --git a/common/djangoapps/student/views.py b/common/djangoapps/student/views.py index 147c587746..f66106f39f 100644 --- a/common/djangoapps/student/views.py +++ b/common/djangoapps/student/views.py @@ -330,7 +330,7 @@ def signin_user(request): """ This view will display the non-modal login form """ - if (settings.FEATURES['AUTH_USE_MIT_CERTIFICATES'] and + if (settings.FEATURES['AUTH_USE_CERTIFICATES'] and external_auth.views.ssl_get_cert_from_request(request)): # SSL login doesn't require a view, so redirect # branding and allow that to process the login if it @@ -357,7 +357,7 @@ def register_user(request, extra_context=None): """ if request.user.is_authenticated(): return redirect(reverse('dashboard')) - if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'): + if settings.FEATURES.get('AUTH_USE_CERTIFICATES_IMMEDIATE_SIGNUP'): # Redirect to branding to process their certificate if SSL is enabled # and registration is disabled. return redirect(reverse('root')) @@ -645,7 +645,7 @@ def accounts_login(request): """ if settings.FEATURES.get('AUTH_USE_CAS'): return redirect(reverse('cas-login')) - if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']: + if settings.FEATURES['AUTH_USE_CERTIFICATES']: # SSL login doesn't require a view, so redirect # to branding and allow that to process the login. return redirect(reverse('root')) diff --git a/lms/djangoapps/branding/views.py b/lms/djangoapps/branding/views.py index fdbacdec53..be2c975087 100644 --- a/lms/djangoapps/branding/views.py +++ b/lms/djangoapps/branding/views.py @@ -23,7 +23,7 @@ def index(request): if settings.COURSEWARE_ENABLED and request.user.is_authenticated(): return redirect(reverse('dashboard')) - if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES'): + if settings.FEATURES.get('AUTH_USE_CERTIFICATES'): from external_auth.views import ssl_login return ssl_login(request) diff --git a/lms/djangoapps/dashboard/management/commands/tests/test_git_add_course.py b/lms/djangoapps/dashboard/management/commands/tests/test_git_add_course.py index d231b0173d..fd7c81dd56 100644 --- a/lms/djangoapps/dashboard/management/commands/tests/test_git_add_course.py +++ b/lms/djangoapps/dashboard/management/commands/tests/test_git_add_course.py @@ -26,7 +26,7 @@ TEST_MONGODB_LOG = { } FEATURES_WITH_SSL_AUTH = settings.FEATURES.copy() -FEATURES_WITH_SSL_AUTH['AUTH_USE_MIT_CERTIFICATES'] = True +FEATURES_WITH_SSL_AUTH['AUTH_USE_CERTIFICATES'] = True @override_settings(MODULESTORE=TEST_DATA_MONGO_MODULESTORE) diff --git a/lms/djangoapps/dashboard/sysadmin.py b/lms/djangoapps/dashboard/sysadmin.py index 87823947a9..9ee70973d6 100644 --- a/lms/djangoapps/dashboard/sysadmin.py +++ b/lms/djangoapps/dashboard/sysadmin.py @@ -160,7 +160,7 @@ class Users(SysadminDashboardView): email_domain = getattr(settings, 'SSL_AUTH_EMAIL_DOMAIN', 'MIT.EDU') msg = u'' - if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']: + if settings.FEATURES['AUTH_USE_CERTIFICATES']: if not '@' in uname: email = '{0}@{1}'.format(uname, email_domain) else: @@ -202,7 +202,7 @@ class Users(SysadminDashboardView): profile.name = name profile.save() - if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']: + if settings.FEATURES['AUTH_USE_CERTIFICATES']: credential_string = getattr(settings, 'SSL_AUTH_DN_FORMAT_STRING', '/C=US/ST=Massachusetts/O=Massachusetts Institute of Technology/OU=Client CA v1/CN={0}/emailAddress={1}') credentials = credential_string.format(name, email) diff --git a/lms/djangoapps/dashboard/tests/test_sysadmin.py b/lms/djangoapps/dashboard/tests/test_sysadmin.py index c6e93edd02..fb20c4f345 100644 --- a/lms/djangoapps/dashboard/tests/test_sysadmin.py +++ b/lms/djangoapps/dashboard/tests/test_sysadmin.py @@ -37,7 +37,7 @@ TEST_MONGODB_LOG = { } FEATURES_WITH_SSL_AUTH = settings.FEATURES.copy() -FEATURES_WITH_SSL_AUTH['AUTH_USE_MIT_CERTIFICATES'] = True +FEATURES_WITH_SSL_AUTH['AUTH_USE_CERTIFICATES'] = True class SysadminBaseTestCase(ModuleStoreTestCase): diff --git a/lms/envs/cms/dev.py b/lms/envs/cms/dev.py index 6fbda95ba6..ef7ead27f2 100644 --- a/lms/envs/cms/dev.py +++ b/lms/envs/cms/dev.py @@ -8,7 +8,7 @@ Settings for the LMS that runs alongside the CMS on AWS from ..dev import * -FEATURES['AUTH_USE_MIT_CERTIFICATES'] = False +FEATURES['AUTH_USE_CERTIFICATES'] = False SUBDOMAIN_BRANDING['edge'] = 'edge' SUBDOMAIN_BRANDING['preview.edge'] = 'edge' diff --git a/lms/envs/common.py b/lms/envs/common.py index 543a47737b..b5a1af3d27 100644 --- a/lms/envs/common.py +++ b/lms/envs/common.py @@ -97,7 +97,7 @@ FEATURES = { # extrernal access methods 'ACCESS_REQUIRE_STAFF_FOR_COURSE': False, 'AUTH_USE_OPENID': False, - 'AUTH_USE_MIT_CERTIFICATES': False, + 'AUTH_USE_CERTIFICATES': False, 'AUTH_USE_OPENID_PROVIDER': False, # Even though external_auth is in common, shib assumes the LMS views / urls, so it should only be enabled # in LMS diff --git a/lms/envs/dev.py b/lms/envs/dev.py index fc486726bf..40013ee42e 100644 --- a/lms/envs/dev.py +++ b/lms/envs/dev.py @@ -202,7 +202,7 @@ OPENID_PROVIDER_TRUSTED_ROOTS = ['*'] ######################## MIT Certificates SSL Auth ############################ -FEATURES['AUTH_USE_MIT_CERTIFICATES'] = False +FEATURES['AUTH_USE_CERTIFICATES'] = False ################################# CELERY ######################################