From 92f2fbf0f857508c2dfd36c2b44961a82e56449f Mon Sep 17 00:00:00 2001
From: David Ormsbee <dave@edx.org>
Date: Wed, 7 Nov 2012 13:55:08 -0500
Subject: [PATCH] Ugly, ugly hack needed so that Pearson can test something
 today, to be replaced by a real implementation later this week or early next.

---
 common/djangoapps/student/views.py | 21 ++++++++++++++++++++-
 lms/urls.py                        |  5 +++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/common/djangoapps/student/views.py b/common/djangoapps/student/views.py
index 2b940fe982..600b0d1750 100644
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -25,7 +25,7 @@ from mitxmako.shortcuts import render_to_response, render_to_string
 from bs4 import BeautifulSoup
 from django.core.cache import cache
 
-from django_future.csrf import ensure_csrf_cookie
+from django_future.csrf import ensure_csrf_cookie, csrf_exempt
 from student.models import (Registration, UserProfile,
                             PendingNameChange, PendingEmailChange,
                             CourseEnrollment)
@@ -774,3 +774,22 @@ def accept_name_change(request):
         raise Http404
 
     return accept_name_change_by_id(int(request.POST['id']))
+
+@csrf_exempt
+def test_center_login(request):
+    if not MITX_FEATURES.get('ENABLE_PEARSON_HACK_TEST'):
+        raise Http404
+
+    client_candidate_id = request.POST.get("clientCandidateID")
+    # registration_id = request.POST.get("registrationID")
+    exit_url = request.POST.get("exitURL")
+    error_url = request.POST.get("errorURL")
+
+    if client_candidate_id == "edX003671291147":
+        authenticate(username="pearson", password="12345")
+        return redirect('/courses/MITx/6.002x/2012_Fall/courseware/Final_Exam/Final_Exam_Fall_2012/')
+    else:
+        raise Http404
+
+
+
diff --git a/lms/urls.py b/lms/urls.py
index d3c3feb398..047a828df4 100644
--- a/lms/urls.py
+++ b/lms/urls.py
@@ -26,6 +26,11 @@ urlpatterns = ('',
     url(r'^reject_name_change$', 'student.views.reject_name_change'),
     url(r'^pending_name_changes$', 'student.views.pending_name_changes'),
 
+    url(r'^testcenter/login$', 'student.views.test_center_login'),
+
+    # url(r'^testcenter/login$', 'student.test_center_views.login'),
+    # url(r'^testcenter/logout$', 'student.test_center_views.logout'),
+
     url(r'^event$', 'track.views.user_track'),
     url(r'^t/(?P<template>[^/]*)$', 'static_template_view.views.index'), # TODO: Is this used anymore? What is STATIC_GRAB?