diff --git a/common/djangoapps/util/date_utils.py b/common/djangoapps/util/date_utils.py index 11ca25d087..fde0bfee2c 100644 --- a/common/djangoapps/util/date_utils.py +++ b/common/djangoapps/util/date_utils.py @@ -2,7 +2,7 @@ Convenience methods for working with datetime objects """ -from datetime import timedelta +from datetime import datetime, timedelta import re from pytz import timezone, UTC, UnknownTimeZoneError @@ -73,6 +73,27 @@ def almost_same_datetime(dt1, dt2, allowed_delta=timedelta(minutes=1)): return abs(dt1 - dt2) < allowed_delta +def to_timestamp(datetime_value): + """ + Convert a datetime into a timestamp, represented as the number + of seconds since January 1, 1970 UTC. + """ + return int((datetime_value - datetime(1970, 1, 1, tzinfo=UTC)).total_seconds()) + + +def from_timestamp(timestamp): + """ + Convert a timestamp (number of seconds since Jan 1, 1970 UTC) + into a timezone-aware datetime. + + If the timestamp cannot be converted, returns None instead. + """ + try: + return datetime.utcfromtimestamp(timestamp).replace(tzinfo=UTC) + except (ValueError, TypeError): + return None + + DEFAULT_SHORT_DATE_FORMAT = "%b %d, %Y" DEFAULT_LONG_DATE_FORMAT = "%A, %B %d, %Y" DEFAULT_TIME_FORMAT = "%I:%M:%S %p" diff --git a/openedx/core/djangoapps/credit/api.py b/openedx/core/djangoapps/credit/api.py index ebec6b977d..d678c1d91a 100644 --- a/openedx/core/djangoapps/credit/api.py +++ b/openedx/core/djangoapps/credit/api.py @@ -4,9 +4,13 @@ Contains the APIs for course credit requirements. import logging import uuid +import datetime + +import pytz from django.db import transaction +from util.date_utils import to_timestamp from opaque_keys import InvalidKeyError from opaque_keys.edx.keys import CourseKey @@ -191,7 +195,7 @@ def create_credit_request(course_key, provider_id, username): "method": "POST", "parameters": { "request_uuid": "557168d0f7664fe59097106c67c3f847", - "timestamp": "2015-05-04T20:57:57.987119+00:00", + "timestamp": 1434631630, "course_org": "HogwartsX", "course_num": "Potions101", "course_run": "1T2015", @@ -285,7 +289,7 @@ def create_credit_request(course_key, provider_id, username): parameters = { "request_uuid": credit_request.uuid, - "timestamp": credit_request.timestamp.isoformat(), + "timestamp": to_timestamp(datetime.datetime.now(pytz.UTC)), "course_org": course_key.org, "course_num": course_key.course, "course_run": course_key.run, @@ -391,7 +395,7 @@ def get_credit_requests_for_user(username): [ { "uuid": "557168d0f7664fe59097106c67c3f847", - "timestamp": "2015-05-04T20:57:57.987119+00:00", + "timestamp": 1434631630, "course_key": "course-v1:HogwartsX+Potions101+1T2015", "provider": { "id": "HogwartsX", diff --git a/openedx/core/djangoapps/credit/migrations/0008_delete_credit_provider_timestamp.py b/openedx/core/djangoapps/credit/migrations/0008_delete_credit_provider_timestamp.py new file mode 100644 index 0000000000..6fa6b68501 --- /dev/null +++ b/openedx/core/djangoapps/credit/migrations/0008_delete_credit_provider_timestamp.py @@ -0,0 +1,145 @@ +# -*- coding: utf-8 -*- +from south.utils import datetime_utils as datetime +from south.db import db +from south.v2 import SchemaMigration +from django.db import models + + +class Migration(SchemaMigration): + + def forwards(self, orm): + # Deleting field 'CreditRequest.timestamp' + db.delete_column('credit_creditrequest', 'timestamp') + + # Deleting field 'HistoricalCreditRequest.timestamp' + db.delete_column('credit_historicalcreditrequest', 'timestamp') + + def backwards(self, orm): + # Adding field 'CreditRequest.timestamp' + db.add_column('credit_creditrequest', 'timestamp', + self.gf('django.db.models.fields.DateTimeField')(auto_now_add=True, default=datetime.datetime.utcnow(), blank=True), + keep_default=False) + + # Adding field 'HistoricalCreditRequest.timestamp' + db.add_column('credit_historicalcreditrequest', 'timestamp', + self.gf('django.db.models.fields.DateTimeField')(default=datetime.datetime.utcnow(), blank=True), + keep_default=False) + + models = { + 'auth.group': { + 'Meta': {'object_name': 'Group'}, + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}), + 'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}) + }, + 'auth.permission': { + 'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'}, + 'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '50'}) + }, + 'auth.user': { + 'Meta': {'object_name': 'User'}, + 'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}), + 'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}), + 'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}), + 'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}), + 'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}), + 'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'}) + }, + 'contenttypes.contenttype': { + 'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"}, + 'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '100'}) + }, + 'credit.creditcourse': { + 'Meta': {'object_name': 'CreditCourse'}, + 'course_key': ('xmodule_django.models.CourseKeyField', [], {'unique': 'True', 'max_length': '255', 'db_index': 'True'}), + 'enabled': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'providers': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['credit.CreditProvider']", 'symmetrical': 'False'}) + }, + 'credit.crediteligibility': { + 'Meta': {'unique_together': "(('username', 'course'),)", 'object_name': 'CreditEligibility'}, + 'course': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'eligibilities'", 'to': "orm['credit.CreditCourse']"}), + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'provider': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'eligibilities'", 'to': "orm['credit.CreditProvider']"}), + 'username': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}) + }, + 'credit.creditprovider': { + 'Meta': {'object_name': 'CreditProvider'}, + 'active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + 'display_name': ('django.db.models.fields.CharField', [], {'max_length': '255'}), + 'eligibility_duration': ('django.db.models.fields.PositiveIntegerField', [], {'default': '31556970'}), + 'enable_integration': ('django.db.models.fields.BooleanField', [], {'default': 'False'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'provider_id': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'}), + 'provider_url': ('django.db.models.fields.URLField', [], {'default': "''", 'max_length': '200'}) + }, + 'credit.creditrequest': { + 'Meta': {'unique_together': "(('username', 'course', 'provider'),)", 'object_name': 'CreditRequest'}, + 'course': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'credit_requests'", 'to': "orm['credit.CreditCourse']"}), + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'parameters': ('jsonfield.fields.JSONField', [], {}), + 'provider': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'credit_requests'", 'to': "orm['credit.CreditProvider']"}), + 'status': ('django.db.models.fields.CharField', [], {'default': "'pending'", 'max_length': '255'}), + 'username': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}), + 'uuid': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '32', 'db_index': 'True'}) + }, + 'credit.creditrequirement': { + 'Meta': {'unique_together': "(('namespace', 'name', 'course'),)", 'object_name': 'CreditRequirement'}, + 'active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}), + 'course': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'credit_requirements'", 'to': "orm['credit.CreditCourse']"}), + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + 'criteria': ('jsonfield.fields.JSONField', [], {}), + 'display_name': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'name': ('django.db.models.fields.CharField', [], {'max_length': '255'}), + 'namespace': ('django.db.models.fields.CharField', [], {'max_length': '255'}) + }, + 'credit.creditrequirementstatus': { + 'Meta': {'object_name': 'CreditRequirementStatus'}, + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + 'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'reason': ('jsonfield.fields.JSONField', [], {'default': '{}'}), + 'requirement': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "'statuses'", 'to': "orm['credit.CreditRequirement']"}), + 'status': ('django.db.models.fields.CharField', [], {'max_length': '32'}), + 'username': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}) + }, + 'credit.historicalcreditrequest': { + 'Meta': {'ordering': "(u'-history_date', u'-history_id')", 'object_name': 'HistoricalCreditRequest'}, + 'course': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "u'+'", 'null': 'True', 'on_delete': 'models.DO_NOTHING', 'to': "orm['credit.CreditCourse']"}), + 'created': ('model_utils.fields.AutoCreatedField', [], {'default': 'datetime.datetime.now'}), + u'history_date': ('django.db.models.fields.DateTimeField', [], {}), + u'history_id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}), + u'history_type': ('django.db.models.fields.CharField', [], {'max_length': '1'}), + u'history_user': ('django.db.models.fields.related.ForeignKey', [], {'related_name': "u'+'", 'null': 'True', 'on_delete': 'models.SET_NULL', 'to': "orm['auth.User']"}), + 'id': ('django.db.models.fields.IntegerField', [], {'db_index': 'True', 'blank': 'True'}), + 'modified': ('model_utils.fields.AutoLastModifiedField', [], {'default': 'datetime.datetime.now'}), + 'parameters': ('jsonfield.fields.JSONField', [], {}), + 'provider': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "u'+'", 'null': 'True', 'on_delete': 'models.DO_NOTHING', 'to': "orm['credit.CreditProvider']"}), + 'status': ('django.db.models.fields.CharField', [], {'default': "'pending'", 'max_length': '255'}), + 'username': ('django.db.models.fields.CharField', [], {'max_length': '255', 'db_index': 'True'}), + 'uuid': ('django.db.models.fields.CharField', [], {'max_length': '32', 'db_index': 'True'}) + } + } + + complete_apps = ['credit'] diff --git a/openedx/core/djangoapps/credit/models.py b/openedx/core/djangoapps/credit/models.py index 2e273be16f..9187be4b01 100644 --- a/openedx/core/djangoapps/credit/models.py +++ b/openedx/core/djangoapps/credit/models.py @@ -13,7 +13,6 @@ from django.db import transaction from django.core.validators import RegexValidator from simple_history.models import HistoricalRecords - from jsonfield.fields import JSONField from model_utils.models import TimeStampedModel from xmodule_django.models import CourseKeyField @@ -343,7 +342,6 @@ class CreditRequest(TimeStampedModel): username = models.CharField(max_length=255, db_index=True) course = models.ForeignKey(CreditCourse, related_name="credit_requests") provider = models.ForeignKey(CreditProvider, related_name="credit_requests") - timestamp = models.DateTimeField(auto_now_add=True) parameters = JSONField() REQUEST_STATUS_PENDING = "pending" @@ -378,7 +376,7 @@ class CreditRequest(TimeStampedModel): [ { "uuid": "557168d0f7664fe59097106c67c3f847", - "timestamp": "2015-05-04T20:57:57.987119+00:00", + "timestamp": 1434631630, "course_key": "course-v1:HogwartsX+Potions101+1T2015", "provider": { "id": "HogwartsX", @@ -393,7 +391,7 @@ class CreditRequest(TimeStampedModel): return [ { "uuid": request.uuid, - "timestamp": request.modified, + "timestamp": request.parameters.get("timestamp"), "course_key": request.course.course_key, "provider": { "id": request.provider.provider_id, diff --git a/openedx/core/djangoapps/credit/tests/test_api.py b/openedx/core/djangoapps/credit/tests/test_api.py index 2a8da65ab3..91a902a3f2 100644 --- a/openedx/core/djangoapps/credit/tests/test_api.py +++ b/openedx/core/djangoapps/credit/tests/test_api.py @@ -5,7 +5,6 @@ Tests for the API functions in the credit app. import datetime import ddt import pytz -import dateutil.parser as date_parser from django.test import TestCase from django.test.utils import override_settings from django.db import connection, transaction @@ -13,6 +12,7 @@ from django.db import connection, transaction from opaque_keys.edx.keys import CourseKey from student.tests.factories import UserFactory +from util.date_utils import from_timestamp from openedx.core.djangoapps.credit import api from openedx.core.djangoapps.credit.exceptions import ( InvalidCreditRequirements, @@ -340,7 +340,7 @@ class CreditProviderIntegrationApiTests(CreditApiTestBase): # Validate the timestamp self.assertIn('timestamp', parameters) - parsed_date = date_parser.parse(parameters['timestamp']) + parsed_date = from_timestamp(parameters['timestamp']) self.assertTrue(parsed_date < datetime.datetime.now(pytz.UTC)) # Validate course information diff --git a/openedx/core/djangoapps/credit/tests/test_views.py b/openedx/core/djangoapps/credit/tests/test_views.py index 558b7a2a0b..ec7a8ba67c 100644 --- a/openedx/core/djangoapps/credit/tests/test_views.py +++ b/openedx/core/djangoapps/credit/tests/test_views.py @@ -15,6 +15,7 @@ from django.conf import settings from student.tests.factories import UserFactory from util.testing import UrlResetMixin +from util.date_utils import to_timestamp from opaque_keys.edx.keys import CourseKey from openedx.core.djangoapps.credit import api from openedx.core.djangoapps.credit.signature import signature @@ -186,8 +187,8 @@ class CreditProviderViewTests(UrlResetMixin, TestCase): # Simulate a callback from the credit provider with a timestamp too far in the past # (slightly more than 15 minutes) # Since the message isn't timely, respond with a 403. - timestamp = datetime.datetime.now(pytz.UTC) - datetime.timedelta(0, 60 * 15 + 1) - response = self._credit_provider_callback(request_uuid, "approved", timestamp=timestamp.isoformat()) + timestamp = to_timestamp(datetime.datetime.now(pytz.UTC) - datetime.timedelta(0, 60 * 15 + 1)) + response = self._credit_provider_callback(request_uuid, "approved", timestamp=timestamp) self.assertEqual(response.status_code, 403) def test_credit_provider_callback_is_idempotent(self): @@ -311,7 +312,7 @@ class CreditProviderViewTests(UrlResetMixin, TestCase): """ provider_id = kwargs.get("provider_id", self.PROVIDER_ID) secret_key = kwargs.get("secret_key", TEST_CREDIT_PROVIDER_SECRET_KEY) - timestamp = kwargs.get("timestamp", datetime.datetime.now(pytz.UTC).isoformat()) + timestamp = kwargs.get("timestamp", to_timestamp(datetime.datetime.now(pytz.UTC))) url = reverse("credit:provider_callback", args=[provider_id]) diff --git a/openedx/core/djangoapps/credit/views.py b/openedx/core/djangoapps/credit/views.py index de9a86d1b6..976477616d 100644 --- a/openedx/core/djangoapps/credit/views.py +++ b/openedx/core/djangoapps/credit/views.py @@ -4,8 +4,6 @@ Views for the credit Django app. import json import datetime import logging - -import dateutil import pytz from django.http import ( @@ -21,6 +19,7 @@ from opaque_keys.edx.keys import CourseKey from opaque_keys import InvalidKeyError from util.json_request import JsonResponse +from util.date_utils import from_timestamp from openedx.core.djangoapps.credit import api from openedx.core.djangoapps.credit.signature import signature, get_shared_secret_key from openedx.core.djangoapps.credit.exceptions import CreditApiBadRequest, CreditRequestNotFound @@ -57,7 +56,7 @@ def create_credit_request(request, provider_id): "method": "POST", "parameters": { request_uuid: "557168d0f7664fe59097106c67c3f847" - timestamp: "2015-05-04T20:57:57.987119+00:00" + timestamp: 1434631630, course_org: "ASUx" course_num: "DemoX" course_run: "1T2015" @@ -139,7 +138,7 @@ def credit_provider_callback(request, provider_id): { "request_uuid": "557168d0f7664fe59097106c67c3f847", "status": "approved", - "timestamp": "2015-05-04T20:57:57.987119+00:00", + "timestamp": 1434631630, "signature": "cRCNjkE4IzY+erIjRwOQCpRILgOvXx4q2qvx141BCqI=" } @@ -151,8 +150,8 @@ def credit_provider_callback(request, provider_id): * status (string): Either "approved" or "rejected". - * timestamp (string): The datetime at which the POST request was made, in ISO 8601 format. - This will always include time-zone information. + * timestamp (int): The datetime at which the POST request was made, represented + as the number of seconds since January 1, 1970 00:00:00 UTC. * signature (string): A digital signature of the request parameters, created using a secret key shared with the credit provider. @@ -253,29 +252,21 @@ def _validate_signature(parameters, provider_id): return HttpResponseForbidden("Invalid signature.") -def _validate_timestamp(timestamp_str, provider_id): +def _validate_timestamp(timestamp_value, provider_id): """ Check that the timestamp of the request is recent. Arguments: - timestamp_str (str): ISO-8601 datetime formatted string. + timestamp (int): Number of seconds since Jan. 1, 1970 UTC. provider_id (unicode): Identifier for the credit provider. Returns: HttpResponse or None """ - # If we can't parse the datetime string, reject the request. - try: - # dateutil's parser has some counter-intuitive behavior: - # for example, given an empty string or "a" it always returns the current datetime. - # It is the responsibility of the credit provider to send a valid ISO-8601 datetime - # so we can validate it; otherwise, this check might not take effect. - # (Note that the signature check ensures that the timestamp we receive hasn't - # been tampered with after being issued by the credit provider). - timestamp = dateutil.parser.parse(timestamp_str) - except ValueError: - msg = u'"{timestamp}" is not an ISO-8601 formatted datetime'.format(timestamp=timestamp_str) + timestamp = from_timestamp(timestamp_value) + if timestamp is None: + msg = u'"{timestamp}" is not a valid timestamp'.format(timestamp=timestamp_value) log.warning(msg) return HttpResponseBadRequest(msg) @@ -287,6 +278,6 @@ def _validate_timestamp(timestamp_str, provider_id): u'Timestamp %s is too far in the past (%s seconds), ' u'so we are rejecting the notification from the credit provider "%s".' ), - timestamp_str, elapsed_seconds, provider_id, + timestamp_value, elapsed_seconds, provider_id, ) return HttpResponseForbidden(u"Timestamp is too far in the past.")