respond to Cale pull request comments. Update access.py (LMS) to use the same 'check for legacy group name first' logic. Add SECRET_KEY setting to the CAS project so that auth tokens from CAS are accepted in the LMS

cms/djangoapps/auth/authz.py

@@ -20,7 +20,14 @@ STAFF_ROLE_NAME = 'staff'
 # of those two variables
 def get_course_groupname_for_role(location, role):
     loc = Location(location)
-    groupname = role  + '_' + loc.course
+    # hack: check for existence of a group name in the legacy LMS format <role>_<course>
+    # if it exists, then use that one, otherwise use a <role>_<course_id> which contains
+    # more information
+    groupname = '{0}_{1}'.format(role, loc.course)
+
+    if len(Group.objects.filter(name = groupname)) == 0:
+        groupname = '{0}_{1}'.format(role,loc.course_id)
+
     return groupname
 
 def get_users_in_course_group_by_role(location, role):

cms/envs/dev.py

@@ -97,3 +97,6 @@ CACHES = {
 
 # Make the keyedcache startup warnings go away
 CACHE_TIMEOUT = 0
+
+# Dummy secret key for dev
+SECRET_KEY = '85920908f28904ed733fe576320db18cabd7b6cd'

cms/templates/manage_users.html

@@ -27,22 +27,6 @@
   
   <div id="result"></div>
 
-<script>
-  $("#addEditorsForm").submit(function(event) {
-    event.preventDefault();
-    var $form = $(this),
-    email = $form.find('input[name="email"]').val(),
-    url = $form.attr('action');
-    $.post(url, {email:email},
-    function(data) {
-      if(data['Status'] != 'OK')
-        $("#result").empty().append(data['ErrMsg']);
-      else
-        location.reload();
-      });
-  });
-</script>
-
 </section>
 </%block>
 

lms/djangoapps/courseware/access.py

@@ -6,6 +6,7 @@ import logging
 import time
 
 from django.conf import settings
+from django.contrib.auth.models import Group
 
 from xmodule.course_module import CourseDescriptor
 from xmodule.error_module import ErrorDescriptor
@@ -306,13 +307,25 @@ def _dispatch(table, action, user, obj):
     raise ValueError("Unknown action for object type '{0}': '{1}'".format(
         type(obj), action))
 
+
+def _does_course_group_name_exist(name):
+    return len(Group.objects.filter(name = name)) > 0
+
 def _course_staff_group_name(location):
     """
     Get the name of the staff group for a location.  Right now, that's staff_COURSE.
 
     location: something that can passed to Location.
+    
+    cdodge: We're changing the name convention of the group to better epxress different runs of courses by 
+    using course_id rather than just the course number. So first check to see if the group name exists
     """
-    return 'staff_%s' % Location(location).course
+    loc = Location(location)
+    legacy_name = 'staff_%s' % loc.course
+    if _does_course_group_name_exist(legacy_name):
+        return legacy_name
+
+    return 'staff_%s' & loc.course_id
 
 
 def _course_instructor_group_name(location):
@@ -321,8 +334,16 @@ def _course_instructor_group_name(location):
     A course instructor has all staff privileges, but also can manage list of course staff (add, remove, list).
 
     location: something that can passed to Location.
+
+    cdodge: We're changing the name convention of the group to better epxress different runs of courses by 
+    using course_id rather than just the course number. So first check to see if the group name exists
     """
-    return 'instructor_%s' % Location(location).course
+    loc = Location(location)
+    legacy_name = 'instructor_%s' % loc.course
+    if _does_course_group_name_exist(legacy_name):
+        return legacy_name
+    
+    return 'instructor_%s' % loc.course_id
 
 
 def _has_global_staff_access(user):