Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
23,143 Commits 1 Branch 0 Tags
08eb8fa7c19eaff4870cd0bea6d06a80915000eb
Commit Graph

43 Commits

Author SHA1 Message Date
Carson Gee
cbf525f6cf Fix infinite redirect loop on logout caused by django caching 2014-05-09 14:22:11 -04:00
Carson Gee
5452de20d8 Modified ssl certificate authentication to handle next redirection 
Makes small changes in lms and cms both so that user's go to the
original page they intended to if they weren't already logged in
 2014-05-09 14:22:10 -04:00
Chris Dodge
fe3ebca1c5 add new feature to make sure we aren't writing PII into the application logs. So far we're aware of doing so regarding Auth use-cases 2014-02-25 00:14:19 -05:00
Carson Gee
3303fb120b Review fixes 2014-02-21 16:01:01 -05:00
Carson Gee
082f20db60 Remove SSL Certifcate auth reliance on internal password 2014-02-21 12:19:59 -05:00
Don Mitchell
b8ea7f3c43 update_item and other refactorings continued 2014-02-05 10:24:24 -05:00
Don Mitchell
c601b75675 MixedModulestore wraps most getters, update_item, delete_item 
with code to translate between addressing schemes based on app
and persistence layer addressing scheme specification.

STUD-1206
 2014-02-05 09:34:30 -05:00
Carson Gee
8cbe263ca0 Rename of feature AUTH_USE_MIT_CERTIFICATES to AUTH_USE_CERTIFICATES across platform. 
Caution! This is backwards incompatible
 2014-02-04 10:50:48 -05:00
Carson Gee
2bf6df23c8 More fully integrate and test ssl external auth in CMS 2014-02-03 14:00:40 -05:00
Dave St.Germain
636eab8b9e Added more descriptive page titles. 2014-01-30 17:32:03 -05:00
Diana Huang
6952aec870 Merge pull request #1941 from edx/diana/openid-fullname 
Return the full name of the student as part of the OpenId response.
 2013-12-13 07:32:34 -08:00
Diana Huang
68b75086f2 Clean up test conditions. 
LMS-750
 2013-12-13 09:11:00 -05:00
Diana Huang
0057f460ec Return the full name of the student as part of the OpenId response. 
LMS-750
 2013-12-12 17:33:33 -05:00
Carson Gee
cec793680d Add additional check signin to make sure an SSL certificate is passed 
before redirecting to SSL authentication.
 2013-12-12 11:26:57 -05:00
Carson Gee
50e2e833a2 Added comment as requested 2013-12-12 09:35:46 -05:00
Carson Gee
caf44c3685 Added full test coverage for ssl login decorator 
I also removed conflicting implementation of SSL_AUTH_IMMEDIATE_SIGNUP
and rebased on the current master.
 2013-12-12 09:35:46 -05:00
Carson Gee
484602ad61 Adds redirects for login pages and the registration page so that 
they go through the SSL login process in branding when that feature
is enabled.
 2013-12-10 18:06:26 -05:00
David Baumgold
f3f4af8087 settings.MITX_FEATURES => settings.FEATURES 2013-12-03 15:34:55 -05:00
Carson Gee
3ad705cd16 Removing external_auth addition to cms, and skipping test 2013-11-25 17:08:18 -05:00
Carson Gee
bf9ac26a06 Corrected CMS tests so that one is passing, added external_auth to cms apps 
Several pylint fixes and bad super call
 2013-11-25 15:30:36 -05:00
Carson Gee
96c7cb5ffd Added tests for signup skipping 2013-11-25 13:06:28 -05:00
Will Daly
2b54922285 Fix intermittent failure in OpenID test 2013-09-25 13:05:56 -04:00
Jason Bau
11ecd162d4 fix _flatten_to_ascii for str inputs 2013-09-20 11:53:09 -07:00
Jason Bau
9dac2eff90 actually flatten username suggestion to ascii 2013-09-08 20:26:21 -07:00
Jason Bau
6a850e27bb Address @brianhw review comments 
* Fix open redirect vulnerability
* Add Logging To AUDIT_LOG : Note I had to change existing tests
  that mocked AUDIT_LOG with this
* Use external_auth.views.SHIBBOLETH_DOMAIN_PREFIX in student.views
* Add a bunch of documentation
* PEP8 / Pylint
 2013-09-06 15:37:27 -07:00
Jason Bau
948c07c493 Revamped + Enhanced Shibboleth support 
* If a shib users type in their email on the regular login page,
  redirects them to /shib-login/
* Modify student.views.accounts_login to handle redirects
  generated by @login_required for courses that use shib for
  access control.
  Redirect those logins to /shib-login/?next=
 2013-09-06 15:36:22 -07:00
Will Daly
736b3e0ecd Common djangoapps no longer access courseware; other cleanup 2013-08-22 14:08:35 -04:00
Will Daly
8165a033b1 Pep8/pylint fixes 
Fixed test_masquerade failure due to not clearing the modulestore
between tests.
 2013-08-21 19:42:59 -04:00
Will Daly
48c6daacb8 Removed unnecessary settings wrangling from ModuleStoreTestCase. 
Modified navigation tests to use MixedModulestore
Updated factories to find editable modulestore

Updated test_submitting_problems

Updated test_tabs.py

Updated test_view_authentication

Updated test_views

Updated courseware/tests/tests.py

Updated test_masquerade

Updated test_module_render

Pylint fixes

Updated video and word cloud tests

Updated course wiki tests

Updated license and open_ended tests.
One open_ended test still failing due to Mako initialization issues

Updated staticbook

Updated django_comment_client tests

Updated instructor tests

Updated instructor task tests

Updated external_auth tests

Updated course_groups
 2013-08-21 09:36:45 -04:00
David Ormsbee
3ce87583ab Shift enroll/unenroll logic to CourseEnrollment model, add is_active and mode. 
Features coming down the pipe will want to be able to:
* Refer to enrollments before they are actually activated (approval step).
* See what courses a user used to be enrolled in for when they re-enroll in
  the same course, or a different run of that course.
* Have different "modes" of enrolling in a course, representing things like
  honor certificate enrollment, auditing (no certs), etc.

This change adds an is_active flag and mode (with default being "honor").
The commit is only as large as it is because many parts of the codebase were
manipulating enrollments by adding and removing CourseEnrollment objects
directly. It was necessary to create classmethods on CourseEnrollment to
encapsulate this functionality and then port everything over to using them.

The migration to add columns has been tested on a prod replica, and seems to be
fine for running on a live system with single digit millions of rows of
enrollments.
 2013-08-14 13:23:06 -04:00
Diana Huang
c867be7961 Limit the rate of logins. 2013-08-02 11:23:59 -04:00
Brian Wilson
635d36fcf9 Add audit log definition, and use for logging of logins in external_auth and student apps. Move test_login to student app. Improve conditional tests for Shibboleth login logic. (Does not include reconfiguring log settings.) 2013-07-31 13:32:21 -04:00
Jason Bau
e7bb85dee1 Merge pull request #259 from edx/features/jbau/stanford-shib 
Bugfix for stanford shib
 2013-07-12 10:19:58 -07:00
Diana Huang
f33bfd1c6c Address code review feedback 2013-06-28 15:03:44 -04:00
Diana Huang
c98651fadb Add in the ability to handle malformed return urls. 2013-06-27 18:02:23 -04:00
Diana Huang
c6fa4873b1 Handle issues decoding requests more gracefully 
Clean up some pep8/pylint violations as well
 2013-06-27 18:02:23 -04:00
Jason Bau
3e38327f7f External_auth.views.login_or_signup fix codepath that didn't set uname 
which caused UnboundLocalError.  Added tests for this case
 2013-06-24 17:55:33 -07:00
Jason Bau
aa4e27f775 Shib PR responses to @cpennington and @ormsbee comments 
* Changed unicode test cases to ascii encoding
* Removed 'stanford' hardcoding in TOS logic in lieu of
  'SHIB_DISABLE_TOS' MIT_FEATURES flag
* made 'external_auth' always an installed_app in lms
* log.exception changd to log.error where appropriate

But: did not change skipping tests to changing settings, for
reasons stated here:
https://github.com/edx/edx-platform/pull/67#issuecomment-19790330
 2013-06-20 18:12:20 -07:00
Jason Bau
084160c1c9 Finishing up tests/modifications per @ormsbee feedback 2013-06-19 00:48:18 -07:00
Jason Bau
824fb9a311 The bulk of Shibboleth authentication for Stanford 
Highlights:
* The url '/shib-login/' interfaces with apache/mod_shib via
  request.META to handle shibboleth login and registrations
* Courses can designate 'enrollment_domains' to limit enrollment
  to users with a linked ExternalAuthMap verified by a particular
  identity provider
* Tests
* Logging

 Changes to be committed:

	new file:   common/djangoapps/external_auth/migrations/0001_initial.py
	new file:   common/djangoapps/external_auth/migrations/__init__.py
	new file:   common/djangoapps/external_auth/tests/test_shib.py
	modified:   common/djangoapps/external_auth/views.py
	modified:   common/djangoapps/student/views.py
	modified:   common/lib/xmodule/xmodule/course_module.py
	modified:   lms/djangoapps/courseware/access.py
	modified:   lms/djangoapps/courseware/tests/test_access.py
	modified:   lms/envs/common.py
	modified:   lms/envs/dev.py
	modified:   lms/envs/test.py
	modified:   lms/templates/courseware/course_about.html
	modified:   lms/templates/dashboard.html
	modified:   lms/templates/extauth_failure.html
	modified:   lms/templates/navigation.html
	modified:   lms/templates/register.html
	modified:   lms/templates/signup_modal.html
	modified:   lms/urls.py
	renamed:    lms/wsgi_apache.py -> lms/wsgi_apache_lms.py
 2013-06-19 00:48:18 -07:00
Calen Pennington
cfae1cdf62 Pep8 autofixes 2013-02-06 11:13:50 -05:00
Brian Wilson
9d28c37724 add more test coverage for openid provider. 2013-01-23 04:23:30 -05:00
Brian Wilson
9653631e9a Add initial openid_provider tests (covers xrds and authentication requests) 2013-01-22 11:15:30 -05:00