Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
17,200 Commits 1 Branch 0 Tags
869d09220c19ee1dfd11fd58a33cacda53de9798
Commit Graph

56 Commits

Author SHA1 Message Date
Will Daly
736b3e0ecd Common djangoapps no longer access courseware; other cleanup 2013-08-22 14:08:35 -04:00
Will Daly
8165a033b1 Pep8/pylint fixes 
Fixed test_masquerade failure due to not clearing the modulestore
between tests.
 2013-08-21 19:42:59 -04:00
Will Daly
48c6daacb8 Removed unnecessary settings wrangling from ModuleStoreTestCase. 
Modified navigation tests to use MixedModulestore
Updated factories to find editable modulestore

Updated test_submitting_problems

Updated test_tabs.py

Updated test_view_authentication

Updated test_views

Updated courseware/tests/tests.py

Updated test_masquerade

Updated test_module_render

Pylint fixes

Updated video and word cloud tests

Updated course wiki tests

Updated license and open_ended tests.
One open_ended test still failing due to Mako initialization issues

Updated staticbook

Updated django_comment_client tests

Updated instructor tests

Updated instructor task tests

Updated external_auth tests

Updated course_groups
 2013-08-21 09:36:45 -04:00
David Ormsbee
3ce87583ab Shift enroll/unenroll logic to CourseEnrollment model, add is_active and mode. 
Features coming down the pipe will want to be able to:
* Refer to enrollments before they are actually activated (approval step).
* See what courses a user used to be enrolled in for when they re-enroll in
  the same course, or a different run of that course.
* Have different "modes" of enrolling in a course, representing things like
  honor certificate enrollment, auditing (no certs), etc.

This change adds an is_active flag and mode (with default being "honor").
The commit is only as large as it is because many parts of the codebase were
manipulating enrollments by adding and removing CourseEnrollment objects
directly. It was necessary to create classmethods on CourseEnrollment to
encapsulate this functionality and then port everything over to using them.

The migration to add columns has been tested on a prod replica, and seems to be
fine for running on a live system with single digit millions of rows of
enrollments.
 2013-08-14 13:23:06 -04:00
Diana Huang
c867be7961 Limit the rate of logins. 2013-08-02 11:23:59 -04:00
Brian Wilson
635d36fcf9 Add audit log definition, and use for logging of logins in external_auth and student apps. Move test_login to student app. Improve conditional tests for Shibboleth login logic. (Does not include reconfiguring log settings.) 2013-07-31 13:32:21 -04:00
Calen Pennington
76055aa211 Add a manage.py command that understands the extra edX options 2013-07-24 09:04:12 -04:00
Jason Bau
e7bb85dee1 Merge pull request #259 from edx/features/jbau/stanford-shib 
Bugfix for stanford shib
 2013-07-12 10:19:58 -07:00
Diana Huang
f33bfd1c6c Address code review feedback 2013-06-28 15:03:44 -04:00
Diana Huang
c98651fadb Add in the ability to handle malformed return urls. 2013-06-27 18:02:23 -04:00
Diana Huang
c6fa4873b1 Handle issues decoding requests more gracefully 
Clean up some pep8/pylint violations as well
 2013-06-27 18:02:23 -04:00
Jason Bau
3e38327f7f External_auth.views.login_or_signup fix codepath that didn't set uname 
which caused UnboundLocalError.  Added tests for this case
 2013-06-24 17:55:33 -07:00
Ned Batchelder
e045860cb6 Pylint complains if you use string, even if you use it for what its still meant to be used for. 2013-06-21 16:35:47 -04:00
Jason Bau
aa4e27f775 Shib PR responses to @cpennington and @ormsbee comments 
* Changed unicode test cases to ascii encoding
* Removed 'stanford' hardcoding in TOS logic in lieu of
  'SHIB_DISABLE_TOS' MIT_FEATURES flag
* made 'external_auth' always an installed_app in lms
* log.exception changd to log.error where appropriate

But: did not change skipping tests to changing settings, for
reasons stated here:
https://github.com/edx/edx-platform/pull/67#issuecomment-19790330
 2013-06-20 18:12:20 -07:00
Jason Bau
084160c1c9 Finishing up tests/modifications per @ormsbee feedback 2013-06-19 00:48:18 -07:00
Jason Bau
ca649d3c33 Turn off Agreement to Terms of Service for Stanford shib 
As stipulated by Stanford's office of general counsel
 2013-06-19 00:48:18 -07:00
Jason Bau
a39a384ed2 Handle the case where an existing user has email returned by shib 
By linking the users
 2013-06-19 00:48:18 -07:00
Jason Bau
824fb9a311 The bulk of Shibboleth authentication for Stanford 
Highlights:
* The url '/shib-login/' interfaces with apache/mod_shib via
  request.META to handle shibboleth login and registrations
* Courses can designate 'enrollment_domains' to limit enrollment
  to users with a linked ExternalAuthMap verified by a particular
  identity provider
* Tests
* Logging

 Changes to be committed:

	new file:   common/djangoapps/external_auth/migrations/0001_initial.py
	new file:   common/djangoapps/external_auth/migrations/__init__.py
	new file:   common/djangoapps/external_auth/tests/test_shib.py
	modified:   common/djangoapps/external_auth/views.py
	modified:   common/djangoapps/student/views.py
	modified:   common/lib/xmodule/xmodule/course_module.py
	modified:   lms/djangoapps/courseware/access.py
	modified:   lms/djangoapps/courseware/tests/test_access.py
	modified:   lms/envs/common.py
	modified:   lms/envs/dev.py
	modified:   lms/envs/test.py
	modified:   lms/templates/courseware/course_about.html
	modified:   lms/templates/dashboard.html
	modified:   lms/templates/extauth_failure.html
	modified:   lms/templates/navigation.html
	modified:   lms/templates/register.html
	modified:   lms/templates/signup_modal.html
	modified:   lms/urls.py
	renamed:    lms/wsgi_apache.py -> lms/wsgi_apache_lms.py
 2013-06-19 00:48:18 -07:00
Diana Huang
886e74342d Move the testcenter login to external_auth 
* hide the login behind a setting that is turned off by default
* clean out some of the outdated settings and hardcoded test strings
 2013-04-25 11:12:19 -04:00
Calen Pennington
cfae1cdf62 Pep8 autofixes 2013-02-06 11:13:50 -05:00
Brian Wilson
9d28c37724 add more test coverage for openid provider. 2013-01-23 04:23:30 -05:00
Brian Wilson
ba62a657bf Merge remote-tracking branch 'origin/master' into bugfix/brian/openid_provider_post 2013-01-22 23:50:38 -05:00
Brian Wilson
9653631e9a Add initial openid_provider tests (covers xrds and authentication requests) 2013-01-22 11:15:30 -05:00
Brian Wilson
6da9c7bd9a get (openId) provider_login to work with POST requests 2013-01-18 18:37:24 -05:00
Calen Pennington
b52ed48221 Merge remote-tracking branch 'origin/master' into feature/cale/cms-master 
Conflicts:
	common/lib/capa/capa/responsetypes.py
	common/lib/xmodule/xmodule/js/src/html/display.coffee
	lms/envs/common.py
 2012-10-23 13:38:11 -04:00
Carlos Andrés Rocha
f495f219cf Update common/djangoapps/external_auth/views.py 
Corrected comments on OpenID temporal fix
 2012-10-15 13:28:54 -03:00
John Hess
a88a857723 Adjusted to return email address 
Per update from CS50 team, their client will break if not given addresses.
 2012-10-15 12:55:39 -03:00
Carlos Andrés Rocha
0f16e8a358 Return only username on OpenID provider requests. 
Temporarily return username also as the email and fullname fields of
the response using OpenID's simple registration extension.
 2012-10-14 19:45:22 -04:00
ichuang
09d7d6d688 add AUTH_USE_MIT_CERTIFICATES feature flag to CMS, and @ssl_login_shortcut 2012-10-14 16:40:04 -04:00
Carlos Andrés Rocha
193ca7b34b Fix error when creating empty associations 
Also renamed some variables to make them more distinguishable
 2012-10-05 13:46:49 -04:00
Carlos Andrés Rocha
e62968d5e1 Get OpenID XRDS url host from request 
Replaced the previous method of getting it from HTTP_POST to use
django's mechanism, which may or may not use HTTP_HOST. However if an
attacker changes the request header, there is not much he can do since
he cannot recreate the association nonce.
 2012-10-03 17:16:22 -04:00
Carlos Andrés Rocha
4840de8c88 Create Django cache backed OpenID provider store 2012-10-03 16:54:07 -04:00
ichuang
2045500c6e make external_auth table searchable in django admin; fix 
missed instance of login link which should have been behind DISABLE_LOGIN_BUTTON
 2012-09-08 23:21:34 -04:00
Carlos Andrés Rocha
327b3a4648 [34078525] Log openid root_trust validation failures as errors 2012-08-31 06:43:28 -04:00
Carlos Andrés Rocha
0a81684ac3 [34078525] Fix error saving open_id request in session 2012-08-31 06:43:08 -04:00
Carlos Andrés Rocha
d702082daa [34078525] Add test settings for openid 2012-08-31 06:31:18 -04:00
Carlos Andrés Rocha
27fe80d57c [34078525] Use system random to generate passwords 2012-08-31 06:29:07 -04:00
Carlos Andrés Rocha
902a887e79 [34078525] pep8 renaming of some extern_auth functions 2012-08-29 18:46:35 -04:00
Carlos Andrés Rocha
cd4aab13fb [34078525] Added OPENID_PROVIDER_TRUSTED_ROOTS django setting 
Added OPENID_PROVIDER_TRUSTED_ROOTS django setting. It should be a
list of glob matching patterns: ['*.cs50.net', '*.other.net']

Also did some minor refactoring and cleanup.
 2012-08-29 18:40:12 -04:00
Nate Hardison
c97db851fb Getting rid of unneeded variables 2012-08-29 15:28:44 -04:00
Carlos Andrés Rocha
cb67af5959 [34078525] OpenID provider cleanup and minor fixes 2012-08-29 12:43:08 -04:00
Nate Hardison
4126f3a29a Validating OpenID request trust roots to only come from *.cs50.net 2012-08-29 11:57:41 -04:00
Tommy MacWilliam
6de28fc592 feature flag, consumer displayed, logging 
- provider placed behind separate feature flag
- domain of openid consumer displayed in login page
- added logging for successful login, changed log messages to include
  "OpenID"
 2012-08-29 10:37:02 -04:00
Tommy MacWilliam
4b6694a4ce OpenID provider implementation 
- endpoint supports both SReg and AX
- identity taken from edX username
- sreg fullname and ax http://axschema.org/namePerson taken from edX
  name
- sreg email and ax http://axschema.org/contact/email taken from edX
  email
 2012-08-29 10:29:42 -04:00
Calen Pennington
5ca636e606 Use the university profile page for courses and index if we are in a branded subdomain. N.B. THIS DOESN'T WORK WITH MIT_SSL_AUTH 2012-08-22 14:43:49 -04:00
David Ormsbee
346d5b91a1 implement subdomain-based course displays 2012-08-15 11:53:20 -04:00
ichuang
553f7046b4 suggested username for ssl auth is conjoined name with no spaces 2012-08-05 21:12:56 -04:00
ichuang
3eff9ffecd match external_domain as well when retrieving ExternalAuthMap objects 2012-08-02 13:28:52 -04:00
ichuang
613c53a710 slight cleanup, no need to import all of django_openid_auth 2012-08-02 10:05:26 -04:00
ichuang
f2a9110bda change model to have external_id and external_domain be unique_together 2012-08-02 09:56:33 -04:00