Review changes

088dab36 · Jesse Shapiro · bd9f8594 · 088dab36
Commit 088dab36 authored Nov 01, 2016 by Jesse Shapiro
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 8 deletions

common/djangoapps/student/auth.py
+6 -8

No files found.
--- a/common/djangoapps/student/auth.py
+++ b/common/djangoapps/student/auth.py
@@ -7,6 +7,7 @@ to decide whether to check course creator role, and other such functions.
 from django.core.exceptions import PermissionDenied
 from django.conf import settings
 from opaque_keys.edx.locator import LibraryLocator
+from ccx_keys.locator import CCXLocator, CCXBlockUsageLocator

 from student.roles import GlobalStaff, CourseCreatorRole, CourseStaffRole, CourseInstructorRole, CourseRole, \
    CourseBetaTesterRole, OrgInstructorRole, OrgStaffRole, LibraryUserRole, OrgLibraryUserRole
@@ -17,6 +18,7 @@ STUDIO_EDIT_ROLES = 8
 STUDIO_VIEW_USERS = 4
 STUDIO_EDIT_CONTENT = 2
 STUDIO_VIEW_CONTENT = 1
+STUDIO_NO_PERMISSIONS = 0
 # In addition to the above, one is always allowed to "demote" oneself to a lower role within a course, or remove oneself


@@ -25,11 +27,7 @@ def is_ccx_course(course_key):
    Check whether the course locator maps to a CCX course; this is important
    because we don't allow access to CCX courses in Studio.
    """
-    ccx_namespaces = (
-        'ccx-v1',
-        'ccx-block-v1',
-    )
-    return course_key.CANONICAL_NAMESPACE in ccx_namespaces
+    return isinstance(course_key, CCXLocator) or isinstance(course_key, CCXBlockUsageLocator)


 def user_has_role(user, role):
@@ -72,10 +70,10 @@ def get_user_permissions(user, course_key, org=None):
        course_key = course_key.for_branch(None)
    else:
        assert course_key is None
-    all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT
    # No one has studio permissions for CCX courses
    if is_ccx_course(course_key):
-        return 0
+        return STUDIO_NO_PERMISSIONS
+    all_perms = STUDIO_EDIT_ROLES | STUDIO_VIEW_USERS | STUDIO_EDIT_CONTENT | STUDIO_VIEW_CONTENT
    # global staff, org instructors, and course instructors have all permissions:
    if GlobalStaff().has_user(user) or OrgInstructorRole(org=org).has_user(user):
        return all_perms
@@ -88,7 +86,7 @@ def get_user_permissions(user, course_key, org=None):
    if course_key and isinstance(course_key, LibraryLocator):
        if OrgLibraryUserRole(org=org).has_user(user) or user_has_role(user, LibraryUserRole(course_key)):
            return STUDIO_VIEW_USERS | STUDIO_VIEW_CONTENT
-    return 0
+    return STUDIO_NO_PERMISSIONS


 def has_studio_write_access(user, course_key):