Skip to content

E
edx-platform
Commit 30922fb4 by ichuang
Options

add ACCESS_REQUIRE_STAFF_FOR_COURSE feature for enrollment check

parent f1ba26b0
Showing with 34 additions and 1 deletions
common/djangoapps/student/views.py
...@@ -37,6 +37,7 @@ from xmodule.modulestore.exceptions import ItemNotFoundError ...@@ -37,6 +37,7 @@ from xmodule.modulestore.exceptions import ItemNotFoundError
from models import Registration, UserProfile, PendingNameChange, PendingEmailChange, CourseEnrollment from models import Registration, UserProfile, PendingNameChange, PendingEmailChange, CourseEnrollment
from datetime import date from datetime import date
from collections import namedtuple from collections import namedtuple
from courseware.courses import course_staff_group_name, has_staff_access_to_course
log = logging.getLogger("mitx.student") log = logging.getLogger("mitx.student")
Article = namedtuple('Article', 'title url author image deck publication publish_date') Article = namedtuple('Article', 'title url author image deck publication publish_date')
...@@ -184,6 +185,14 @@ def change_enrollment(request): ...@@ -184,6 +185,14 @@ def change_enrollment(request):
.format(user.username, enrollment.course_id)) .format(user.username, enrollment.course_id))
return {'success': False, 'error': 'The course requested does not exist.'} return {'success': False, 'error': 'The course requested does not exist.'}
if settings.MITX_FEATURES.get('ACCESS_REQUIRE_STAFF_FOR_COURSE'):
# require that user be in the staff_* group (or be an overall admin) to be able to enroll
# eg staff_6.002x or staff_6.00x
if not has_staff_access_to_course(user,course):
staff_group = course_staff_group_name(course)
log.debug('user %s denied enrollment to %s ; not in %s' % (user,course.location.url(),staff_group))
return {'success': False, 'error' : '%s membership required to access course.' % staff_group}
enrollment, created = CourseEnrollment.objects.get_or_create(user=user, course_id=course.id) enrollment, created = CourseEnrollment.objects.get_or_create(user=user, course_id=course.id)
return {'success': True} return {'success': True}
......
lms/djangoapps/courseware/courses.py
...@@ -114,3 +114,23 @@ def get_course_info_section(course, section_key): ...@@ -114,3 +114,23 @@ def get_course_info_section(course, section_key):
return "! Info section missing !" return "! Info section missing !"
raise KeyError("Invalid about key " + str(section_key)) raise KeyError("Invalid about key " + str(section_key))
def course_staff_group_name(course):
return 'staff_%s' % course.metadata['course']
def has_staff_access_to_course(user,course):
'''
Returns True if the given user has staff access to the course.
This means that user is in the staff_* group, or is an overall admin.
'''
if user.is_staff:
return True
user_groups = [x[1] for x in user.groups.values_list()] # note this is the Auth group, not UserTestGroup
log.debug('user is in groups %s' % user_groups)
staff_group = course_staff_group_name(course)
if staff_group in user_groups:
return True
return False
lms/envs/dev.py
...@@ -60,12 +60,13 @@ SECRET_KEY = '85920908f28904ed733fe576320db18cabd7b6cd' ...@@ -60,12 +60,13 @@ SECRET_KEY = '85920908f28904ed733fe576320db18cabd7b6cd'
################################ LMS Migration ################################# ################################ LMS Migration #################################
MITX_FEATURES['ENABLE_LMS_MIGRATION'] = True MITX_FEATURES['ENABLE_LMS_MIGRATION'] = True
MITX_FEATURES['ACCESS_REQUIRE_STAFF_FOR_COURSE'] = True
LMS_MIGRATION_ALLOWED_IPS = ['any'] LMS_MIGRATION_ALLOWED_IPS = ['any']
################################ OpenID Auth ################################# ################################ OpenID Auth #################################
MITX_FEATURES['AUTH_USE_OPENID'] = True MITX_FEATURES['AUTH_USE_OPENID'] = True
MITX_FEATURES['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] = True MITX_FEATURES['BYPASS_ACTIVATION_EMAIL_FOR_EXTAUTH'] = True # require that user be in the staff_* group to be able to enroll
INSTALLED_APPS += ('external_auth',) INSTALLED_APPS += ('external_auth',)
INSTALLED_APPS += ('django_openid_auth',) INSTALLED_APPS += ('django_openid_auth',)
......
lms/templates/portal/course_about.html
...@@ -19,6 +19,8 @@ ...@@ -19,6 +19,8 @@
$(document).delegate('#class_enroll_form', 'ajax:success', function(data, json, xhr) { $(document).delegate('#class_enroll_form', 'ajax:success', function(data, json, xhr) {
if(json.success) { if(json.success) {
location.href="${reverse('dashboard')}"; location.href="${reverse('dashboard')}";
}else{
document.getElementById('register_message').innerHTML = "<p><font color='red'>" + json.error + "</font></p>";
} }
}); });
})(this) })(this)
...@@ -63,6 +65,7 @@ ...@@ -63,6 +65,7 @@
<span class="register disabled">You are registered for this course (${course.number}).</span> <span class="register disabled">You are registered for this course (${course.number}).</span>
%else: %else:
<a href="#" class="register">Register for ${course.number}</a> <a href="#" class="register">Register for ${course.number}</a>
<div id="register_message"></div>
%endif %endif
%else: %else:
<a href="#signup-modal" class="register" rel="leanModal" data-notice='You must Sign Up or <a href="#login-modal" rel="leanModal">Log In</a> to enroll.'>Register for ${course.number}</a> <a href="#signup-modal" class="register" rel="leanModal" data-notice='You must Sign Up or <a href="#login-modal" rel="leanModal">Log In</a> to enroll.'>Register for ${course.number}</a>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment