if AUTH_REQUIRE_STAFF_FOR_COURSE then course list = those accessible

3f83904c · ichuang · c20ebd13 · 3f83904c · 3f83904c · 3f83904c
Commit 3f83904c authored Aug 04, 2012 by ichuang
Show whitespace changes
Inline Side-by-side

Showing with 31 additions and 22 deletions

common/djangoapps/student/views.py
+5 -9

lms/djangoapps/courseware/courses.py
+21 -0

lms/djangoapps/courseware/views.py
+5 -13

No files found.
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -8,7 +8,6 @@ import uuid
 import feedparser
 import urllib
 import itertools
-from collections import defaultdict
 from django.conf import settings
 from django.contrib.auth import logout, authenticate, login
@@ -37,7 +36,7 @@ from xmodule.modulestore.exceptions import ItemNotFoundError
 from models import Registration, UserProfile, PendingNameChange, PendingEmailChange, CourseEnrollment
 from datetime import date
 from collections import namedtuple
-from courseware.courses import course_staff_group_name, has_staff_access_to_course
+from courseware.courses import course_staff_group_name, has_staff_access_to_course, get_courses_by_university
 log = logging.getLogger("mitx.student")
 Article = namedtuple('Article', 'title url author image deck publication publish_date')
@@ -65,9 +64,9 @@ def index(request):
        from external_auth.views import edXauth_ssl_login
        return edXauth_ssl_login(request)
-    return main_index()
+    return main_index(user=request.user)
-def main_index(extra_context = {}):
+def main_index(extra_context = {}, user=None):
    '''
    Render the edX main page.
@@ -89,11 +88,8 @@ def main_index(extra_context = {}):
        entry.image = soup.img['src'] if soup.img else None
        entry.summary = soup.getText()
-    universities = defaultdict(list)
+    # The course selection work is done in courseware.courses.
-    courses = sorted(modulestore().get_courses(), key=lambda course: course.number)
+    universities = get_courses_by_university(None)
-    for course in courses:
-        universities[course.org].append(course)
    context = {'universities': universities, 'entries': entries}
    context.update(extra_context)
    return render_to_response('index.html', context)

--- a/lms/djangoapps/courseware/courses.py
+++ b/lms/djangoapps/courseware/courses.py
+from collections import defaultdict
 from fs.errors import ResourceNotFoundError
 from functools import wraps
 import logging
@@ -123,6 +124,8 @@ def has_staff_access_to_course(user,course):
    Returns True if the given user has staff access to the course.
    This means that user is in the staff_* group, or is an overall admin.
    '''
+    if user is None or (not user.is_authenticated()) or course is None:
+        return False
    if user.is_staff:
        return True
    user_groups = [x[1] for x in user.groups.values_list()]	# note this is the Auth group, not UserTestGroup
@@ -132,5 +135,23 @@ def has_staff_access_to_course(user,course):
        return True
    return False
+def get_courses_by_university(user):
+    '''
+    Returns dict of lists of courses available, keyed by course.org (ie university).
+    Courses are sorted by course.number.
+    if ACCESS_REQUIRE_STAFF_FOR_COURSE then list only includes those accessible to user.
+    '''
+    # TODO: Clean up how 'error' is done.
+    # filter out any courses that errored.
+    courses = [c for c in modulestore().get_courses()
+               if isinstance(c, CourseDescriptor)]
+    courses = sorted(courses, key=lambda course: course.number)
+    universities = defaultdict(list)
+    for course in courses:
+        if settings.MITX_FEATURES.get('ENABLE_LMS_MIGRATION'):
+            if not has_staff_access_to_course(user,course):
+                continue
+        universities[course.org].append(course)
+    return universities
--- a/lms/djangoapps/courseware/views.py
+++ b/lms/djangoapps/courseware/views.py
-from collections import defaultdict
 import json
 import logging
 import urllib
@@ -28,7 +27,7 @@ from xmodule.course_module import CourseDescriptor
 from util.cache import cache, cache_if_anonymous
 from student.models import UserTestGroup, CourseEnrollment
 from courseware import grades
-from courseware.courses import check_course
+from courseware.courses import check_course, get_courses_by_university
 log = logging.getLogger("mitx.courseware")
@@ -58,19 +57,12 @@ def user_groups(user):
 @ensure_csrf_cookie
 @cache_if_anonymous
 def courses(request):
-    # TODO: Clean up how 'error' is done.
+    '''
+    Render "find courses" page.  The course selection work is done in courseware.courses.
-    # filter out any courses that errored.
+    '''
-    courses = [c for c in modulestore().get_courses()
+    universities = get_courses_by_university(request.user)
-               if isinstance(c, CourseDescriptor)]
-    courses = sorted(courses, key=lambda course: course.number)
-    universities = defaultdict(list)
-    for course in courses:
-        universities[course.org].append(course)
    return render_to_response("courses.html", {'universities': universities})
 @cache_control(no_cache=True, no_store=True, must_revalidate=True)
 def gradebook(request, course_id):
    if 'course_admin' not in user_groups(request.user):