Merge pull request #441 from edx/dhm/course_update_bugs

POST requests were claiming request.method == 'PUT'

Merge pull request #441 from edx/dhm/course_update_bugs
POST requests were claiming request.method == 'PUT'
4a127e51 · Don Mitchell · a2522c49 · 541c98a3 · 4a127e51 · 4a127e51
Commit 4a127e51 authored Jul 19, 2013 by Don Mitchell
Showing with 15 additions and 10 deletions

cms/djangoapps/contentstore/tests/test_course_updates.py
+4 -1

cms/djangoapps/contentstore/views/assets.py
+3 -2

cms/djangoapps/contentstore/views/component.py
+2 -1

cms/djangoapps/contentstore/views/course.py
+6 -6

No files found.
--- a/cms/djangoapps/contentstore/tests/test_course_updates.py
+++ b/cms/djangoapps/contentstore/tests/test_course_updates.py
@@ -36,8 +36,11 @@ class CourseUpdateTest(CourseTestCase):
                                           'provided_id': payload['id']})
        content += '<div>div <p>p<br/></p></div>'
        payload['content'] = content
+        # POST requests were coming in w/ these header values causing an error; so, repro error here
        resp = self.client.post(first_update_url, json.dumps(payload),
-                                "application/json")
+                                "application/json",
+                                HTTP_X_HTTP_METHOD_OVERRIDE="PUT",
+                                REQUEST_METHOD="POST")
        self.assertHTMLEqual(content, json.loads(resp.content)['content'],
                             "iframe w/ div")

--- a/cms/djangoapps/contentstore/views/assets.py
+++ b/cms/djangoapps/contentstore/views/assets.py
@@ -13,7 +13,7 @@ from django_future.csrf import ensure_csrf_cookie
 from django.core.urlresolvers import reverse
 from django.core.servers.basehttp import FileWrapper
 from django.core.files.temp import NamedTemporaryFile
-from django.views.decorators.http import require_POST
+from django.views.decorators.http import require_POST, require_http_methods
 from mitxmako.shortcuts import render_to_response
 from cache_toolbox.core import del_cached_content
@@ -249,6 +249,7 @@ def remove_asset(request, org, course, name):
 @ensure_csrf_cookie
+@require_http_methods(("GET", "POST", "PUT"))
 @login_required
 def import_course(request, org, course, name):
    """
@@ -256,7 +257,7 @@ def import_course(request, org, course, name):
    """
    location = get_location_and_verify_access(request, org, course, name)
-    if request.method == 'POST':
+    if request.method in ('POST', 'PUT'):
        filename = request.FILES['course-data'].name
        if not filename.endswith('.tar.gz'):

--- a/cms/djangoapps/contentstore/views/component.py
+++ b/cms/djangoapps/contentstore/views/component.py
@@ -245,6 +245,7 @@ def edit_unit(request, location):
 @expect_json
 @login_required
+@require_http_methods(("GET", "POST", "PUT"))
 @ensure_csrf_cookie
 def assignment_type_update(request, org, course, category, name):
    '''
@@ -256,7 +257,7 @@ def assignment_type_update(request, org, course, category, name):
    if request.method == 'GET':
        return JsonResponse(CourseGradingModel.get_section_grader_type(location))
-    elif request.method == 'POST':  # post or put, doesn't matter.
+    elif request.method in ('POST', 'PUT'):  # post or put, doesn't matter.
        return JsonResponse(CourseGradingModel.update_section_grader_type(location, request.POST))

--- a/cms/djangoapps/contentstore/views/course.py
+++ b/cms/djangoapps/contentstore/views/course.py
@@ -42,8 +42,7 @@ from .component import (
    ADVANCED_COMPONENT_POLICY_KEY)
 from django_comment_common.utils import seed_permissions_roles
-import datetime
-from django.utils.timezone import UTC
 from xmodule.html_module import AboutDescriptor
 __all__ = ['course_index', 'create_new_course', 'course_info',
           'course_info_updates', 'get_course_settings',
@@ -176,6 +175,7 @@ def course_info(request, org, course, name, provided_id=None):
 @expect_json
+@require_http_methods(("GET", "POST", "PUT", "DELETE"))
 @login_required
 @ensure_csrf_cookie
 def course_info_updates(request, org, course, provided_id=None):
@@ -206,7 +206,7 @@ def course_info_updates(request, org, course, provided_id=None):
        except:
            return HttpResponseBadRequest("Failed to delete",
                                          content_type="text/plain")
-    elif request.method == 'POST':
+    elif request.method in ('POST', 'PUT'):  # can be either and sometimes django is rewriting one to the other
        try:
            return JsonResponse(update_course_updates(location, request.POST, provided_id))
        except:
@@ -300,7 +300,7 @@ def course_settings_updates(request, org, course, name, section):
    if request.method == 'GET':
        # Cannot just do a get w/o knowing the course name :-(
        return JsonResponse(manager.fetch(Location(['i4x', org, course, 'course', name])), encoder=CourseSettingsEncoder)
-    elif request.method == 'POST':  # post or put, doesn't matter.
+    elif request.method in ('POST', 'PUT'):  # post or put, doesn't matter.
        return JsonResponse(manager.update_from_json(request.POST), encoder=CourseSettingsEncoder)
@@ -479,7 +479,7 @@ def textbook_index(request, org, course, name):
    if request.is_ajax():
        if request.method == 'GET':
            return JsonResponse(course_module.pdf_textbooks)
-        elif request.method == 'POST':
+        elif request.method in ('POST', 'PUT'):  # can be either and sometimes django is rewriting one to the other
            try:
                textbooks = validate_textbooks_json(request.body)
            except TextbookValidationError as err:
@@ -580,7 +580,7 @@ def textbook_by_id(request, org, course, name, tid):
        if not textbook:
            return JsonResponse(status=404)
        return JsonResponse(textbook)
-    elif request.method in ('POST', 'PUT'):
+    elif request.method in ('POST', 'PUT'):  # can be either and sometimes django is rewriting one to the other
        try:
            new_textbook = validate_textbook_json(request.body)
        except TextbookValidationError as err: