Skip to content

E
edx-platform
Commit 597bfc1d by Jason Bau
Options

add rudimentay export control checking

parent d7912aeb
Showing with 55 additions and 13 deletions
common/djangoapps/cme_registration/tests/registration_tests.py
...@@ -18,7 +18,7 @@ from django.contrib.auth.models import User ...@@ -18,7 +18,7 @@ from django.contrib.auth.models import User
from student.models import Registration, UserProfile from student.models import Registration, UserProfile
from cme_registration.models import CmeUserProfile from cme_registration.models import CmeUserProfile
from student.tests.factories import UserFactory from student.tests.factories import UserFactory
from cme_registration.views import DENIED_COUNTRIES, validate_export_controls
TEST_MITX_FEATURES = settings.MITX_FEATURES.copy() TEST_MITX_FEATURES = settings.MITX_FEATURES.copy()
TEST_MITX_FEATURES['USE_CME_REGISTRATION'] = True TEST_MITX_FEATURES['USE_CME_REGISTRATION'] = True
...@@ -132,7 +132,7 @@ class TestCmeRegistration(TestCase): ...@@ -132,7 +132,7 @@ class TestCmeRegistration(TestCase):
url = reverse('create_account') url = reverse('create_account')
response = self.client.post(url, self.post_vars) response = self.client.post(url, self.post_vars)
self.assertContains(response, '{"success": true}') self.assertContains(response, '"success": true')
@unittest.skipIf(settings.MITX_FEATURES.get('DISABLE_CME_REGISTRATION_TESTS', False), @unittest.skipIf(settings.MITX_FEATURES.get('DISABLE_CME_REGISTRATION_TESTS', False),
dedent("""Skipping Test because the url is not in CMS""")) dedent("""Skipping Test because the url is not in CMS"""))
...@@ -344,7 +344,7 @@ class TestCmeRegistration(TestCase): ...@@ -344,7 +344,7 @@ class TestCmeRegistration(TestCase):
response = self.client.post(url, self.post_vars) response = self.client.post(url, self.post_vars)
#Check page displays success #Check page displays success
self.assertContains(response, '{"success": true}') self.assertContains(response, '"success": true')
#Check user was created #Check user was created
user = User.objects.filter(email='test@email.com') user = User.objects.filter(email='test@email.com')
...@@ -402,7 +402,7 @@ class TestCmeRegistration(TestCase): ...@@ -402,7 +402,7 @@ class TestCmeRegistration(TestCase):
response = self.client.post(url, self.post_vars) response = self.client.post(url, self.post_vars)
#Check page displays success #Check page displays success
self.assertContains(response, '{"success": true}') self.assertContains(response, '"success": true')
#Check user was created #Check user was created
user = User.objects.filter(email='test@email.com') user = User.objects.filter(email='test@email.com')
...@@ -514,7 +514,7 @@ class TestCmeRegistration(TestCase): ...@@ -514,7 +514,7 @@ class TestCmeRegistration(TestCase):
response = self.client.post(url, self.post_vars) response = self.client.post(url, self.post_vars)
#Check page displays success #Check page displays success
self.assertContains(response, '{"success": true}') self.assertContains(response, '"success": true')
@patch('cme_registration.models.CmeUserProfile.save', Mock(side_effect=Exception())) @patch('cme_registration.models.CmeUserProfile.save', Mock(side_effect=Exception()))
@unittest.skipIf(settings.MITX_FEATURES.get('DISABLE_CME_REGISTRATION_TESTS', False), @unittest.skipIf(settings.MITX_FEATURES.get('DISABLE_CME_REGISTRATION_TESTS', False),
...@@ -543,3 +543,14 @@ class TestCmeRegistration(TestCase): ...@@ -543,3 +543,14 @@ class TestCmeRegistration(TestCase):
self.assertRaises(Exception) self.assertRaises(Exception)
self.assertContains(response, 'Could not send activation e-mail.') self.assertContains(response, 'Could not send activation e-mail.')
def test_export_controls(self):
"""
Test export controls verification
"""
for country in DENIED_COUNTRIES:
retv = validate_export_controls({'country': country})
self.assertFalse(retv['success'])
self.assertEqual(retv['field'], 'country')
self.assertIsNone(validate_export_controls({'country': 'United States'}))
common/djangoapps/cme_registration/views.py
...@@ -18,6 +18,7 @@ from django.db import IntegrityError ...@@ -18,6 +18,7 @@ from django.db import IntegrityError
from django.core.mail import send_mail from django.core.mail import send_mail
from student.models import Registration from student.models import Registration
import student
from cme_registration.models import CmeUserProfile from cme_registration.models import CmeUserProfile
from mitxmako.shortcuts import render_to_response, render_to_string from mitxmako.shortcuts import render_to_response, render_to_string
...@@ -100,6 +101,11 @@ def cme_create_account(request, post_override=None): ...@@ -100,6 +101,11 @@ def cme_create_account(request, post_override=None):
json_string['field'] = 'username' json_string['field'] = 'username'
return HttpResponse(json.dumps(json_string)) return HttpResponse(json.dumps(json_string))
#Validate Export controls
error = validate_export_controls(post_vars)
if error is not None:
return HttpResponse(json.dumps(error))
# Ok, looks like everything is legit. Create the account. # Ok, looks like everything is legit. Create the account.
ret = _do_cme_create_account(post_vars) ret = _do_cme_create_account(post_vars)
if isinstance(ret, HttpResponse): # if there was an error then return that if isinstance(ret, HttpResponse): # if there was an error then return that
...@@ -137,12 +143,13 @@ def cme_create_account(request, post_override=None): ...@@ -137,12 +143,13 @@ def cme_create_account(request, post_override=None):
login(request, login_user) login(request, login_user)
request.session.set_expiry(0) request.session.set_expiry(0)
statsd.increment("common.student.account_created") redirect_url = student.views.try_change_enrollment(request)
json_string = {'success': True} json_string = {'success': True,
HttpResponse(json.dumps(json_string), mimetype="application/json") 'redirect_url': redirect_url}
response = HttpResponse(json.dumps(json_string))
response = HttpResponse(json.dumps({'success': True}))
return response return response
...@@ -335,6 +342,28 @@ def validate_required_radios(post_vars): ...@@ -335,6 +342,28 @@ def validate_required_radios(post_vars):
return error return error
def validate_export_controls(post_vars):
"""
Checks that we are US export control compliant.
In keeping with the style of the rest of the app, returns failure dict if failed, else None
"""
country = post_vars.get('country', '')
if country in DENIED_COUNTRIES:
return {
'success': False,
'field': 'country',
'value': 'We are experiencing a temporary system failure. Try again later.' # obfuscated message
}
DENIED_COUNTRIES = [
'Sudan',
'Korea, Democratic People\'s Republic Of',
'Iran, Islamic Republic Of',
'Cuba',
'Syrian Alab Republic',
]
#Construct dicts for specialty and sub-specialty dropdowns #Construct dicts for specialty and sub-specialty dropdowns
SPECIALTY_CHOICES = {} SPECIALTY_CHOICES = {}
SUB_SPECIALTY_CHOICES = {} SUB_SPECIALTY_CHOICES = {}
......
lms/templates/cme_register.html
...@@ -87,7 +87,12 @@ ...@@ -87,7 +87,12 @@
$('#register-form').on('ajax:success', function(event, json, xhr) { $('#register-form').on('ajax:success', function(event, json, xhr) {
if(json.success) { if(json.success) {
$('.message.submission-error').removeClass('is-shown'); $('.message.submission-error').removeClass('is-shown');
if(json.redirect_url){
location.href=json.redirect_url;
}
else {
location.href="${reverse('dashboard')}"; location.href="${reverse('dashboard')}";
}
} else { } else {
$('.status.message.submission-error').addClass('is-shown').focus(); $('.status.message.submission-error').addClass('is-shown').focus();
$('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block"); $('.status.message.submission-error .message-copy').html(json.value).stop().css("display", "block");
...@@ -497,10 +502,7 @@ ...@@ -497,10 +502,7 @@
</div> </div>
</li> </li>
<div class="field select checkbox" id="mailing_list"> <input id="mailing_list" type="hidden" name="mailing_list" value="true" />
<input id="mailing_list" type="checkbox" name="mailing_list" value="true" checked />
<label for="mailing_list">Yes, include me on the mailing list for future educational activities</label>
</div>
</ol> </ol>
</fieldset> </fieldset>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment