Commit 73b3af6c by David Ormsbee

Merge pull request #8426 from mcgachey/mcgachey-lti-enrollment-fix

[LTI Provider] Fix bug preventing unenrolled users from accessing content
parents dad7fb1c 0c7623d5
......@@ -155,7 +155,7 @@ class RenderXBlockTestMixin(object):
self.setup_user(admin=False, enroll=True, login=False)
self.verify_response(expected_response_code=302)
def test_fail_unenrolled_student(self):
def test_unenrolled_student(self):
self.setup_course()
self.setup_user(admin=False, enroll=False, login=True)
self.verify_response(expected_response_code=302)
......
......@@ -1389,7 +1389,7 @@ def _track_successful_certificate_generation(user_id, course_id): # pylint: dis
@require_http_methods(["GET", "POST"])
def render_xblock(request, usage_key_string):
def render_xblock(request, usage_key_string, check_if_enrolled=True):
"""
Returns an HttpResponse with HTML content for the xBlock with the given usage_key.
The returned HTML is a chromeless rendering of the xBlock (excluding content of the containing courseware).
......@@ -1400,7 +1400,7 @@ def render_xblock(request, usage_key_string):
with modulestore().bulk_operations(course_key):
# verify the user has access to the course, including enrollment check
course = get_course_with_access(request.user, 'load', course_key, check_if_enrolled=True)
course = get_course_with_access(request.user, 'load', course_key, check_if_enrolled=check_if_enrolled)
# get the block, which verifies whether the user has access to the block.
block, _ = get_module_by_usage_id(
......
......@@ -282,3 +282,8 @@ class LtiRunTestRender(LtiTestMixin, RenderXBlockTestMixin, ModuleStoreTestCase)
)
SignatureValidator.verify = MagicMock(return_value=True)
return self.client.post(lti_launch_url, data=LTI_DEFAULT_PARAMS)
def test_unenrolled_student(self):
self.setup_course()
self.setup_user(admin=False, enroll=False, login=True)
self.verify_response()
......@@ -205,7 +205,7 @@ def render_courseware(request, usage_key):
"""
# return an HttpResponse object that contains the template and necessary context to render the courseware.
from courseware.views import render_xblock
return render_xblock(request, unicode(usage_key))
return render_xblock(request, unicode(usage_key), check_if_enrolled=False)
def parse_course_and_usage_keys(course_id, usage_id):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment