Move view_course_access functionality to sole caller lms/mobile_api.

7b365bca · Nimisha Asthagiri · 9ae36152 · 7b365bca · 7b365bca
Commit 7b365bca authored Oct 06, 2016 by Nimisha Asthagiri
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 39 deletions

lms/djangoapps/mobile_api/utils.py
+35 -2

openedx/core/lib/api/view_utils.py
+1 -37

No files found.
--- a/lms/djangoapps/mobile_api/utils.py
+++ b/lms/djangoapps/mobile_api/utils.py
 """
 Common utility methods and decorators for Mobile APIs.
 """
-from openedx.core.lib.api.view_utils import view_course_access, view_auth_classes
+import functools
+from rest_framework import status
+from rest_framework.response import Response
+from lms.djangoapps.courseware.courses import get_course_with_access
+from lms.djangoapps.courseware.courseware_access_exception import CoursewareAccessException
+from opaque_keys.edx.keys import CourseKey
+from openedx.core.lib.api.view_utils import view_auth_classes
+from xmodule.modulestore.django import modulestore
 def mobile_course_access(depth=0):
    """
    Method decorator for a mobile API endpoint that verifies the user has access to the course in a mobile context.
    """
-    return view_course_access(depth=depth, access_action='load_mobile', check_for_milestones=True)
+    def _decorator(func):
+        """Outer method decorator."""
+        @functools.wraps(func)
+        def _wrapper(self, request, *args, **kwargs):
+            """
+            Expects kwargs to contain 'course_id'.
+            Passes the course descriptor to the given decorated function.
+            Raises 404 if access to course is disallowed.
+            """
+            course_id = CourseKey.from_string(kwargs.pop('course_id'))
+            with modulestore().bulk_operations(course_id):
+                try:
+                    course = get_course_with_access(
+                        request.user,
+                        'load_mobile',
+                        course_id,
+                        depth=depth,
+                        check_if_enrolled=True,
+                    )
+                except CoursewareAccessException as error:
+                    return Response(data=error.to_json(), status=status.HTTP_404_NOT_FOUND)
+                return func(self, request, course=course, *args, **kwargs)
+        return _wrapper
+    return _decorator
 def mobile_view(is_user=False):

--- a/openedx/core/lib/api/view_utils.py
+++ b/openedx/core/lib/api/view_utils.py
 """
 Utilities related to API views
 """
-import functools
 from django.core.exceptions import NON_FIELD_ERRORS, ValidationError, ObjectDoesNotExist
 from django.http import Http404
 from django.utils.translation import ugettext as _
-from rest_framework import status, response
+from rest_framework import status
 from rest_framework.exceptions import APIException
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.request import clone_request
@@ -14,11 +13,6 @@ from rest_framework.response import Response
 from rest_framework.mixins import RetrieveModelMixin, UpdateModelMixin
 from rest_framework.generics import GenericAPIView
-from lms.djangoapps.courseware.courses import get_course_with_access
-from lms.djangoapps.courseware.courseware_access_exception import CoursewareAccessException
-from opaque_keys.edx.keys import CourseKey
-from xmodule.modulestore.django import modulestore
 from openedx.core.lib.api.authentication import (
    SessionAuthenticationAllowInactiveUser,
    OAuth2AuthenticationAllowInactiveUser,
@@ -89,36 +83,6 @@ class ExpandableFieldViewMixin(object):
        return result
-def view_course_access(depth=0, access_action='load', check_for_milestones=False):
-    """
-    Method decorator for an API endpoint that verifies the user has access to the course.
-    """
-    def _decorator(func):
-        """Outer method decorator."""
-        @functools.wraps(func)
-        def _wrapper(self, request, *args, **kwargs):
-            """
-            Expects kwargs to contain 'course_id'.
-            Passes the course descriptor to the given decorated function.
-            Raises 404 if access to course is disallowed.
-            """
-            course_id = CourseKey.from_string(kwargs.pop('course_id'))
-            with modulestore().bulk_operations(course_id):
-                try:
-                    course = get_course_with_access(
-                        request.user,
-                        access_action,
-                        course_id,
-                        depth=depth,
-                        check_if_enrolled=True,
-                    )
-                except CoursewareAccessException as error:
-                    return response.Response(data=error.to_json(), status=status.HTTP_404_NOT_FOUND)
-                return func(self, request, course=course, *args, **kwargs)
-        return _wrapper
-    return _decorator
 def view_auth_classes(is_user=False, is_authenticated=True):
    """
    Function and class decorator that abstracts the authentication and permission checks for api views.