django command for certificate restriction

lms/djangoapps/certificates/management/commands/cert_whitelist.py

+from django.core.management.base import BaseCommand, CommandError
+import os
+from optparse import make_option
+from student.models import UserProfile
+from certificates.models import CertificateWhitelist
+from django.contrib.auth.models import User
+
+class Command(BaseCommand):
+
+    help = """
+    Sets or gets the certificate whitelist for a given
+    user/course
+
+        Add a user to the whitelist for a course
+
+        $ ... cert_whitelist --add joe -c "MITx/6.002x/2012_Fall"
+
+        Remove a user from the whitelist for a course
+ 
+        $ ... cert_whitelist --del joe -c "MITx/6.002x/2012_Fall"
+
+        Print out who is whitelisted for a course
+
+        $ ... cert_whitelist -c "MITx/6.002x/2012_Fall" 
+
+    """
+
+    option_list = BaseCommand.option_list + (
+        make_option('-a', '--add',
+                    metavar='USER',
+                    dest='add',
+                    default=False,
+                    help='user to add to the certificate whitelist'),
+
+        make_option('-d', '--del',
+                    metavar='USER',
+                    dest='del',
+                    default=False,
+                    help='user to remove from the certificate whitelist'),
+ 
+        make_option('-c', '--course-id',
+                    metavar='COURSE_ID',
+                    dest='course_id',
+                    default=False,
+                    help="course id to query"),
+    )
+
+    def handle(self, *args, **options):
+        course_id = options['course_id']
+        if not course_id:
+            raise CommandError("You must specify a course-id")
+        if options['add'] and options['del']:
+            raise CommandError("Either remove or add a user, not both") 
+
+        if options['add'] or options['del']:
+            user_str = options['add'] or options['del']
+            if '@' in user_str:
+                user = User.objects.get(email=user_str)
+            else:
+                user = User.objects.get(username=user_str)
+
+            cert_whitelist, created  = CertificateWhitelist.objects.get_or_create(
+                user=user, course_id=course_id)
+            if options['add']:
+                cert_whitelist.whitelist = True
+            elif options['del']:
+                cert_whitelist.whitelist = False
+            cert_whitelist.save()
+
+        whitelist = CertificateWhitelist.objects.all()
+        print "User whitelist for course {0}:\n{1}".format(course_id, 
+              '\n'.join([ "{0} {1} {2}".format(u.user.username, u.user.email, u.whitelist) for u in whitelist]))
+

lms/djangoapps/certificates/migrations/0014_adding_whitelist.py

+# -*- coding: utf-8 -*-
+import datetime
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+
+class Migration(SchemaMigration):
+
+    def forwards(self, orm):
+        # Adding model 'CertificateWhitelist'
+        db.create_table('certificates_certificatewhitelist', (
+            ('id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
+            ('user', self.gf('django.db.models.fields.related.ForeignKey')(to=orm['auth.User'])),
+            ('course_id', self.gf('django.db.models.fields.CharField')(default='', max_length=255, blank=True)),
+            ('whitelist', self.gf('django.db.models.fields.BooleanField')(default=False)),
+        ))
+        db.send_create_signal('certificates', ['CertificateWhitelist'])
+
+
+    def backwards(self, orm):
+        # Deleting model 'CertificateWhitelist'
+        db.delete_table('certificates_certificatewhitelist')
+
+
+    models = {
+        'auth.group': {
+            'Meta': {'object_name': 'Group'},
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
+            'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
+        },
+        'auth.permission': {
+            'Meta': {'ordering': "('content_type__app_label', 'content_type__model', 'codename')", 'unique_together': "(('content_type', 'codename'),)", 'object_name': 'Permission'},
+            'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['contenttypes.ContentType']"}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
+        },
+        'auth.user': {
+            'Meta': {'object_name': 'User'},
+            'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
+            'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
+            'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
+            'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
+            'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': "orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
+            'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '30'})
+        },
+        'certificates.certificatewhitelist': {
+            'Meta': {'object_name': 'CertificateWhitelist'},
+            'course_id': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'blank': 'True'}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}),
+            'whitelist': ('django.db.models.fields.BooleanField', [], {'default': 'False'})
+        },
+        'certificates.generatedcertificate': {
+            'Meta': {'unique_together': "(('user', 'course_id'),)", 'object_name': 'GeneratedCertificate'},
+            'course_id': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '255', 'blank': 'True'}),
+            'created_date': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now', 'auto_now_add': 'True', 'blank': 'True'}),
+            'distinction': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
+            'download_url': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '128', 'blank': 'True'}),
+            'download_uuid': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '32', 'blank': 'True'}),
+            'error_reason': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '512', 'blank': 'True'}),
+            'grade': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '5', 'blank': 'True'}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'key': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '32', 'blank': 'True'}),
+            'modified_date': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now', 'auto_now': 'True', 'blank': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '255', 'blank': 'True'}),
+            'status': ('django.db.models.fields.CharField', [], {'default': "'unavailable'", 'max_length': '32'}),
+            'user': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['auth.User']"}),
+            'verify_uuid': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '32', 'blank': 'True'})
+        },
+        'contenttypes.contenttype': {
+            'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
+            'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
+            'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
+        }
+    }
+
+    complete_apps = ['certificates']
\ No newline at end of file

lms/djangoapps/certificates/models.py

@@ -46,8 +46,13 @@ class CertificateStatuses(object):
     deleted = 'deleted'
     downloadable = 'downloadable'
     notpassing = 'notpassing'
+    restricted = 'restricted'
     error = 'error'
 
+class CertificateWhitelist(models.Model):
+    user = models.ForeignKey(User)
+    course_id = models.CharField(max_length=255, blank=True, default='')
+    whitelist = models.BooleanField(default=0)
 
 class GeneratedCertificate(models.Model):
     user = models.ForeignKey(User)
@@ -87,6 +92,10 @@ def certificate_status_for_student(student, course_id):
     deleted      - The certificate has been deleted.
     downloadable - The certificate is available for download.
     notpassing   - The student was graded but is not passing
+    restricted   - The student is on the restricted embargo list and 
+                   should not be issued a certificate. This will
+                   be set if allow_certificate is set to False in
+                   the userprofile table
 
     If the status is "downloadable", the dictionary also contains
     "download_url".

lms/djangoapps/certificates/queue.py

 from certificates.models import GeneratedCertificate
 from certificates.models import certificate_status_for_student
 from certificates.models import CertificateStatuses as status
+from certificates.models import CertificateWhitelist
 
 from courseware import grades, courses
 from django.test.client import RequestFactory
@@ -71,6 +72,8 @@ class XQueueCertInterface(object):
                 settings.XQUEUE_INTERFACE['django_auth'],
                 requests_auth,
                 )
+        self.whitelist = CertificateWhitelist.objects.all()
+        self.restricted = UserProfile.objects.filter(allow_certificate=False)
 
     def regen_cert(self, student, course_id):
         """
@@ -93,49 +96,7 @@ class XQueueCertInterface(object):
 
         """
 
-        VALID_STATUSES = [status.error, status.downloadable]
-
-        cert_status = certificate_status_for_student(
-                              student, course_id)['status']
-
-        if cert_status in VALID_STATUSES:
-            # grade the student
-            course = courses.get_course_by_id(course_id)
-            grade = grades.grade(student, self.request, course)
-
-            profile = UserProfile.objects.get(user=student)
-            try:
-                cert = GeneratedCertificate.objects.get(
-                    user=student, course_id=course_id)
-            except GeneratedCertificate.DoesNotExist:
-                logger.critical("Attempting to regenerate a certificate"
-                               "for a user that doesn't have one")
-                raise
-
-            if grade['grade'] is not None:
-
-                cert.status = status.regenerating
-                cert.name = profile.name
-
-                contents = {
-                     'action': 'regen',
-                     'delete_verify_uuid': cert.verify_uuid,
-                     'delete_download_uuid': cert.download_uuid,
-                     'username': cert.user.username,
-                     'course_id': cert.course_id,
-                     'name': profile.name,
-                    }
-
-                key = cert.key
-                self._send_to_xqueue(contents, key)
-                cert.save()
-
-            else:
-                cert.status = status.notpassing
-                cert.name = profile.name
-                cert.save()
-
-        return cert_status
+        raise NotImplementedError
 
     def del_cert(self, student, course_id):
 
@@ -152,34 +113,7 @@ class XQueueCertInterface(object):
 
         """
 
-        VALID_STATUSES = [status.error, status.downloadable]
-
-        cert_status = certificate_status_for_student(
-                              student, course_id)['status']
-
-        if cert_status in VALID_STATUSES:
-
-            try:
-                cert = GeneratedCertificate.objects.get(
-                    user=student, course_id=course_id)
-            except GeneratedCertificate.DoesNotExist:
-                logger.warning("Attempting to delete a certificate"
-                               "for a user that doesn't have one")
-                raise
-
-            cert.status = status.deleting
-
-            contents = {
-                 'action': 'delete',
-                 'delete_verify_uuid': cert.verify_uuid,
-                 'delete_download_uuid': cert.download_uuid,
-                 'username': cert.user.username,
-            }
-
-            key = cert.key
-            self._send_to_xqueue(contents, key)
-            cert.save()
-        return cert_status
+        raise NotImplementedError
 
     def add_cert(self, student, course_id):
         """
@@ -189,14 +123,18 @@ class XQueueCertInterface(object):
           course_id - courseenrollment.course_id (string)
 
         Request a new certificate for a student.
-        Will change the certificate status to 'deleting'.
+        Will change the certificate status to 'generating'.
 
         Certificate must be in the 'unavailable', 'error',
         'deleted' or 'generating' state.
 
-        If a student has a passing grade a request will made
-        for a new cert
+        If a student has a passing grade or is in the whitelist
+        table for the course a request will made for a new cert.
 
+        If a student has allow_certificate set to False in the
+        userprofile table the status will change to 'restricted'
+
+       
         If a student does not have a passing grade the status
         will change to status.notpassing
 
@@ -210,16 +148,30 @@ class XQueueCertInterface(object):
 
         cert_status = certificate_status_for_student(
                               student, course_id)['status']
-
+         
         if cert_status in VALID_STATUSES:
             # grade the student
             course = courses.get_course_by_id(course_id)
-            grade = grades.grade(student, self.request, course)
             profile = UserProfile.objects.get(user=student)
+
+
             cert, created = GeneratedCertificate.objects.get_or_create(
                    user=student, course_id=course_id)
 
-            if grade['grade'] is not None:
+            grade = grades.grade(student, self.request, course)
+            whitelist = self.whitelist.filter(
+                user=student, course_id=course_id, whitelist=True).exists()
+
+            if whitelist or grade['grade'] is not None:
+
+                # check to see whether the student is on the
+                # the embargoed country restricted list
+                if self.restricted.filter(user=student).exists():
+                    cert_status = status.restricted
+                    cert.status = cert_status
+                    cert.save()
+                    return cert.status
+
                 cert_status = status.generating
                 key = make_hashkey(random.random())