respond to Cale pull request comments. Update access.py (LMS) to use the same…

respond to Cale pull request comments. Update access.py (LMS) to use the same 'check for legacy group name first' logic. Add SECRET_KEY setting to the CAS project so that auth tokens from CAS are accepted in the LMS

cms/djangoapps/auth/authz.py

@@ -20,7 +20,14 @@ STAFF_ROLE_NAME = 'staff'
 # of those two variables
 def get_course_groupname_for_role(location, role):
     loc = Location(location)
-    groupname = role  + '_' + loc.course
+    # hack: check for existence of a group name in the legacy LMS format <role>_<course>
+    # if it exists, then use that one, otherwise use a <role>_<course_id> which contains
+    # more information
+    groupname = '{0}_{1}'.format(role, loc.course)
+
+    if len(Group.objects.filter(name = groupname)) == 0:
+        groupname = '{0}_{1}'.format(role,loc.course_id)
+
     return groupname
 
 def get_users_in_course_group_by_role(location, role):

cms/envs/dev.py

@@ -97,3 +97,6 @@ CACHES = {
 
 # Make the keyedcache startup warnings go away
 CACHE_TIMEOUT = 0
+
+# Dummy secret key for dev
+SECRET_KEY = '85920908f28904ed733fe576320db18cabd7b6cd'

cms/templates/manage_users.html

@@ -27,22 +27,6 @@
   
   <div id="result"></div>
 
-<script>
-  $("#addEditorsForm").submit(function(event) {
-    event.preventDefault();
-    var $form = $(this),
-    email = $form.find('input[name="email"]').val(),
-    url = $form.attr('action');
-    $.post(url, {email:email},
-    function(data) {
-      if(data['Status'] != 'OK')
-        $("#result").empty().append(data['ErrMsg']);
-      else
-        location.reload();
-      });
-  });
-</script>
-
 </section>
 </%block>
 

lms/djangoapps/courseware/access.py

@@ -6,6 +6,7 @@ import logging
 import time
 
 from django.conf import settings
+from django.contrib.auth.models import Group
 
 from xmodule.course_module import CourseDescriptor
 from xmodule.error_module import ErrorDescriptor
@@ -306,13 +307,25 @@ def _dispatch(table, action, user, obj):
     raise ValueError("Unknown action for object type '{0}': '{1}'".format(
         type(obj), action))
 
+
+def _does_course_group_name_exist(name):
+    return len(Group.objects.filter(name = name)) > 0
+
 def _course_staff_group_name(location):
     """
     Get the name of the staff group for a location.  Right now, that's staff_COURSE.
 
     location: something that can passed to Location.
+    
+    cdodge: We're changing the name convention of the group to better epxress different runs of courses by 
+    using course_id rather than just the course number. So first check to see if the group name exists
     """
-    return 'staff_%s' % Location(location).course
+    loc = Location(location)
+    legacy_name = 'staff_%s' % loc.course
+    if _does_course_group_name_exist(legacy_name):
+        return legacy_name
+
+    return 'staff_%s' & loc.course_id
 
 
 def _course_instructor_group_name(location):
@@ -321,8 +334,16 @@ def _course_instructor_group_name(location):
     A course instructor has all staff privileges, but also can manage list of course staff (add, remove, list).
 
     location: something that can passed to Location.
+
+    cdodge: We're changing the name convention of the group to better epxress different runs of courses by 
+    using course_id rather than just the course number. So first check to see if the group name exists
     """
-    return 'instructor_%s' % Location(location).course
+    loc = Location(location)
+    legacy_name = 'instructor_%s' % loc.course
+    if _does_course_group_name_exist(legacy_name):
+        return legacy_name
+    
+    return 'instructor_%s' % loc.course_id
 
 
 def _has_global_staff_access(user):