Merge pull request #4450 from Stanford-Online/jbau/edx/fix-shib-student-register

fix shib reg from course about page

Merge pull request #4450 from Stanford-Online/jbau/edx/fix-shib-student-register
fix shib reg from course about page
fb927dd7 · Jason Bau · be80e005 · e1fcac93 · fb927dd7 · fb927dd7
Commit fb927dd7 authored Jul 17, 2014 by Jason Bau
7 changed files
--- a/cms/envs/common.py
+++ b/cms/envs/common.py
@@ -638,3 +638,7 @@ for app_name in OPTIONAL_APPS:
 ### ADVANCED_SECURITY_CONFIG
 # Empty by default
 ADVANCED_SECURITY_CONFIG = {}
+
+### External auth usage -- prefixes for ENROLLMENT_DOMAIN
+SHIBBOLETH_DOMAIN_PREFIX = 'shib:'
+OPENID_DOMAIN_PREFIX = 'openid:'
--- a/common/djangoapps/external_auth/views.py
+++ b/common/djangoapps/external_auth/views.py
@@ -53,8 +53,8 @@ from opaque_keys.edx.locations import SlashSeparatedCourseKey
 log = logging.getLogger("edx.external_auth")
 AUDIT_LOG = logging.getLogger("audit")

-SHIBBOLETH_DOMAIN_PREFIX = 'shib:'
-OPENID_DOMAIN_PREFIX = 'openid:'
+SHIBBOLETH_DOMAIN_PREFIX = settings.SHIBBOLETH_DOMAIN_PREFIX
+OPENID_DOMAIN_PREFIX = settings.OPENID_DOMAIN_PREFIX

 # -----------------------------------------------------------------------------
 # OpenID Common

--- a/lms/djangoapps/courseware/tests/test_about.py
+++ b/lms/djangoapps/courseware/tests/test_about.py
@@ -2,10 +2,12 @@
 Test the about xblock
 """
 import mock
+from mock import patch
 import pytz
 import datetime
 from django.test.utils import override_settings
 from django.core.urlresolvers import reverse
+from django.conf import settings

 from .helpers import LoginEnrollmentTestCase
 from xmodule.modulestore.tests.django_utils import ModuleStoreTestCase
@@ -16,6 +18,7 @@ from student.tests.factories import UserFactory, CourseEnrollmentAllowedFactory

 # HTML for registration button
 REG_STR = "<form id=\"class_enroll_form\" method=\"post\" data-remote=\"true\" action=\"/change_enrollment\">"
+SHIB_ERROR_STR = "The currently logged-in user account does not have permission to enroll in this course."


 @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
@@ -167,6 +170,46 @@ class AboutWithInvitationOnly(ModuleStoreTestCase):
        self.assertIn(REG_STR, resp.content)


+@patch.dict(settings.FEATURES, {'RESTRICT_ENROLL_BY_REG_METHOD': True})
+@override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
+class AboutTestCaseShibCourse(LoginEnrollmentTestCase, ModuleStoreTestCase):
+    """
+    Test cases covering about page behavior for courses that use shib enrollment domain ("shib courses")
+    """
+    def setUp(self):
+        self.course = CourseFactory.create(enrollment_domain="shib:https://idp.stanford.edu/")
+
+        self.about = ItemFactory.create(
+            category="about", parent_location=self.course.location,
+            data="OOGIE BLOOGIE", display_name="overview"
+        )
+
+    def test_logged_in_shib_course(self):
+        """
+        For shib courses, logged in users will see the register button, but get rejected once they click there
+        """
+        self.setup_user()
+        url = reverse('about_course', args=[self.course.id.to_deprecated_string()])
+        resp = self.client.get(url)
+        self.assertEqual(resp.status_code, 200)
+        self.assertIn("OOGIE BLOOGIE", resp.content)
+        self.assertIn("Register for 999", resp.content)
+        self.assertIn(SHIB_ERROR_STR, resp.content)
+        self.assertIn(REG_STR, resp.content)
+
+    def test_anonymous_user_shib_course(self):
+        """
+        For shib courses, anonymous users will also see the register button
+        """
+        url = reverse('about_course', args=[self.course.id.to_deprecated_string()])
+        resp = self.client.get(url)
+        self.assertEqual(resp.status_code, 200)
+        self.assertIn("OOGIE BLOOGIE", resp.content)
+        self.assertIn("Register for 999", resp.content)
+        self.assertIn(SHIB_ERROR_STR, resp.content)
+        self.assertIn(REG_STR, resp.content)
+
+
 @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
 class AboutWithClosedEnrollment(ModuleStoreTestCase):
    """

--- a/lms/djangoapps/courseware/views.py
+++ b/lms/djangoapps/courseware/views.py
@@ -48,6 +48,7 @@ from opaque_keys import InvalidKeyError

 from microsite_configuration import microsite
 from opaque_keys.edx.locations import SlashSeparatedCourseKey
+from instructor.enrollment import uses_shib

 log = logging.getLogger("edx.courseware")

@@ -655,6 +656,8 @@ def course_about(request, course_id):
    # - Student cannot enroll in course
    active_reg_button = not(registered or is_course_full or not can_enroll)

+    is_shib_course = uses_shib(course)
+
    return render_to_response('courseware/course_about.html', {
        'course': course,
        'staff_access': staff_access,
@@ -669,6 +672,7 @@ def course_about(request, course_id):
        'can_enroll': can_enroll,
        'invitation_only': invitation_only,
        'active_reg_button': active_reg_button,
+        'is_shib_course': is_shib_course,
    })



--- a/lms/djangoapps/instructor/enrollment.py
+++ b/lms/djangoapps/instructor/enrollment.py
@@ -19,9 +19,6 @@ from student.models import anonymous_id_for_user

 from microsite_configuration import microsite

-# For determining if a shibboleth course
-SHIBBOLETH_DOMAIN_PREFIX = 'shib:'
-

 class EmailEnrollmentState(object):
    """ Store the complete enrollment state of an email in a class """
@@ -361,4 +358,4 @@ def uses_shib(course):

    Returns a boolean indicating if Shibboleth authentication is set for this course.
    """
-    return course.enrollment_domain and course.enrollment_domain.startswith(SHIBBOLETH_DOMAIN_PREFIX)
+    return course.enrollment_domain and course.enrollment_domain.startswith(settings.SHIBBOLETH_DOMAIN_PREFIX)
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -1649,3 +1649,7 @@ THIRD_PARTY_AUTH = {}
 ### ADVANCED_SECURITY_CONFIG
 # Empty by default
 ADVANCED_SECURITY_CONFIG = {}
+
+### External auth usage -- prefixes for ENROLLMENT_DOMAIN
+SHIBBOLETH_DOMAIN_PREFIX = 'shib:'
+OPENID_DOMAIN_PREFIX = 'openid:'
--- a/lms/templates/courseware/course_about.html
+++ b/lms/templates/courseware/course_about.html
@@ -14,7 +14,6 @@
 <%! from microsite_configuration import microsite %>

 <%inherit file="../main.html" />
-
 <%block name="headextra">

  <%
@@ -173,7 +172,10 @@
          </span>
        % elif invitation_only and not can_enroll:
          <span class="register disabled">${_("Enrollment in this course is by invitation only")}</span>
-        % elif not can_enroll:
+        ## Shib courses need the enrollment button to be displayed even when can_enroll is False,
+        ## because AnonymousUsers cause can_enroll for shib courses to be False, but we need them to be able to click
+        ## so that they can register and become a real user that can enroll.
+        % elif not is_shib_course and not can_enroll:
          <span class="register disabled">${_("Enrollment is Closed")}</span>
        %else:
          <a href="#" class="register">
@@ -339,7 +341,10 @@
  </section>
 </section>

-%if active_reg_button:
+## Need to put this hidden form on the page so that the registration button works.
+## Since it's no harm to display a hidden form, we display it with the most permissive conditional
+## which is when the student is not registered.
+%if active_reg_button or is_shib_course:
  <div style="display: none;">
    <form id="class_enroll_form" method="post" data-remote="true" action="${reverse('change_enrollment')}">
      <fieldset class="enroll_fieldset">