def wrapper(request, course_id): """ Wraps the view function, performing access check, loading the course, and modifying the view's call signature. """ course_key = CourseKey.from_string(course_id) ccx = None if isinstance(course_key, CCXLocator): ccx_id = course_key.ccx ccx = CustomCourseForEdX.objects.get(pk=ccx_id) course_key = ccx.course_id course = get_course_by_id(course_key, depth=None) is_staff = has_access(request.user, 'staff', course) is_instructor = has_access(request.user, 'instructor', course) if is_staff or is_instructor: # if user is staff or instructor then he can view ccx coach dashboard. return view(request, course, ccx) else: role = CourseCcxCoachRole(course_key) if not role.has_user(request.user): return HttpResponseForbidden( _('You must be a CCX Coach to access this view.')) # if there is a ccx, we must validate that it is the ccx for this coach if ccx is not None: coach_ccx = get_ccx_by_ccx_id(course, request.user, ccx.id) if coach_ccx is None: return HttpResponseForbidden( _('You must be the coach for this ccx to access this view' )) return view(request, course, ccx)
def wrapper(request, course_id): """ Wraps the view function, performing access check, loading the course, and modifying the view's call signature. """ course_key = CourseKey.from_string(course_id) ccx = None if isinstance(course_key, CCXLocator): ccx_id = course_key.ccx ccx = CustomCourseForEdX.objects.get(pk=ccx_id) course_key = ccx.course_id course = get_course_by_id(course_key, depth=None) is_staff = has_access(request.user, 'staff', course) is_instructor = has_access(request.user, 'instructor', course) if is_staff or is_instructor: # if user is staff or instructor then he can view ccx coach dashboard. return view(request, course, ccx) else: role = CourseCcxCoachRole(course_key) if not role.has_user(request.user): return HttpResponseForbidden(_('You must be a CCX Coach to access this view.')) # if there is a ccx, we must validate that it is the ccx for this coach if ccx is not None: coach_ccx = get_ccx_by_ccx_id(course, request.user, ccx.id) if coach_ccx is None: return HttpResponseForbidden( _('You must be the coach for this ccx to access this view') ) return view(request, course, ccx)
def wrapper(request, course_id): """ Wraps the view function, performing access check, loading the course, and modifying the view's call signature. """ course_key = CourseKey.from_string(course_id) ccx = None if isinstance(course_key, CCXLocator): ccx_id = course_key.ccx try: ccx = CustomCourseForEdX.objects.get(pk=ccx_id) except CustomCourseForEdX.DoesNotExist: raise Http404 # lint-amnesty, pylint: disable=raise-missing-from if ccx: course_key = ccx.course_id course = get_course_by_id(course_key, depth=None) if not course.enable_ccx: # lint-amnesty, pylint: disable=no-else-raise raise Http404 else: if bool(request.user.has_perm(VIEW_CCX_COACH_DASHBOARD, course)): # if user is staff or instructor then he can view ccx coach dashboard. return view(request, course, ccx) else: # if there is a ccx, we must validate that it is the ccx for this coach role = CourseCcxCoachRole(course_key) if not role.has_user(request.user): return HttpResponseForbidden( _('You must be a CCX Coach to access this view.')) elif ccx is not None: coach_ccx = get_ccx_by_ccx_id(course, request.user, ccx.id) if coach_ccx is None: return HttpResponseForbidden( _('You must be the coach for this ccx to access this view' )) return view(request, course, ccx)