def has_permission(self, request, view):
"""Returns true if the user is enrolled or is staff."""
course_key = CourseKey.from_string(view.kwargs.get('course_id'))
return (GlobalStaff().has_user(request.user)
or CourseStaffRole(course_key).has_user(request.user)
or CourseInstructorRole(course_key).has_user(request.user)
or CourseEnrollment.is_enrolled(request.user, course_key)
or has_discussion_privileges(request.user, course_key))
def has_permission(self, request, view):
course_key_string = view.kwargs.get('course_key_string')
course_key = validate_course_key(course_key_string)
if GlobalStaff().has_user(request.user):
return True
return (CourseInstructorRole(course_key).has_user(request.user)
or CourseStaffRole(course_key).has_user(request.user)
or has_discussion_privileges(request.user, course_key))
def discussion_open_for_user(course, user):
"""
Check if course discussion are open or not for user.
Arguments:
course: Course to check discussions for
user: User to check for privileges in course
"""
return course.forum_posts_allowed or has_discussion_privileges(
user, course.id)
def has_team_api_access(user, course_key, access_username=None):
"""Returns True if the user has access to the Team API for the course
given by `course_key`. The user must either be enrolled in the course,
be course staff, be global staff, or have discussion privileges.
Args:
user (User): The user to check access for.
course_key (CourseKey): The key to the course which we are checking access to.
access_username (string): If provided, access_username must match user.username for non staff access.
Returns:
bool: True if the user has access, False otherwise.
"""
if has_course_staff_privileges(user, course_key):
return True
if has_discussion_privileges(user, course_key):
return True
if not access_username or access_username == user.username:
return CourseEnrollment.is_enrolled(user, course_key)
return False