def is_user_banning_enabled(course_key=None):
"""
Wrapper function to find the status of the banning feature per course or globally
"""
_config = get_config_by_course(course_key)
return _config.get('USER_BANNING_ENABLED',
settings.SEB_USER_BANNING_ENABLED)
def get(self, request, course_id, *args, **kwargs):
"""
Retrieves the current course configuration and validates it
before returning it to the caller
"""
course_key = CourseKey.from_string(course_id)
config = get_config_by_course(course_key)
serialized_config = SebConfigurationSerializer(data=config)
serialized_config.is_valid(raise_exception=True)
if serialized_config.validated_data:
return Response(serialized_config.validated_data)
return Response(status=status.HTTP_404_NOT_FOUND)
def process_view(self, request, view_func, view_args, view_kwargs):
""" Start point """
if settings.SERVICE_VARIANT == 'cms':
return None
course_key_string = view_kwargs.get(
'course_key_string') or view_kwargs.get('course_id')
course_key = CourseKey.from_string(
course_key_string) if course_key_string else None
# When the request is for masquerade (ajax) we leave it alone
if self.get_view_path(request) == 'courseware.masquerade':
return None
if course_key:
# By default is all denied
access_denied = True
config = get_config_by_course(course_key)
if self.is_whitelisted_view(config, request, course_key):
# First: Broad white-listing
access_denied = False
if self.is_blacklisted_chapter(config, request, course_key):
# Second: Granular black-listing
access_denied = True
user_name, masquerade, context = self.handle_masquerade(
request, course_key)
if not masquerade:
user_name = request.user.username
banned = is_user_banned(user_name, course_key)
if not banned:
for permission in get_enabled_permission_classes(course_key):
if permission().check(request, course_key, masquerade):
access_denied = False
else:
LOG.info("Permission: %s denied for: %s.", permission,
user_name)
if access_denied:
return self.handle_access_denied(request, view_func, view_args,
view_kwargs, course_key,
context, user_name)
return None
def delete(self, request, course_id, *args, **kwargs):
"""
Deletes an existing course configuration.
"""
course_key = CourseKey.from_string(course_id)
save_course_config(course_key, None, user_id=request.user.id)
current_config = get_config_by_course(course_key)
if current_config:
# Sending no user_id makes the location default to the site_configuration
save_course_config(course_key, None)
return Response(status=status.HTTP_204_NO_CONTENT)
def get_enabled_permission_classes(course_key=None):
""" retrieve ordered permissions from settings if available, otherwise use defaults """
try:
if course_key:
_config = get_config_by_course(course_key)
components = _config.get('PERMISSION_COMPONENTS', None)
if components:
return [globals()[comp] for comp in components]
except Exception: # pylint: disable=broad-except
LOG.error("Error trying to retrieve the permission classes for course %s", course_key)
if hasattr(settings, 'SEB_PERMISSION_COMPONENTS'):
return [globals()[comp] for comp in settings.SEB_PERMISSION_COMPONENTS]
return [AlwaysAllowStaff]
def patch(self, request, course_id, *args, **kwargs):
"""
Partially updates a course configuration.
"""
serialized_config = SebConfigurationSerializer(data=request.data)
serialized_config.is_valid(raise_exception=True)
course_key = CourseKey.from_string(course_id)
current_config = get_config_by_course(course_key)
if not current_config:
current_config = {}
new_config = serialized_config.validated_data
current_config.update(new_config)
save_course_config(course_key, current_config, user_id=request.user.id)
return Response(current_config)
def post(self, request, course_id, *args, **kwargs):
"""
Creates a new course configuration.
Fails with error 422 if the course_id already has a configuration
"""
serialized_config = SebConfigurationSerializer(data=request.data)
serialized_config.is_valid(raise_exception=True)
course_key = CourseKey.from_string(course_id)
if get_config_by_course(course_key):
return Response(
"{} already has a SEB configuration. Use PUT to update.".
format(course_id),
status=status.HTTP_422_UNPROCESSABLE_ENTITY,
)
config = serialized_config.validated_data
save_course_config(course_key, config, user_id=request.user.id)
return Response(config)
