def check_course_access(course_key, user=None, ip_address=None, url=None): """ Check is the user with this ip_address has access to the given course Arguments: course_key (CourseKey): Location of the course the user is trying to access. Keyword Arguments: user (User): The user making the request. Can be None, in which case the user's profile country will not be checked. ip_address (str): The IP address of the request. url (str): The URL the user is trying to access. Used in log messages. Returns: Boolean: True if the user has access to the course; False otherwise """ # No-op if the country access feature is not enabled if not settings.FEATURES.get('EMBARGO'): return True # First, check whether there are any restrictions on the course. # If not, then we do not need to do any further checks course_is_restricted = RestrictedCourse.is_restricted_course(course_key) if not course_is_restricted: return True # Always give global and course staff access, regardless of embargo settings. if user is not None and has_course_author_access(user, course_key): return True if ip_address is not None: # Retrieve the country code from the IP address # and check it against the allowed countries list for a course user_country_from_ip = _country_code_from_ip(ip_address) if not CountryAccessRule.check_country_access(course_key, user_country_from_ip): log.info((u"Blocking user %s from accessing course %s at %s " u"because the user's IP address %s appears to be " u"located in %s."), getattr(user, 'id', '<Not Authenticated>'), course_key, url, ip_address, user_country_from_ip) return False if user is not None: # Retrieve the country code from the user's profile # and check it against the allowed countries list for a course. user_country_from_profile = _get_user_country_from_profile(user) if not CountryAccessRule.check_country_access( course_key, user_country_from_profile): log.info((u"Blocking user %s from accessing course %s at %s " u"because the user's profile country is %s."), user.id, course_key, url, user_country_from_profile) return False return True
def test_country_access_list_cache_with_save_delete(self): course_id = CourseLocator('abc', '123', 'doremi') country = Country.objects.create(country='NZ') restricted_course1 = RestrictedCourse.objects.create( course_key=course_id) course = CountryAccessRule.objects.create( restricted_course=restricted_course1, rule_type=CountryAccessRule.WHITELIST_RULE, country=country) # Warm the cache with self.assertNumQueries(1): CountryAccessRule.check_country_access(course_id, 'NZ') with self.assertNumQueries(0): CountryAccessRule.check_country_access(course_id, 'NZ') # Deleting an object will invalidate the cache course.delete() with self.assertNumQueries(1): CountryAccessRule.check_country_access(course_id, 'NZ')
def check_course_access(course_key, user=None, ip_address=None, url=None): """ Check is the user with this ip_address has access to the given course Arguments: course_key (CourseKey): Location of the course the user is trying to access. Keyword Arguments: user (User): The user making the request. Can be None, in which case the user's profile country will not be checked. ip_address (str): The IP address of the request. url (str): The URL the user is trying to access. Used in log messages. Returns: Boolean: True if the user has access to the course; False otherwise """ # First, check whether there are any restrictions on the course. # If not, then we do not need to do any further checks course_is_restricted = RestrictedCourse.is_restricted_course(course_key) if not course_is_restricted: return True if ip_address is not None: # Retrieve the country code from the IP address # and check it against the allowed countries list for a course user_country_from_ip = _country_code_from_ip(ip_address) if not CountryAccessRule.check_country_access(course_key, user_country_from_ip): log.info( ( u"Blocking user %s from accessing course %s at %s " u"because the user's IP address %s appears to be " u"located in %s." ), getattr(user, 'id', '<Not Authenticated>'), course_key, url, ip_address, user_country_from_ip ) return False if user is not None: # Retrieve the country code from the user's profile # and check it against the allowed countries list for a course. user_country_from_profile = _get_user_country_from_profile(user) if not CountryAccessRule.check_country_access(course_key, user_country_from_profile): log.info( ( u"Blocking user %s from accessing course %s at %s " u"because the user's profile country is %s." ), user.id, course_key, url, user_country_from_profile ) return False return True