def create_ccx(request, course, ccx=None): """ Create a new CCX """ name = request.POST.get('name') if hasattr(course, 'ccx_connector') and course.ccx_connector: # if ccx connector url is set in course settings then inform user that he can # only create ccx by using ccx connector url. context = get_ccx_creation_dict(course) messages.error(request, context['use_ccx_con_error_message']) return render_to_response('ccx/coach_dashboard.html', context) # prevent CCX objects from being created for deprecated course ids. if course.id.deprecated: messages.error( request, _("You cannot create a CCX from a course using a deprecated id. " "Please create a rerun of this course in the studio to allow " "this action.")) url = reverse('ccx_coach_dashboard', kwargs={'course_id': course.id}) return redirect(url) ccx = CustomCourseForEdX(course_id=course.id, coach=request.user, display_name=name) ccx.save() # Make sure start/due are overridden for entire course start = TODAY().replace(tzinfo=pytz.UTC) override_field_for_ccx(ccx, course, 'start', start) override_field_for_ccx(ccx, course, 'due', None) # Enforce a static limit for the maximum amount of students that can be enrolled override_field_for_ccx(ccx, course, 'max_student_enrollments_allowed', settings.CCX_MAX_STUDENTS_ALLOWED) # Save display name explicitly override_field_for_ccx(ccx, course, 'display_name', name) # Hide anything that can show up in the schedule hidden = 'visible_to_staff_only' for chapter in course.get_children(): override_field_for_ccx(ccx, chapter, hidden, True) for sequential in chapter.get_children(): override_field_for_ccx(ccx, sequential, hidden, True) for vertical in sequential.get_children(): override_field_for_ccx(ccx, vertical, hidden, True) ccx_id = CCXLocator.from_course_locator(course.id, str(ccx.id)) # Create forum roles seed_permissions_roles(ccx_id) # Assign administrator forum role to CCX coach assign_role(ccx_id, request.user, FORUM_ROLE_ADMINISTRATOR) url = reverse('ccx_coach_dashboard', kwargs={'course_id': ccx_id}) # Enroll the coach in the course email_params = get_email_params(course, auto_enroll=True, course_key=ccx_id, display_name=ccx.display_name) enroll_email( course_id=ccx_id, student_email=request.user.email, auto_enroll=True, email_students=True, email_params=email_params, ) assign_staff_role_to_ccx(ccx_id, request.user, course.id) add_master_course_staff_to_ccx(course, ccx_id, ccx.display_name) # using CCX object as sender here. responses = SignalHandler.course_published.send( sender=ccx, course_key=CCXLocator.from_course_locator(course.id, str(ccx.id))) for rec, response in responses: log.info( 'Signal fired when course is published. Receiver: %s. Response: %s', rec, response) return redirect(url)
def auto_auth(request): # pylint: disable=too-many-statements """ Create or configure a user account, then log in as that user. Enabled only when settings.FEATURES['AUTOMATIC_AUTH_FOR_TESTING'] is true. Accepts the following querystring parameters: * `username`, `email`, and `password` for the user account * `full_name` for the user profile (the user's full name; defaults to the username) * `staff`: Set to "true" to make the user global staff. * `course_id`: Enroll the student in the course with `course_id` * `roles`: Comma-separated list of roles to grant the student in the course with `course_id` * `no_login`: Define this to create the user but not login * `redirect`: Set to "true" will redirect to the `redirect_to` value if set, or course home page if course_id is defined, otherwise it will redirect to dashboard * `redirect_to`: will redirect to to this url * `is_active` : make/update account with status provided as 'is_active' * `should_manually_verify`: Whether the created user should have their identification verified If username, email, or password are not provided, use randomly generated credentials. """ # Generate a unique name to use if none provided generated_username = uuid.uuid4().hex[0:30] generated_password = generate_password() # Use the params from the request, otherwise use these defaults username = request.GET.get('username', generated_username) password = request.GET.get('password', generated_password) email = request.GET.get('email', username + "@example.com") full_name = request.GET.get('full_name', username) is_staff = _str2bool(request.GET.get('staff', False)) is_superuser = _str2bool(request.GET.get('superuser', False)) course_id = request.GET.get('course_id') redirect_to = request.GET.get('redirect_to') is_active = _str2bool(request.GET.get('is_active', True)) # Valid modes: audit, credit, honor, no-id-professional, professional, verified enrollment_mode = request.GET.get('enrollment_mode', 'honor') # Whether to add a manual ID verification record for the user (can # be helpful for bypassing certain gated features) should_manually_verify = _str2bool(request.GET.get('should_manually_verify', False)) # Parse roles, stripping whitespace, and filtering out empty strings roles = _clean_roles(request.GET.get('roles', '').split(',')) course_access_roles = _clean_roles(request.GET.get('course_access_roles', '').split(',')) redirect_when_done = _str2bool(request.GET.get('redirect', '')) or redirect_to login_when_done = 'no_login' not in request.GET restricted = settings.FEATURES.get('RESTRICT_AUTOMATIC_AUTH', True) if is_superuser and restricted: return HttpResponseForbidden(_('Superuser creation not allowed')) form = AccountCreationForm( data={ 'username': username, 'email': email, 'password': password, 'name': full_name, }, tos_required=False ) # Attempt to create the account. # If successful, this will return a tuple containing # the new user object. try: user, profile, reg = do_create_account(form) except (AccountValidationError, ValidationError): if restricted: return HttpResponseForbidden(_('Account modification not allowed.')) # Attempt to retrieve the existing user. user = User.objects.get(username=username) user.email = email user.set_password(password) user.is_active = is_active user.save() profile = UserProfile.objects.get(user=user) reg = Registration.objects.get(user=user) except PermissionDenied: return HttpResponseForbidden(_('Account creation not allowed.')) user.is_staff = is_staff user.is_superuser = is_superuser user.save() if is_active: reg.activate() reg.save() if should_manually_verify: ManualVerification.objects.get_or_create(user=user, status="approved") # ensure parental consent threshold is met year = datetime.date.today().year age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT profile.year_of_birth = (year - age_limit) - 1 profile.save() create_or_set_user_attribute_created_on_site(user, request.site) # Enroll the user in a course course_key = None if course_id: course_key = CourseLocator.from_string(course_id) CourseEnrollment.enroll(user, course_key, mode=enrollment_mode) # Apply the roles for role in roles: assign_role(course_key, user, role) for role in course_access_roles: CourseAccessRole.objects.update_or_create(user=user, course_id=course_key, org=course_key.org, role=role) # Log in as the user if login_when_done: user = authenticate_new_user(request, username, password) django_login(request, user) create_comments_service_user(user) if redirect_when_done: if redirect_to: # Redirect to page specified by the client redirect_url = redirect_to elif course_id: # Redirect to the course homepage (in LMS) or outline page (in Studio) try: redirect_url = reverse(course_home_url_name(course_key), kwargs={'course_id': course_id}) except NoReverseMatch: redirect_url = reverse('course_handler', kwargs={'course_key_string': course_id}) else: # Redirect to the learner dashboard (in LMS) or homepage (in Studio) try: redirect_url = reverse('dashboard') except NoReverseMatch: redirect_url = reverse('home') return redirect(redirect_url) else: response = JsonResponse({ 'created_status': 'Logged in' if login_when_done else 'Created', 'username': username, 'email': email, 'password': password, 'user_id': user.id, 'anonymous_id': anonymous_id_for_user(user, None), }) response.set_cookie('csrftoken', csrf(request)['csrf_token']) return response
def auto_auth(request): # pylint: disable=too-many-statements """ Create or configure a user account, then log in as that user. Enabled only when settings.FEATURES['AUTOMATIC_AUTH_FOR_TESTING'] is true. Accepts the following querystring parameters: * `username`, `email`, and `password` for the user account * `full_name` for the user profile (the user's full name; defaults to the username) * `staff`: Set to "true" to make the user global staff. * `course_id`: Enroll the student in the course with `course_id` * `roles`: Comma-separated list of roles to grant the student in the course with `course_id` * `no_login`: Define this to create the user but not login * `redirect`: Set to "true" will redirect to the `redirect_to` value if set, or course home page if course_id is defined, otherwise it will redirect to dashboard * `redirect_to`: will redirect to to this url * `is_active` : make/update account with status provided as 'is_active' * `should_manually_verify`: Whether the created user should have their identification verified If username, email, or password are not provided, use randomly generated credentials. """ # Generate a unique name to use if none provided generated_username = uuid.uuid4().hex[0:30] generated_password = generate_password() # Use the params from the request, otherwise use these defaults username = request.GET.get('username', generated_username) password = request.GET.get('password', generated_password) email = request.GET.get('email', username + "@example.com") full_name = request.GET.get('full_name', username) is_staff = _str2bool(request.GET.get('staff', False)) is_superuser = _str2bool(request.GET.get('superuser', False)) course_id = request.GET.get('course_id') redirect_to = request.GET.get('redirect_to') is_active = _str2bool(request.GET.get('is_active', True)) # Valid modes: audit, credit, honor, no-id-professional, professional, verified enrollment_mode = request.GET.get('enrollment_mode', 'honor') # Whether to add a manual ID verification record for the user (can # be helpful for bypassing certain gated features) should_manually_verify = _str2bool( request.GET.get('should_manually_verify', False)) # Parse roles, stripping whitespace, and filtering out empty strings roles = _clean_roles(request.GET.get('roles', '').split(',')) course_access_roles = _clean_roles( request.GET.get('course_access_roles', '').split(',')) redirect_when_done = _str2bool(request.GET.get('redirect', '')) or redirect_to login_when_done = 'no_login' not in request.GET restricted = settings.FEATURES.get('RESTRICT_AUTOMATIC_AUTH', True) if is_superuser and restricted: return HttpResponseForbidden(_('Superuser creation not allowed')) form = AccountCreationForm(data={ 'username': username, 'email': email, 'password': password, 'name': full_name, }, tos_required=False) # Attempt to create the account. # If successful, this will return a tuple containing # the new user object. try: user, profile, reg = do_create_account(form) except (AccountValidationError, ValidationError): if restricted: return HttpResponseForbidden( _('Account modification not allowed.')) # Attempt to retrieve the existing user. user = User.objects.get(username=username) user.email = email user.set_password(password) user.is_active = is_active user.save() profile = UserProfile.objects.get(user=user) reg = Registration.objects.get(user=user) except PermissionDenied: return HttpResponseForbidden(_('Account creation not allowed.')) user.is_staff = is_staff user.is_superuser = is_superuser user.save() if is_active: reg.activate() reg.save() if should_manually_verify: ManualVerification.objects.get_or_create(user=user, status="approved") # ensure parental consent threshold is met year = datetime.date.today().year age_limit = settings.PARENTAL_CONSENT_AGE_LIMIT profile.year_of_birth = (year - age_limit) - 1 profile.save() create_or_set_user_attribute_created_on_site(user, request.site) # Enroll the user in a course course_key = None if course_id: course_key = CourseLocator.from_string(course_id) CourseEnrollment.enroll(user, course_key, mode=enrollment_mode) # Apply the roles for role in roles: assign_role(course_key, user, role) for role in course_access_roles: CourseAccessRole.objects.update_or_create(user=user, course_id=course_key, org=course_key.org, role=role) # Log in as the user if login_when_done: user = authenticate_new_user(request, username, password) django_login(request, user) create_comments_service_user(user) if redirect_when_done: if redirect_to: # Redirect to page specified by the client redirect_url = redirect_to elif course_id: # Redirect to the course homepage (in LMS) or outline page (in Studio) try: redirect_url = reverse(course_home_url_name(course_key), kwargs={'course_id': course_id}) except NoReverseMatch: redirect_url = reverse('course_handler', kwargs={'course_key_string': course_id}) else: # Redirect to the learner dashboard (in LMS) or homepage (in Studio) try: redirect_url = reverse('dashboard') except NoReverseMatch: redirect_url = reverse('home') return redirect(redirect_url) else: response = JsonResponse({ 'created_status': 'Logged in' if login_when_done else 'Created', 'username': username, 'email': email, 'password': password, 'user_id': user.id, 'anonymous_id': anonymous_id_for_user(user, None), }) response.set_cookie('csrftoken', csrf(request)['csrf_token']) return response
def create_ccx(request, course, ccx=None): """ Create a new CCX """ name = request.POST.get('name') if hasattr(course, 'ccx_connector') and course.ccx_connector: # if ccx connector url is set in course settings then inform user that he can # only create ccx by using ccx connector url. context = get_ccx_creation_dict(course) messages.error(request, context['use_ccx_con_error_message']) return render_to_response('ccx/coach_dashboard.html', context) # prevent CCX objects from being created for deprecated course ids. if course.id.deprecated: messages.error(request, _( "You cannot create a CCX from a course using a deprecated id. " "Please create a rerun of this course in the studio to allow " "this action.")) url = reverse('ccx_coach_dashboard', kwargs={'course_id': course.id}) return redirect(url) ccx = CustomCourseForEdX( course_id=course.id, coach=request.user, display_name=name) ccx.save() # Make sure start/due are overridden for entire course start = TODAY().replace(tzinfo=pytz.UTC) override_field_for_ccx(ccx, course, 'start', start) override_field_for_ccx(ccx, course, 'due', None) # Enforce a static limit for the maximum amount of students that can be enrolled override_field_for_ccx(ccx, course, 'max_student_enrollments_allowed', settings.CCX_MAX_STUDENTS_ALLOWED) # Save display name explicitly override_field_for_ccx(ccx, course, 'display_name', name) # Hide anything that can show up in the schedule hidden = 'visible_to_staff_only' for chapter in course.get_children(): override_field_for_ccx(ccx, chapter, hidden, True) for sequential in chapter.get_children(): override_field_for_ccx(ccx, sequential, hidden, True) for vertical in sequential.get_children(): override_field_for_ccx(ccx, vertical, hidden, True) ccx_id = CCXLocator.from_course_locator(course.id, unicode(ccx.id)) # Create forum roles seed_permissions_roles(ccx_id) # Assign administrator forum role to CCX coach assign_role(ccx_id, request.user, FORUM_ROLE_ADMINISTRATOR) url = reverse('ccx_coach_dashboard', kwargs={'course_id': ccx_id}) # Enroll the coach in the course email_params = get_email_params(course, auto_enroll=True, course_key=ccx_id, display_name=ccx.display_name) enroll_email( course_id=ccx_id, student_email=request.user.email, auto_enroll=True, email_students=True, email_params=email_params, ) assign_staff_role_to_ccx(ccx_id, request.user, course.id) add_master_course_staff_to_ccx(course, ccx_id, ccx.display_name) # using CCX object as sender here. responses = SignalHandler.course_published.send( sender=ccx, course_key=CCXLocator.from_course_locator(course.id, unicode(ccx.id)) ) for rec, response in responses: log.info(u'Signal fired when course is published. Receiver: %s. Response: %s', rec, response) return redirect(url)