From 4411436d8277fc831d808c1404b2ca3739d128e8 Mon Sep 17 00:00:00 2001 From: Pushyami Gundala Date: Thu, 12 Sep 2024 13:42:25 -0400 Subject: [PATCH] #1583 cleaning up super user references (#1614) * #1583 cleaning up super user references --- assets/src/containers/Course.js | 8 +++----- assets/src/globals.js | 3 +-- dashboard/common/db_util.py | 10 +++++----- dashboard/common/utils.py | 4 ++-- dashboard/rules.py | 2 +- dashboard/templates/base.html | 2 +- docs/configuration.md | 8 +++++++- 7 files changed, 20 insertions(+), 17 deletions(-) diff --git a/assets/src/containers/Course.js b/assets/src/containers/Course.js index 392f72e7..8c521643 100644 --- a/assets/src/containers/Course.js +++ b/assets/src/containers/Course.js @@ -61,18 +61,16 @@ function Course (props) { Course {courseId} has not been set up in MyLA. Contact your instructor, who can enable the visualizations by clicking on MyLA in the course navigation. ) - } - else if (error.message === '403' || error.message === 'Forbidden') { + } else if (error.message === '403' || error.message === 'Forbidden') { return ( You do not have access to course {courseId}. ) - } - else if (error) { + } else if (error) { return () } - + if (loaded && isObjectEmpty(courseInfo)) return (My Learning Analytics is not enabled for this course.) const notLoadedAltMessage = 'Mouse running on wheel with text "Course Data Being Processed, Try Back in 24 Hours"' diff --git a/assets/src/globals.js b/assets/src/globals.js index 27f9361c..93e574fa 100644 --- a/assets/src/globals.js +++ b/assets/src/globals.js @@ -19,9 +19,8 @@ const user = Object.freeze({ username: mylaGlobals.username, displayName: mylaGlobals.display_name, initials: mylaGlobals.initials, - admin: mylaGlobals.is_superuser, + admin: mylaGlobals.is_admin, relatedCourses: mylaGlobals.user_courses_info, - isSuperuser: mylaGlobals.is_superuser, isLoggedIn: !!mylaGlobals.username, loginURL: mylaGlobals.login, logoutURL: mylaGlobals.logout, diff --git a/dashboard/common/db_util.py b/dashboard/common/db_util.py index 062b7294..dc9bddbd 100644 --- a/dashboard/common/db_util.py +++ b/dashboard/common/db_util.py @@ -117,15 +117,15 @@ class CourseEnrollment(TypedDict): course_name: str enrollment_types: List[str] -def is_superuser(user_name: str) -> bool: - logger.debug(is_superuser.__name__+f' \'{user_name}\'') +def is_staff(user_name: str) -> bool: + logger.debug(is_staff.__name__+f' \'{user_name}\'') user = DjangoUser.objects.filter(username=user_name) if user.count() == 0: result = False else: - result = user[0].is_superuser - logger.debug(is_superuser.__name__+f' \'{user_name}\':{result}') + result = user[0].is_staff + logger.debug(is_staff.__name__+f' \'{user_name}\':{result}') return result def get_user_courses_info(username: str, course_id: Union[int, None] = None) -> List[CourseEnrollment]: @@ -145,7 +145,7 @@ def get_user_courses_info(username: str, course_id: Union[int, None] = None) -> else: user_enrollments = User.objects.filter(sis_name=username) if user_enrollments.count() == 0: - if not is_superuser(username): + if not is_staff(username): logger.warning( f'Couldn\'t find user {username} in enrollment info. Enrollment data has not been populated yet.') return [] diff --git a/dashboard/common/utils.py b/dashboard/common/utils.py index 1033fd84..b9bcf3e9 100644 --- a/dashboard/common/utils.py +++ b/dashboard/common/utils.py @@ -84,7 +84,7 @@ def get_myla_globals(request): google_analytics_id = "" course_id = get_course_id_from_request_url(request.path) - is_superuser = current_user.is_staff + is_admin = current_user.is_staff if current_user.is_authenticated: username = current_user.get_username() user_courses_info = db_util.get_user_courses_info(username, course_id) @@ -109,7 +109,7 @@ def get_myla_globals(request): "username" : username, "display_name" : display_name, "initials" : initials, - "is_superuser": is_superuser, + "is_admin": is_admin, "user_courses_info": user_courses_info, "login": login_url, "logout": logout_url, diff --git a/dashboard/rules.py b/dashboard/rules.py index de0321b7..0102d5a1 100644 --- a/dashboard/rules.py +++ b/dashboard/rules.py @@ -11,7 +11,7 @@ def is_admin(self, user): if self.context.get(user.id): return self.context.get(user.id) - result = user.is_superuser + result = user.is_staff # set cache self.context[user.id] = result diff --git a/dashboard/templates/base.html b/dashboard/templates/base.html index b4e7823d..cf08dda0 100644 --- a/dashboard/templates/base.html +++ b/dashboard/templates/base.html @@ -44,7 +44,7 @@ {{ flatpages.first.content|safe }} {% endif %} - {% if user.is_superuser and git_version %} + {% if user.is_staff and git_version %} Git version: {{ git_version.commit_abbrev }} diff --git a/docs/configuration.md b/docs/configuration.md index 853f9e7d..1c315cbb 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -103,11 +103,17 @@ MyLA is designed to be deployed as an LTI tool. To grant admin privileges to a u do the following: 1. Have the user launch the tool in Canvas. -1. Modify their `auth_user` record in the database directly so that `is_staff` and `is_superuser` are true. +2. Modify their `auth_user` record in the database directly so that `is_staff` and `is_superuser` are true to give full Myla Admin access. ```sql # Replace username with the user's Canvas username. UPDATE auth_user SET is_staff=1, is_superuser=1 where auth_user.username='username'; ``` +3. Modify their `auth_user` record in the database directly `is_staff`, this gives limited access to admin UI and minimally add the permission "Dashboard | Course | Can view Course" to give them access to see the other courses in the system and navigate them through the Course link in the admin. + ```sql + # Replace username with the user's Canvas username. + UPDATE auth_user SET is_staff=1 where auth_user.username='username'; + ``` + Subsequently, that user can grant other users admin privileges using the admin UI.