diff --git a/lti_provider/mixins.py b/lti_provider/mixins.py index 0235bff..098415b 100644 --- a/lti_provider/mixins.py +++ b/lti_provider/mixins.py @@ -24,7 +24,7 @@ def join_groups(self, request, lti, ctx): request.user.groups.add(ctx.faculty_group) break - if settings.LTI_TOOL_CONFIGURATION['allow_ta_access']: + if settings.LTI_TOOL_CONFIGURATION.get('allow_ta_access', False): if 'teachingassistant' in role: request.user.groups.add(ctx.faculty_group) break diff --git a/lti_provider/tests/test_views.py b/lti_provider/tests/test_views.py index 3d001cd..07395ef 100644 --- a/lti_provider/tests/test_views.py +++ b/lti_provider/tests/test_views.py @@ -95,6 +95,22 @@ def test_join_groups_teachingassistant_true(self): self.assertTrue(user in ctx.group.user_set.all()) self.assertTrue(user in ctx.faculty_group.user_set.all()) + def test_missing_configuration(self): + mixin = LTIAuthMixin() + ctx = LTICourseContextFactory() + user = UserFactory() + self.request.user = user + lti_tool_config2 = TEST_LTI_TOOL_CONFIGURATION.copy() + del lti_tool_config2['allow_ta_access'] + + with self.settings( + LTI_TOOL_CONFIGURATION=lti_tool_config2): + self.request.session['roles'] = \ + u'urn:lti:role:ims/lis/TeachingAssistant' + mixin.join_groups(self.request, self.lti, ctx) + self.assertTrue(user in ctx.group.user_set.all()) + self.assertFalse(user in ctx.faculty_group.user_set.all()) + def test_launch_invalid_user(self): request = generate_lti_request() diff --git a/lti_provider/views.py b/lti_provider/views.py index ced79e3..5d11366 100644 --- a/lti_provider/views.py +++ b/lti_provider/views.py @@ -120,7 +120,7 @@ def get_context_data(self, **kwargs): url = settings.LTI_TOOL_CONFIGURATION['landing_url'].format( self.request.scheme, domain, self.lti.course_context(self.request)) is_auth_ta = None - if settings.LTI_TOOL_CONFIGURATION['allow_ta_access']: + if settings.LTI_TOOL_CONFIGURATION.get('allow_ta_access', False): role = self.request.session.get('roles', '').lower() is_auth_ta = 'teachingassistant' in role