How To Test the Course Embargo Feature

On A Sandbox

Suppose you've made some changes to the course embargo feature and you want to see if it still works. Try these steps:

1. SSH into the sandbox and connect to the sandbox MySQL DB using the information in lms.auth.json.

2. Issue this SQL: 

   1. To allow the "staff" user to access the Django admin interface:

      1. update auth_user set is_superuser=1 where username='staff';

   2. To allow the "staff" user to access the embargo models:

      1. insert into auth_user_user_permissions (user_id, permission_id) VALUES (5, 497), (5,498), (5,499),(5,500),(5,501),(5,502),(5,503),(5,504),(5,506),(5,507),(5,508),(5,509),(5,510),(5,511),(5,512),(5,513),(5,514),(5,515),(5,516),(5,517),(5,518);

3. Login as "staff@example.com" and go to the admin interface here:
   http://your_sandbox.sandbox.edx.org/admin/embargo/

4. Add a course restriction in the admin interface for a course (like the demo course). The course key should be in this format: course-v1:edX+DemoX+Demo_Course

5. Add a country access rule, picking a random "CountryX" to embargo.

6. Modify lms.env.json to add the following line in the FEATURES section of the Django settings:

   1. "EMBARGO": true,

7. Restart the LMS/CMS as your user (*not* edxapp) while SSH-ed into the sandbox:

   1. sudo /edx/bin/supervisorctl restart edxapp:*

8. Login to the LMS as "honor@example.com" and set your country of origin to "CountryX".

9. Ensure that you cannot access the embargoed course.

On stage.edx.org

• Open a pull request in the app-permissions repository.

  • The specific file: https://github.com/edx/app-permissions/blob/master/stage-edx-edxapp.yml

  • Add your user there and put the user in the course_embargo_admin group.

• Get the PR reviewed and merged.

• Login as your user and configure an embargoed course as specified above.

Notes

The code containing the embargo logic is here:

https://github.com/edx/edx-platform/blob/master/openedx/core/djangoapps/embargo/api.py#L45-L114

There are two ways to be denied access to courseware via embargo:

1. If your account's country of origin is denied via a course's embargo country blacklist.

2. If your originating IP address is determined to be from a course's embargo country blacklist.

Both checks are made and if either check is true, access is denied to the course. The steps above only trigger check 1).