How To Test the Course Embargo Feature

On A Sandbox

Suppose you've made some changes to the course embargo feature and you want to see if it still works. Try these steps:

1. SSH into the sandbox and connect to the sandbox MySQL DB using the information in lms.auth.json.

2. Issue this SQL: 

   1. To allow the "staff" user to access the Django admin interface:
      1. update auth_user set is_superuser=1 where username='staff';
   2. To allow the "staff" user to access the embargo models:
      1. insert into auth_user_user_permissions (user_id, permission_id) VALUES (5, 497), (5,498), (5,499),(5,500),(5,501),(5,502),(5,503),(5,504),(5,506),(5,507),(5,508),(5,509),(5,510),(5,511),(5,512),(5,513),(5,514),(5,515),(5,516),(5,517),(5,518);

3. Login as "staff@example.com" and go to the admin interface here:
   http://your_sandbox.sandbox.edx.org/admin/embargo/

4. Add a course restriction in the admin interface for a course (like the demo course). The course key should be in this format: course-v1:edX+DemoX+Demo_Course

5. Add a country access rule, picking a random "CountryX" to embargo.
6. Modify lms.env.json to add the following line in the FEATURES section of the Django settings:
   
   1. "EMBARGO": true,
7. Restart the LMS/CMS as your user (*not* edxapp) while SSH-ed into the sandbox:
   
   1. sudo /edx/bin/supervisorctl restart edxapp:*
8. Login to the LMS as "honor@example.com" and set your country of origin to "CountryX".
9. Ensure that you cannot access the embargoed course.

On stage.edx.org

• Open a pull request in the app-permissions repository.
  • The specific file: https://github.com/edx/app-permissions/blob/master/stage-edx-edxapp.yml
  • Add your user there and put the user in the course_embargo_admin group.
• Get the PR reviewed and merged.
• Login as your user and configure an embargoed course as specified above.

Notes

The code containing the embargo logic is here:

https://github.com/edx/edx-platform/blob/master/openedx/core/djangoapps/embargo/api.py#L45-L114

There are two ways to be denied access to courseware via embargo:

1. If your account's country of origin is denied via a course's embargo country blacklist.
2. If your originating IP address is determined to be from a course's embargo country blacklist.

Both checks are made and if either check is true, access is denied to the course. The steps above only trigger check 1).