-
Notifications
You must be signed in to change notification settings - Fork 326
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Edit json in browser #1344
Edit json in browser #1344
Conversation
Finally taking a final look at this 🎉 I'll be commenting as I go. First thing: protecting against editing arbitrary paths. As an example, attempting to edit the PrairieLearn
This is a byproduct of attempting to get the current commit hash before editing, which fails and prevents me from being able to see or edit files outside the repo. However, this feels possibly more like a happy accident than a deliberate prevention of editing unauthorized files. To be very explicit with this, we could do a [ |
Next: we should pick a reasonable way for this to work in local dev. Currently, trying to edit a question
If we want this to work locally, we should fix it. If not, we should disable the buttons in dev mode. I'd prefer the former, but we should address this one way or another. |
This PR adds an "Edit JSON" button to the course overview page (both for courses and course instances) that allows instructors to edit, push, and sync
*.json
files in the browser. Drafts are saved to S3 (or to a temporary directory if running locally).In order to enable
git push
, I created a new teammachine-write
withroot
as a member (analogous tomachine-read
) in the PrairieLearn organization. This team would have to be given write access to all course repositories. Currently, this team only has access to thepl-ae353
repository, which I used for testing.It is now easy to add an "Edit JSON" button that allows in-browser editing of all other course json files (e.g., question
info.json
files and assessmentinfoAssessment.json
files) - this is something I plan to do before merging. (I may also go ahead and allow in-browser editing of non-json files.)(Note the corresponding PR to the configuration of the production server - for in-browser editing to work in production, this change is also necessary.)