Add setting to enable filtering of new course creation from LTI launch

[david-yz-liu]

Proposed Changes

(Describe your changes here. Also describe the motivation for your changes: what problem do they solve, or how do they improve the application or codebase? If this pull request fixes an open issue, use a keyword to link this pull request to the issue.)

This pull request introduces a new configuration setting, lti.course_filter_file, to allow administrators to filter which LTI course deployments are permitted to create new course instances. LTI deployments that are not permitted to trigger new course creation can still be linked to existing MarkUs courses.

The development default configuration, found in config/dummy_lti_config.rb, permits course names starting with 'csc'.

In testing this work, I realized that if the Canvas course has a name containing spaces or other characters not allowed in the MarkUs Course :name field, there will be an error. I introduced a change to sanitize the LTI course name field before creating the corresponding MarkUs course.

I also added a quality of life improvement for local development: LtiDeploymentsController::USE_SECURE_COOKIES, which is true in production but false in development, to specify whether the controller methods require setting secure cookies.

Screenshots of your changes (if applicable)

Associated documentation repository pull request (if applicable)

MarkUsProject/Wiki#215

Type of Change

(Write an X or a brief description next to the type or types that best describe your changes.)

Type	Applies?
🚨 Breaking change (fix or feature that would cause existing functionality to change)
✨ New feature (non-breaking change that adds functionality)	X
🐛 Bug fix (non-breaking change that fixes an issue)
🎨 User interface change (change to user interface; provide screenshots)
♻️ Refactoring (internal change to codebase, without changing functionality)
🚦 Test update (change that only adds or modifies tests)
📦 Dependency update (change that updates a dependency)
🔧 Internal (change that only affects developers or continuous integration)	X

Checklist

(Complete each of the following items for your pull request. Indicate that you have completed an item by changing the [ ] into a [x] in the raw text, or by clicking on the checkbox in the rendered description on GitHub.)

Before opening your pull request:

• I have performed a self-review of my changes.
  • Check that all changed files included in this pull request are intentional changes.
  • Check that all changes are relevant to the purpose of this pull request, as described above.
• I have added tests for my changes, if applicable.
  • This is required for all bug fixes and new features.
• I have updated the project documentation, if applicable.
  • This is required for new features.
• If this is my first contribution, I have added myself to the list of contributors.

After opening your pull request:

• I have updated the project Changelog (this is required for all changes).
• I have verified that the pre-commit.ci checks have passed.
• I have verified that the CI tests have passed.
• I have reviewed the test coverage changes reported by Coveralls.
• I have requested a review from a project maintainer.

Questions and Comments

(Include any questions or comments you have regarding your changes.)

Seems like the code added to config/initializers/config.rb wasn't detected as covered, which is consistent with most of that file. Requires further investigation, and possibly related to rubyconfig/config#352.

[coveralls]

Pull Request Test Coverage Report for Build 10320731817

Details

• 35 of 40 (87.5%) changed or added relevant lines in 6 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage decreased (-0.005%) to 91.437%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
config/initializers/config.rb	0	5	0.0%

Totals
Change from base Build 10306382426:	-0.005%
Covered Lines:	40249
Relevant Lines:	43345

---

💛 - Coveralls

[donny-wong]

Overall it looks good, thank you. I added a comment, please have a look.