Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove uses of ApplicationOrganization

Browse Source 
To understand ApplicationOrganization is being removed, see:
- 372d2e927c/openedx/core/djangoapps/oauth_dispatch/docs/decisions/0011-scope-filter-support.rst (L19)

See ApplicationOrganization docstring for instructions to community
for migrating data post-Juniper.

BOM-1292
This commit is contained in:
Robert Raposa
2020-02-25 15:55:07 -05:00
parent 4a0d7d3c73
commit 3526f48c2a
4 changed files with 15 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
openedx/core/djangoapps/oauth_dispatch/admin.py
View File

@@ -6,7 +6,7 @@ Override admin configuration for django-oauth-toolkit
from django.contrib.admin import ModelAdmin, site
from oauth2_provider import models
from .models import ApplicationAccess, ApplicationOrganization, RestrictedApplication
from .models import ApplicationAccess, RestrictedApplication
def reregister(model_class):
@@ -83,13 +83,6 @@ class ApplicationAccessAdmin(ModelAdmin):
list_display = ['application', 'scopes', 'filters']
class ApplicationOrganizationAdmin(ModelAdmin):
"""
ModelAdmin for ApplicationOrganization
"""
list_display = [u'application', u'organization', u'relation_type']
class RestrictedApplicationAdmin(ModelAdmin):
"""
ModelAdmin for the Restricted Application
@@ -98,5 +91,4 @@ class RestrictedApplicationAdmin(ModelAdmin):
site.register(ApplicationAccess, ApplicationAccessAdmin)
site.register(ApplicationOrganization, ApplicationOrganizationAdmin)
site.register(RestrictedApplication, RestrictedApplicationAdmin)

12
openedx/core/djangoapps/oauth_dispatch/dot_overrides/views.py
View File

@@ -10,19 +10,15 @@ from oauth2_provider.scopes import get_scopes_backend
from oauth2_provider.settings import oauth2_settings
from oauth2_provider.views import AuthorizationView
from openedx.core.djangoapps.oauth_dispatch.models import ApplicationOrganization
# TODO (ARCH-83) remove once we have full support of OAuth Scopes
class EdxOAuth2AuthorizationView(AuthorizationView):
"""
Override the AuthorizationView's GET method so the user isn't
prompted to approve the application if they have already in
the past, even if their access token is expired.
This is a temporary override of the base implementation
in order to accommodate our Restricted Applications support
until OAuth Scopes are fully supported.
This is override of the base implementation accommodates our
Restricted Applications support and custom filters.
"""
def get(self, request, *args, **kwargs):
# Note: This code is copied from https://github.com/evonove/django-oauth-toolkit/blob/34f3b7b3511c15686039079026165feaadb1b87d/oauth2_provider/views/base.py#L111
@@ -44,6 +40,10 @@ class EdxOAuth2AuthorizationView(AuthorizationView):
kwargs["scopes_descriptions"] = [all_scopes[scope] for scope in scopes]
kwargs['scopes'] = scopes
# TODO: ROBERT:
# 1. Replace the below ApplicationOrganization code using filters instead!
# 2. Search for ApplicationOrganization and remove the rest.
# at this point we know an Application instance with such client_id exists in the database
application = get_application_model().objects.get(client_id=credentials['client_id'])
content_orgs = ApplicationOrganization.get_related_org_names(

40
openedx/core/djangoapps/oauth_dispatch/models.py
View File

@@ -114,12 +114,16 @@ class ApplicationAccess(models.Model):
@python_2_unicode_compatible
class ApplicationOrganization(models.Model):
"""
Associates a DOT Application to an Organization.
DEPRECATED: Associates a DOT Application to an Organization.
See openedx/core/djangoapps/oauth_dispatch/docs/decisions/0007-include-organizations-in-tokens.rst
for the intended use of this model.
This model is no longer in use.
Deprecated: Use filters in ApplicationAccess instead.
TODO: BOM-1270: This model and table will be removed post-Juniper
so Open edX instances can migrate data if necessary.
To migrate, use ApplicationAccess and add a ``filter`` of the form
``content_org:<ORG NAME>`` (e.g. content_org:edx), for each record
in this model's table.
.. no_pii:
"""
@@ -140,31 +144,3 @@ class ApplicationOrganization(models.Model):
class Meta:
app_label = 'oauth_dispatch'
unique_together = ('application', 'relation_type', 'organization')
@classmethod
def get_related_org_names(cls, application, relation_type=None):
"""
Return the names of the Organizations related to the given DOT Application.
Filter by relation_type if provided.
"""
queryset = application.organizations.all()
if relation_type:
queryset = queryset.filter(relation_type=relation_type)
return [r.organization.name for r in queryset]
def __str__(self):
"""
Return a unicode representation of this object.
"""
return u"{application_name}:{organization}:{relation_type}".format(
application_name=self.application.name,
organization=self.organization.short_name,
relation_type=self.relation_type,
)
def to_jwt_filter_claim(self):
"""
Serialize for use in JWT filter claim.
"""
return six.text_type(':'.join([self.relation_type, self.organization.short_name]))

23
openedx/core/djangoapps/oauth_dispatch/tests/test_models.py
View File

@@ -1,23 +0,0 @@
"""
Tests for oauth_dispatch models.
"""
import six
from django.test import TestCase
from openedx.core.djangoapps.oauth_dispatch.tests.factories import ApplicationOrganizationFactory
from openedx.core.djangolib.testing.utils import skip_unless_lms
@skip_unless_lms
class ApplicationOrganizationTestCase(TestCase):
"""
Tests for the ApplicationOrganization model.
"""
def test_to_jwt_filter_claim(self):
""" Verify to_jwt_filter_claim returns the expected serialization of the model. """
org_relation = ApplicationOrganizationFactory()
organization = org_relation.organization
jwt_filter_claim = org_relation.to_jwt_filter_claim()
assert jwt_filter_claim == six.text_type(':'.join([org_relation.relation_type, organization.short_name]))