Returns HTTP 400 for disallowed enrollments instead of HTTP 500.
Prevents infinite loading spinners on the enrollment page.
Displays clear error messages to users before redirection.
Ensures consistent and meaningful responses from enrollment API endpoints.
* fix: commerce and enrollment apis return 403 when enrollment not allowed
* fix: now both apis send the right message and http code when enrollment fails
* fix: InvalidEnrollmentAtribute as final exception to catch and HTTP 400 returned
* style: the message is displayed as a popup instead of creating a div at the end
* fix: import not used removed for pylint checks
* style: popup now use utility classes
* refactor: use const instead of let for existing const
* refactor: textContent const structure changed due check failed
* refactor: SetTimeout settled as arrow function
* feat: button incorporated to bring users enough time to read the message
* refactor: ErrorStatuses defined at the top of the file to use it in conditionals
* style: typo fixed
Co-authored-by: Diana Olarte <dcoa@live.com>
* refactor: double validation of redirectUrl eliminated and better styling of the message
Co-authored-by: Diana Olarte <dcoa@live.com>
* refactor: redirectUrl param eliminated in showmessage function, close button redirects to dashboard always
* docs: remove unused redirectUrl param from JSDoc and explain hardcoded URL
* style: endline added
* feat: enrollmentNotAllowed exception added in views and the js
* docs: comment added to especify exception
* style: endline added
* refactor: error statuses velidation changed to one single validation instead of two
* refactor: function added to handle enrollment errors
* feat: enrollmentNotAllowed exception added for API coherence and consistency
* style: empty line added
* style: pylint check line too long disabled
---------
Co-authored-by: Diana Olarte <dcoa@live.com>
We want to remove this page and URL endpoint so we're removing all the
references in the code that might point to this page. It was replaced
by the sequences page in the Learning MFE years ago but the old pages
were never cleaned up. We are replacing the calls with the URL for the
courseware in the learning MFE.
See https://github.com/openedx/edx-platform/issues/35803 for more
details.
* chore: update API endpoints to support default JWT auth
The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.
Details in https://github.com/openedx/edx-platform/issues/33662
When including `JwtAuthentication`, the auth_header becomes `JWT
realm="api"`. Without it, it is `None`. This changes the behavior of the
code in DRF and returns a slightly different auth response.
Relevant Code: 56946fac8f/rest_framework/views.py (L456C3-L456C3)
This djangoapp was designed for talking to sailthru, in a fairly
edx.org-specific way. Nowadays, edx.org doesn't need this code and
if other installations do, it's better off as a more distinct
plugin anyway, rather than direct support in the platform.
I've moved the one signal that was still useful (calling
segment.identify() whenever user fields change) into user_authn.
And I've left the EmailMarketingConfiguration model alone for now,
but will remove that shortly. Nothing uses it as of this commit.
AA-607
DEPR-139
Blocks that were hidden by access checks would not be used when
calculating past due status for a unit. This adds in a check to
still look at those blocks, but will maintain not rendering them
when being accessed via the MFE
* Generate common/djangoapps import shims for LMS
* Generate common/djangoapps import shims for Studio
* Stop appending project root to sys.path
* Stop appending common/djangoapps to sys.path
* Import from common.djangoapps.course_action_state instead of course_action_state
* Import from common.djangoapps.course_modes instead of course_modes
* Import from common.djangoapps.database_fixups instead of database_fixups
* Import from common.djangoapps.edxmako instead of edxmako
* Import from common.djangoapps.entitlements instead of entitlements
* Import from common.djangoapps.pipline_mako instead of pipeline_mako
* Import from common.djangoapps.static_replace instead of static_replace
* Import from common.djangoapps.student instead of student
* Import from common.djangoapps.terrain instead of terrain
* Import from common.djangoapps.third_party_auth instead of third_party_auth
* Import from common.djangoapps.track instead of track
* Import from common.djangoapps.util instead of util
* Import from common.djangoapps.xblock_django instead of xblock_django
* Add empty common/djangoapps/__init__.py to fix pytest collection
* Fix pylint formatting violations
* Exclude import_shims/ directory tree from linting
* Renamed OAuth2Authentication to BearerAuthentication
* Added back OAuth2Authentication name
-there are libraries such as edx-enterprise that still import OAuth2Authentication. The OAuth2Authentication class should be fully removed when everything is importing BearerAuthentication correctly
- Removing deprecated auth classes
- Replacing OAuth2AuthenticationAllowInactiveUserDeprecated with OAuth2AuthenticationAllowInactiveUser
- the old class was a child class of a deprecated class that we are removing and replacing.
* Added new auth class
- Created new class called OAuth2AuthenticationAllowInactiveUser, which replaces old class with same name
- Renames previous OAuth2AuthenticationAllowInactiveUser to OAuth2AuthenticationAllowInactiveUserDeprecated
- Replaced all imports of OAuth2AuthenticationAllowInactiveUser to call deprecated class instead
- testing new class in discussion(added flag based on django setting)
Currently, we are working on removing the rest_framework_auth library from edx-platform. For this push, we need to remove the oauth2Authentication class. This PR creates a new class oauth2AuthenticationDeprecated that adds additional new relic metrics. The metrics would allow us to see how often this class is used and its success rate. The hope is that this information will help us with transitioning to a different authentication class.
After executing python-modernize and isort, few changes
occurred in import sequence as well as unicode func is
replaced by six.text_type func.
INCR-441
These were originally fixed individually, but had to be reverted, and
are now combined in one commit. The originals were:
7b9040f6b0 This enum was backwards
8774ff1f9b Use ref_name to disambiguate serializers that drf-yasg would otherwise assume are the same.
8a44397139 Is this field missing because it is None?
4a1154a7ca Give a safer buffer for clearing the rate limiting
64c47856dd DRF 3.7.4 changed how you delegate to another view, so don't
7359ca4fb2 Is this right? It fixes two tests
fdd66e5390 Adjust the expected error message for DRF 3.7.7
9257f68fd8 The default TIME_ZONE should be UTC
