Lots of plumbing to allow an asset named python_lib.zip to be imported
by jailed Python code.
This function can find the "python_lib.zip" asset, and is passed down
through ModuleSystem and LoncapaSystem so that capa problems have access
to the zipfile.
This commit adds validation for course advanced settings. Currently when course
administrators make invalid changes in the Settings/Advanced Settings tab,
they're not notified through a new modal window of the list of invalid settings
changes.
* Extending CourseMetadata
- Previously, we only had update_from_json method in CourseMetadata.py,
and it was only validating one field every POST request.
- Now we have validate_and_update_from_json method that encapsulates the
functionality of update_from_json into a validation call
- To avoid discrepancy of validation standards between modules, validation
uses the from_json method implemented to each field in xblock.
* Different Response in advanced settings ajax requests
- After receiving a POST ajax request, course.py calls
validate_and_update_from_json, and sends a json object of either:
1) valid course metadata model
2) error objects
* Error Messages shown in validation-error-modal
- error objects passed through ajax are shown in a separate modal.
This commit updates common/djangoapps.
These keys are now objects with a limited interface, and the particular
internal representation is managed by the data storage layer (the
modulestore).
For the LMS, there should be no outward-facing changes to the system.
The keys are, for now, a change to internal representation only. For
Studio, the new serialized form of the keys is used in urls, to allow
for further migration in the future.
Co-Author: Andy Armstrong <andya@edx.org>
Co-Author: Christina Roberts <christina@edx.org>
Co-Author: David Baumgold <db@edx.org>
Co-Author: Diana Huang <dkh@edx.org>
Co-Author: Don Mitchell <dmitchell@edx.org>
Co-Author: Julia Hansbrough <julia@edx.org>
Co-Author: Nimisha Asthagiri <nasthagiri@edx.org>
Co-Author: Sarina Canelake <sarina@edx.org>
[LMS-2370]
Adds configurable middleware in common/djangoapps/embargo that
allows specific courses to comply with US Export regulations by
embargoing students from specific countries, whilst simultaneously
allowing other courses to be freely open to all.
fix errorenous logic when running a microsite that could reside in a hosting environment with a marketing site in front of it
pep8/pylint fixes
address PR feedback, remove underscore from test hostname
more pep8/pylint cleanup. Skip test_microsites test, it works on localdev, not on Jenkins. Need to talk with QA team
manually add Ned's single-to-double quote fix
change aws.py runtimes so that the microsite_dir that is read from configuration is changed to a python path
Conflicts:
lms/templates/help_modal.html
Several templates used a variable set by the user (the request host header). This led to a vulnerability where an attacker could inject their domain name into these templates (i.e., activation emails). This patch fixes this vulnerability.
LMS-532
