The verification workflow assumes that all verified courses will have a
price. Free verified course modes cause a 404 when the user attempts to
enroll or upgrade.
To be able to more easily deal with same-origin issues, due to some course assets being loaded in an iframe, we're adding the ability to specify file extensions that should be excluded from URL canonicalization. The default value is simply 'html', which means we won't rewrite asset links that point to files ending in .html. Thus, they'll be loaded from the same origin as the parent page, and voila, no SOP issues.
This hardcoded the db_alias fetched from schema_editor and forces django
to try and migrate any second database you use, rather than routing to
the default database. In testing a build from scratch, these do not
appear needed.
Using using() prevents us from using multiple databases behind edxapp.
Additionally - add back a removed backwards migration from certificates
0003. I have no idea why this was dropped in the 1.8 upgrade.
Mako filesystem/app_directories loaders already wrap default django template loaders.
Mako loaders delegate the `load_template_source` method to the base loader that
they wrap, so there's no reason to explicitly include the two django loaders in the settings.
Our current sandbox provisioning uses a create_user management command,
which creates and enrolls a user into a course. However, for TE-1128, we
will need a way to enroll the same user to multiple courses (which are
dynamic at time of provisioning). Using the existing management
command is no longer feasible for that, so we are using one that accesses
the enrollment API, which is the new standard for new enrollment capabilities.
This introduces a mechanism to control the time-to-live for an unlocked
course asset, which will allow browsers and intermediate proxies/caches
to cache these course assets, determinstically.
Locked assets, with their nature of requiring authorization, are not
eligible for caching.
Two new certificate statuses are introduced, 'audit_passing' and
'audit_notpassing'. These signal that the GeneratedCertificate is not
to be displayed as a cert to the user, and that they either passed or
did not. This allows us to retain existing grading logic, as well as
maintaining correctness in analytics and reporting.
Ineligible certificates are hidden by using the
`eligible_certificates` manager on GeneratedCertificate. Some places
in the coe (largely reporting, analytics, and management commands) use
the default `objects` manager, since they need access to all
certificates.
ECOM-3040
ECOM-3515
The python social auth SAML page returns a 500 response when accessed
without the 'idp' query param. It should redirect to the login page if
the param is missing.
SOL-1550
