This completes the work started in https://github.com/edx/edx-platform/pull/19453
to use the LMS login and registration for Studio, rather than Studio
providing its own implementation.
LMS login/registration are being used for the following reasons:
1. LMS logistration properly handles all SSO integrations.
2. A single logistration is simpler to maintain and understand.
3. Allows Studio to work more like all other IDAs that use LMS
logistration.
The original switch to use LMS logistration for Studio also added the
toggle `DISABLE_STUDIO_SSO_OVER_LMS` to provide the community some
additional time for switching. This commit removes this toggle, which
at this point means all deployments will use the LMS logistration.
This change requires sharing cookies across LMS and Studio. Should that
prove to be a problem for certain Open edX instances, there are
discussions of possible alternative solutions.
See https://github.com/edx/edx-platform/pull/19845#issuecomment-559154256
Detailed changes:
* Fix some Studio links that still went to old Studio signin and signup.
* Remove DISABLE_STUDIO_SSO_OVER_LMS feature toggle.
* Remove old studio signin and signup pages and templates.
* Fix url name "login", which had different meanings for Studio and LMS.
* Use the following settings: LOGIN_URL, FRONTEND_LOGIN_URL,
FRONTEND_LOGOUT_URL, and FRONTEND_REGISTER_URL.
* Redirect /signin and /signup to the LMS logistration.
* Add custom metric `uses_pattern_library`.
* Add custom metric `student_activate_account`.
* Add Django Settings to allow /signin, /signup, and /login_post to be
disabled once ready.
This work also relates to ARCH-218 and DEPR-6.
ARCH-1253
EnterpriseMiddleware set value of user's enterprise customer in session. In order to get value of enterprise customer it calls `enterprise/api/v1/enterprise-learner` API. Sometimes this middleware is called many times which result in many call to the under lying API and throttling of API causes 429 http errors.
We are not removing that middleware and storing value of user's enterprise customer in session inside underlying method.
ENT-1849
Removed pdb statement
This patch would make financial
assistance form help message to be
consistent with implementation. Using
characters limit instead of word limit.
PROD-733
- Upgrade edx-drf-extensions to 2.4.5
- Removed constraint to 2.4.0, because 2.4.2 introduces a workaround for
ARCH-1210 by putting the problematic code behind a django setting.
- Remove unused JWT_AUTH_REFRESH_COOKIE setting.
ARCH-418, ARCH-1269, ARCH-1044
fix broken toggle
We need to do this because when I tride to go to the JSON serializer a
bunch of tests started failing because various parts of our code are
putting things into the session that are not JSON serializable.
We can't keep using the default pickle serializer because it defaluts to
using the highest available protocol and that will cause issues with the
python 2 to 3 upgrade since both will be running in production at the
same time. We need to use a version of the pickle protocol that both
can use interchangably.
We also need to make sure we read with latin1 encoding to make datetimes
work correctly between the two versions of python.
This will force a logout as sessions fail to load but this should be a
more performant and secure serializer moving forward. The reason we
overwrote it in our config is that it previously used to be the default
and we didn't want things to breake and force logouts when we changed
it. We're no more okay with people getting logged out.
The API documentation decorators do not have to leak which solution we
use to generate the docs. Here, and as discussed in PR #21820, we rename
the `openapi` module to `apidocs`, and we make sure that this module
includes all the right functions to document API Views without referring
to Open API.
If this isn't installed, the sample_task provided by
openedx.core.djangoapps.heartbeat isn't imported, and thus are never
registered with the celery workers. This sample_task is used for the
extended heartbeat api call. Since the celery heartbeat check is turned
on by default, we should also make sure this djangoapp and thus
sample_task is registered by default. Otherwise the extended heartbeat
check fails with the default configuration.
This commit introduces the changes needed for XBlocks in Blockstore to save
their user state into CSM. Before this commit, all student state for Blockstore
blocks was ephemeral (in-process dict store).
Notes:
* The main risk factor of this PR is that it adds non-course keys to the
course_id field in CSM. If any code (like analytics?) reads course keys
directly out of CSM and doesn't have graceful handling for key types it
doesn't recognize, it could cause an issue. With the included changes to
opaque-keys, calling CourseKey.from_string(...) on these values will raise
InvalidKeyError since they're not CourseKeys. (But calling
LearningContextKey.from_string(...) will work for both course and library
keys.)
* This commit introduces a slight regression for the Studio view of XBlocks in
Blockstore content libraries: their state is now lost from request to request.
I have a follow up PR to give them a proper studio-appropriate state store,
but I want to review it separately so it doesn't hold up this PR and we can
test this PR on its own.
We are currently running this plugin from a has directly off of master
to get support for a newer version of DJDT. However even on master
there is not yet support for python 3. We're running into this when
running runserver and when collecting static assets.
A quick survey of the development team at edX shows that people are no
longer actively using this debug panel.(14 responders all saying no to
the question "In the last year have you used the mongo portion of the
django-debug-toolbar in edx-platform?")
This makes sense since the module store and courseware related
developement is not very active right now. Given all this, I'm removing
this toolbar for now and if we need it again we can survey what's
available at that time to choose the best tool.
The proctoring app assumes that this setting exists and so we get an
attribute error at runtime if it doesn't. In python 2 this was not an
issue but because of the change in how exceptions are handle for getting
attributes, it's a problem in python 3.
The correct thing to do would be to fix this in the proctoring app so
that it checks for the existence of its value before using it but that's
a longer cycle to make/deploy that change so doing this as a stopgap to
get past it.
ENABLE_MKTG_SITE has been serving double duty to both indicate that
an Open edX installation is using a Drupal marketing site AND
is using the Publisher workflow tool for managing course metadata.
But now that publisher-frontend is available and the Publisher
feature is no longer tied to the marketing site, we want to tease
apart those two concerns. Hence ENABLE_PUBLISHER.
Only really used so far in Studio, to control which fields are
shown (if using Publisher, some fields are only editable in
Publisher).
- The fields need to be unicode not bytes. In python 2 it was auto
converting.
- The static url base has been allowed to be a unicode string for a
while.
https://github.com/edx/edx-platform/pull/20645
This introduces:
* A new XBlock runtime that can read and write XBlocks that are persisted using
Blockstore instead of Modulestore. The new runtime is currently isolated so
that it can be tested without risk to the current courseware/runtime.
* Content Libraries v2, which store XBlocks in Blockstore not modulestore
* An API Client for Blockstore
* "Learning Context" plugin API. A learning context is a more abstract concept
than a course; it's a collection of XBlocks that serves some learning purpose.
