[CRI-229](https://openedx.atlassian.net/browse/CRI-229)
On "/account/settings" page, try to change the language. Language is
changed only after additional action click, page reload, etc.
Current fix change that behavior in a way that new language preferences
take place just after the new language is chosen.
Someone at edx was able to quickly send a few texts to himself using the tool.
Each text came from a different number and there was no message about the ability to unsubscribe or stop.
This could potentially be used to spam users as well as potentially result in charges to edX for high volume.
page url https://courses.edx.org/text-me-the-app
LEARNER-8286
[MICROBA-908]
- When adding a learner to the allowlist we now check if they have an invalidated certificate on the blocklist
- Refactor some pieces of the Certificate Invalidation flow
- Make it so an error message is displayed when trying to add someone to CertificateInvalidation list if they already appear on the Allowlist
- Add support to pass back and display an error message to Instructor Dashboard UI if a learner already appears on the certificate invalidation list when attempting to create certificate exceptions in bulk
- Add python tests for backend changes
- Disable xss linting warnings in certificate_bulk_whitelist.js (checked with security group first)
The Staff Debug Actions didn't work in the Learning MFE
because the underlying JS depended on the URL being
formatted as /courses/<course_key>/... in order to
parse out the course key. This worked in the legacy
experience, but breaks in the chromeless xblock view,
which is rendered under the URL /xblock/<usage_key>/...
The fix is to explicitly pass the course key into the
templated courseware HTML as a data attribute.
TNL-7955
This adds a toggle to allow operators to prevent user registration and login via username/password authentication, forcing the platform to only support login and registration using third-party auth such as SAML.
Co-authored-by: Umar Asghar <mrumarasghar@gmail.com>
