In image_helpers.py, the _get_profile_image_urls() method would append
"?v=<version>" to the query string for serving profile images.
This might break serving profile images if
* EDXAPP_PROFILE_IMAGE_BACKEND was configured with its class option
set to django.storages.s3boto3.S3Boto3Storage (or its deprecated
predecedessor, django.storages.s3boto.S3BotoStorage), and
* that backend used signed URLs with query-string authentication (i.e.
was *not* configured with an S3 custom domain).
When both the above conditions are met, then the URL returned by the
storage backend's url() method already contains "?", and
_get_profile_image_urls() would add another. This results in a query
string that doesn't exactly violate RFC 3986, but is discouraged by
it.[1]
Amazon S3 itself may be able to parse these query strings correctly,
but other S3 API implementations (such as Ceph radosgw[2]) may not,
and the problem is easily avoided by just looking for "?" in the
rendered URL, and using "&v=<version>" instead if we find a match.
The proper way of appending the v=<version> query parameter would
probably be to pull the URL and the query string apart and then back
together[3], but that's most likely overdoing it.
[1] https://tools.ietf.org/html/rfc3986#section-3.4 says:
"However, as query components are often used to carry identifying
information in the form of "key=value" pairs and one frequently used
value is a reference to another URI, it is sometimes better for
usability to avoid percent- encoding those characters." ("Those
characters" being "/" and "?".)
[2] https://docs.ceph.com/docs/master/radosgw/s3/
[3] https://docs.python.org/3/library/urllib.parse.html
In order to remove the deprecated flag_undefined_default=True
argument, this commit updates the following flags to always be
enabled using a new temporary class:
- course_experience.course_outline_page
- course_experience.unified_course_tab
Adds a temporary setting `USE_DEFAULT_TRUE_NAMESPACE`,
to enable a monitored rollout of this change.
TNL-7061 is the ticket where these flags will actually be
removed. This requires more careful work including removing
all dead code, and potentially refactoring tests that were
testing shared functionality, but only when the flag was
False.
ARCHBOM-1316
- Looks at masquerading config for dates, outline, metadata, and
celebration APIs in course_home_api / courseware_api.
- Consolidates and cleans up places we check whether masquerading
gives us full access to a course.
Add a field to VEM config model that will decide the percentage of
courses allowed to go to VEM pipeline. The courses that don't meet the
criteria will go to VEDA.
PROD-1722
- update ADR to provide more alternatives for updating
the default value of a flag.
- add a `flag_` prefix to the flag metrics
- add module-level note about flag metrics
- add NewRelic query example and warning
- fix typo in toggle annotation
ARCHBOM-1302
The argument flag_undefined_default is soon to be retired
once ARCHBOM-132 is closed. The following will be used to
help ensure the rollout is complete.
- Add a temporary metric if flag_undefined_default is used.
- Add deprecation warning for flag_undefined_default.
- Add minor fix for waffle flag metric when no request found.
ARCHBOM-132
The previous version of this code used the Django Setting
ENABLE_WAFFLE_FLAG_METRIC to determine whether to add a single
metric with a dict of details about all flags. Due to
NewRelic's 256 character limit on the metric value, this was
getting truncated.
This new version instead uses the Django Setting
WAFFLE_FLAG_CUSTOM_METRICS, a list of waffle flag names to
instrument.
The name of each custom metric will match the name of the flag.
The value of the custom metric could be False, True, or Both.
The value Both would mean that the flag had both a True and False
value at different times during the transaction. This is most
likely due to having a check_before_waffle_callback, as is the
case with CourseWaffleFlag.
ARCHBOM-132
If setting ENABLE_WAFFLE_FLAG_METRIC is True, a custom
metric will be added with the values of all WaffleFlag
and CourseWaffleFlags seen during the transaction.
Metric flag values could be False, True, or Both.
The value Both would mean that the flag had both
a True and False value at different times through
the transaction. This is most likely due to having a
check_before_waffle_callback, as is the case with
CourseWaffleFlag.
Example metric value:
"{'another.course.flag': 'False', 'some.flag': 'False', 'some.course.flag': 'Both'}"
Warning: NewRelic does not recommend large custom
metric values due to the potential performance
impact on the agent, so you may just want to
enable when researching usage of a particular flag.
Metric values longer than 255 are truncated.
TODO: A how_to can be added later if we find this
useful, including helpful querying tips.
ARCHBOM-132
- Add a new CourseEnrollmentCelebration model, which ties a
course enrollment to some booleans about progress celebrations
- Add serialization of the new model to the existing courseware_api
app's existing course info view
- Add new API in courseware_api to update a celebration model
Sometimes a course module will not exist and was causing exceptions
in our weekly highlights mail code. This will hopefully guard against
that a bit better.
Fixing RemovedInDjango30Warnings
**Background:** The `django.shortcuts` method `render_to_response` became deprecated in [Django 1.3](https://docs.djangoproject.com/en/3.0/releases/1.3/), when `render` was introduced.
Per the documentation:
> render() is the same as a call to render_to_response() with a context_instance argument that forces the use of a RequestContext.
Both return an `HttpResponse` object.
**Context:** We changed two statements: An import line and the call to the method, adding explicit parameter names to improve readability.
**Before:**
```
from django.shortcuts import get_object_or_404, render_to_response
...
return render_to_response("teams/teams.html", context)
```
**After**
```
from django.shortcuts import get_object_or_404, render
...
return render(
request=request,
template_name="teams/teams.html",
context=context
)
```
This patch improves on the user locked
out logic by providing a helping message
near locked out. This would help reduce
retries by giving user the option to use
password reset flow to fix the issue.
PROD-1505
