The oauth2.enforce_jwt_scopes waffle switch was added temporarily for
the rollout of jwt scopes. This removes the toggle and replacing code
with the equivalent of `oauth2.enforce_jwt_scopes` as True.
Move to using the filters list provided in the ApplicationAccess model
to genarically store scopes instead of the org specific ApplicationOrg
model mapping.
This commit fixes an issue originally in 3541643d where an instance
method on a model was missing in a migration. The problem was that
Django is smarter than we thought, and is somehow able to construct an
older version of the model before the commit, where there was no such
method. The solution is just to pull the method out of the model.
DENG-18
- This PR removes all imports from provider by either bringing them into edx-platform or finding dot replacement. Removing tests that tested dop parts of code.
- Skipping some tests and removing dop
The tests are difficult to fix due to its entanglement with dop use in third_party_auth.
These tests should be restarted once dop has been removed from third_party_auth and its tests.
- set ENABLE_DOP_ADAPTER = False for devstack
- Reimplement `djcelery.common.respect_language` utility function so we
can drop the dependency.
- Loosen `celery` pinning to a range, which brings in a fix for a
possible crash bug
Also, pin `path` to 13.1.0 for now in order to continue supporting py35.
This stage does the following:
- Includes a data migration to copy the values from old to new field.
- Changes business logic to switch to using new field.
- Deletes all code references of the old field.
Moves the existence check for secondary (recovery) email to validate
method. If the email already exists, silently remove it from the set of
data to be updated. This parallels the existing behavior for updating
the primary email.
ENT-1913
This was originally a separate plugin called openedx-olx-rest-api.
It provides a Studio API that any user with course authoring permission can use to get the OLX of an individual XBlock or a unit. Without this, the only way to get an XBlock's OLX was to download the tarball of the entire course.
Examples of usage (be logged in to Studio on devstack):
Simple HTML XBlock:
http://localhost:18010/api/olx-export/v1/xblock/block-v1:edX+DemoX+Demo_Course+type@html+block@030e35c4756a4ddc8d40b95fbbfff4d4/
Exporting a unit:
http://localhost:18010/api/olx-export/v1/xblock/block-v1:edX+DemoX+Demo_Course+type@vertical+block@134df56c516a4a0dbb24dd5facef746e/
Example output for an HTML block:
{
"root_block_id":"block-v1:edX+DemoX+Demo_Course+type@html+block@030e35c4756a4ddc8d40b95fbbfff4d4",
"blocks":{
"block-v1:edX+DemoX+Demo_Course+type@html+block@030e35c4756a4ddc8d40b95fbbfff4d4":{
"olx":"<html display_name=\"Blank HTML Page\"><![CDATA[\n<p><strong>Welcome to the edX Demo Course Introduction.</strong></p>\n]]></html>\n"
}
}
}
The code is designed primarily for use when importing content into Blockstore. So it will:
* Export HTML blocks as a combined OLX/HTML file, with the HTML in a CDATA section
* Convert vertical blocks to unit blocks (unit is like a vertical but has no UI elements)
* Detect static files (such as images) used by the XBlock and list the absolute URL of each static file in the "static_files": {...} JSON element for each XBlock that has at least one static file usage. This can handle static files that are in mongo ("contentstore" / "Files & Uploads") as well as files generated on-the-fly during OLX serialization via the export_fs API (mostly this is video transcripts).
* WIP: add third-party-auth scope and usage
BOM-1264
* Fix tests now that we do permissions in a more standard way.
Rather than manually setting the permission class we previously
explicitly raised a PermissionDenied exception. The way DRF
permissoning logic works, if we use the WWW-Authenticate header in the
highest priority auth class, it will return a 401 instead of a 403.
* Added test to make sure having permissions gives access to user mapping api
* Test new filters logic.
Ensure that the filters we add to the application access model make it
into the JWT correctly.
* quality fix
* quality fix
* disable pylint warning
* quality fix
* fix indent prob
Co-authored-by: Feanil Patel <feanil@edx.org>
Co-authored-by: Manjinder Singh <49171515+jinder1s@users.noreply.github.com>
This reverts commit 84de6bc6de
which reverts commit cebeab4348
which implements the first stage of the `values` column rename in
SiteConfiguration. However, I included a small change:
This time, we set a default value on the new `site_values` column so
that the ORM will happily deserialize the JSONField without throwing a
JSONDecodeError.
* Renamed OAuth2Authentication to BearerAuthentication
* Added back OAuth2Authentication name
-there are libraries such as edx-enterprise that still import OAuth2Authentication. The OAuth2Authentication class should be fully removed when everything is importing BearerAuthentication correctly
- added more default options to pytest calls in setup.cfg and pytest.ini files.
- pytest-json-report's plugin name in pluggy has changed, so added option for multiple names
