This:
1. Introduces a new override using the `pluggable_override` decorator.
It is now possible to specify a custom way of getting XBlock's icon
by defining `GET_UNIT_ICON_IMPL` in settings.
2. Introduces a way to add custom `XBLOCK_MIXINS` by defining
`XBLOCK_EXTRA_MIXINS` in settings. This allows, e.g. to add
new fields to XBlocks.
* MST-734 Fix production issue on Learner Onboarding Status Panel
Fix the prod issue where learning sequence service object missing the needed get_user_course_outline service API
The user web API call currently returns 500
This was initially introduced as a temporary flag to be able to get more
information. But if we get this kind of issue again, we'll need
something like this logging to determine the source of the session
collision. Rather than removing the code and adding it back in later,
convert this temporary switch into an opt-in setting that can be used
again in the future.
BREAKING_CHANGE: 'safe_session.log_request_user_changes' switch no
longer exists and is replaced with the 'LOG_REQUEST_USER_CHANGES' django
setting which defaults to 'False'
Previously they also had to have a valid JWT cookie which led to a weird
corner case where a user was logged in but still showed the login form
resulting in some confusion and odd behavior.
This change gives precedence to the session token to determine whether
or not someone is logged into the LMS but ensures that if you go through
the login flow, you refresh your JWT cookies. This should not cause any
breakage for MFE flows that might redirect to the LMS login page since
the JWT would get refreshed if it's out of date but the session is
valid.
Six frames was not enough because for DRF views the request gets wrapped
in a proxy object and so we need more of the stack to see what part of
the code we're in that actually invokes the use change.
Exposed the Date header on the outline api so clients can accurately compute times relative to the dates returned by the API; this was previously done with the course API (#26979)
Browser time is notoriously unreliable for this, especially for a Learner-facing countdown call-to-action based on the access expiration date. (REV-2126)
Using the Date header for this allows the client to make use of information that is already sent, does not require additional calls nor modifying the API, and could be generalized to more or all our APIs without modifying them.
A variety of updates were made to improve the toggle documentation:
* Added comments to help ensure that the waffle(), waffle_switches(),
waffle_flags() anti-pattern won't be contagious (copied).
* Some minor toggle_description updates.
* Removed empty toggle_target_removal_date annotations for
non-temporary toggles.
* Removed empty optional toggle_warnings annotations.
* Removed empty optional toggle_tickets annotations.
* Removed deprecated toggle_category, toggle_status,
and toggle_expiration_date annotations.
* Fixed some indents, use cases, and implementations.
ARCHBOM-1721
When a user logs out, there are warnings logged right now because the
session user_id mismatches(it becomes None on logout). Previously we
would log the request mismatch on debug and the session mismatch as
normal.
This change will result in us logging nothing if the session change is
not abnormal.
xblock information was not being translated correctly when using the blockstore runtime. This makes the i18n_service block-specific so it can look for additional i18n files that can be installed with the XBlock
When considering whether a subsection is complete as an assignment,
skip any "hierarchy" types (sequential, vertical, etc) that don't
have children. If the user can't see the content, don't risk
marking it as complete.
AA-726
Adds a command to create an API connection to credentials for testing
program certificates on devstack. This command is not meant to be ran
manually, and will be included in a provisioning type script that will
be added later.
Waffle flags are useful for gradual rollout but that's not possible this
high in the middleware because a lot of the data needed (request.user)
to partition incoming requests is not availabale this high in the
middleware.
Convert this to a WaffleSwitch which will be safer to operate.
Also increase the number of frames in the stack to print per change.
Printing just 1 did not provide enough info because DRF requests wrap
WSGI requests and have a setter proxy. It will be useful to figure out
how they do this in case it's better that what we're doing in the safe
sessions middleware.
Ticket: https://openedx.atlassian.net/browse/ARCHBOM-1718
The change is behind a WafleFlag and can be turned on to log every time
the `user` attribute of an instrumented request changes. This will
significantly increase log volume so it shouldn't be left on all the
time but can be turned on to quickly debug issues related to sessions.
Ticket: https://openedx.atlassian.net/browse/ARCHBOM-1718
For some SAML providers, learners are redirected to MFE and breaking
the flow. Check for running pipeline and if the provider is a SAML
provider keep them on FE.
VAN-425
If edxloggedin cookie is not present but the user is authenticated;
user is redirected to authn MFE and then back to dashboard instead
of the desired redirect URL (e.g. finish_auth) resulting in learners
not enrolling into the courses.
VAN-415
We were attempting to add course overrides twice to objects returned in
the toggle state report view. This was causing a TypeError (and thus a
500 error) because the second time, we were attempting to add entries to
an incorrect object.
This issue was not caught by unit tests because we were not testing the
view with WaffleFlagCourseOverride objects. This commit adds a unit test
to prevent future errors.
This is another fix for PR #27108.
