* Requiring at least one args in a mutually exclusive group to be set
bulk_change_enrollment requires one of agrs: org or course to be set
for it to function correctly.
* Creating new function to verify initial password hash
Starting with django 2.1, the function is_password_usable no longer checks whether encode
is a valid password created by a django hasher(hasher in PASSWORD_HASHERS setting)
Adding this function to create constant behavior as we upgrade django versions
Bulk unenroll command is not supporting unenrolling all the learners
from multiple courses.This PR will enhance this mgmt cmd so that
it can support un-enrollment of learners from multiple courses.
PROD-1347
Previously software secure was using self sign certificates.
Now they are not using it that's why we are enabling ssl
certificate verfication.
PROD-1395
We weren’t using has_access to check user access, which meant we were missing out on a bunch of checks. This PR adds a local _check_access function to CoursewareInformation. Ideally we would add this into access.py, but we’re adding it here for now to avoid any unexpected regressions in editing more commonly used code. This should ultimately be folded into our access system properly.
TNL-7053
Before Django 2.1, the dict was being stringified as `{'name': 'file.txt'}`
(note the single quotes) and producing a JSON parse error in
https://github.com/edx/edx-platform/blob/9cf2f9f/cms/djangoapps/contentstore/views/assets.py#L541
which was then converted to a 400 error. However, in Django 2.1,
django.test.client starts JSON-encoding request bodies when an appropriate
content-type is set:
https://github.com/django/django/compare/2.0.8..2.1#diff-97160f50594424a40f2621d5a3c581ccR320
This results in the JSON parse succeeding, and the expected error never
occurs; instead, there is a KeyError when the `locked` attribute is
missing from the dict.
For now, removing the test, since it is blocking Django 2 upgrade work,
and we need to get off of (unsupported) Django 1.11 ASAP.
We should probably repair and restore this test, but it is likely that
we'll want to change the code it is testing first, since that code is
insufficiently defensive and handles both multipart form data and JSON
without properly checking which kind it is dealing with, as well as
assuming too much about what keys are present in the JSON.
I've filed ARCHBOM-1090 for this followup work.
* Adding samesite cookie option in django 2.1 and above
Django 2.1 release note: Added the SESSION_COOKIE_SAMESITE setting to set the SameSite cookie flag on session cookies.
We want to allow staff to see all courses in the LMS.
This changes the behavior from staff being treated like
an AnonymousUser (unless an username query parameter is
provided) to being treated like staff.
I also added in some tests for the other paths in this
function that did not seem to be tested.
