PII Annotations are very out of date, this commit adds most that were
missing in edx-platform, and some additional annotations to the
safelist. It is not comprehensive, several other upstream Open edX
packages also need to be updated. It also does not include removing
annotations that have been moved upstream, or been removed entirely.
Those are separate follow-on tasks.
This commit fixes a bug introduced by the new VerificationAttempt model. The expiration_datetime field is nullable. Other IDV models in the verify_student application have a default value for expiration_date, so they are typically not null, despite being nullable.
This commit updates code that queries this field to function correctly when the value of expiration_datetime is None. In this case, a None expiration_datetime indicates a non-expiring attempt.
* fix: add placeholder should_display_status_to_user
* fix: have VerificationAttempt inherit StatusModel
- should_display_status_to_user now returns False
* chore: makemigrations
* feat: status_changed field added
* temp: idea to add should_display_status_to_user
* feat: add should_display_status_to_user
* fix: correct call in helpers+services
* chore: lint+test fix
* fix: default hide_status_user as False
* chore: rename field call to STATUS
* chore: remove extra status field
- comment cleanup
* temp: lint + comment out created status for now
* fix: revamp status_changed for back-compat
* fix: override save for status_changed
* fix: replace created/updated instead of status
- also made migrations
* fix: squash commits
- also remove extra updated_at property
* chore: nits
* feat: add idv events to api
- moved what was in signals.py to a handlers.py (which is what their file should have been called)
* chore: quality
* fix: rename test file + imports
* fix: change handler reverse url in other tests
* fix: refactor signals and handlers pattern
- following OEP-49 pattern for signals directory
- user removed as param for update function
- event now emitted after save
* fix: unpin edx-name-affirmation
* chore: add init to signals dir
* fix: compile requirements
* chore: quality
* chore: fix some imports
* chore: quality
* test: added signal emissions to test_api
* chore: lint
* feat: add VerificationAttempt model to verify_student application
This commits adds a VerificationAttempt model to store implementation and provider agnostic information about identity verification attempts in the platform.
* feat: add api for VerificationAttempt model
* fix: error handling for update
- added tests accordingly
- also took care of some nits
* chore: lint
* chore: lint for equals spaces
* feat: using generic update function instead
- can now update name, status, and exp. date on generic attempts
- changed tests accordingly
- a few nits
* chore: fix docstring args
* fix: corrected status validation
- reverted to old status validation method
- fixed tests accordingly
* fix: datetime, status, and annotation fixes
- expiration_datetime can be updated to None
- VerificationAttemptStatus is now StrEnum
- Added type annotations for api functions
---------
Co-authored-by: michaelroytman <mroytman@edx.org>
This commits adds a VerificationAttempt model to store implementation and provider agnostic information about identity verification attempts in the platform.
This commit modifies the approve_id_verifications management command to send an IDV approval email to learners. This ensures that learners are informed of approvals to their IDV attempts when performed using the management command. This more closely mirrors the way IDV approvals work when using an IDV vendor.
Sometimes, submissions to an IDV provider fail, which results in an IDV attempt moving from the "ready" status into the "must_retry" status instead of the "submitted" status.
We would like to approve these attempts too.
This pull requests adds a new management command approve_id_verifications to manually approve submitted ID verification attempts (i.e. instances of the SoftwareSecurePhotoVerifications model).
This commit adds some supplemental, more verbose logging to the results_callback view in the verify_student Djangoapp. This endpoint is called by identity verification (IDV) providers to POST an IDV review to edX.
We are experiencing issues with receiving IDV reviews from our IDV provider, and these logs will help us diagnose whether there is an issue in edX's systems.
These logs will be removed after our investigation is complete.
* fix: resubmit IDV attempts for early march 2023
- initial commit w/ direct copy of retry_failed_photo_verifications.py
* fix: resubmit IDV attempts for early march 2023
- corrected filter and comments
* feat: re-submit in date range
* feat: reworked other command instead
* temp: building tests
* test: unit test complete
* fix: quality
* fix: remove old file
* temp: building tests
* temp: tests w/ debug
* test: reverted old files + removed debug
* chore: quality
* chore: NITs
Remove temporary FutureCourseWaffleFlag class;
Update ora2 and edx-toggles to versions cleaned from the
LegacyWaffle* classes;
Replace `override_flag`s with `override_waffle_flag`;
Replace `override_switch`s with `override_waffle_switch` (where it's possible).
This is a first stage for removing the LegacyWaffle* classes.
LegacyWaffleFlag usage replaced with WaffleFlag;
LegacyWaffleSwitche usage replaced with WaffleSwitch;
New CourseWaffleFlag added to the temporary module __future__ as FutureCourseWaffleFlag;
Updated all the imports to use CourseWaffleFlag from the __future__ module;
BREAKING CHANGE: A number of toggle related constants (e.g. ENABLE_ACCESSIBILITY_POLICY_PAGE)
changed types. They were strings, and are now toggle instances (e.g. WaffleSwitch). Although the entire
refactor should be self-contained in edx-platform, if any plugins or dependencies were directly
using these constants, they will break. If this is the case, try to find a better publicized way of
exposing those toggles.
Specifically:
- check ALL ip addresses in the client ip chain for blocking
- check RIGHTMOST ip address in the client ip chain for allowing
Before, we always checked the LEFTMOST ip address in both cases.
AA-1234
It's long past time that the default test modulestore was Split,
instead of Old Mongo. This commit switches the default store and
fixes some tests that now fail:
- Tests that didn't expect MFE to be enabled (because we don't
enable MFE for Old Mongo) - opt out of MFE for those
- Tests that hardcoded old key string formats
- Lots of other random little differences
In many places, I didn't spend much time trying to figure out how to
properly fix the test, and instead just set the modulestore to Old
Mongo.
For those tests that I didn't spend time investigating, I've set
the modulestore to TEST_DATA_MONGO_AMNESTY_MODULESTORE - search for
that string to find further work.
The lack of ordering for a django query that grabbed verification records is blocking learners with multiple SSO records from taking proctored exams. All IDV records should be sorted by a key first, and then the correct expiration date can be determined.
Fixes an issue where bulk create was only batching writes. With a sufficiently large input the users queryset would fail to evaluate due to the size of the filter list sent to the db.
The VERIFIED_NAME_FLAG, the VerifiedNameEnabledView, and the verified_name_enabled key removed from responses for both VerifiedNameView view and VerifiedNameHistoryView
were removed as part https://github.com/edx/edx-name-affirmation/pull/12. This was released in version 2.0.0 of the edx-name-affirmation PyPI package. Please see below for additional context for the removal, copied from the name-affirmation commit message.
The VERIFIED_NAME_FLAG was added as part https://github.com/edx/edx-name-affirmation/pull/12, [MST-801](https://openedx.atlassian.net/browse/MST-801) in order to control the release of the Verified Name project. It was used for a phased roll out by percentage of users.
The release reached a percentage of 50% before it was observed that, due to the way percentage roll out works in django-waffle, the code to create or update VerifiedName records was not working properly. The code was written such that any change to a SoftwareSecurePhotoVerification model instance sent a signal, which was received and handled by the Name Affirmation application. If the VERIFIED_NAME_FLAG was on for the requesting user, a Celery task was launched from the Name Affirmation application to perform the creation of or update to the appropriate VerifiedName model instances based on the verify_student application signal. However, we observed that when SoftwareSecurePhotoVerification records were moved into the "created" or "ready" status, a Celery task in Name Affirmation was created, but when SoftwareSecurePhotoVerification records were moved into the "submitted" status, the corresponding Celery task in Name Affirmation was not created. This caused VerifiedName records to stay in the "pending" state.
The django-waffle waffle flag used by the edx-toggle library implements percentage rollout by setting a cookie in a learner's browser session to assign them to the enabled or disabled group.
It turns out that the code that submits a SoftwareSecurePhotoVerification record, which moves it into the "submitted" state, happens as part of a Celery task in the verify_student application in the edx-platform. Therefore, we believe that because there is no request object in a Celery task, the edx-toggle code is defaulting to the case where there is no request object. In this case, the code checks whether the flag is enabled for everyone when determining whether the flag is enabled. Because of the percentage rollout (i.e. waffle flag not enabled for everyone), the Celery task in Name Affirmation is not created. This behavior was confirmed by logging added as part of https://github.com/edx/edx-name-affirmation/pull/62.
We have determined that we do not need the waffle flag, as we are comfortable that enabling the waffle flag for everyone will fix the issue and are comfortable releasing the feature to all users. For this reason, we are removing references to the flag.
[MST-1130](https://openedx.atlassian.net/browse/MST-1130)
