* Moving plugins infrastructure to edx-django-utils
This PR extracts the code that enables plugins in edx-platform and puts it in edx-django-utils. This is done to allow other IDAS to add plugin functionality.
- Hide the submit-button CTA link to reset dates in the mobile
app. They are working on their own solution.
- Don't show the dates_banner.html code in the courseware. It has
new CTA banner support with updated wording.
This also has an initial use case for Personalized Learner Schedules
to add CTAs to capa and vertical blocks to allow users to shift their
course deadlines.
* Replace track calls with eventtracking in task_track and server_track
* Making events compatible with events emitted via track app
* Fixed broken tests and quality violation
* Removed useless changes in shim. using in to have and keys in event context
Co-authored-by: zia.fazal@arbisoft.com <zia.fazal@arbisoft.com>
- Updating Python Requirements
- Fix cache key generation to use class name and module
This was stringifying the class object directly, resulting in cache keys
like `:1:<class 'xblock_django.models.XBlockConfiguration'>.xblock_django.api.deprecated_xblocks`
which then cause breakage when Django 2.2.13 validates the keys.
Co-authored-by: edX requirements bot <testeng+edx-requirements-bot@edx.org>
The XBlockPackageStorage used to return offset-naive datetime objects
which were compared to offset-aware objects when we ran static asset
collection:
./manage.py lms collectstatic
Close CRI-191
This adds some simple new python+REST APIs that can be used to create,
read, update, and delete "links" from a content library to other content
libraries.
One can use these links to import content (XBlocks) into a library
without copying the content.
Note that this feature was already fully supported by Blockstore and the
XBlock runtime; it's just that to use it prior to this required one to
use the (lower-level) Blockstore REST API directly to create the links.
Now there is a somewhat higher-level API built in to Studio, using
"content library" abstractions instead of Blockstore primitives.
Also improve usefulness of some blockstore runtime logs for debugging
Context:
Sometimes when trying to load an XBlock's XML file from Amazon S3, AWS will return a 4xx or 5xx response along with error XML like:
<Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>foo/bar</Key>...</Error>
A bug in the get_bundle_file_data_with_cache method would cause this XML to be returned to the runtime anyways, as if it were the expected OLX. This would then (obviously) lead to strange parsing bugs, e.g. when trying to interpret <Code> as an <xblock-include>.
This fixes the bug and improves the logging, both to make this sort of issue easier to debug in the future and to return whatever detailed error code S3 provides (or Blockstore, if S3 is not being used).
Also improve usefulness of some blockstore runtime logs for debugging
Context:
Sometimes when trying to load an XBlock's XML file from Amazon S3, AWS will return a 4xx or 5xx response along with error XML like:
<Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>foo/bar</Key>...</Error>
A bug in the get_bundle_file_data_with_cache method would cause this XML to be returned to the runtime anyways, as if it were the expected OLX. This would then (obviously) lead to strange parsing bugs, e.g. when trying to interpret <Code> as an <xblock-include>.
This fixes the bug and improves the logging, both to make this sort of issue easier to debug in the future and to return whatever detailed error code S3 provides (or Blockstore, if S3 is not being used).
* Revert "Ran make migration on third_party_auth (#23253)"
This reverts commit 49be65cc58.
* Removing provider.util import
* Removing further provider things
* Adding hash tests
* Removing from provider imports from openedx
* removed all uses of retire_dop_oauth2_models
* Removing provider library from lms, common, and cms
Created/copied function short_token(from django-oauth-provider) and create_hash256 to help with conversion
* WIP: add third-party-auth scope and usage
BOM-1264
* Fix tests now that we do permissions in a more standard way.
Rather than manually setting the permission class we previously
explicitly raised a PermissionDenied exception. The way DRF
permissoning logic works, if we use the WWW-Authenticate header in the
highest priority auth class, it will return a 401 instead of a 403.
* Added test to make sure having permissions gives access to user mapping api
* Test new filters logic.
Ensure that the filters we add to the application access model make it
into the JWT correctly.
* quality fix
* quality fix
* disable pylint warning
* quality fix
* fix indent prob
Co-authored-by: Feanil Patel <feanil@edx.org>
Co-authored-by: Manjinder Singh <49171515+jinder1s@users.noreply.github.com>
* Renamed OAuth2Authentication to BearerAuthentication
* Added back OAuth2Authentication name
-there are libraries such as edx-enterprise that still import OAuth2Authentication. The OAuth2Authentication class should be fully removed when everything is importing BearerAuthentication correctly
- Removing deprecated auth classes
- Replacing OAuth2AuthenticationAllowInactiveUserDeprecated with OAuth2AuthenticationAllowInactiveUser
- the old class was a child class of a deprecated class that we are removing and replacing.
Updating to the current highest number instead of making it the default
which is highest know by the language. This is beacuse when we update
between python versions if there is a new proctocol version, we don't
want that to cause cache thrashing as we try to load things from the
various caches. We can get into a situation where new machines pickle
things with a newer versions of the procotocl, put them in the cache and
then break older machines that don't know about the new protocol
version.
* Added new auth class
- Created new class called OAuth2AuthenticationAllowInactiveUser, which replaces old class with same name
- Renames previous OAuth2AuthenticationAllowInactiveUser to OAuth2AuthenticationAllowInactiveUserDeprecated
- Replaced all imports of OAuth2AuthenticationAllowInactiveUser to call deprecated class instead
- testing new class in discussion(added flag based on django setting)
* Added new authentication class(meets drf standards)
The new class replaces the deprecated oauth2authetnication class from rest_framework_auth library(repo django-rest-framework-oauth).
Majority of the code is combination of copy-pasta from old oauth2authentication class and Oauth2AuthenticationAllowInactiveUser class
* Added ability to switch to new authentication class in bookmarks app
* Changed error type reported by Outh class. It now outputs a json rather than a string.
Currently, we are working on removing the rest_framework_auth library from edx-platform. For this push, we need to remove the oauth2Authentication class. This PR creates a new class oauth2AuthenticationDeprecated that adds additional new relic metrics. The metrics would allow us to see how often this class is used and its success rate. The hope is that this information will help us with transitioning to a different authentication class.
This reverts commit cdb0619846,
which itself reverted 3ca006214e.
The original commit (3ca006) was reverted because it was suspected
that it was causing unexpectedly-increased memcached usage and
500s in the Gradebook API. It is not clear whether that is actually
the case. We are optimistically reinstating 3ca006 and will monitor
production to see if there is an adverse effect.
MST-105
The functions `CourseOverview.get_from_id_if_exists`
and `CourseOverview.get_from_ids if exists` are bug-
prone, in that they do not go to the modulestore
when a CourseOverview is out-of-date or uncached.
The docstrings spell this out, but callers seem
not to understand the implications.
So, in this commit, we:
* Remove both functions
* Add `CourseOverview.get_from_ids` for almost-as-fast
yet safer bulk-fetching of overviews
* Update call sites to use `course_exists` or `get_from_ids`
in place of the old functions.
* Add tests for @verify_course_exists.
This PR should specifically fix an issue where
the program_enrollments API was breaking when the CourseOverview
version was bumped.
CR-1708
Ignore `ResourceWarning` to clear noise in logs until we replace `EdxRestApiClient` with `OAuthAPIClient`. We have too many warnings like this
unclosed <ssl.SSLSocket fd=33, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('*.*.*', 47040), raddr=('*.*.*.*', 443)
