Currently, the LMS logout endpoint should iframe in the logout pages of
all the IDAs you were logged into. In short, this was made possible with
DOP because keeping track of the logout URIs and leaving a trail of
evidence in the user cookies was part of what we added in our fork of
DOP. In the case of DOT, we don't have time or desire to fork DOT to
mirror this behavior, so our stop-gap solution is to log out the user
from a list of logout URIs in settings.
This PR is based on #19284 and is part of the
series of work related to the proposal #18134.
This PR avoids the assignment of
anonymous/unenrolled users to any cohort when
course is public. Anonymous or unenrolled users
will only see content that does not have a
content group assigned.
The "View Course" link to the course outline
is shown on the course about page for a course
marked public/public outline.
It also makes course handouts available for
public courses (not for public_outline).
This PR also hides the different warnings and
messages asking the user to sign-in and enroll
in the course, when the course is marked public.
It modifies the default public_view text to
include the component display_name when
unenrolled access is not available.
Prior to this commit, the course api (/api/courses/v1/courses/)
performed all the work necessary to return all courses available
to the user, and then only actually returned on page's worth of those
courses.
With this change, the api now does the work incrementally, computing
only the data needed to fetch the courses up to and including the page
being returned. This still increases approximately linearly as
the page number accessed being increases, but should be more cache-friendly.
One side effect of this is that the max_page reported by pagination
will be an overestimate (it will include pages that are removed due
to a users access restrictions).
This change also changes the sort-order of courses being returned by the
course_api. By sorting by course-id, rather than course-number, we
can sort in the database, rather than in Python, and defer loading data
from the end of the list until it is requested.
REVMI-90
Prior to this commit, the course api (/api/courses/v1/courses/)
performed all the work necessary to return all courses available
to the user, and then only actually returned on page's worth of those
courses.
With this change, the api now does the work incrementally, computing
only the data needed to fetch the courses up to and including the page
being returned. This still increases approximately linearly as
the page number accessed being increases, but should be more cache-friendly.
One side effect of this is that the max_page reported by pagination
will be an overestimate (it will include pages that are removed due
to a users access restrictions).
This change also changes the sort-order of courses being returned by the
course_api. By sorting by course-id, rather than course-number, we
can sort in the database, rather than in Python, and defer loading data
from the end of the list until it is requested.
REVMI-90
without blocking multiple concurrent sessions
also updates trace amounts of copy duplicated in tests between
edx-proctoring and edx-platform
JIRA:EDUCATOR-3931
This adds OAuth2 and JWT API to call XBlock handlers. It is an alternative approach to #15940 - it reuses some DRF logic to handle this, but does not convert `handle_xblock_callback` to DRF view, which caused issues described in edx/XBlock#383.
Moves banner into the content instead of at the top. Adds a course
expiration fragment to the course home page, the content, the progress
page, and the discussion page.
This is based on PR #19284 and is part of the
series of work related to the proposal #18134.
Adds VideoModule.public_view() to enable
unenrolled and anonymous users to view the video
contents of a public course.
When an unenrolled or anonymous user accesses the
video content of a public course, the
public_view() introduced in the previous PR is
used instead of student_view() method.
The course_visiblity field can have one of three values:
1. private (default): This keeps the standard access rules.
2. public_outline: Allows unenrolled and anonymous users access to the outline.
3. public: Allows unenrolled and anonymous users access to both outline and
course content.
When an unenrolled user accesses course content, instead of student_view(),
public_view() is used. A default implementation is provided for XBlocks
which do not implement this view. The public_view() must not have any
functionality which assumes the presence of a valid User and should show
a readonly only interface for the XBlock content.
