Relax load when bringing all the course children when fetching a course in the instructor dashboard page.
When loading the Instructor dashboard, the course is fetched with
3cbc5b9cdc/lms/djangoapps/instructor/views/instructor_dashboard.py (L122)
Please note that the parameter **depth** is zero, so the course is fetched with no children (sections, subsections, sequentials, etc). In a subsequent part of the code, the extensions tab is loaded, specifically in :
3cbc5b9cdc/lms/djangoapps/instructor/views/instructor_dashboard.py (L585)
Which eventually call the method **get_units_with_due_date**
3cbc5b9cdc/lms/djangoapps/instructor/views/tools.py (L121) .
This method iterates over the course and its children to find blocks with due dates. This iteration was taking too long unless the course is fetched with **depth** None, which brings all the children of the course, reason why this commit is created.
Specifically:
- check ALL ip addresses in the client ip chain for blocking
- check RIGHTMOST ip address in the client ip chain for allowing
Before, we always checked the LEFTMOST ip address in both cases.
AA-1234
Implements a feature flag DISABLE_UNENROLLMENT that is used to disable students un-enrollment for all courses. The Unenrollment option should be disabled when this feature is set to True.
ref: BB-4951
Co-authored-by: tinumide <tinuade@opencraft.com>
Co-authored-by: Tim McCormack <tmccormack@edx.org>
In some cases the course blocks API was returning a dict without
a 'children' key, which was causing a traceback.
If the course blocks API has no children, that's IS a problem, but
still better than erroring out due to a KeyError.
AA-1267
Coursegraph was moved from openedx to cms in commit 92552e50/PR #29156;
module init file was reintroduced in commit 80f9f1de/PR #30197, I think
by accident.
* refactor: enterprise dependencies for EdxRestAPIClient replacement
This is a part of https://github.com/openedx/public-engineering/issues/42
- add settings for enterprise-backend-service DOT application
- update utils used by enterprise to get rid of EdxRestAPIClient
- original utils stays in the code (to keep edx-platform api
clients working) till the
https://github.com/openedx/public-engineering/issues/39 deprecation
work will be done
* fix: fix typo in the docstring
Rendering asset URLs requires HTML blocks to be associated with a course key.
This change allows HTML blocks to be associated with libraries and still
render without error.
Tests which @requires_blockstore (i.e. the Blockstore service) have
been made to run as a unit test using the installed Blockstore app, and
will be run by the platform CI.
The Blockstore service tests can still be run manually by setting
EDXAPP_RUN_BLOCKSTORE_TESTS=1
Related fixes:
* adds blockstore bundle storage settings
* let the studio devstack and test servers serve static files from
the /media URL This allows the blockstore/content libraries API to
serve blockstore assets in dev.
* Wrap ContentLibrary creation in an atomic transaction, so that if it
fails, the related bundle can be deleted directly from the database
during the exception handler. (Previously, we called a REST API which
deleted it as part of a separate service.)
* adds blockstore as a requirement and an installed app, with
configurable bundle storage settings.
* adds waffle switch and setting to allow use of blockstore's python API
instead of REST API in live testservers and in production.
* adds database router which, when a `blockstore` DATABASE connection is
configured, allows the platform to use the blockstore service's
database instead of the default edxapp database.
* replaces blockstore_api exceptions and models with blockstore.app.api classes
* minor fixes to the blockstore_api to make the Blockstore REST API
return data packaged the same as the Blockstore Python API.
Previously, our rate-limiting code trusted the entire `X-Forwarded-For`
header, allowing a malicious client to spoof that header and evade
rate-limiting. This commit introduces a new module and setting
allowing us to make a more conservative choice of IPs.
- Create new `openedx.core.djangoapps.util.ip` module for producing
the IP "external chain" for requests based on the XFF header and the
REMOTE_ADDR.
- Include a function that gives the safest choice of IPs.
- Add new setting `CLOSEST_CLIENT_IP_FROM_HEADERS` for configuring how
the external chain is derived (i.e. setting the trust
boundary). Currently has a default, but we may want to make it
mandatory in the future.
- Change `django-ratelimit` code to use the proximate IP in the external
chain -- the one just outside the trust boundary.
Also:
- Change `XForwardedForMiddleware` to use more conservative choice for
its `REMOTE_ADDR` override
- Other adjustments to `XForwardedForMiddleware` as needed in order to
initialize new module and support code that needs the real
`REMOTE_ADDR` value
- Metrics for observability into the change (and XFF composition)
- Feature switch to restore legacy mode if needed
This also gives us a path forward to removing use of the django-ipware
package, which is no longer maintained and has a handful of bugs that make it
difficult to use safely.
Internal ticket: ARCHBOM-2056
