This does two major things:
* Removes subsections from a student's course outline if the
subsection's units are all restricted to a cohort that the student
is not a part of (see CohortPartitionGroupsOutlineProcessor).
* Removes sections from the course outline if the user is not allowed
to see any of its child subsections.
This fixes a bug in xblock serialization when trying to copy a
unit/component that contains an HTML xblock with the characters "]]>"
which is a special character in CDATA.
Remove use of Django's `CSRF_COOKIE_USED`, which is no longer leaked
outside of the dynamic scope of the Django csrf middleware as of Django
4.0. Specifically, https://github.com/django/django/pull/14688 replaced
that META entry and a request attribute with a single META entry
`CSRF_COOKIE_NEEDS_UPDATE`, which is then set back to False once the CSRF
cookie is set by the middleware's process_response.
We'll send the cross-domain cookie if the decorator requests it and the
value is present, regardless of whether the same-domain cookie would have
been sent. (And we'll still *set* `CSRF_COOKIE_NEEDS_UPDATE` to ensure that
a cookie gets generated.)
See https://github.com/openedx/edx-platform/issues/33207
Originally, we planned to add support for V2 libraries and for static
(hand-selected) library block reference via new block type: library_sourced.
We have since decided that it would be better to add those capabilities
in-place to the existing library_content block. This will ease V1->V2
library migration and make adoption of the new features easier for current
library users. It will also avoid duplication of logic between two block types,
we we fear would be error-prone. For details, see this ADR:
https://github.com/openedx/edx-platform/pull/33231
So, we are removing the library_sourced block.
This block has existed in edx-platform for a few years now, but was not
enabled by default and never officially supported. It was only usable via the
experimental V2 content library feature. Operators who added library_sourced
blocks to their course will now see them render as `HiddenBlock` instances, i.e.:
> ERROR: "library_sourced" is an unknown component type...
This should not impact other component types in such courses and should not
impact import/export.
This fixes the issue when pasting a copied unit that contains
python_lib.zip file into another course. The python_lib.zip file was not
being correctly copied over to the new course's Files & Uploads page.
This retrieves user preferences for edxnotes visibility by:
1. Adding a `bind_course_for_student` method to course overview model.
2. Using a bound XBlock in the `toggle_notes.html` template.
The previously used unbound course instance was returning a default value.
This commit leaves behind just enough Old Mongo (DraftModulestore)
functionality to allow read-only access to static assets and the
root CourseBlock. It removes:
* create/update operations
* child/parent traversal
* inheritance related code
It also removes or converts tests for this functionality.
The ability to read from the root CourseBlock was maintained for
backwards compatibility, since top-level course settings are often
stored here, and this is used by various parts of the codebase,
like displaying dashboards and re-building CourseOverview models.
Any attempt to read the contents of a course by getting the
CourseBlock's children will return an empty list (i.e. it will look
empty).
This commit does _not_ delete content on MongoDB or run any sort of
data migration or cleanup.
From the warning: Django now detects this configuration automatically.
You can remove default_app_config.
This also removes two warnings from shell startup.
* feat: adding unenrollments to event bus
* fix: quality fixes
* fix: tweaks to pass tests
* fix: more tweaks for testing
---------
Co-authored-by: John Nagro <jnagro@edx.org>
* fix: main page course listing
The course is visible on the main page right after creation when the feature toggle `CREATE_COURSE_WITH_DEFAULT_ENROLLMENT_START_DATE` is on.
So anonymous users can see them and access the course about page
for the courses without valid data (e.g. they will see the default
course overview)
When courses list filtering is processed it checks the `see_exists`
permission for the anonymous user.
Actually, `see_exists` means `can_load` OR `can_enroll`.
`can_load` is False in our case because the course start in the future.
But `can_enroll` returns True because the course's enrollment_start
and enrollment_end dates are blank:
```
enrollment_start = courselike.enrollment_start or datetime.min.replace(tzinfo=UTC)
enrollment_end = courselike.enrollment_end or datetime.max.replace(tzinfo=UTC)
if enrollment_start < now < enrollment_end:
debug("Allow: in enrollment period")
return ACCESS_GRANTED
```
Set the enrollment_start the same as a course start by default
Removed BasicAuthentication as a default from DRF
endpoints that have not overridden the authentication
classes. It appears this is not in use, and was just
implicitly a default because it came from DRF's
defaults.
See DEPR: https://github.com/openedx/edx-platform/issues/33028
