This does two major things:
* Removes subsections from a student's course outline if the
subsection's units are all restricted to a cohort that the student
is not a part of (see CohortPartitionGroupsOutlineProcessor).
* Removes sections from the course outline if the user is not allowed
to see any of its child subsections.
Remove use of Django's `CSRF_COOKIE_USED`, which is no longer leaked
outside of the dynamic scope of the Django csrf middleware as of Django
4.0. Specifically, https://github.com/django/django/pull/14688 replaced
that META entry and a request attribute with a single META entry
`CSRF_COOKIE_NEEDS_UPDATE`, which is then set back to False once the CSRF
cookie is set by the middleware's process_response.
We'll send the cross-domain cookie if the decorator requests it and the
value is present, regardless of whether the same-domain cookie would have
been sent. (And we'll still *set* `CSRF_COOKIE_NEEDS_UPDATE` to ensure that
a cookie gets generated.)
See https://github.com/openedx/edx-platform/issues/33207
This retrieves user preferences for edxnotes visibility by:
1. Adding a `bind_course_for_student` method to course overview model.
2. Using a bound XBlock in the `toggle_notes.html` template.
The previously used unbound course instance was returning a default value.
This commit leaves behind just enough Old Mongo (DraftModulestore)
functionality to allow read-only access to static assets and the
root CourseBlock. It removes:
* create/update operations
* child/parent traversal
* inheritance related code
It also removes or converts tests for this functionality.
The ability to read from the root CourseBlock was maintained for
backwards compatibility, since top-level course settings are often
stored here, and this is used by various parts of the codebase,
like displaying dashboards and re-building CourseOverview models.
Any attempt to read the contents of a course by getting the
CourseBlock's children will return an empty list (i.e. it will look
empty).
This commit does _not_ delete content on MongoDB or run any sort of
data migration or cleanup.
From the warning: Django now detects this configuration automatically.
You can remove default_app_config.
This also removes two warnings from shell startup.
* feat: adding unenrollments to event bus
* fix: quality fixes
* fix: tweaks to pass tests
* fix: more tweaks for testing
---------
Co-authored-by: John Nagro <jnagro@edx.org>
* fix: main page course listing
The course is visible on the main page right after creation when the feature toggle `CREATE_COURSE_WITH_DEFAULT_ENROLLMENT_START_DATE` is on.
So anonymous users can see them and access the course about page
for the courses without valid data (e.g. they will see the default
course overview)
When courses list filtering is processed it checks the `see_exists`
permission for the anonymous user.
Actually, `see_exists` means `can_load` OR `can_enroll`.
`can_load` is False in our case because the course start in the future.
But `can_enroll` returns True because the course's enrollment_start
and enrollment_end dates are blank:
```
enrollment_start = courselike.enrollment_start or datetime.min.replace(tzinfo=UTC)
enrollment_end = courselike.enrollment_end or datetime.max.replace(tzinfo=UTC)
if enrollment_start < now < enrollment_end:
debug("Allow: in enrollment period")
return ACCESS_GRANTED
```
Set the enrollment_start the same as a course start by default
