Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,111 Commits 1 Branch 0 Tags
441d2e44b9457817bf9d2e052d160bc2e3effc2a
Commit Graph

3631 Commits

Author SHA1 Message Date
Adeel Khan
298d3554fe Fix templates for XSS code injection via translations 
This would patch all templates (django/mako)
for a possible XSS code injection via
translation files by html escaping them..

LEARNER-4632
 2019-06-25 14:22:42 +05:00
Hammad Ahmad Waqas
34589393ac Merge pull request #20840 from edx/hammad/WL-1492 
WL-1492 | Remove arbitrary code rendering on course about page
 2019-06-25 11:20:07 +05:00
Matt Tuchfarber
4e1877670e Check if enterprise matches site before consent 
We don't support enterprises with catalogs that span sites, so we can
safely ignore checking for consent when the site a learner is viewing a
course in is different than the enterprise that the learner is linked
to.
 2019-06-24 14:30:59 -04:00
jansenk
027a9bd2cc add api access request management command 2019-06-21 15:34:03 -04:00
Hammad Ahmad Waqas
63d7b7d6fa applying filter to remove dangerous html content before rendering in 
course_about page on course overview field
 2019-06-21 16:06:26 +05:00
Calen Pennington
093fc9f68a Allow a limited subset of fields in the Course Block View for blocks that have been denied authorization 2019-06-20 15:23:32 -04:00
DawoudSheraz
5747e97895 Merge branch 'master' into private_to_public_319d54e 2019-06-19 11:22:07 +05:00
Calen Pennington
92d9a1f541 Merge pull request #20789 from cpennington/first-enroll-discount-strikeout 
Add strike-out price to LMS Course Home sidebar
 2019-06-18 13:02:15 -04:00
Calen Pennington
2901d5f810 Centralize the strike-out price formatting to make correct accessibility easier 2019-06-18 11:00:08 -04:00
Zainab Amir
fa8aeb69d9 Remove Remember me button from login page 
Remember me button does the same thing regardless of if it is checked
or not. Remember me button being unchecked makes a user think they
will be logged out at the end of a browsing session when this is in
fact not the case

LEARNER-6220
 2019-06-18 17:30:37 +05:00
Brittney Exline
52d03626e2 Version bump for edx-enterprise 2019-06-17 14:28:05 -06:00
Calen Pennington
f842717c49 Add strike-out price to LMS Course Home sock 2019-06-17 15:11:33 -04:00
Calen Pennington
26cb18b01d Fix test name typo 2019-06-17 15:11:33 -04:00
Calen Pennington
dc7daccfc8 Add strike-out price in LMS courseware 2019-06-17 15:11:33 -04:00
Calen Pennington
d2de618b20 Add strike-out price to LMS Course Home sidebar 2019-06-17 15:11:33 -04:00
Diana Huang
0c7ad64350 Clean up theming tests and microsites. 2019-06-14 15:22:33 -04:00
Diana Huang
fe3d33091f More test fixes. 2019-06-14 15:20:50 -04:00
Diana Huang
762f20385e Fix theming test helpers. 2019-06-14 15:20:50 -04:00
Diana Huang
f8c54212f4 Remove more microsites from theming. 2019-06-14 15:20:50 -04:00
Diana Huang
58a363e9d4 Remove microsites from commerce and theming. 2019-06-14 15:20:50 -04:00
Awais Jibran
66298b8761 fix activation emails for login failure 2019-06-12 16:35:56 +05:00
Ned Batchelder
39c7a2db7c Revert "Use drf-yasg for Open API documentation" 2019-06-11 16:05:00 -04:00
Ned Batchelder
756dd88691 Merge pull request #20393 from edx/nedbat/drf-yasg 
Use drf-yasg for Open API documentation
 2019-06-11 13:58:13 -04:00
Amit
087250cff7 INCR-250: Make compatible with Python 3.x without breaking Python 2.7… (#20534) 
* INCR-250: Make compatible with Python 3.x without breaking Python 2.7 support --> openedx/core/djangoapps/programs

* INCR-250: Disable pylint warning and replace _f placeholder with actual name

* INCR-250: pylint format correction and fix over length line limit
 2019-06-11 10:17:52 -04:00
edx-pipeline-bot
de5d25eccc Merge pull request #20794 from edx/private_to_public_55dd3e1 
Mergeback PR from private to public.
 2019-06-11 19:17:13 +05:00
Ned Batchelder
135cbe76d8 yasg settings 2019-06-10 15:27:39 -04:00
Ned Batchelder
8774ff1f9b Use ref_name to disambiguate serializers that drf-yasg would otherwise assume are the same. 2019-06-10 15:27:39 -04:00
Ned Batchelder
fdd66e5390 Adjust the expected error message for DRF 3.7.7 2019-06-10 15:27:39 -04:00
Ned Batchelder
9257f68fd8 The default TIME_ZONE should be UTC 
In production, we use UTC as the time zone.  DRF 3.7.7 now puts all
times in the currently set timezone where it used to use UTC.  By
setting TIME_ZONE to UTC, we keep the same results we used to get.

In a few places, we had to change the expected test results to be UTC.
 2019-06-10 15:27:39 -04:00
Ned Batchelder
5985480409 Add drf-yasg 
* Install drf-yasg

* Add drf-yasg settings and urls

* Pin drf to make drf-yasg work

* Adjust config-models version to be compatible

* Remove django-rest-swagger (the old way)
 2019-06-10 15:27:38 -04:00
Jeremy Bowman
1198e5f29b Fix intermittent unit test failures (#20783) 2019-06-10 14:56:33 -04:00
Matthew Piatetsky
aba836b517 Merge pull request #20674 from edx/REVEM-354 
add discount banner to track selection and discount price to upgrade button
 2019-06-07 11:35:34 -04:00
Josue Balandrano Coronel
df14f5cdf6 [BB-1132] Decrease NAME_MIN_LENGTH to 1 2019-06-06 22:52:00 +02:00
Thomas Tracy
221dc99d23 Merge pull request #20760 from edx/ttracy/ent-1994-dsc-flag-bug 
type uuid for proper encoding.
 2019-06-06 11:41:51 -04:00
Thomas Tracy
be0e6093cd type uuid for proper encoding. 2019-06-06 09:50:24 -04:00
David Ormsbee
382f6ddc35 Merge pull request #20745 from open-craft/jill/models-gettext-lazy 
Campus.IL SE-1151 Strings used in models should always use gettext_lazy
 2019-06-05 19:53:10 -04:00
Christie Rice
c66ad09dbc REVMI-234 Remove flaky test (#20752) 2019-06-05 15:48:47 -04:00
Matthew Piatetsky
ce5b976f5e update local currency code 2019-06-05 15:46:16 -04:00
Dave St.Germain
4b84d630de Merge pull request #20719 from edx/dcs/grade-support 
API support for bulk grade import/export
 2019-06-05 14:46:15 -04:00
Christie Rice
b5d07783b9 REVMI-234 Include user id in jwt sent to ecommerce (#20743) 
* REVMI-234 Include user id in jwt sent to ecommerce

* Reorder params
 2019-06-05 10:27:23 -04:00
jansenk
095c420378 check curriculum rather than courses for program course membership 2019-06-04 14:06:00 -04:00
Jillian Vogel
22ebf0e16f Strings used in models should always use gettext_lazy. 
Otherwise, they generate false migrations when languages other than
English are used as the default.
 2019-06-04 18:48:46 +09:30
Matthew Piatetsky
8f2d7cfc8a switch enabled to disabled 2019-06-03 14:02:04 -04:00
Noraiz Anwar
55dd3e18bb Merge pull request #153 from edx/noraiz/PROD-169 
rate limit requests for password reset emails
 2019-06-03 11:39:59 +05:00
Matthew Piatetsky
b32ed9ff2b add discount restriction stacked config models 2019-06-02 18:21:31 -04:00
Dave St.Germain
a2ca6f96d0 API support for bulk grade import/export 2019-05-31 09:28:44 -04:00
Dave St.Germain
49b5b88a30 Bumped edx-when 2019-05-30 10:48:38 -04:00
Nimisha Asthagiri
ba4921b538 Merge pull request #20710 from edx/bom/course-experience-readme 
README for course_experience
 2019-05-29 15:33:53 -04:00
Nimisha Asthagiri
407438970b Merge pull request #20709 from edx/bom/certificates-readme 
README for certificates
 2019-05-29 15:33:03 -04:00
emma-green
8615b1b0ac Merge pull request #20661 from edx/emma-green/REVEM-355/add-arch-decision 
add arch decision of computation of course-user discount
 2019-05-29 12:08:21 -04:00