The forum service doesn't get the requesting user id for any operation, only the user id of the content creator. So to apply a different user id for an editor or post closing user, those need to be explicitly passed.
Reason codes will be used by the frontend to list and validate the reasons for specifying moderation actions.
Co-authored-by: Kshitij Sobti <kshitij@opencraft.com>
Co-authored-by: Felipe Trzaskowski <felipe@opencraft.com>
Add `edit_reason_code` field to both `Comments` and `Threads`, making it
editable for anyone who can also edit `raw_body`.
Add `close_reason_code` field to `Threads`, and make it editable by
anyone who can also edit `closed`.
Description
This is a follow up to #29058 and #29413. This is the next step in moving part of the modulestore data (the course indexes / "active versions" table) from MongoDB to MySQL.
There are four steps planned in moving course index data to MySQL:
Step 1: create the tables in MySQL, start writing to MySQL + MongoDB ✅ done
Step 2: migrate all remaining courses to MySQL ✅ done
Step 3: switch reads from MongoDB to MySQL (this PR)
Step 4 (much later, once we know this is working well): stop writing to MongoDB altogether.
Supporting information
OpenCraft Jira ticket: MNG-2557
Status
✅ Tested with a large Open edX instance is in progress.
Testing instructions
Try making changes in Studio and verify that they work fine.
Deadline
None
The new discusions MFE needs to know which provider is in use (legacy or new) to deliver the expected experience. This adds the provider name and other relevant configuration to the discussion configuraiton API.
Convert more tests from MONGO_AMNESTY to SPLIT modulestores.
This is in preparation for just wholesale denying access to Old
Mongo, so I either converted tests to split or just deleted some
test variants that were Old Mongo specific. (e.g. ddt lines)
It's long past time that the default test modulestore was Split,
instead of Old Mongo. This commit switches the default store and
fixes some tests that now fail:
- Tests that didn't expect MFE to be enabled (because we don't
enable MFE for Old Mongo) - opt out of MFE for those
- Tests that hardcoded old key string formats
- Lots of other random little differences
In many places, I didn't spend much time trying to figure out how to
properly fix the test, and instead just set the modulestore to Old
Mongo.
For those tests that I didn't spend time investigating, I've set
the modulestore to TEST_DATA_MONGO_AMNESTY_MODULESTORE - search for
that string to find further work.
* feat: New API for discussion topics
Creates a new API for discussion topics that uses auto-crated discussion topic links for the new discussion provider.
* squash!: refresh migration
Using the same Client or APIClient instance for multiple users, where
one user has an active session and the other is making an
Authorization header call, results in a Safe Sessions violation.
By using separate clients for different test users, we avoid this
violation, allowing `ENFORCE_SAFE_SESSIONS` to be enabled by default.
* feat: add api mapping to get comments by course+user
fix: merge the new user comments API by overloading the thread comments API
fix: handle endorsements and fix broken tests
fix: improve the view documentation
fix: unused imports
fix: restrict flagged filter to privileged users
fix: validate course_id properly
* fix: add docstring to the retrieve_all method
The frontends need to be aware of a user's privileges in order to know what operations are supported. This adds the user roles and privilege information to the discussion metadata API.
If course allows anonymous posts, and user is an author of a post, add
`anonymous` to posts' editable fields.
If course allows anonymous to peers posts, and user is an author of a
post, add `anonymous_to_peers` to posts' editable fields.
Course endpoint response to get request will now include course's
`allow_anonymous` and `allow_anonymous_to_peers` settings.
Added `anonymous` and `anonymous_to_peers` fields to the content
serializer, from which ThreadSerializer and CommentSerializer inherit.
Both fields have a default value of False, because there are cases where
course configuration doesn't allow them to be initialized (if a course
doesn't allow anonymous posts, the fields won't be included in the list
of initializable/editable fields).
* feat: Adds discussions settings for new discusions experience
This commit adds new discussions settings for the new discussions experience. These are stored in the course so they can be a part of course import/export flow.
These are also added to the discussions configuraiton API to allow MFEs to update the settings.
The discussions API is currently available via LMS, however that means it cannot save changes to the modulestore. This also adds the API to the studio config so it can now also be accessed from studio and be used to save course settings.
* fix: tests
This commit adds new discussions settings for the new discussions experience. These are stored in the course so they can be a part of course import/export flow.
These are also added to the discussions configuraiton API to allow MFEs to update the settings.
The discussions API is currently available via LMS, however that means it cannot save changes to the modulestore. This also adds the API to the studio config so it can now also be accessed from studio and be used to save course settings.
* feat: Add support for returning thread counts for all topics in a course
In the new discussions experience the thread counts for questions and discussions are displayed in the UI.
This uses a new cs_comments_service API to fetch that data and embed it in the topic listing.
* fix: apply review feedback fixes
Split modulestore persists data in three MongoDB "collections": course_index (list of courses and the current version of each), structure (outline of the courses, and some XBlock fields), and definition (other XBlock fields). While "structure" and "definition" data can get very large, which is one of the reasons MongoDB was chosen for modulestore, the course index data is very small.
By moving course index data to MySQL / a django model, we get these advantages:
* Full history of changes to the course index data is now preserved
* Includes a django admin view to inspect the list of courses and libraries
* It's much easier to "reset" a corrupted course to a known working state, by using the simple-history revert tools from the django admin.
* The remaining MongoDB collections (structure and definition) are essentially just used as key-value stores of large JSON data structures. This paves the way for future changes that allow migrating courses one at a time from MongoDB to S3, and thus eliminating any use of MongoDB by split modulestore, simplifying the stack.
Adds support for pinning and closing threads to the current REST APIs for discusions.
Adds a preview_body field to the thread response that contains a truncated version of the raw body with tags removed so it can be shown in previews.
Adds a field called "can_delete" to threads and comments that signals if the current user is able to delete that resource.
The rest API for discussions was using custom HTML sanitisation code that
matched the behaviour of the client-side library. This replaces the custom
code with bleach for better security.
