This new endpoint is intended to replace enrollment API call used on the login+registration page. Instead of directly enrolling students, the view will contact the external e-commerce API (Oscar) to create a new order. Oscar will be responsible for completing the order and enrolling the student.
This behavior will only apply to course modes with associated SKUs. All other course mode enrollments will be processed directly by LMS.
When configured, set an additional cookie with the CSRF
token for use by subdomains.
The cookie can have a different name than the default
CSRF cookie, preventing conflicts between cookies
from different domains (e.g. ".edx.org", "courses.edx.org",
and "edge.edx.org").
The new cookie is included only on the enrollment API
views so that the scope of this change is limited
to the end-points that require cross-domain POST requests.
This allows the holder of a third-party access token (e.g. from Google
or Facebook) to get a first-party access token for the edX account
linked to the given access token.
When configured, set an additional cookie with the CSRF
token for use by subdomains.
The cookie can have a different name than the default
CSRF cookie, preventing conflicts between cookies
from different domains (e.g. ".edx.org", "courses.edx.org",
and "edge.edx.org").
The new cookie is included only on the enrollment API
views so that the scope of this change is limited
to the end-points that require cross-domain POST requests.
Allow global staff to generate example certificates
on the instructor dashboard.
Allow global staff to enable/disable self-generated
certificates for a course.
The new "country access" implementation replaces the old
implementation. Middleware and tests have been updated
accordingly, but deprecated models are preserved
for backwards compatibility.
xblock-external-ui: Alternate referer check for CORS requests
xblock-external-ui: Allow to disable httponly on session cookies
xblock-external-ui: Add a unit test for CorsCSRFMiddleware
xblock-external-ui: Include CSRF token in the API answer
xblock-external-ui: Include full path when building local_url
xblock-external-ui: Fix TestHandleXBlockCallback & bok_choy, add tests
xblock-external-ui: Only return `instance` in `_invoke_xblock_handler()`
xblock-external-ui: Group resources by hash tag to avoid duplicate loads
xblock-external-ui: PEP8
xblock-external-ui: Fail early if the XBlock view is called anonymously
We used to serve anonymous requests, but most XBlocks assume that the
user is logged in, which can generate a lot of errors when the user is
accessed or when an XBlock ajax callback is queried. Fail early to only
get one error per page load, and prevent displaying the XBlock
altogether when the LMS doesn't find an active user session.
xblock-external-ui: Add request params in view render context
xblock-external-ui: HTTP error status when file is too large for handler
xblock-external-ui: Fix unicode encodings in XBlock rendering
xblock-external-ui: Feature flag for API call ENABLE_XBLOCK_VIEW_ENDPOINT
- Price field added to Advanced Settings
- Function that decides which price to display
- Test added to check that the function outputs correct price
- Added feature flag and conditional to decide whether to display course price or not
- Feature Flag to show or hide course price on Course About page sidebar when not using shopping cart
