Now that we're actively using the LMS_USER_ID inside credentials to
identify users, we need to make sure that users created by
notify_credentials are including it in the jwt scopes when authenticated
with credentials.
We use the `notify_credentials` management command to keep certificate-
related data in the LMS and Credentials service in sync. We can run it
with specific arguments (user_ids, course_keys, etc.) when we notice a
data discrepancy; and it is run regularly by a Jenkins job with the
`--auto` flag every ~4 hours to keep things up-to-date.
Because we probably never want to notify credentials of of ALL the
GeneratedCertificates, the celery task must be given some arguments
to filter down to the relevant certificates. Running the management
command with the `--auto` flag (as the Jenkins job does) adds
`start_date` and `end_date` arguments of 4 hours ago and now,
respectively.
The handle_notify_credentials celery task then takes those arguments and
looks for any GeneratedCertificates that have been modified within the
given time range by checking the GeneratedCertificate modified_date.
It will send the current data for those certificates to credentials.
However, we also want to notify credentials about certificates that have
an associated CertificateDateOverride that has changed within that time
range: added, updated, or deleted. But changes to a
CertificateDateOverride won’t affect the GeneratedCertificate’s modified
date, and therefore wouldn’t be included in the list of certs cent to
credentials.
This commit adds a check for changed CertificateDateOverrides and
includes their associated GeneratedCertificates in the list of certs. We
use the CertificateDateOverride’s history model for this check so that
we can include certificates whose override was deleted.
MICROBA-1489
* [fix] Certificate availability date cleanup
This task will clean out the misconfigured certificate available date. When courses Change their
certificates_display_behavior, the certificate_available_date was not updating properly. This is
command is meant to be ran one time to clean up any courses that were not supposed to have
certificate_available_date
* build: Removed the diff-quality step
Applied lint-amnesty on all the warnings
Removed pylint thresholds comparison code and related tests
Co-authored-by: Usama Sadiq <usama.sadiq@arbisoft.com>
[refactor] change backfill date task to long running task
Change from a task that spins off multiple other tasks to a single long
running task. This will hopefully be way less heavy when this is ran in
production.
* [refactor] Move backfill_date_for_all_course_runs to Tasks.py
In order for celery to register this task, it needs to be in the right
file. duh!
* fix imports
* fix more imports
* [feat] Management command to populate credentials availability date
This is a command to populate the new CredentialsCertificate model's
available_date for every existing course_run.
* [feat] Added program_uuids to notify_credentials mgmt cmd
[MICROBA-951]
To support updating a users credentials in the Credentials services for
all users enrolled in a program we have added a command line argument to
the notify_credentials command called program_uuids. This supports a
list of program uuids. It will retrieve all course runs in the listed
programs and update the related credentials data.
* updated comments
Before this change, the notify_credentials management command ran for
about 10-15 minutes and occasionally overlapped with an edxapp
deployment which would cause the machine the command was running
on to die. The command ran through a bunch of certs and grades, and then
spun off celery tasks to send the relevant data to credentials.
Now, most of the logic of the notify_credentials management command has
been moved into a new celery task, so that combing through longs lists
of certs and grades is done asynchronously. This task then spins off the
original data-sending tasks as before.
Note that this requires a change in alerting: where the jenkins job
would previously notify us about failures, we need to know when this
new celery task fails for any reason. We’ve made this a LoggedTask
so that failures will be logged to Splunk and alerting can be built off
of the error messages.
This commit also moves the relevant tests.
MICROBA-963
[MICROBA-951]
When running the notify_credentials command locally there is an
OperationalError thrown by MySQL when there are no more results
available for the queryset iterator. This change catches that exception,
checks state, and then logs according to that state. This code runs in
production without issue. This changes allows for the code to be run
locally without a separate code path.
Adds a command to create an API connection to credentials for testing
program certificates on devstack. This command is not meant to be ran
manually, and will be included in a provisioning type script that will
be added later.
django-not-configured is an error raised by pylint (with
the pylint-django plugin) when it's not correctly configured.
We should not be applying lint amnesty for such a violation.
The learner records feature had to be enabled/disabled via site-specific
configuration models, which is inconvenient for platforms that want to
disable this feature globally. Here, we introduce a
ENABLE_LEARNER_RECORDS feature toggle in the lms/cms settings that makes
it possible to disable this feature on all sites. Because this feature
toggle is set to True by default, this will not modify the behaviour of
existing platforms.
* Generate common/djangoapps import shims for LMS
* Generate common/djangoapps import shims for Studio
* Stop appending project root to sys.path
* Stop appending common/djangoapps to sys.path
* Import from common.djangoapps.course_action_state instead of course_action_state
* Import from common.djangoapps.course_modes instead of course_modes
* Import from common.djangoapps.database_fixups instead of database_fixups
* Import from common.djangoapps.edxmako instead of edxmako
* Import from common.djangoapps.entitlements instead of entitlements
* Import from common.djangoapps.pipline_mako instead of pipeline_mako
* Import from common.djangoapps.static_replace instead of static_replace
* Import from common.djangoapps.student instead of student
* Import from common.djangoapps.terrain instead of terrain
* Import from common.djangoapps.third_party_auth instead of third_party_auth
* Import from common.djangoapps.track instead of track
* Import from common.djangoapps.util instead of util
* Import from common.djangoapps.xblock_django instead of xblock_django
* Add empty common/djangoapps/__init__.py to fix pytest collection
* Fix pylint formatting violations
* Exclude import_shims/ directory tree from linting
