We were passing unstripped password value to `authenticate_new_user()`
after creating a user which was resulting in password mismatch and
was raising this error.
PROD-656
* Requiring at least one args in a mutually exclusive group to be set
bulk_change_enrollment requires one of agrs: org or course to be set
for it to function correctly.
* Creating new function to verify initial password hash
Starting with django 2.1, the function is_password_usable no longer checks whether encode
is a valid password created by a django hasher(hasher in PASSWORD_HASHERS setting)
Adding this function to create constant behavior as we upgrade django versions
Bulk unenroll command is not supporting unenrolling all the learners
from multiple courses.This PR will enhance this mgmt cmd so that
it can support un-enrollment of learners from multiple courses.
PROD-1347
Previously software secure was using self sign certificates.
Now they are not using it that's why we are enabling ssl
certificate verfication.
PROD-1395
Before Django 2.1, the dict was being stringified as `{'name': 'file.txt'}`
(note the single quotes) and producing a JSON parse error in
https://github.com/edx/edx-platform/blob/9cf2f9f/cms/djangoapps/contentstore/views/assets.py#L541
which was then converted to a 400 error. However, in Django 2.1,
django.test.client starts JSON-encoding request bodies when an appropriate
content-type is set:
https://github.com/django/django/compare/2.0.8..2.1#diff-97160f50594424a40f2621d5a3c581ccR320
This results in the JSON parse succeeding, and the expected error never
occurs; instead, there is a KeyError when the `locked` attribute is
missing from the dict.
For now, removing the test, since it is blocking Django 2 upgrade work,
and we need to get off of (unsupported) Django 1.11 ASAP.
We should probably repair and restore this test, but it is likely that
we'll want to change the code it is testing first, since that code is
insufficiently defensive and handles both multipart form data and JSON
without properly checking which kind it is dealing with, as well as
assuming too much about what keys are present in the JSON.
I've filed ARCHBOM-1090 for this followup work.
* Adding samesite cookie option in django 2.1 and above
Django 2.1 release note: Added the SESSION_COOKIE_SAMESITE setting to set the SameSite cookie flag on session cookies.
