Some actions in split modulestore record the user ID who requested the action. Currently, split modulestore doesn't care what data type you use for those user IDs. Most of the codebase uses integers, but some tests used username or email address strings.
My upcoming PR #27565 will move split modulestore's "course index" data from MongoDB into MySQL. In doing so, it requires that user IDs are always numeric. So this PR paves the way for that one by using numeric IDs consistently in all test cases. I believe the actual non-test code was already consistently using integer IDs.
Register the new CertificateDateOverride model with the Django admin.
Customize the `generated_certificate` field to accept the certificate id
(with search); and autosave the admin user making the change to the
`overridden_by` field, and make it read-only.
For MICROBA-1417, toward MICROBA-1239.
[MICROBA-1354]
* Update Python API function named `cert_generated_enabled` to `has_self_generated_certificates_enabled` to more accurately reflect the purpose of the function
Instead of hard-coding the "Learn More" and potentially other links for course
apps in the course authoring MFEs this change loads those URLs from the
django settings as part of each individual course app.
If a content library xblock does not specify a library id, we
previously would error out when importing, due to some cleanup
code that wasn't accounting for this case.
Sanitizes Markdown that goes back and forth between the server and
client side, to strip out data: links, so that they cannot be abused.
There is no present vulnerability to this issue–modern browsers disallow
data links in the first place, and we already filter this out in both
client-side code as well as the HTML generated in the REST API (it's run
through bleach). But we're adding this anyway, to further reduce the
odds that some client-side mistake could cause a vulnerability. This is
part of TNL-8589.
Some providers need special considerations when being set up so should only be
configured by people with global staff privileges. This adds an
admin_only_config flag to such providers (only YellowDig for now).
LOGIN_REDIRECT_WHITELIST has been used to filter redirect-url while processing logout requests but its configurations were not picked through environment files like lms.yml or studio.yml. This PR fixes that bug.
Add a new model (and corresponding migration) to the certificates
app in the LMS: CertificateDateOverride. The model will eventually be
used to allow course teams / support to override the "Issued On" date
for a given course certificate.
I used Github's UI to create this from the template (which I _never_ do,
instead opting for the CLI) and some how this ended up in the project
root, instead of in the .github/workflows directory. 🤷
Back to the command line for me...
