Tests which @requires_blockstore (i.e. the Blockstore service) have
been made to run as a unit test using the installed Blockstore app, and
will be run by the platform CI.
The Blockstore service tests can still be run manually by setting
EDXAPP_RUN_BLOCKSTORE_TESTS=1
Related fixes:
* adds blockstore bundle storage settings
* let the studio devstack and test servers serve static files from
the /media URL This allows the blockstore/content libraries API to
serve blockstore assets in dev.
* Wrap ContentLibrary creation in an atomic transaction, so that if it
fails, the related bundle can be deleted directly from the database
during the exception handler. (Previously, we called a REST API which
deleted it as part of a separate service.)
* adds blockstore as a requirement and an installed app, with
configurable bundle storage settings.
* adds waffle switch and setting to allow use of blockstore's python API
instead of REST API in live testservers and in production.
* adds database router which, when a `blockstore` DATABASE connection is
configured, allows the platform to use the blockstore service's
database instead of the default edxapp database.
* replaces blockstore_api exceptions and models with blockstore.app.api classes
* minor fixes to the blockstore_api to make the Blockstore REST API
return data packaged the same as the Blockstore Python API.
Previously, our rate-limiting code trusted the entire `X-Forwarded-For`
header, allowing a malicious client to spoof that header and evade
rate-limiting. This commit introduces a new module and setting
allowing us to make a more conservative choice of IPs.
- Create new `openedx.core.djangoapps.util.ip` module for producing
the IP "external chain" for requests based on the XFF header and the
REMOTE_ADDR.
- Include a function that gives the safest choice of IPs.
- Add new setting `CLOSEST_CLIENT_IP_FROM_HEADERS` for configuring how
the external chain is derived (i.e. setting the trust
boundary). Currently has a default, but we may want to make it
mandatory in the future.
- Change `django-ratelimit` code to use the proximate IP in the external
chain -- the one just outside the trust boundary.
Also:
- Change `XForwardedForMiddleware` to use more conservative choice for
its `REMOTE_ADDR` override
- Other adjustments to `XForwardedForMiddleware` as needed in order to
initialize new module and support code that needs the real
`REMOTE_ADDR` value
- Metrics for observability into the change (and XFF composition)
- Feature switch to restore legacy mode if needed
This also gives us a path forward to removing use of the django-ipware
package, which is no longer maintained and has a handful of bugs that make it
difficult to use safely.
Internal ticket: ARCHBOM-2056
[MICROBA-1507]
* adds new functionality for retrieving and submitting scheduled tasks to Celery
* add an InstructorTaskSchedule factory for unit testing
* adds unit tests for processing scheduled tasks
Specifically:
- enrollment has ended or not begun (whoops!)
- is full (at/over max enrollment)
Before this change in these cases, we would still show an enroll
button which wasn't functional, causing user confusion.
AA-1245
Overrides the SystemWideEnterpriseUserRoleAssignment.get_assignments() method to return
a list of (role, context) assignments, where the first item in the list corresponds
to the currently active enterprise for the user. Also ensures that
EnterpriseSystemWideUserRoleAssignment.get_assignments() can handle null values that might be returned by get_context().
The only way to access the legacy courseware is now through the
Studio preview feature (and at some point, when the MFE supports a
preview mode, we can then remove even that).
This drops the courseware.use_legacy_frontend waffle.
[MICROBA-1696]
* Introduce an ADR with details on the proposed approach to scheduled instructor tasks to support scheduled bulk email
* Introduce an ADR with details on how scheduled instructor tasks will be processed
The ony use is a GET request in admin portal so this view need not be post/put friendly right now.
It may actually get removed in an upcoming iteration, or stay readonly.
Fixes: SEC-1418
Co-authored-by: Binod Pant <bpant@edx.org>
The ony use is a GET request in admin portal so this view need not be post/put friendly right now.
It may actually get removed in an upcoming iteration, or stay readonly.
Fixes: SEC-1418
This was the "outline tab" view of the course. Preceded by the
course info view, succeeded by the MFE outline tab.
In addition to the course home view itself, this drops related
features:
- Legacy version of Course Goals (MFE has a newer implementation)
- Course home in-course search (MFE has no search)
The old course info view and course about views survive for now.
This also drops a few now-unused feature toggles:
- course_experience.latest_update
- course_experience.show_upgrade_msg_on_course_home
- course_experience.upgrade_deadline_message
- course_home.course_home_use_legacy_frontend
With this change, just the progress and courseware tabs are still
supported in legacy form, if you opt-in with waffle flags. The
outline and dates tabs are offered only by the MFE.
AA-798
(This is identical to previous commit be5c1a6, just reintroduced
now that the e2e tests have been fixed)
This was the "outline tab" view of the course. Preceded by the
course info view, succeeded by the MFE outline tab.
In addition to the course home view itself, this drops related
features:
- Legacy version of Course Goals (MFE has a newer implementation)
- Course home in-course search (MFE has no search)
The old course info view and course about views survive for now.
This also drops a few now-unused feature toggles:
- course_experience.latest_update
- course_experience.show_upgrade_msg_on_course_home
- course_experience.upgrade_deadline_message
- course_home.course_home_use_legacy_frontend
With this change, just the progress and courseware tabs are still
supported in legacy form, if you opt-in with waffle flags. The
outline and dates tabs are offered only by the MFE.
AA-798
This:
1. Removes the `filestore` property from the `ModuleSystem` in favor of
the `runtime.resources_fs` property.
In the original code, `filestore` is equal to
`DescriptorSystem.runtime.resources_fs`. It's safe to replace it with
`ModuleSystem.runtime.resources_fs` because both runtimes are combined
using the `CachingDescriptorSystem`. It provides the `resources_fs` property
that uses the same file storage.
2. Renames `filestore` argument to `resources_fs` in the `LoncapaSystem`
constructor.
3. Adds the deprecated `filestore` property to the `ModuleSystemShim`
and `RuntimeShim`.
