* feat: add more authentication information to swagger
* updates the `docs-settings` to make the generated swagger
`securityDefinitions` include both JWT and CSRF methods, as well as
basic. A few linter fixes happened as a side effect.
* Put in wordier descriptions for all three, since we don't have great
shared documentation about authn/authz.
* Added CSRF to `login_session`, which also serves as a proof of concept
for other endpoits
* Also regenerated the swagger doc, which picked up some extra changes.
Generated swagger now has help and allows extra auth methods so some
preveiously unusable endpoints can be hit.
FIXES: APER-3554
At one point, we envisioned having different kinds of libraries, e.g.
a "Video" library would be distinct from a "Problem" library. Later on,
we decided on a more generalized form of Libraries, where any given
library can hold any combination of content–which would then be
organized using collections and tagging.
Due to this shift in perspective, these values haven't actually been
used for a long time. This is just getting rid of them altogether.
The biggest challenge is dealing with the mismatch between how Libraries store
assets (per-Component) and how Courses store assets (global Files and Uploads
space). To bridge this, we're going to kludge a component-local namespace in
Files and Uploads by making use of the obscure feature that you can create
folders there at an API level, even if no such UI exists.
In this commit:
* Assets work when copy-pasting between library components.
* Assets work when copy-pasting from a library to a course, with the convention
being to put that file in a subdirectory of the form:
components/{block_type}/{block_id}/file.
Note that the Studio course Files page still just shows the filename.
* Assets work when copy-pasting from a course to a library.
Top level assets are put into a static folder in the Component, per Learning
Core conventions.
Limitations:
* Roundtrips don't work properly.
* There's no normalized form, so directories will start nesting if you copy
from library and paste into course, then copy the pasted thing and paste back
into library, etc. This was deemed acceptable for Sumac.
Low level stuff:
* XBlockSerializerForLearningCore has been removed, with the url_name stripping
functionality added as an optional param to XBlockSerializer (the other stuff
was for children and "vertical" -> "unit" conversion, neither of which are
relevant now).
* url_name is now stripped out of anything added to the clipboard, so that we
don't end up writing it in block.xml when it is redundant (and would be
stripped out with the next write anyway).
For the Libraries Relaunch Beta. This should not affect any site which
has kept New Libraries disabled.
Issue: https://github.com/openedx/frontend-app-authoring/issues/1170
We have user-oriented messaging stuffed into the BadUpstream exception. We may
as well use it rather than just giving an opaque error about xblock references.
We also want to log this situation, since we'd expect that the library block
usage key that Studio provides should generally be valid. If it consistently
isn't, then that's an issue that operators are going to want to look into.
This is a new XBlock that presents a random subset of its children. As of this commit, the block
can only be added as an Advanced component. For Sumac, we plan to enable it as part of the
Libraries Relaunch Beta, under the name "Problem Bank (Beta)"
The block does not care if its children are from V1 library, V2 library, or the course itself.
It shares the randomization logic with LegacyLibraryContentBlock. It is also fully backwards-compatible with LegacyLibraryContentBlock. So, once V1 libraries are migrated to V2 libraries (after Teak), we eventually
could point the `library_content` entry point at ItemBankBlock.
Part of: https://github.com/openedx/frontend-app-authoring/issues/1385
Upgrade codejail to add 22.04 support
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
Adds a new Studio-only libraries static asset endpoint at
/library_assets/blocks/{usage_key}. This endpoint will serve assets
only from the Draft branch, and is only available to people who have
read permission to the containing library.
This also moves the existing library asset endpoint that did lookups
by Component Version to /library_assets/component_versions/{uuid}
This change was motivated by the desire to make it easier to make the
editor preview work for images by having a single URL that will
consistently point to the latest version of the asset, rather than
having a new URL after every save (which the Component Version lookup
added content_title, progress_status in get_learner_data_records for derived classed of learner data exporters.
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
We don't need a dependency on `newrelic` in edx-platform, since it's
already brought in via edx-django-utils, which is where telemetry
dependencies belong anyhow.
Ran `make compile-requirements` to apply changes to lockfiles.
(Additional context: We may end up DEPRing the direct dependencies in
edx-django-utils as well and requiring deployers to install newrelic
separately. In any case, there aren't any places in openedx code that is
installed into the LMS or CMS that import newrelic directly.)
Also, update README to note system package dependencies that are required
for installing edx-platform deps. I had to reinstall my laptop and ran
into this again and wanted to actually document it this time.
* fix: problem block could not be used with versioned handler URls
* refactor: simplify REST API handling of usage keys
* feat: add more version awareness and update tests
* fix: make the preview changes modal bigger as requested
* refactor: parse version at the urlconf layer too
* feat: Copy tags when sync library
* feat: Avoid delete object tag if is copied
* chore: Bump version of openedx-learning to 0.16.0
* test: Tests for copy paste library blocks
* feat: Sync tags when sync upstream
