What had been happening was related to the fact that ATOMIC_REQUESTS is now on,
preventing writing to the database until a request is completed.
The problem with that was that CohortMemberships, with their explicit
transaction handling, were breaking that rule and touching the database.
The CohortMembership needs to also touch the database to update the
underlying course_user_groups information, to prevent the database from
getting into a strange state.
After this commit, every time a CohortMembership is updated or created, the
corresponding course_user_groups are also updated and explicitly written to
the database. This occurs atomically with the CohortMembership, and does not
wait for the end of the request.
Make escaping for json simpler and more consistent in Mako templates
- add escape_json_dumps to escape and json.dumps
- add escape_js_str to escape javascript string
- refactor Studio to use escape_json_dumps in Mako templates
TNL-2646: Escape json.dumps
- Resolve SEC-27 by escaping course name in advanced settings
- Add escape_json_dumps to simplify escaping json in Mako templates
SEC-27: XSS/JS Error in Advanced Settings with invalid course name
On devops recommendation, now handling the potential for an 'inconsistency
window' via a management command instead of a hacky "re-run the data migration"
bash script.
By using the before_after library, we can force a race condition to reliably
occur in the CohortMembership.save() method. This unit test will do just that,
and ensure that our race-condition-handling code functions as it should.
The code changes needed to get CohortMembership functioning properly.
The key of this change is twofold: first, CohortMemberships are unique
per-user, per-course. This is enforced at the database level. Secondly,
the updates are done using a select_for_update, which ensures atomicity.
These are the migrations needed for CohortMembership to function.
0005 establishes the table, 0006 will be used to move existing data
into the table as needed.
Per product guidance, we can just arbitrarily reassign problem users.
Implementing that decision, as well as the remainder of the data migration.
Also including a short script to re-run the 0006 migration after code changes
are live, to prevent a potential issue where the database become out-of-sync.
Add configuration model for enrollment refunds.
Use order info from otto in refund window calculation
Delete dupe tests. Extend tests to include window tests
Move ecom client from lib to djangoapps in openedx
The update (PUT) endpoint now supports creating new CreditCourse objects in addition to updating existing ones. This functionality greatly simplifies the logic needed by consumers (e.g. the Course Administration Tool) to create or update CreditCourse objects.
ECOM-2524
