Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
51,619 Commits 1 Branch 0 Tags
a4447da5e0e0f9853081f895df76bb8ea1889e37
Commit Graph

29 Commits

Author SHA1 Message Date
David Ormsbee
483e654fcf Make CustomTagModule safe (remove Mako) [SEC-609] 
Prior to this commit, it was possible for course authoring teams
to import and execute Mako templates using the obscure "customtag"
tag (CustomTagModule). Since Mako templates can run Python code
(e.g. imports, database queries, etc.), this would give a course
team the ability to execute arbitrary, unsandboxed code on the
server.

This commit converts CustomTagModule to use the Python library's
string.Template instead. This should be broadly compatible with
the most basic and common usage of customtag, which is simple
variable substitution in the style of ${var_name}.
 2019-08-06 13:54:58 -04:00
Maxim Dorovkov
8702e40589 INCR-230 - Run python-modernize and isort on common/lib/xmodule/xmodule (#20506) 
* INCR-230 - Run python-modernize and isort on common/lib/xmodule/xmodule, plus a few minor fixes suggested by Jeremy
 2019-05-16 10:09:15 -04:00
Diana Huang
6572d99e76 Remove all references to datadog from our code. 2019-01-08 15:41:24 -05:00
Andy Armstrong
93235d118d Reorder imports using isort (except lms and cms) 2017-05-30 16:04:54 -04:00
Christina Roberts
2497f0a0eb WIP: xblock pipeline work (#10176) 
[PERF-303] Integer XBlocks/XModules into the static asset pipeline.

This PR, based on hackathon work from Christina/Andy, implements a way to discover all installed XBlocks and XModules and to enumerate their public assets, then pulling them in during the collectstatic phase and hashing them.  In turn, the methods for generating URLs to resources will then returned the hashed name for assets, allowing them to be served from nginx/CDNs, and cached heavily.
 2016-04-29 10:52:42 -04:00
John Eskew
34adb256a6 Add datadog counters everywhere a "VS[compat]" comment exists. 
Conflicts:
	common/lib/xmodule/xmodule/xml_module.py
 2015-03-26 16:18:15 -04:00
stv
fb9f324f2f Fix PEP8: E303 too many blank lines 2014-11-10 11:00:14 -08:00
Calen Pennington
407b02b358 Centralize startup code, and execute in all contexts 
Inspired by: http://eldarion.com/blog/2013/02/14/entry-point-hook-django-projects/
Moves startup code to lms.startup and cms.startup, and calls the startup
methods in wsgi.py and manage.py for both projects.
 2013-08-27 12:12:20 -04:00
Don Mitchell
115b214df1 Retrieve location from self in CustomTagDescriptor 2013-06-28 14:19:10 -04:00
Ned Batchelder
181b1e979b Remove unused imports from common, as reported by pylint. 2013-06-19 16:56:34 -04:00
Don Mitchell
1ff022e181 Incidental pep8 changes 2013-06-18 17:25:06 -04:00
Calen Pennington
4f555f6480 Merge remote-tracking branch 'origin/master' into feature/cale/xmodule-storage-model 
Conflicts:
	cms/djangoapps/contentstore/course_info_model.py
	cms/djangoapps/contentstore/module_info_model.py
	cms/djangoapps/contentstore/tests/factories.py
	cms/djangoapps/contentstore/tests/test_course_settings.py
	cms/djangoapps/contentstore/views.py
	cms/djangoapps/models/settings/course_details.py
	cms/djangoapps/models/settings/course_grading.py
	cms/templates/edit_subsection.html
	common/djangoapps/mitxmako/shortcuts.py
	common/djangoapps/static_replace.py
	common/djangoapps/util/converters.py
	common/djangoapps/xmodule_modifiers.py
	common/lib/xmodule/setup.py
	common/lib/xmodule/xmodule/abtest_module.py
	common/lib/xmodule/xmodule/capa_module.py
	common/lib/xmodule/xmodule/course_module.py
	common/lib/xmodule/xmodule/discussion_module.py
	common/lib/xmodule/xmodule/error_module.py
	common/lib/xmodule/xmodule/html_module.py
	common/lib/xmodule/xmodule/js/src/video/display.coffee
	common/lib/xmodule/xmodule/mako_module.py
	common/lib/xmodule/xmodule/modulestore/mongo.py
	common/lib/xmodule/xmodule/modulestore/store_utilities.py
	common/lib/xmodule/xmodule/modulestore/xml.py
	common/lib/xmodule/xmodule/modulestore/xml_importer.py
	common/lib/xmodule/xmodule/raw_module.py
	common/lib/xmodule/xmodule/self_assessment_module.py
	common/lib/xmodule/xmodule/seq_module.py
	common/lib/xmodule/xmodule/template_module.py
	common/lib/xmodule/xmodule/tests/__init__.py
	common/lib/xmodule/xmodule/tests/test_export.py
	common/lib/xmodule/xmodule/tests/test_import.py
	common/lib/xmodule/xmodule/video_module.py
	common/lib/xmodule/xmodule/x_module.py
	common/lib/xmodule/xmodule/xml_module.py
	lms/djangoapps/courseware/access.py
	lms/djangoapps/courseware/courses.py
	lms/djangoapps/courseware/grades.py
	lms/djangoapps/courseware/models.py
	lms/djangoapps/courseware/module_render.py
	lms/djangoapps/courseware/tests/tests.py
	lms/djangoapps/courseware/views.py
	lms/djangoapps/django_comment_client/utils.py
	lms/templates/staff_problem_info.html
	lms/templates/video.html
	rakefile
 2013-02-07 15:12:30 -05:00
Calen Pennington
cfae1cdf62 Pep8 autofixes 2013-02-06 11:13:50 -05:00
Calen Pennington
89a0b82e5c Decrease the number of queries needed for LMS courseware 
This cuts the number of queries in 6.002 courseware loads from ~650 to
~5-40. Still to do: cache CustomTag templates so that we only load them
once per request.
 2013-01-10 13:55:46 -05:00
Calen Pennington
d61c91c139 Fix errors around error descriptors and custom tag modules 2012-12-28 14:53:30 -05:00
Calen Pennington
8ba4163557 WIP. Data loads, but not all of it 2012-12-28 14:39:13 -05:00
Chris Dodge
050cb89cf7 fix crash with working with custom tags with XML filestore 2012-11-29 13:24:41 -05:00
Chris Dodge
f4822c23de lots of tweeks to better support importing of existing courseware 2012-10-30 11:52:31 -04:00
Calen Pennington
bacd728efc Squelch some (but not all, yet) errors during template loading 2012-10-24 16:25:20 -04:00
Victor Shnayder
298954fc01 Clean up customtag handling 
* load the template at descriptor init
* make it  export inline, not as a pointer
* update import/export test to do export to initial directory
 2012-08-09 13:32:57 -04:00
Victor Shnayder
9867dceca5 Load templates at descriptor load 
* instead of being lazy
 2012-08-09 10:47:08 -04:00
Bridger Maxwell
eb58f7c37c Changed to more specific import of xmodule.util.decorators. 2012-08-07 18:32:53 -04:00
Bridger Maxwell
1f34cf33fa Speed improvements by making the mako rendering in CustomTagModule lazy. 2012-08-07 16:01:42 -04:00
Bridger Maxwell
f872e41d1d Added descriptor to xmodule init. Now xmodules have pointer to their descriptor. 2012-08-07 13:43:30 -04:00
Victor Shnayder
ea26c25cb4 add back-compat code to customtag 
* apparently 6002x is using the impl-as-child structure already.
 2012-08-01 16:33:28 -04:00
Victor Shnayder
740c9b7df1 fixed docstring for customtag 2012-08-01 11:48:18 -04:00
Victor Shnayder
9461148b6e make customtag take impl as attribute rather than child 2012-07-27 16:08:22 -04:00
Calen Pennington
dbfcd78c88 Get custom_tag templates using system.filestore so that they work in multicourse 2012-07-10 10:46:18 -04:00
Calen Pennington
a0f550396c Make xmodule fit the typical python installation setup 2012-07-02 13:19:27 -04:00