BackPopulate Program Credentials job performs data for all the programs
and for all the available learners which takes a lot of time.
Adding in custom arguments will help run this job for specific learners
and specific programs.
- retires toggle DISABLE_DEPRECATED_LOGIN_POST
- permanently removes /login_post
Now that studio signin has been retired, we are able to remove the
unused /login_post endpoint.
ARCH-1253
- use login_ajax (in place of login_session with shim) for
logistration's call to login POST
- add toggle for using login_ajax from logistration
- FEATURES['ENABLE_LOGIN_POST_WITHOUT_SHIM']
- add custom metrics for redirect_url
- update test for third-party auth error_code
NOTE: The error_code `third-party-auth-with-no-linked-account`
was introduced in JSON in this earlier PR:
https://github.com/edx/edx-platform/pull/22452/files
ARCH-1253
Scheduled emails show "unsubscribe" link if waffle switch
`schedules.course_update_show_unsubscribe` is enabled, and
settings.ACE_ENABLED_POLICIES respects `bulk_email_optout`.
API endpoint allows GET/POST requests, which:
* GET asks for confirmation of opt-out
* POST accepts "unsubscribe" or "cancel", where "unsubscribe" creates the
Optout entry, and "cancel" does nothing.
Fixes flaky tests:
* The resolvers handle users in "bins", which are groups that depend on the user ID.
* The test user ID varies depending on the test order.
* This change ensures that the bin requested matches the user for the test.
The toggle UPDATE_LOGIN_USER_ERROR_STATUS_CODE was added to roll out a
breaking change for `login_user` auth errors to return a 400 rather than
a 200.
This toggle was enabled in Production on 12/5/2019 with seemingly no
adverse affects.
ARCH-1253
We use pickling in conjunction with caches in these cases so we should
be able to fallback to the uncached behavior if the pickled data is
corrupt in some way.
eg. it's a python 2 pickle we don't know how to read.
Returning JSON from `login_user` for third party auth failures makes
the response more consistent with all other `login_user` responses.
The only calls to `login_user` with this failure are processed by
`shim_student_view` which will in-turn remove this JSON. This improves
the `login_user` response in advance of switching the logistration page
to use `login_user` without `shim_student_view`.
ARCH-1253
`shim_student_view` is used for login, and is being simplified so it
can ulimately be completely deleted. In this commit, the shim
preprocessing was removed by deleting unused code, and moving code
that is still being used to login_user.
Note: `shim_student_view` was originally added in
https://github.com/edx/edx-platform/pull/5768/files
ARCH-1253
This completes the work started in https://github.com/edx/edx-platform/pull/19453
to use the LMS login and registration for Studio, rather than Studio
providing its own implementation.
LMS login/registration are being used for the following reasons:
1. LMS logistration properly handles all SSO integrations.
2. A single logistration is simpler to maintain and understand.
3. Allows Studio to work more like all other IDAs that use LMS
logistration.
The original switch to use LMS logistration for Studio also added the
toggle `DISABLE_STUDIO_SSO_OVER_LMS` to provide the community some
additional time for switching. This commit removes this toggle, which
at this point means all deployments will use the LMS logistration.
This change requires sharing cookies across LMS and Studio. Should that
prove to be a problem for certain Open edX instances, there are
discussions of possible alternative solutions.
See https://github.com/edx/edx-platform/pull/19845#issuecomment-559154256
Detailed changes:
* Fix some Studio links that still went to old Studio signin and signup.
* Remove DISABLE_STUDIO_SSO_OVER_LMS feature toggle.
* Remove old studio signin and signup pages and templates.
* Fix url name "login", which had different meanings for Studio and LMS.
* Use the following settings: LOGIN_URL, FRONTEND_LOGIN_URL,
FRONTEND_LOGOUT_URL, and FRONTEND_REGISTER_URL.
* Redirect /signin and /signup to the LMS logistration.
* Add custom metric `uses_pattern_library`.
* Add custom metric `student_activate_account`.
* Add Django Settings to allow /signin, /signup, and /login_post to be
disabled once ready.
This work also relates to ARCH-218 and DEPR-6.
ARCH-1253
The APIs using login_user are currently not following the API
conventions for non-SSO related authentication errors, by returning a
200 status code for errors.
In addition to switching the status code from 200 => 400 for
authentication failures, the following minor changes were made:
- Document and refactor an existing authn switch.
- Remove an unused url definition for login_ajax + error.
BREAKING CHANGE: This changes /login_post and /login_ajax to return
400, rather than 200, when success=False in the returned JSON (for
non-SSO related authentication errors).
To remove risk around this change, it was added behind a waffle switch
named `user_authn.update_login_user_error_status_code`.
A breaking change was made, rather than introducing /login_ajax_new,
in order to more quickly get to our end goal of the current clean-up
effort of having a single function for login. If this breaks any
callers, we may fix or abandon this change altogether.
ARCH-1253
To save the memory get cert and grade object directly from
the db because by doing that we'll override the queryset
evaluation and object won't be cached once it has gone out
of scope.
PROD-987
