Currently, ajax calls in courseware is handling 403 like 401.
In this PR, proper modifications have been done to make it
coherent with its intended behaviour.
LEARNER-7131
Currently, ajax calls in courseware is handling 403 like 401.In this
PR, proper modifications have been done to make it coherent with its
intended behaviour.
LEARNER-7131
Currently, the LMS logout endpoint should iframe in the logout pages of
all the IDAs you were logged into. In short, this was made possible with
DOP because keeping track of the logout URIs and leaving a trail of
evidence in the user cookies was part of what we added in our fork of
DOP. In the case of DOT, we don't have time or desire to fork DOT to
mirror this behavior, so our stop-gap solution is to log out the user
from a list of logout URIs in settings.
This PR is based on #19284 and is part of the
series of work related to the proposal #18134.
This PR avoids the assignment of
anonymous/unenrolled users to any cohort when
course is public. Anonymous or unenrolled users
will only see content that does not have a
content group assigned.
The "View Course" link to the course outline
is shown on the course about page for a course
marked public/public outline.
It also makes course handouts available for
public courses (not for public_outline).
This PR also hides the different warnings and
messages asking the user to sign-in and enroll
in the course, when the course is marked public.
It modifies the default public_view text to
include the component display_name when
unenrolled access is not available.
Prior to this commit, the course api (/api/courses/v1/courses/)
performed all the work necessary to return all courses available
to the user, and then only actually returned on page's worth of those
courses.
With this change, the api now does the work incrementally, computing
only the data needed to fetch the courses up to and including the page
being returned. This still increases approximately linearly as
the page number accessed being increases, but should be more cache-friendly.
One side effect of this is that the max_page reported by pagination
will be an overestimate (it will include pages that are removed due
to a users access restrictions).
This change also changes the sort-order of courses being returned by the
course_api. By sorting by course-id, rather than course-number, we
can sort in the database, rather than in Python, and defer loading data
from the end of the list until it is requested.
REVMI-90
Prior to this commit, the course api (/api/courses/v1/courses/)
performed all the work necessary to return all courses available
to the user, and then only actually returned on page's worth of those
courses.
With this change, the api now does the work incrementally, computing
only the data needed to fetch the courses up to and including the page
being returned. This still increases approximately linearly as
the page number accessed being increases, but should be more cache-friendly.
One side effect of this is that the max_page reported by pagination
will be an overestimate (it will include pages that are removed due
to a users access restrictions).
This change also changes the sort-order of courses being returned by the
course_api. By sorting by course-id, rather than course-number, we
can sort in the database, rather than in Python, and defer loading data
from the end of the list until it is requested.
REVMI-90
without blocking multiple concurrent sessions
also updates trace amounts of copy duplicated in tests between
edx-proctoring and edx-platform
JIRA:EDUCATOR-3931
This adds OAuth2 and JWT API to call XBlock handlers. It is an alternative approach to #15940 - it reuses some DRF logic to handle this, but does not convert `handle_xblock_callback` to DRF view, which caused issues described in edx/XBlock#383.
Moves banner into the content instead of at the top. Adds a course
expiration fragment to the course home page, the content, the progress
page, and the discussion page.
This is based on PR #19284 and is part of the
series of work related to the proposal #18134.
Adds VideoModule.public_view() to enable
unenrolled and anonymous users to view the video
contents of a public course.
When an unenrolled or anonymous user accesses the
video content of a public course, the
public_view() introduced in the previous PR is
used instead of student_view() method.
