Add pinning test for SafeCookieData values, and update SafeSessions
middleware comments to match code.
Main comment changes:
- Fix description of cookie structure:
- Specify hash algorithm (SHA256, not "H")
- Don't try to describe internals of TimestampSigner; description was
incorrect in several ways: Did not include string delimiters under
base64 (there's JSON in there); did not include the actual MAC
portion. Just describe general effect and shape of output.
- Add missing trailing pipe delimiter in signed data hash input
- Use phrase "intermediate key" rather than the less familiar term "usage
key"
Problem blocks offer a setting to make users wait a set time between submissions. If a course is not authored in studio, it might not set a value for this setting. Consequently, the problem block must handle the submission_wait_seconds field to be none, so it doesn't break the submitted responses.
These kinds of errors here will prevent learners from submitting any answer, and has for several learners. Adding in this one-line change will prevent future errors without having to change the authoring practices of those ambitious enough to write their courses with import.
This also catches the case that some internal process other than studio might be creating problems with "none" as the setting.
In response to TNL-8234
Testing: hand-testing by importing the following problem xml file within a course and attempting to answer as learner(answer is 10.4).
When a sequence title was unavailable for a user (e.g. before starting a timed
exam), the `None` value was displayed in course breadcrumbs. This hides it in
such cases and ensures that a trailing breadcrumb separator is not displayed.
A bug was reported of a learner accessing content that should have been hidden
due to the hide after due setting in Studio by the course team by clicking on
the Progress tab. This takes into account that value and will now hide the URL
on the Progress tab in that scenario.
* feat: Refactor out non REST portions of enrollment api from enrollment POST method
For use with edx-enterprise to avoid making REST calls for bulk enrollment and other use cases
ENT-4746
* feat: Remove unused test
Testing is covered by test_views
* refactor: isort
isort fixes
* docs: ADR for why this change
ADR
ENT-4746
* test: Fix test failure by restoring course_id to correct object
* test: Test fix
* refactor: pylint fixes
* refactor: raise from to avoid pylint error
* refactor: Start to work toward a util in enterprise_support instead of refactoring this endpoint
* feat: Add util function in enterprise_support to eventually handle enrollment, only used by bulk enrollment for now
* feat: One more revised idea, this time low risk in edx platform and also helps address enterprise specific flow. testing pending
* feat: syntax and unused constant
* feat: Restore view and add new util function to use in edx-enterprise instead
* feat: breakpoint
* unused import
* feat: don't fail on existing enrollment
* docs: ADR update
* docs: docstring minor update
* test: unit test add_user_to_course_cohort
* refactor: imports
* feat: remove unused error classes
* refactor: lint
* test: Test cases
* test: Two more tests for negative cases
* feat: missing init.py file
* test: Fix tests to use correct user mock
* unused import
* refactor: Review feedback, test fixes, needs rebase now
* feat: rebase changes
* feat: keep audit_log with similar logic as in the view
* refactor: Review feedback, test constant usage
The `may_certify` function is used to determine whether a learner should
be able to see that their certificate is ready. It is therefore entirely
in the certificates domain. This remove may_certifiy and
may_certify_for_course from the xmodule and course_overview
apps and into the certificates app. The xmodule may_certify was not called
outside of tests prior to this, and the other's were easily moved.
In order to avoid circular imports, this also moved
certificate_info_for_user out of the model code and into an API
Instead of having json errors in transcript acquisition and conversion cause errors, have transcription conversion and acquisition simply return an error message in the transcription which can prompt a change from the user.
Although not uploading a transcript is handled, transcripts can often cause errors in edit, export, and other activities due to json errors. These errors block the entire use of these features, so to allow for reupload, etc, we add an error message instead of transcript and log the event.
In response to [TNL-8539](https://openedx.atlassian.net/secure/RapidBoard.jspa?rapidView=580&projectKey=TNL&modal=detail&selectedIssue=TNL-8539)
Testing: Unit tests coverage is included in the PR. Upload, import, and export of courses with transcriptions is also easily hand-testable. Just create a video in studio, add an irrelevant transcript. Then try to import, export, and edit the problem. Expected behavior is success.
(AU-48) Team ORAs rely on the Teams Config Service to render both the student_view and studio_view in studio.
We added the service in e0d57fe1a7, but that appears to only provide it in studio_view.
This adds it for student_view.
* Fix retrieving BadgeAssertion data from Badgr
With edx#27181, the integration with Badgr was updated and fixed to
be working with the Badgr v2 API. However, retrieving the Badge Assertion
data from Badgr still needs to be updated for the new json response
structure so we can save it at our end as well.
* Add BadgeAssertion table to LMS admin
CoursewareMeta alredy initializes self.course, so there's no need to
separately call get_course_by_id for various attributes. This was
resulting in separate modulestore fetches that would pull down the
structure document and re-do all the expensive top-level course queries
in modulestore.
Increment lockout counter upon `NonCompliantPasswordException` to prevent further
login attempts after 6 attempts and also to prevent further reset password emails.
Reports from some users receiving 100s of password emails, upon investigation seems
like their password is not compliant with edX and has been compromised.
VAN-192
Partner Support commonly raises the issue of instructors' custom Python problems not generating any response report on the instructor dashboard. Such errors are due to the operating restrictions placed on codejail. Sometimes not all answers can be processed by the server, which kills off some to accommodate. Instead of spiking the whole report, this change logs not only the error in our system, but also allows the mostly complete response to reach the instructor.
This PR will decrease friction not only for Partner support and instructors, but T&L, who have periodically implemented workarounds to the problem.
The PR merely implements exception handling for generating reports which logged exceptions and added them to the report, continuing the work done in TNL-8218 which did the same for grading.
