* feat: fixing swagger doc for user accounts
user API docstrings reformatted so that the generated openAPI
documentation automatically picks up the documentation and formatted
correctly.
Still some work to do, since these endpoints don't use serializers and
we should use drg_yasg Schema declarations to make the generated
openAPI correctly understand the request and response formats, but this
is already a big improvement.
Fixed some restructured text markup
FIXES: APER-4065
* fix: redirect to account MFE when using any legacy account URL
Redirect to the account MFE URL configured each time a legacy
account URL like http(s)://lms/account/ or http(s)://lms/account/settings
is used to avoid 404 errors while linking SSO accounts or simply
trying to access the account view via URLs.
Compare the output of our API with the library that backs them so that
we don't have brittle tests that need to be updated when the number of
timezones changes.
The courseware URL is going away but it's just used here to test the
middleware. That can be test with other urls that are relevant to this
middleware.
Note, I was unable to re-produce the failures so I've put back using the
standard `reverse` logic for fetching the URL in the test.
We want to remove this page and URL endpoint so we're removing all the
references in the code that might point to this page. It was replaced
by the sequences page in the Learning MFE years ago but the old pages
were never cleaned up. We are replacing the calls with the URL for the
courseware in the learning MFE.
See https://github.com/openedx/edx-platform/issues/35803 for more
details.
PII Annotations are very out of date, this commit adds most that were
missing in edx-platform, and some additional annotations to the
safelist. It is not comprehensive, several other upstream Open edX
packages also need to be updated. It also does not include removing
annotations that have been moved upstream, or been removed entirely.
Those are separate follow-on tasks.
This test doesn't actually care about the type of the exception but use
the Requests exception that you're likely to get instead of the
edx-restapi-client/slumber one from before we dropped them.
I'm about to make a bunch of changes to this file, and before I do I'm
saving it and letting the linter reformatted to our current code style
standards, so that code reviewers won't have to read a mix of lint and
code changes.
FIXES: APER-3554
[APER-3241]
This PR updates the retirement pipeline to purge learners' names from certificate records when their account is being retired.
It also introduces a new management command that can be used by Open edX operators to purge the leftover name data (PII data) from the `certificates_generatedcertificate` table. This is designed as a one-time use data fixup, as the retirement functionality should clean this moving forward.
* chore: update API endpoints to support default JWT auth
The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.
Details in https://github.com/openedx/edx-platform/issues/33662
This reverts commit 4ec70eb98b.
This commit introduced a new setting (`brand_color`) that does not appear to be set and is causing issues with account deletion and other parts of the courseware.
Reverting until we can understand the change better.
When including `JwtAuthentication`, the auth_header becomes `JWT
realm="api"`. Without it, it is `None`. This changes the behavior of the
code in DRF and returns a slightly different auth response.
Relevant Code: 56946fac8f/rest_framework/views.py (L456C3-L456C3)
