* feat!: Remove all trivial mentions of PREVIEW_LMS_BASE
There are a few more mentions but these are all the ones that don't need
major further followup.
BREAKING CHANGE: The learning MFE now supports preview functionality
natively and it is no longer necessary to use a different domain on the
LMS to render a preview of course content.
See https://github.com/openedx/frontend-app-learning/issues/1455 for
more details.
* feat: Drop the `in_preview_mode` function.
Since we're no longer using a separate domain, that check always
returned false. Remove it and update any places/tests where it is used.
* feat: Drop courseware_mfe_is_active function.
With the removal of the preview check this function is also a no-op now
so drop calls to it and update the places where it is called to not
change other behavior.
* feat!: Drop redirect to preview from the legacy courseware index.
The CoursewareIndex view is going to be removed eventually but for now
we're focusing on removing the PREVIEW_LMS_BASE setting. With this
change, if someone tries to load the legacy courseware URL from the
preview domain it will no longer redirect them to the MFE preview.
This is not a problem that will occur for users coming from existing
studio links because those links have already been updated to go
directly to the new urls.
The only way this path could execute is if someone goes directly to the
old Preview URL that they saved off platform somewhere. eg. If they
bookmarked it for some reason.
BREAKING CHANGE: Saved links (including bookmarks) to the legacy preview
URLs will no longer redirect to the MFE preview URLs.
* test: Drop the set_preview_mode test helper.
This test helper was setting the preview mode for tests by changing the
hostname that was set while tests were running. This was mostly not
being used to test preview but to run a bunch of legacy courseware tests
while defaulting to the new learning MFE for the courseware.
This commit updates various tests in the `courseware` app to not rely on
the fact that we're in preview to test legacy courseware behavior and
instead directly patches either the `_redirect_to_learning_mfe` function
or uses the `_get_legacy_courseware_url` or both to be able to have the
tests continue to test the legacy coursewary.
This will hopefully make the tests more accuarte even though hopefully
we'll just be removing many of them soon as a part of the legacy
courseware cleanup.
We're just doing the preview removal separately to reduce the number of
things that are changing at once.
* test: Drop the `_get_urls_function`
With the other recent cleanup, this function is no longer being
referenced by anything so we can just drop it.
* test: Test student access to unpublihsed content.
Ensure that students can't get access to unpublished content.
- Clarify effects of enabling each policy.
- Document the thresholds and what policies they relate to.
- Express thresholds as floating point numbers to better hint at them not
being intended as integer values.
- Change toggle use case from temporary to open_edx for login policies (as
we're expecting to keep those toggles long term, as an optional feature).
- Remove links to private Jira tickets. (openedx Jira is now gone, and
these tickets are only present in 2U's private Atlassian instance.)
- Import LMS HIBP settings into CMS (rather than duplicating them) but
mark as unused.
* It was this error 'Uncaught TypeError: el.timepicker is not a function' while rendering the editor. It's fixed adding the timepicker pluging in xblock_v2/xblock_iframe.html
* Added '.openassessment_cancel_button' and '.openassessment_save_button' as action buttons.
* Use openassessment manifest.json to load css from dist
A new application has been created, described in this ADR:
https://github.com/openedx/edx-platform/pull/36545
have been created, as well as related models for mapping original content and
new content created during the import process. Python and Django APIs, as well
as a Django admin interface, will soon follow.
* refactor: convert libraries API from attr.s to dataclass, fix types
* fix: make corresponding updates to 'search' code
* feat: use new version of openedx-learning with containers support
* temp: Use opencraft branch of opaquekeys
* refactor: Use LibraryElementKey instead of LibraryCollectionKey
* refactor: split libraries API & REST API up into smaller modules
* feat: new REST API for units in content libraries
* feat: python+REST API to get a unit
* feat: auto-generate slug/key/ID from title of units
* feat: generate search index documents for containers
* refactor: rename LibraryElementKey to LibraryItemKey
* fix: lint error
* feat: adds new units to search index on create/update
and when running reindex_studio.
Updates requirements for openedx-events and openedx-learning to support
these changes.
* fix: pylint
* fix: temp requirement
* fix: search index container events/tasks
* feat: add get_library_container_usage_key to libraries API
and use it when search indexing containers
* fix: index all containers during reindex_studio
* chore: bump openedx-events requirement
* fix: address review comments
* chore: bumps openedx-learning to 0.19.1
* fix: rename api method to library_container_locator
since container keys are locators, not usage keys
* chore: bumps opaque-keys dependency
* test: fix misnamed unit_usage_key
* feat: adds APIs to update or delete a container (#757)
* feat: adds python and REST APIs to update a container's display_name
* refactor: adds _get_container method to api to reduce code duplication
* feat: adds python and REST APIs to delete a container
* test: add container permission tests
---------
Co-authored-by: XnpioChV <xnpiochv@gmail.com>
Co-authored-by: Jillian Vogel <jill@opencraft.com>
Co-authored-by: Rômulo Penido <romulo.penido@gmail.com>
Moves the Program Dashboard APIs out of the deprecated remnants of the legacy learner dashboard, into the Programs djangoapp.
Keeps the old legacy routes for this API, left over from the deprecated remnants of the legacy learner dashboard, alongside future-proofed routes which will work when the deprecated, legacy Program Dashboard is eventually replaced with functionality in the Learner Dashboard MFE.
FIXES: APER-3949
The Python API for declaring derived settings was confusing to the uninitiated
reader, and also prone to spelling mistakes. This replaces the API with one
that is more readable and more concise, and updates the implementation of
`derive_settings` to properly derive settings declared using the new API.
BREAKING CHANGE: The `derived` and `derived_collection_entry` function are
replaced with the `Derived` class. We do not expect those functions to have
been used outside of edx-platform, but if they are, this commit will cause them
to loudly ImportError.
Note that there should be NO change in behavior to the `derive_settings`
function, which we DO know to be used by some external edx-platform plugins.
Part of: https://github.com/openedx/edx-platform/issues/36215
Fixes the styles for the advanced editors (poll, survey, LTI Provider, etc). Updated the code if `xblock_v2/xblock_iframe.html` to use `course-unit-mfe-iframe-bundle.scss`
`notify_credentials` has 2 ways of running.
1. The manual, one-off method which uses `--args_from_database` to specify what should be sent.
2. [The automated method](7316111b35/openedx/core/djangoapps/credentials/management/commands/notify_credentials.py (L157-L159)), which runs on a regular schedule, to catch anything which fell through the cracks.
The automated method does a certain amount of time/date math in order to calculate the entry point of the window based on the current runtime. This is, I assume, why it has some hardcoded logic; it's not at all simple to have a `cron`-run management command running on a regular cadence that can do the same time logic.
```py
if options['auto']:
options['end_date'] = datetime.now().replace(minute=0, second=0, microsecond=0)
options['start_date'] = options['end_date'] - timedelta(hours=4)
```
However, it is not ideal that the actual time window of 4 hours is hardcoded directly into `edx-platform`.
This fix
* creates an overridable `NOTIFY_CREDENTIALS_FREQUENCY` that defaults to 14400 seconds (4 hours).
* pulls that frequency into the quoted code
Using seconds allows maximum flexibility.
FIXES: APER-3383
The Studio Maintenance app had two features:
* "Force Course Publish", which literally doesn't do anything. All it
does is tell you what version *would* be seen by users *if* the course
were to be published--no publishing actually occurs via this feature.
* "Announcements", which writes to the announcements_announcement
database table, but doesn't actually display anywhere.
Having these pages in the platform is actively misleading and creates a
maintenance burden for edx-platform developers, so we remove them.
Note that this commit does not include a migration for the announcements
Django app. So, announcements_announcement table will not be deleted.
Given the small expected size of any past-authored announcements, we are
not worried about leaving them in the database perpetually.
This PR, adds to the ability to keep the in-context discussions disabled by default. That way all new units which are added will have the discussions sidebar disabled and can be individually enabled by the course instructors.
The first attempt at creating a new MFE-driven page for Studio Unit
rendering involved rendering each XBlock separately in its own iframe.
This turned out to be prohibitively slow because of the many redundant
assets and JavaScript processing (e.g. MathJax) that happens for each
XBlock component.
In order to mitigate some of these issues, we decided to try a hybrid
approach where we render the entire Unit's worth of XBlocks at once on
the server side in a Studio view + template, and then invoke that from
frontend-app-authoring as an iframe. The frontend-app-authoring MFE
would still be responsible for displaying most of the interactive UI,
but the per-component actions like "edit" would be triggered by buttons
on the server-rendered Unit display. When one of those buttons is
pressed, the server-rendered UI code in the iframe would use
postMessage to communicate to the frontend-app-authoring MFE, which
would then display the appropriate actions.
To make this work, we're making a new view and template that copies
a lot of existing code used to display the Unit in pre-MFE Studio, and
then modifying that to remove things like the header/footer so that it
can be invoked from an iframe.
This entire design is a compromise in order to do as much of the UI
development in frontend-app-authoring as possible while keeping
XBlock rendering performance tolerable. We hope that we can find
better solutions for this later.
Authored-by: Sagirov Eugeniy <evhenyj.sahyrov@raccoongang.com>
This introdues the idea of "upstream" and "downstream" content,
where downstreams (like course components) can pull content updates from
upstreams (like learning core-backed content library blocks). This
supports the upcoming Content Libraries Relaunch Beta for Sumac.
New features include:
* A new XBlockMixin: UpstreamSyncMixin.
* A new CMS Python API: cms.lib.xblock.upstream_sync
* A new CMS JSON API: /api/contentstore/v2/downstreams
* A temporary, very basic UI for syncing from Content Library blocks
Implements:
https://github.com/kdmccormick/edx-platform/blob/kdmccormick/upstream-proto/docs/decisions/0020-upstream-block.rst
Co-authored-by: Braden MacDonald <braden@opencraft.com>
The V2 libraries project had a few past iterations which were never
launched. This commit cleans up pieces from those which we don't need
for the real Libraries Relaunch MVP in Sumac:
* Remove ENABLE_LIBRARY_AUTHORING_MICROFRONTEND,
LIBRARY_AUTHORING_FRONTEND_URL, and
REDIRECT_TO_LIBRARY_AUTHORING_MICROFRONTEND, all of which are obsolete
now that library authoring has been merged into
https://github.com/openedx/frontend-app-authoring.
More details on the new Content Libraries configuration settings are
here: https://github.com/openedx/frontend-app-authoring/issues/1334
* Remove dangling support for syncing V2 (learning core-backed) library
content using the LibraryContentBlock. This code was all based on an
older understanding of V2 Content Libraries, where the libraries were
smaller and versioned as a whole rather then versioned by-item.
Reference to V2 libraries will be done on a per-block basis using
the upstream/downstream system, described here:
https://github.com/openedx/edx-platform/blob/master/docs/decisions/0020-upstream-downstream.rst
It's important that we remove this support now so that OLX course
authors don't stuble upon it and use it, which would be buggy and
complicate future migrations.
* Remove the "mode" parameter from LibraryContentBlock. The only
supported mode was and is "random". We will not be adding any further
modes. Going forward for V2, we will have an ItemBank block for
randomizing items (regardless of source), which can be synthesized
with upstream referenced as described above. Existing
LibraryContentBlocks will be migrated.
* Finally, some renamings:
* LibraryContentBlock -> LegacyLibraryContentBlock
* LibraryToolsService -> LegacyLibraryToolsService
* LibrarySummary -> LegacyLibrarySummary
Module names and the old OLX tag (library_content) are unchanged.
Closes: https://github.com/openedx/frontend-app-authoring/issues/1115
* feat!: removes deprecated v1 certificate behavior
this removes the long-deprecated v1 certificate behavior. This removes
the old-style date selection behavior (ie., not a choice between
*Immediately upon passing*, *End date of course*, *A date after the course
end date*), which is no longer reliably maintained or supported in
Studio or Credentials.
FIXES: #35399
Final planned portion of https://github.com/openedx/edx-platform/issues/34702 -- waffle flag and middleware are removed.
Commits:
1. Feature change
- Delete `content_server.use_view` waffle flag in favor of always using view
- Delete the husk of `StaticContentServerMiddleware` and references to it
- Update views module docstring
2. Refactor (move)
- Move contentserver implementation into views.py
3. Lint cleanup
- Fix import ordering (from refactor debris + amnestied lint)
This repo is no longer using USE-JWT-COOKIE header,
since it has the required edx-drf-extensions>10.2.0,
where it was fully removed.
This is final clean-up for this repo.
See "[DEPR]: USE-JWT-COOKIE header" for more details:
- https://github.com/openedx/edx-drf-extensions/issues/371
See https://github.com/openedx/edx-platform/issues/34702
This necessarily involves switching from calling
`StaticContent.is_versioned_asset_path` to determine whether to handle the
request to having a hardcoded urlpattern. I've made the choice to hardcode
the other two patterns similarly rather than using imported constants. The
mapping of URL patterns to database records should be explicit (even though
we don't expect those constants to change out from under us.)
I've renamed the middleware rather than choosing a new name for the
implementation because there are other references in tests and other code.
This was the smaller change.
A note on HTTP methods: The middleware currently completely ignores the
request's HTTP method, so I wanted to confirm that only GETs were being
used in practice. This query reveals that 99.8% of requests that this
middleware handles are GET, with just a smattering of PROPFIND and OPTIONS
and a tiny number of HEAD and POST:
```
from Transaction select count(*) facet request.method
where name = 'WebTransaction/Function/openedx.core.djangoapps.contentserver.middleware:StaticContentServer'
since 4 weeks ago
```
Open edX implements its a JwtAuthentication class in edx-drf-extensions
(in edx_rest_framework_extensions.auth.jwt.authentication). This class
updates the local User database entry to match certain values in the
token. It's used as a way to automatically provision and update users
with their LMS user information on other Open edX services like
ecommerce.
Since LMS and Studio keep the record of truth in its database tables,
they should *not* update their database user information based on the
JWT. Doing so would allow stale JWTs to incorrectly reset user values
after they had been changed in the LMS. This is done by having the
EDX_DRF_EXTENSIONS['JWT_PAYLOAD_USER_ATTRIBUTE_MAPPING'] setting be an
empty dictionary, and was set correctly for the LMS in its common.py env
settings module. Unfortunately, this was *not* being set for Studio.
This commit adds the same setting to Studio's common settings module.
Prior to this commit, it was possible for a stale JWT to reset user
attributes if the user hit a Studio API endpoint that used JWT for auth
(e.g. endpoints used by the Course Authoring MFE). This opened up a
potential security issue where a global staff user (is_staff=True) that
had their global staff status removed (is_staff=False) could have up to
a one hour window in which they could use their stale-but-still-valid
global-staff JWT token to regain global staff status by calling a Studio
endpoint with their browser.
