* feat!: Remove all trivial mentions of PREVIEW_LMS_BASE
There are a few more mentions but these are all the ones that don't need
major further followup.
BREAKING CHANGE: The learning MFE now supports preview functionality
natively and it is no longer necessary to use a different domain on the
LMS to render a preview of course content.
See https://github.com/openedx/frontend-app-learning/issues/1455 for
more details.
* feat: Drop the `in_preview_mode` function.
Since we're no longer using a separate domain, that check always
returned false. Remove it and update any places/tests where it is used.
* feat: Drop courseware_mfe_is_active function.
With the removal of the preview check this function is also a no-op now
so drop calls to it and update the places where it is called to not
change other behavior.
* feat!: Drop redirect to preview from the legacy courseware index.
The CoursewareIndex view is going to be removed eventually but for now
we're focusing on removing the PREVIEW_LMS_BASE setting. With this
change, if someone tries to load the legacy courseware URL from the
preview domain it will no longer redirect them to the MFE preview.
This is not a problem that will occur for users coming from existing
studio links because those links have already been updated to go
directly to the new urls.
The only way this path could execute is if someone goes directly to the
old Preview URL that they saved off platform somewhere. eg. If they
bookmarked it for some reason.
BREAKING CHANGE: Saved links (including bookmarks) to the legacy preview
URLs will no longer redirect to the MFE preview URLs.
* test: Drop the set_preview_mode test helper.
This test helper was setting the preview mode for tests by changing the
hostname that was set while tests were running. This was mostly not
being used to test preview but to run a bunch of legacy courseware tests
while defaulting to the new learning MFE for the courseware.
This commit updates various tests in the `courseware` app to not rely on
the fact that we're in preview to test legacy courseware behavior and
instead directly patches either the `_redirect_to_learning_mfe` function
or uses the `_get_legacy_courseware_url` or both to be able to have the
tests continue to test the legacy coursewary.
This will hopefully make the tests more accuarte even though hopefully
we'll just be removing many of them soon as a part of the legacy
courseware cleanup.
We're just doing the preview removal separately to reduce the number of
things that are changing at once.
* test: Drop the `_get_urls_function`
With the other recent cleanup, this function is no longer being
referenced by anything so we can just drop it.
* test: Test student access to unpublihsed content.
Ensure that students can't get access to unpublished content.
Blockstore and all of its (experimental) functionality has been replaced with
openedx-learning, aka "Learning Core". This commit uninstalls the now-unused
openedx-blockstore package and removes all dangling references to it.
Note: This also removes the `copy_library_from_v1_to_v2` management command,
which has been broken ever since we switched from Blockstore to Learning Core.
Part of this DEPR: https://github.com/openedx/public-engineering/issues/238
* feat: added setting to disable the survey report banner entirely
* fix: fixed unit test with new setting
* refactor: changed conditions for better code readability
* feat: added exception to stop the report from generating if the setting is set to false
* chore: updated the readme file to include the new setting
* refactor: move survey settings to common and disable admin by setting
* docs: typos in README
Co-authored-by: Tim McCormack <tmccormack@edx.org>
* refactor: set default values to survey report settings
* refactor: rename ENABLE_SURVEY_REPORT setting to SURVEY_REPORT_ENABLE
* test: fix quality tests
---------
Co-authored-by: Alejandro Cardenas <alecar.main@gmail.com>
Co-authored-by: Tim McCormack <tmccormack@edx.org>
BREAKING CHANGE: Removes all code, tests, and settings related to
indexing of V2 (blockstore-backed) content libraries in elasticsearch.
This includes indexing of top-level library metadata as well as indexing
of library block metadata. Operators who enabled the experimental
Library Authoring MFE *and* the experimental ENABLE_CONTENT_LIBRARY_INDEX
feature may notice that sorting, filtering, and searching of V2
libraries and their blocks may now be slower and/or less powerful.
The ENABLE_CONTENT_LIBRARY_INDEX feature was already disabled by
default, so most/all operators (including edx.org) should not notice
any difference.
Removed settings include:
* FEATURES['ENABLE_CONTENT_LIBRARY_INDEX']
* ENABLE_ELASTICSEARCH_FOR_TESTS
* TEST_ELASTICSEARCH_USE_SSL
* TEST_ELASTICSEARCH_HOST
* TEST_ELASTICSEARCH_PORT
For rationale, see the updated "Status" section of:
./openedx/core/djangoapps/content_libraries/docs/decisions/0001-index-libraries-in-elasticsearch.rst
Originally, Blockstore was an independent micro-service, accessed via a REST API.
Then, we changed Blockstore so it could be installed as an in-process Django app.
To support both modes, there existed a blockstore_api wrapper library in edx-platform,
with toggles controlling whether the wrapper called out to the micro-service's REST API versus the
Django app's Python API. Now that the micro-service Blockstore implementation is deprecated,
though, this wrapper library and toggles are just unnecessary complexity.
As a first step towards cleanup, we:
* remove several toggles and settings (details below);
* remove the blocokstore_api wrapper methods which called the REST API and
marshalled them back into Python objects; and
* remove all test cases which relied on the Blockstore micro-service (and were skippped in CI).
In the future, we will remove the content libraries indexer,
clean up the remaining bits of blockstore_api, and flatten out all
the Blockstore-related test class hierarchies which are no longer nceessary.
BREAKING CHANGE:
* These Django settings are removed:
* BLOCKSTORE_PUBLIC_URL_ROOT
* BLOCKSTORE_API_URL
* BLOCKSTORE_API_AUTH_TOKEN
* BLOCKSTORE_USE_BLOCKSTORE_APP_API
* The blockstore.use_blockstore_app_api Waffle switch is removed.
* edx-platform will act as it did when the DJango setting BLOCKSTORE_USE_BLOCKSTORE_APP_API
or the Waffle switch blockstore.use_blockstore_app_api were enabled. That is, any running Blockstore
micro-service instance will be ignored, and the Blockstore package which is installed into edx-platform
will be used instead.
Ref: https://github.com/openedx/blockstore/issues/296
* feat!: Django 4.0 and above, CSRF_TRUSTED_ORIGINS must include scheme.
* feat!: Django 4.0 and above, CSRF_TRUSTED_ORIGINS must include scheme.
* fix: fix quality failure
* feat!: Django 4.0 and above, CSRF_TRUSTED_ORIGINS must include scheme.
Call into the exam service instead of the edx-proctoring plugin on course publish if the course_apps.exams_ida course waffle flag is enabled. This is an early step in moving away from edx-proctoring
Formerly, the settings were:
* `MFE_CONFIG` for common config.
* `MFE_CONFIG_<APP_ID>` for app-specific overrides,
with each app getting its own Django setting.
This commit changes it to:
* `MFE_CONFIG` for common config (unchanged)
* `MFE_CONFIG_OVERRIDES` for app-specific overrides,
where each app gets a top-level key in the dictionary.
Why the change?
* We want common.py to have a complete list of overridable settings, as
it helps operators reason about configuration and allows us to generate
config documentation using toggle annotations. Dynamically generating
setting names based on arbitrary APP_IDs makes this impossible.
* getattr(...) generally makes code more complicated bug prone. Tools
like pylint and mypy cannot effectively analyze any code that uses
dynamic attribute access.
This PR adds MFE API. This is part of the work that is being done to obtain the MFE Runtime Configurations and that has been discussed in the BTR WG.
Discussion: https://discuss.openedx.org/t/how-to-use-microfrontend-in-a-multitenant-instance/6936/14?u=mafermazu
MFE Runtime configuration - eduNEXT: https://docs.google.com/document/d/1-FHIQmyeQZu3311x8eYUNMru4JX7Yb3UlqjmJxvM8do/edit?usp=sharing
feat: add lms setting to set mfe config cache (#262)
Co-authored-by: María Fernanda Magallanes Z <maria.magallanes@edunext.co>
feat: make mfe config api disabled by default (#263)
* feat: make mfe config api disabled by default
* fix: simple is better than complex
test: add mfe config tests (#264)
* test: add mfe config tests
* test: fix it and simplify it
* test: correct pylint issues
fix: correct pep 8 violations
fix: add mfe api unit test in github workflow
fix: correct unit tests
refactor: move mfe api to lms
fix: try mfe api urls without regex
fix: add app_namespace in lms urls
fix: try url without conditional
Revert "fix: try url without conditional"
This reverts commit 694aab546134b4bd9ad2642e24927b42cac24459.
fix: set enable_mfe_config_api feature to true in the tests
test: try to add failed test case
Revert "test: try to add failed test case"
This reverts commit cee6bf656ab1b96492b0b6199ddff32a6d6a65bd.
docs: improve explanation and documentation
fix: ensure the response is a json object
refactor: be consistent with the variable names
fix: allow overriding mfe api config cache timeout in production
fix: handle 404 response in view
refactor: use a guard instead if-else
feat: add the possibility to show mfe specific config
* feat: added new live provider and fixed tests
* feat: added free_tier compatiblity
* fix: resolved linter issues and other refactors
* fix: ran makemigration to generate migrations
* fix: Implemeted key retrival for tabs
Co-authored-by: AhtishamShahid <ahtishamshahid@A006-00850.local>
Tests which @requires_blockstore (i.e. the Blockstore service) have
been made to run as a unit test using the installed Blockstore app, and
will be run by the platform CI.
The Blockstore service tests can still be run manually by setting
EDXAPP_RUN_BLOCKSTORE_TESTS=1
Related fixes:
* adds blockstore bundle storage settings
* let the studio devstack and test servers serve static files from
the /media URL This allows the blockstore/content libraries API to
serve blockstore assets in dev.
* Wrap ContentLibrary creation in an atomic transaction, so that if it
fails, the related bundle can be deleted directly from the database
during the exception handler. (Previously, we called a REST API which
deleted it as part of a separate service.)
Previously, our rate-limiting code trusted the entire `X-Forwarded-For`
header, allowing a malicious client to spoof that header and evade
rate-limiting. This commit introduces a new module and setting
allowing us to make a more conservative choice of IPs.
- Create new `openedx.core.djangoapps.util.ip` module for producing
the IP "external chain" for requests based on the XFF header and the
REMOTE_ADDR.
- Include a function that gives the safest choice of IPs.
- Add new setting `CLOSEST_CLIENT_IP_FROM_HEADERS` for configuring how
the external chain is derived (i.e. setting the trust
boundary). Currently has a default, but we may want to make it
mandatory in the future.
- Change `django-ratelimit` code to use the proximate IP in the external
chain -- the one just outside the trust boundary.
Also:
- Change `XForwardedForMiddleware` to use more conservative choice for
its `REMOTE_ADDR` override
- Other adjustments to `XForwardedForMiddleware` as needed in order to
initialize new module and support code that needs the real
`REMOTE_ADDR` value
- Metrics for observability into the change (and XFF composition)
- Feature switch to restore legacy mode if needed
This also gives us a path forward to removing use of the django-ipware
package, which is no longer maintained and has a handful of bugs that make it
difficult to use safely.
Internal ticket: ARCHBOM-2056
edx-platform supports COMPREHENSIVE_THEME_LOCALE_PATHS setting, which
appends paths to the end of LOCALE_PATHS, but there's currently no
way to add additional paths to the start of the list.
https://tasks.opencraft.com/browse/SE-5299
* refactor: deprecates ModuleSystem.render_template
in favor of the added MakoSystem render_template method.
Related changes:
* Adds the MakoService to the StudioEditModuleRuntime,
PreviewModuleSystem, LmsModuleSystem, and XBlockRuntime
* MakoService constructor takes a `namespace_prefix` string, so that the
CMS PreviewModuleSystem can render to LMS templates, without needing
the special render_from_lms helper method.
* ModuleSystem.render_template becomes a read-only property, so the
constructor calls and test module systems are updated accordingly.
* Adds tests for the MakoService and module system shims.
(cherry picked from commit 457f959356)
* refactor: use MakoService.render_template to remove deprecation warnings
from block code.
(cherry picked from commit 8d62d337f5)
* refactor: use MakoService.render_template to remove deprecation warnings
from test code.
(cherry picked from commit 26b43465a4)
* test: Adds a test to verify the bug introduced by the previous changes
The AuthoringMixin is automatically added to all XBlocks (see
settings.XBLOCK_MIXINS), and AuthoringMixin.visibility_view expects the
"mako" service.
This test verifies the bug by testing the PureXBlock, which does not
require the "mako" service, and so fails when the visibility_view is
rendered.
* fix: AuthoringMixin needs mako service
which fixes the visibility_view for XBlocks which don't explicitly
require the mako service.
Also removes the unneeded class property _services_requested from
AuthoringMixin and StudioEditableBlock. This property is better provided
by the XBlockMixin class.
in favor of the added MakoSystem render_template method.
Related changes:
* Adds the MakoService to the StudioEditModuleRuntime,
PreviewModuleSystem, LmsModuleSystem, and XBlockRuntime
* MakoService constructor takes a `namespace_prefix` string, so that the
CMS PreviewModuleSystem can render to LMS templates, without needing
the special render_from_lms helper method.
* ModuleSystem.render_template becomes a read-only property, so the
constructor calls and test module systems are updated accordingly.
* Adds tests for the MakoService and module system shims.
