The upgrade to Django 2.2 has caused a spike in production logging due to RemovedInDjango30Warning deprecation warnings. For now, turn off logging of DeprecationWarning, ImportWarning, and PendingDeprecationWarning whenever we're using WSGI (they'll continue to be logged in devstack). We may eventually want this behind an easily flipped toggle, but for now just remove it to get this resolved quickly.
TNL-7053
The courseware_api view will use check_course_access - which now returns AccessResponse objects, and all other uses of check_course_access will now use check_course_access_with_redirect, which is a drop-in replacement for the original check_course_access implementation.
We also added a few new helpers to access_utils:
- check_public_access is a replacement for allow_public_access, which now returns AccessResponse objects
- check_enrollment checks if the learner is enrolled, and uses check_public_access to account for COURSE_ENABLE_UNENROLLED_ACCESS_FLAG
- check_survey checks whether there is a required survey that the learner must complete prior to accessing the course.
There are two new kinds of AccessError subclasses:
- SurveyRequiredAccessError
- EnrollmentRequiredAccessError
* Reenable Learning Sequence MFE redirect tests
TNL-7157 These tests may were the cause of intermittent test failures a couple weeks ago. Here they are reenabled after changing the way ExperimentWaffleFlag is overridden.
* Update is_experiment_on and add ExperimentWaffleFlag override test
* Update test_flags.py
* Add docstring about overrides
* prefer is_experiment_on over _is_enabled
TNL-7157 These tests may were the cause of intermittent test failures a couple weeks ago. Here they are reenabled after changing the way ExperimentWaffleFlag is overridden.
* Clarify device requirements.
* Clarify that one's photo does not need to exactly
match the photo on their ID.
* Clarify why we need the photo.
* Clarify that the ID need not be government issued.
Rewordings were suggested by Learner Support team.
EDUCATOR-5012
There was an issue where external LMS system (e.g. Canvas, Blackboard) that used Open edX LTI Provider calls had cookies blocked. This update fixes this issue by defining third-party cookies to have attributes of `Secure=True` and `SameSite=None`.
Details here: https://discuss.openedx.org/t/lti-xblock-and-samesite/759/5
(cherry picked from commit 28479a2966b87b16a25dbc96c19b6f5817d255de)
