feat: backend approach for access control options #300
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Learners want to have the usual course navigation when viewing a wiki, so that they can go back to the course related to the wiki and browse other tabs/sections of the course. Wiki reads the course from the `request.course`. If it's not present, i.e. None or not set on the request, it will not show the course navigation UI. It seems like `WikiAccessMiddleware` already has the code that parses course id from the request (when the request is for a wiki view) and sets the course for the request. However, it doesn't work in most scenarios, because the course id is not in the it's normal format in most requests that go to wiki. For example, when a leaner clicks on a wiki tab from the course overview, they are redirected to `/wiki/<wiki_slug>/` path. The wiki slug is taken from course's `wiki_slug` field. This slug can be used to figure out what course this wiki belongs to in most (not all) cases. This commit adds code to the `WikiAccessMiddleware` that attempts to find a course based on wiki slug, and in case of success, sets the course to the `request.course`, so that wiki can display course navigation UI.
…ed-roles-studio-fix Fix studio for users with derived roles and some other related changes [BB-7834]
Limited Staff should not have studio read access by design. However, since many LMS views depend on the `has_course_author_access` check and `course_author_access_required` decorator, we have to allow write access until the permissions become more granular. For example, there should be STUDIO_VIEW_COHORTS and STUDIO_EDIT_COHORTS specifically for the cohorts endpoint, which is used to display "Cohorts" instructor dashboard tab.
Update JWT Cookie vs Session user monitoring Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master` Co-authored-by: robrap <[email protected]>
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
…dx-enterprise-52302e3 feat: Upgrade Python dependency edx-enterprise
…length_default feat: Update the minimum password length.
enterprise version bump Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
FIXES: APER-2407
…e-edx-enterprise-7202c22 feat: Upgrade Python dependency edx-enterprise
…nality-from-edx-platform
* chore: replace pyjwkest with pyjwt
…nality-from-edx-platform
linting, fixing pr comment
Removing unused import
fix: restored badges handlers feat: remove FE code for badges fix: resolved failing tests fix: removed test case for badges app fix: unused import error fix: Response Field Count fix: shareable account response length fix: resolved PR comments fix: revert settings override feat!: Removed Badges App fix: restored badges handlers feat: remove FE code for badges fix: resolved failing tests fix: removed test case for badges app fix: unused import error fix: Response Field Count fix: shareable account response length fix: revert subscription badge
…nedx#33535) I get a weekly CI failure email due to this scheduled workflow running on my fork of edx-platform. Cancelling the job when it runs on a fork prevents this.
…31893) feat: Account and profile MFE legacy removal - redeployment * Revert "Revert "FC-0001: Account pages -> micro-frontend (openedx#30336)" (openedx#31888)" This reverts commit 90c4ca6. * refactor: removed filters test from user_api accounts --------- Co-authored-by: Bilal Qamar <[email protected]>
…penedx#31893)" (openedx#33542) This reverts commit 08f5e7e.
…ns/aws-actions/configure-aws-credentials-2 build(deps): bump aws-actions/configure-aws-credentials from 1 to 2
Currently, ./xmodule/ unit tests are only run with LMS settings. However, ./common/ and ./xmodule/ are run twice: once with LMS settings and once with CMS settings. Just like ./common/ and ./openedx/, the unit tests in ./xmodule/ validate behavior in both LMS and CMS. So, order to fully test ./xmodule/, we should to run its tests with CMS settings too. This will enable us to better validate certain LibraryContentBlocks behaviors being touched by openedx#33263 which can't be expressed under LMS settings. Also in this commit: * refactor: rename the shards to be clear whether they're running under LMS or CMS * docs: correct comments regarding conditions under which codejail's test_cant_do_something_forbidden is skipped. * test: update a unit test which was using the now-deleted library_sourced block to use library_content block instead.
…ve-coaching-functionality-from-edx-platform feat: remove deprecated coaching from edx-platform
fix: hide feedback widget by default
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
feat: integrated resumeCourseRunUrl into enrollments API Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
…edx-enterprise-54b351c feat: Upgrade Python dependency edx-enterprise
* chore: updating constraint description.
Co-authored-by: Awais Qureshi <[email protected]>
* chore: removing docutils constraint.
…penedx#33860) After refactoring the library_content block to use asynchronous tasks for syncing and duplicating children, we are seeing an error arise during library_content duplication process on edx.org: Traceback (most recent call last): File "/edx/app/edxapp/edx-platform/openedx/core/djangoapps/content_libraries/tasks.py", line 305, in duplicate_children _copy_overrides(store=store, user_id=user_id, source_block=source_block, dest_block=dest_block) File "/edx/app/edxapp/edx-platform/openedx/core/djangoapps/content_libraries/tasks.py", line 383, in _copy_overrides dest_block=dest_block.runtime.get_block(dest_child_key), File "/edx/app/edxapp/edx-platform/xmodule/x_module.py", line 1401, in get_block block = self.load_item(usage_id, for_parent=for_parent) File "/edx/app/edxapp/edx-platform/xmodule/modulestore/split_mongo/caching_descriptor_system.py", line 127, in _load_item block_data = self.get_module_data(block_key, course_key) File "/edx/app/edxapp/edx-platform/xmodule/modulestore/split_mongo/caching_descriptor_system.py", line 154, in get_module_data raise ItemNotFoundError(block_key) xmodule.modulestore.exceptions.ItemNotFoundError: BlockKey(...) We cannot reproduce the issue locally. We are not entirely certain the cause of this, but we think it might have do with caching. Specifically, the `store.get_item` and `source_block.runtime.get_block` methods might use a different cache than `dest_block.runtime.get_block`. It's possible that writes to Mongo are sitting in one of those caches, causing reads from the `dest_block.runtime`'s cache to fail to find dest_block's children. We attempt to fix this by using the same "block getting" method consistently. So instead of using a mix of `store.get_item`, `source_block.runtime.get_block`, and `dest_block.runtime.get_block`, we just use `store.get_item` everywhere.
* chore: upgrade boto.
This switch has been kept disabled in edx.org for well over a year with no trouble, and the migration to `CLOSEST_CLIENT_IP_FROM_HEADERS` was introduced in Nutmeg. DEPR issue: openedx#33733
…penedx#33724) (requires the contentstore.enable_copy_paste_units waffle flag)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v3...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
adds log for learner data transmission run Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
…x-enterprise-abfc61e feat: Upgrade Python dependency edx-enterprise
fix: fixed the domain issue to point to "courses.edx.org" for the resumeCourseRunUrl Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
…edx-enterprise-f9b6e45 feat: Upgrade Python dependency edx-enterprise
This PR: openedx#32282 introduced some duplications of existing functions and classes by accident. I am cleaning them up here: - `StudioPermissionsService` class - `duplicate_block function` - `load_services_for_studio` function
…name_check Name length validation
cruise-control-service
force-pushed
the
master
branch
from
22ada3b
to
0ebc69f
Compare
cruise-control-service
force-pushed
the
master
branch
from
0ebc69f
to
0171b5b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR adds new fields to the sequence metadata so a client can use it to control a student's access:
Which view to be rendered would depend on
access_control_type, which can bepassword,IP range, orSecure Web Browser.Here's an outline of the technical proposal: https://docs.google.com/document/d/16qIS1LDl-STp0WJZk4swUb2y7ShFZE0Lec7iZiTwVFo
Supporting information
More context on the product proposal can be found here: https://openedx.atlassian.net/wiki/spaces/COMM/pages/3928293395/New+ways+of+restricting+access+to+subsections
Testing instructions
tutor dev exec lms shell && ./manage lms migrate learning_sequencesPOST <STUDIO_URL>/xblock/<USAGE_KEY>Here's an example:
GET <STUDIO_URL>/xblock/<USAGE_KEY>with the headerAccept: application/json