-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sync opencraft-release/quince.1 with Upstream 20240520-1716214773 #658
Sync opencraft-release/quince.1 with Upstream 20240520-1716214773 #658
Commits on Apr 1, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 620516c - Browse repository at this point
Copy the full SHA 620516cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 900fad0 - Browse repository at this point
Copy the full SHA 900fad0View commit details
Commits on Apr 2, 2024
-
fix: session_language url renamed to update_language
The url was renamed from session_language to update_language but it was still referred to in some html templates
Configuration menu - View commit details
-
Copy full SHA for 0906265 - Browse repository at this point
Copy the full SHA 0906265View commit details
Commits on Apr 4, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 49cdbff - Browse repository at this point
Copy the full SHA 49cdbffView commit details
Commits on Apr 5, 2024
-
fix: validation error for empty Batch Enrollment/Beta Tester (openedx…
…#34404) Co-authored-by: Dima Alipov <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for eb11261 - Browse repository at this point
Copy the full SHA eb11261View commit details
Commits on Apr 6, 2024
-
Merge pull request openedx#34448 from magajh/magajh/patch-django-quin…
…ce-4.2.11 chore: update Django to 4.2.11 for Quince - Security Patch
Configuration menu - View commit details
-
Copy full SHA for d782803 - Browse repository at this point
Copy the full SHA d782803View commit details
Commits on Apr 8, 2024
-
feat: Adds disable_progress_graph attribute to the returned course_me…
…tadata response Currently, openedx/frontend-app-authoring#517 faces an issue when the progress graph toggle is enabled/disabled but the settings are not respected, the disable_progress_graph attribute will allow the frontend-app-learning repo to use this attribute to respect the settings authored from frontend-app-course-authoring and ultimately fix openedx/frontend-app-authoring#517.
Configuration menu - View commit details
-
Copy full SHA for 2eb82ad - Browse repository at this point
Copy the full SHA 2eb82adView commit details -
Merge pull request openedx#34324 from raccoongang/fix-disable-progres…
…s-graph feat: Adds disable_progress_graph attribute to the returned course_me…
Configuration menu - View commit details
-
Copy full SHA for f3f160f - Browse repository at this point
Copy the full SHA f3f160fView commit details
Commits on Apr 10, 2024
-
feat: add ability to notify credentials about honor certificates (ope…
…nedx#34485) Co-authored-by: Dima Alipov <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 25eb223 - Browse repository at this point
Copy the full SHA 25eb223View commit details -
fix: Social link parsing approach changed (openedx#33610)
* fix: Social link parsing approach changed * fix: fix tests * fix: better approach
Configuration menu - View commit details
-
Copy full SHA for a6bd0e2 - Browse repository at this point
Copy the full SHA a6bd0e2View commit details
Commits on Apr 23, 2024
-
fix: "Course org display str" option doesnt influence certificate (op…
…enedx#34466) "Course organization display string" option in Advanced settings doesn't influence certificate. Co-authored-by: Dima Alipov <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for b036cd0 - Browse repository at this point
Copy the full SHA b036cd0View commit details
Commits on May 10, 2024
-
fix: Course blocks API with param return_type=list error when the new…
… discussion is enabled (openedx#34426) Co-authored-by: Jason Wesson <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for d91cadf - Browse repository at this point
Copy the full SHA d91cadfView commit details
Commits on May 17, 2024
-
fix: prevent setting user attributes from JWT in Studio
Open edX implements its a JwtAuthentication class in edx-drf-extensions (in edx_rest_framework_extensions.auth.jwt.authentication). This class updates the local User database entry to match certain values in the token. It's used as a way to automatically provision and update users with their LMS user information on other Open edX services like ecommerce. Since LMS and Studio keep the record of truth in its database tables, they should *not* update their database user information based on the JWT. Doing so would allow stale JWTs to incorrectly reset user values after they had been changed in the LMS. This is done by having the EDX_DRF_EXTENSIONS['JWT_PAYLOAD_USER_ATTRIBUTE_MAPPING'] setting be an empty dictionary, and was set correctly for the LMS in its common.py env settings module. Unfortunately, this was *not* being set for Studio. This commit adds the same setting to Studio's common settings module. Prior to this commit, it was possible for a stale JWT to reset user attributes if the user hit a Studio API endpoint that used JWT for auth (e.g. endpoints used by the Course Authoring MFE). This opened up a potential security issue where a global staff user (is_staff=True) that had their global staff status removed (is_staff=False) could have up to a one hour window in which they could use their stale-but-still-valid global-staff JWT token to regain global staff status by calling a Studio endpoint with their browser.
Configuration menu - View commit details
-
Copy full SHA for 3ff69fd - Browse repository at this point
Copy the full SHA 3ff69fdView commit details