Merge branch 'master' into mark_student_can_skip_entrance_exam_to_drf

openedx · Sep 20, 2024 · 9ee242d · 9ee242d
2 parents eb6ae22 + 471bdd2
commit 9ee242d
Show file tree

Hide file tree

Showing 116 changed files with 3,791 additions and 371 deletions.
diff --git a/README.rst b/README.rst
@@ -124,18 +124,47 @@ sites)::
   ./manage.py lms collectstatic
   ./manage.py cms collectstatic
 
+Set up CMS SSO (for Development)::
+
+  ./manage.py lms manage_user studio_worker [email protected] --unusable-password
+  # DO NOT DO THIS IN PRODUCTION. It will make your auth insecure.
+  ./manage.py lms create_dot_application studio-sso-id studio_worker \
+      --grant-type authorization-code \
+      --skip-authorization \
+      --redirect-uris 'http://localhost:18010/complete/edx-oauth2/' \
+      --scopes user_id  \
+      --client-id 'studio-sso-id' \
+      --client-secret 'studio-sso-secret'
+
+Set up CMS SSO (for Production):
+
+* Create the CMS user and the OAuth application::
+
+    ./manage.py lms manage_user studio_worker <[email protected]> --unusable-password
+    ./manage.py lms create_dot_application studio-sso-id studio_worker \
+        --grant-type authorization-code \
+        --skip-authorization \
+        --redirect-uris 'http://localhost:18010/complete/edx-oauth2/' \
+        --scopes user_id
+
+* Log into Django admin (eg. http://localhost:18000/admin/oauth2_provider/application/),
+  click into the application you created above (``studio-sso-id``), and copy its "Client secret".
+* In your private LMS_CFG yaml file or your private Django settings module:
+
+ * Set ``SOCIAL_AUTH_EDX_OAUTH2_KEY`` to the client ID (``studio-sso-id``).
+ * Set ``SOCIAL_AUTH_EDX_OAUTH2_SECRET`` to the client secret (which you copied).
 Run the Platform
 ----------------
 
 First, ensure MySQL, Mongo, and Memcached are running.
 
 Start the LMS::
 
-  ./manage.py lms runserver
+  ./manage.py lms runserver 18000
 
 Start the CMS::
 
-  ./manage.py cms runserver
+  ./manage.py cms runserver 18010
 
 This will give you a mostly-headless Open edX platform. Most frontends have
 been migrated to "Micro-Frontends (MFEs)" which need to be installed and run

diff --git a/cms/djangoapps/contentstore/rest_api/v1/serializers/home.py b/cms/djangoapps/contentstore/rest_api/v1/serializers/home.py
@@ -51,6 +51,7 @@ class CourseHomeSerializer(serializers.Serializer):
         allow_empty=True
     )
     archived_courses = CourseCommonSerializer(required=False, many=True)
+    can_access_advanced_settings = serializers.BooleanField()
     can_create_organizations = serializers.BooleanField()
     course_creator_status = serializers.CharField()
     courses = CourseCommonSerializer(required=False, many=True)

diff --git a/cms/djangoapps/contentstore/rest_api/v1/views/home.py b/cms/djangoapps/contentstore/rest_api/v1/views/home.py
@@ -52,6 +52,7 @@ def get(self, request: Request):
             "allow_unicode_course_id": false,
             "allowed_organizations": [],
             "archived_courses": [],
+            "can_access_advanced_settings": true,
             "can_create_organizations": true,
             "course_creator_status": "granted",
             "courses": [],

diff --git a/cms/djangoapps/contentstore/rest_api/v1/views/tests/test_home.py b/cms/djangoapps/contentstore/rest_api/v1/views/tests/test_home.py
@@ -44,6 +44,7 @@ def test_home_page_courses_response(self):
             "allow_unicode_course_id": False,
             "allowed_organizations": [],
             "archived_courses": [],
+            "can_access_advanced_settings": True,
             "can_create_organizations": True,
             "course_creator_status": "granted",
             "courses": [],

diff --git a/cms/djangoapps/contentstore/utils.py b/cms/djangoapps/contentstore/utils.py
@@ -1716,6 +1716,7 @@ def get_home_context(request, no_course=False):
         'allowed_organizations': get_allowed_organizations(user),
         'allowed_organizations_for_libraries': get_allowed_organizations_for_libraries(user),
         'can_create_organizations': user_can_create_organizations(user),
+        'can_access_advanced_settings': auth.has_studio_advanced_settings_access(user),
     }
 
     return home_context

diff --git a/cms/envs/devstack.py b/cms/envs/devstack.py
@@ -267,7 +267,8 @@ def should_show_debug_toolbar(request):  # lint-amnesty, pylint: disable=missing
 ################ Using LMS SSO for login to Studio ################
 SOCIAL_AUTH_EDX_OAUTH2_KEY = 'studio-sso-key'
 SOCIAL_AUTH_EDX_OAUTH2_SECRET = 'studio-sso-secret'  # in stage, prod would be high-entropy secret
-SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT = 'http://edx.devstack.lms:18000'  # routed internally server-to-server
+# routed internally server-to-server
+SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT = ENV_TOKENS.get('SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT', 'http://edx.devstack.lms:18000')
 SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT = 'http://localhost:18000'  # used in browser redirect
 
 # Don't form the return redirect URL with HTTPS on devstack

diff --git a/cms/templates/content_libraries/xblock_iframe.html b/cms/templates/content_libraries/xblock_iframe.html
@@ -6,7 +6,12 @@
   <base target="_blank">
   <meta charset="UTF-8">
   <!-- gettext & XBlock JS i18n code -->
-  <script type="text/javascript" src="{{ lms_root_url }}/static/js/i18n/en/djangojs.js"></script>
+  {% if is_development %}
+    <!-- in development, the djangojs file isn't available so use fallback-->
+    <script type="text/javascript" src="{{ lms_root_url }}/static/js/src/gettext_fallback.js"></script>
+  {% else %}
+    <script type="text/javascript" src="{{ lms_root_url }}/static/js/i18n/en/djangojs.js"></script>
+  {% endif %}
   <!-- Most XBlocks require jQuery: -->
   <script src="https://code.jquery.com/jquery-2.2.4.min.js"></script>
   <!-- The Video XBlock requires "ajaxWithPrefix" -->

diff --git a/common/djangoapps/course_modes/views.py b/common/djangoapps/course_modes/views.py
@@ -126,9 +126,13 @@ def get(self, request, course_id, error=None):  # lint-amnesty, pylint: disable=
             if ecommerce_service.is_enabled(request.user):
                 professional_mode = modes.get(CourseMode.NO_ID_PROFESSIONAL_MODE) or modes.get(CourseMode.PROFESSIONAL)
                 if purchase_workflow == "single" and professional_mode.sku:
-                    redirect_url = ecommerce_service.get_checkout_page_url(professional_mode.sku)
+                    redirect_url = ecommerce_service.get_checkout_page_url(
+                        professional_mode.sku, course_run_keys=[course_id]
+                    )
                 if purchase_workflow == "bulk" and professional_mode.bulk_sku:
-                    redirect_url = ecommerce_service.get_checkout_page_url(professional_mode.bulk_sku)
+                    redirect_url = ecommerce_service.get_checkout_page_url(
+                        professional_mode.bulk_sku, course_run_keys=[course_id]
+                    )
             return redirect(redirect_url)
         course = modulestore().get_course(course_key)
 

diff --git a/common/djangoapps/third_party_auth/tests/test_pipeline_integration.py b/common/djangoapps/third_party_auth/tests/test_pipeline_integration.py
@@ -583,7 +583,7 @@ def test_verification_signal(self):
         """
         Verification signal is sent upon approval.
         """
-        with mock.patch('openedx.core.djangoapps.signals.signals.LEARNER_NOW_VERIFIED.send_robust') as mock_signal:
+        with mock.patch('openedx_events.learning.signals.IDV_ATTEMPT_APPROVED.send_event') as mock_signal:
             # Begin the pipeline.
             pipeline.set_id_verification_status(
                 auth_entry=pipeline.AUTH_ENTRY_LOGIN,