fix: hide course authoring content when enable_course_authoring is off#176
fix: hide course authoring content when enable_course_authoring is off#176bra-i-am wants to merge 4 commits into
Conversation
|
Thanks for the pull request, @bra-i-am! This repository is currently maintained by Once you've gone through the following steps feel free to tag them in a comment and let them know that your changes are ready for engineering review. 🔘 Get product approvalIf you haven't already, check this list to see if your contribution needs to go through the product review process.
🔘 Provide contextTo help your reviewers and other members of the community understand the purpose and larger context of your changes, feel free to add as much of the following information to the PR description as you can:
🔘 Get a green buildIf one or more checks are failing, continue working on your changes until this is no longer the case and your build turns green. DetailsWhere can I find more information?If you'd like to get more details on all aspects of the review process for open source pull requests (OSPRs), check out the following resources: When can I expect my changes to be merged?Our goal is to get community contributions seen and reviewed as efficiently as possible. However, the amount of time that it takes to review and merge a PR can vary significantly based on factors such as:
💡 As a result it may take up to several weeks or months to complete a review and merge your PR. |
9c86539 to
84b092e
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #176 +/- ##
==========================================
+ Coverage 97.48% 97.59% +0.10%
==========================================
Files 66 67 +1
Lines 1552 1579 +27
Branches 400 409 +9
==========================================
+ Hits 1513 1541 +28
+ Misses 39 38 -1 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
e268688 to
9e97e1e
Compare
93a14f8 to
b049a37
Compare
b88a859 to
92351b0
Compare
|
@bra-i-am does this change depend on new changes in openedx-authz? I tried to run it on my env which was built from main a couple of days ago and I see the following errors on the browser inspector when loading the admin-console form this branch: Request: POST http://local.openedx.io:8000/api/authz/v1/permissions/validate/me Payload: [{"action":"content_libraries.manage_library_team"},{"action":"courses.manage_course_team"}] Response: [{"scope":["This field is required."]},{"scope":["This field is required."]}] |
Closes openedx/openedx-authz#340
Closes openedx/openedx-authz#341
When the
authz.enable_course_authoringwaffle flag is OFF, the Admin Console was still displaying course-related content in the Team Members tab, Audit User view, and role assignment wizard. This PR makes all those surfaces aware of the flag state.How it works
The flag state is surfaced indirectly through the permission system: when the flag is turned off for an org, the authz migration removes course roles from Casbin, which causes
courses.view_course_teamto returnallowed: falsefor users who no longer have any active course roles. The frontend usesuseValidateUserPermissionsNonSuspensewith the newVIEW_TEAM_PERMISSIONSconstant as the signal for whether to show course content.Main changes
roles-permissions/index.ts— addsVIEW_TEAM_PERMISSIONS, a new constant withVIEW_LIBRARY_TEAMandVIEW_COURSE_TEAMactions, used as the domain-visibility signal across all components.ScopesFilter— checksVIEW_COURSE_TEAMand passesscope_type=libraryto the scopes API when course view is not allowed, so courses are excluded from the dropdown at the API level.TeamMembersTable— computeseffectiveQuerySettingsthat injectsroles=<library_role_keys>into the API request when course view is not allowed, so only library assignments are fetched and the pagination count is accurate.AuditUserPage— applies the sameeffectiveQuerySettingsapproach as TeamMembersTable.AssignRoleWizardPage— adds aVIEW_TEAM_PERMISSIONScheck alongside the existingMANAGE_TEAM_PERMISSIONScheck; course roles are excluded fromrolesAssignablewhenVIEW_COURSE_TEAMis not allowed, so they do not appear in the role assignment wizard.Test plan
authz.enable_course_authoringOFF at platform level and add an org-level override set to Force Off for the target org — this triggers the rollback migration.Screencast
Screencast.from.02-07-26.10.29.24.webm