-
Notifications
You must be signed in to change notification settings - Fork 4.3k
[FC-0118] docs: add ADR for modulestore crud api with custom serializers #38302
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
taimoor-ahmed-1
wants to merge
1
commit into
openedx:docs/ADRs-axim_api_improvements
Choose a base branch
from
edly-io:docs/ADR-modulestore_crud_apis
base: docs/ADRs-axim_api_improvements
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
127 changes: 127 additions & 0 deletions
127
docs/decisions/0039-modulestore-crud-apis-with-custom-serializers.rst
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,127 @@ | ||
| ADR-016: Provide Modulestore CRUD APIs via Custom DRF Layers | ||
| ============================================================ | ||
|
|
||
| :Status: Proposed | ||
| :Date: 2026-04-08 | ||
| :Deciders: API Working Group | ||
|
|
||
| Context | ||
| ======= | ||
|
|
||
| Open edX currently lacks comprehensive REST APIs to create, view, update, and delete modulestore | ||
| entities (courses, blocks). Modulestore is not backed by standard Django models, so DRF cannot be | ||
| applied with model serializers directly. | ||
|
|
||
| Decision | ||
| ======== | ||
|
|
||
| Implement modulestore APIs using DRF **with custom serializers and service methods**: | ||
|
|
||
| 1. Create DRF ViewSets for modulestore resources (course, block). | ||
| 2. Use explicit, non-model serializers for validation and representation. | ||
| 3. Enforce permissions and visibility rules appropriate for authoring roles. | ||
| 4. Provide OpenAPI schemas and examples for all operations. | ||
|
|
||
| Relevance in edx-platform | ||
| ========================= | ||
|
|
||
| * **Modulestore is not ORM-backed**: Courses and blocks live in modulestore | ||
| (MongoDB/split); ``xmodule.modulestore`` exposes ``get_course()``, ``get_item()``, | ||
| ``update_item()``, etc. DRF model serializers do not apply directly. | ||
| * **Existing read-only APIs**: ``openedx/core/djangoapps/olx_rest_api/views.py`` | ||
| uses ``@api_view(['GET'])`` and ``view_auth_classes()``, calls | ||
| ``modulestore().get_item()`` and ``serialize_modulestore_block_for_learning_core()``, | ||
| and returns a custom JSON shape (no ModelSerializer). Contentstore course API | ||
| (``cms/djangoapps/contentstore/api/views/utils.py``) uses ``BaseCourseView`` and | ||
| ``modulestore().get_course()`` with custom depth handling. | ||
| * **Studio/course authoring**: Contentstore views (e.g. ``contentstore/views/block.py``, | ||
| ``course.py``) perform create/update/delete via Python APIs, not REST; this ADR | ||
| proposes exposing CRUD via DRF with custom serializers and service-layer methods. | ||
|
|
||
| Code examples | ||
| ============= | ||
|
|
||
| **Custom serializer (no model):** | ||
|
|
||
| .. code-block:: python | ||
|
|
||
| from rest_framework import serializers | ||
|
|
||
| class ModulestoreBlockSerializer(serializers.Serializer): | ||
| id = serializers.CharField(read_only=True) | ||
| block_type = serializers.CharField() | ||
| display_name = serializers.CharField(required=False) | ||
| parent = serializers.CharField(required=False) | ||
|
|
||
| def create(self, validated_data): | ||
| return modulestore_service.create_block( | ||
| self.context["course_key"], validated_data | ||
| ) | ||
|
|
||
| def update(self, instance, validated_data): | ||
| return modulestore_service.update_block(instance, validated_data) | ||
|
|
||
| **ViewSet with custom get_queryset / get_object:** | ||
|
|
||
| .. code-block:: python | ||
|
|
||
| from rest_framework import viewsets | ||
| from openedx.core.lib.api.view_utils import view_auth_classes | ||
|
|
||
| @view_auth_classes() | ||
| class ModulestoreBlockViewSet(viewsets.ModelViewSet): | ||
| serializer_class = ModulestoreBlockSerializer | ||
| permission_classes = [IsAuthenticated, HasStudioWriteAccess] | ||
|
|
||
| def get_object(self): | ||
| usage_key = UsageKey.from_string(self.kwargs["usage_key"]) | ||
| if not has_studio_read_access(self.request.user, usage_key.course_key): | ||
| raise PermissionDenied() | ||
| return modulestore().get_item(usage_key) | ||
|
|
||
| def get_queryset(self): | ||
| course_key = CourseKey.from_string(self.kwargs["course_id"]) | ||
| return modulestore().get_items(course_key, ...) # or service method | ||
|
|
||
| # Router: /api/modulestore/courses/<course_id>/blocks/ list, retrieve, create, update, destroy | ||
|
|
||
| **Service layer (recommended):** | ||
|
|
||
| .. code-block:: python | ||
|
|
||
| # services.py | ||
| def get_block(usage_key, user): | ||
| if not has_studio_read_access(user, usage_key.course_key): | ||
| raise PermissionDenied() | ||
| return modulestore().get_item(usage_key) | ||
|
|
||
| def update_block(usage_key, user, data): | ||
| block = get_block(usage_key, user) | ||
| if not has_studio_write_access(user, usage_key.course_key): | ||
| raise PermissionDenied() | ||
| # Apply data to block, then modulestore().update_item(...) | ||
| return block | ||
|
|
||
| Consequences | ||
| ============ | ||
|
|
||
| * Pros | ||
|
|
||
| * Enables cleaner authoring/integration flows for Studio/MFEs and external tools. | ||
| * Standardizes modulestore interactions behind documented REST APIs. | ||
|
|
||
| * Cons / Costs | ||
|
|
||
| * Significant implementation effort; careful security/authorization required. | ||
| * Backing store migrations must be abstracted behind stable service interfaces. | ||
|
|
||
| Implementation Notes | ||
| ==================== | ||
|
|
||
| * Start with read-only endpoints (GET) for course structure/blocks, then add write operations. | ||
| * Ensure stable contracts independent of modulestore backend. | ||
|
|
||
| References | ||
| ========== | ||
|
|
||
| * “Modulestore APIs” recommendation in the Open edX REST API standardization notes. | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are trying to move away from moduelstore toward
openedx_content, so I'm reluctant to see anyone investing "significant implementation effort" in new/improved APIs for modulestore, unless there's a really pressing short-term use case.