Fox/backport default pdf verawood#38869
Conversation
Signed-off-by: Farhaan Bukhsh <farhaan@opencraft.com>
Signed-off-by: Farhaan Bukhsh <farhaan@opencraft.com>
…edx#38497) (cherry picked from commit d327dd3)
This update includes the new editor design. This is a backport of this new editor to the verawood release branch.
…dx#38477) (openedx#38495) Backport of openedx#38477 / cherry picked from commit 8bcdd46 Co-authored-by: Copilot <copilot@github.com>
- Integrate extended profile model into account settings flow - Improve validation and error handling - Refactor form handling and API separation - Ensure atomic updates for profile changes - Support PROFILE_EXTENSION_FORM setting - Add and update comprehensive unit tests - Improve documentation and code clarity
feat: add support for course permission in authz rest apis Commit generated by workflow `openedx/openedx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master` Co-authored-by: MaferMazu <35668326+MaferMazu@users.noreply.github.com>
Signed-off-by: Farhaan Bukhsh <farhaan@opencraft.com>
This addresses a bug that was breaking course export when edx-val based transcripts were missing from the file store. With this fix, the course export skips the missing transcript without erroring out entirely.
Maps the legacy STUDIO_BASE_URL key to the optional frontend-base cmsBaseUrl field so it surfaces at the top level of FrontendSiteConfigView instead of falling through to commonAppConfig. Co-Authored-By: Claude <noreply@anthropic.com>
Adds a structural translator from the legacy PARAGON_THEME_URLS shape (frontend-platform's env.config.jsx) into the frontend-base SiteConfig `theme` setting served by FrontendSiteConfigView. frontend-base loads Paragon's base CSS via its shell stylesheet, so the runtime `theme` is exclusively a brand-override mechanism. The translator deliberately narrows to `urls.brandOverride` only; bare `url` and `urls.default` would point at Paragon defaults and clobber the bundled CSS, so they are dropped. `defaults` passes through unchanged when at least one URL survives, and is dropped (along with the whole `theme` key) when no URL survives, since `defaults` alone is meaningless without a stylesheet to point at. PARAGON_THEME_URLS is also added to the site-level keys stripped from per-app MFE_CONFIG_OVERRIDES, since `theme` is site-level only in frontend-base. Co-Authored-By: Claude <noreply@anthropic.com>
Purposefully not adding the older releases here but for any new releases we should test on the branch once PRs are merged to make sure there are no regressions that were missed by weird merge timing.
…oints (openedx#38458) - Support ?ordering= query param on special exam allowances and attempts list endpoints via in-memory sort (edx-proctoring returns plain lists, not querysets; see openedx/edx-proctoring#1320) - Add derived exam_type field (timed/proctored/practice) to special exam and attempt serializer responses - Return authenticated user's username in course metadata response - Make reason field optional and blank-safe on due date extension endpoint (BlockDueDateSerializerV2)
* feat: add generate exception certificates modal * feat: add tests * fix: tests * fix: linting
The set_course_mode_price view had no authorization check beyond @login_required, meaning any authenticated user could POST to it and rewrite the honor-mode price for any course — a privilege escalation vulnerability. Ideally this endpoint would be removed: it has no known callers in the UI (no templates or JS reference it), no tests, and targets the legacy 'honor' mode. However, it is publicly routed and external consumers may depend on it, so removal requires going through the DEPR process before we can act. In the meantime, this commit closes the security hole regardless of how active the endpoint is. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…x#38578) (openedx#38675) FieldError at /admin/content_libraries/contentlibrary/:id/change/ Unknown field(s) (authorized_lti_configs) Co-authored-by: Braden MacDonald <braden@opencraft.com>
validate_timestamp_and_nonce previously returned True unconditionally, allowing any captured LTI launch request to be replayed indefinitely. Now rejects requests whose oauth_timestamp falls outside a ±5-minute window, then atomically records the nonce in the Django cache via cache.add() (OEP-0022 key generation via get_cache_key). A replay returns False immediately because cache.add() only writes when the key is absent. TieredCache is intentionally not used here: it has no atomic add primitive, so a separate get-then-set would leave a race window that defeats the protection. See the updated docstring for details. Documents the requirement for a shared cache backend (Redis or Memcached) in multi-node deployments in both the app and repo READMEs. Fixes GHSA-6gm5-c49g-p3h9 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Add missing class docstring to TimestampAndNonceValidatorTest (C0115) - Move time.time patch from class decorator into setUp/addCleanup to eliminate unused mock parameters in every test method (PT019) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
) * fix: ValidationError when trying to add components to a collection (openedx#38579) * fix: don't sleep for a half second every time we update meilisearch (openedx#38576) * fix: various issues with modulestore migrator and content library events (openedx#38508) * fix: update modulestore migrator to not publish in draft context * fix: use correct date/user info for modulestore migrator * fix: allow our event handling tasks to call subtasks * fix: better handling of deletion/un-deletion using openedx-core fixes * fix: exception raised when mass-deleting all items in a content library (ContentLibraryBlockNotFound was being raised and not caught, propagating up to celery task error) * fix: don't update the 'collections' field of deleted entities when modifying a collection * fix: keep collection "# of entities" count updated when entities deleted * refactor: use LIBRARY_COLLECTION_UPDATED event to update collections on entity (un)delete * fix: unable to delete "ghost" component in library if it exists but has no draft * fix: error when deleting lib component used in a container (openedx#38607) * fix: bump openedx-core to v1.0.2 --------- Co-authored-by: Claude <noreply@anthropic.com>
Commit generated by workflow `openedx/openedx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/release/verawood`
The PUT /api/contentstore/v1/videos/{course_id}/download endpoint fetched
every client-supplied files[].url server-side with
requests.get(url, allow_redirects=True) and returned the bytes inside the
ZIP response. Because the URLs were never validated, an authenticated user
with studio read access could point them at internal services or cloud
metadata endpoints and exfiltrate the responses (GHSA-fpf9-9rpr-jvrx).
By design these URLs are always a subset of the course's own VAL
encoded_videos[].url values (the same data the video listing hands the
frontend). Restrict fetches to that allowlist: build the set of legitimate
URLs for the course and reject any request containing a URL outside it
before any HTTP request is made. This eliminates the SSRF rather than
merely narrowing it.
Adds VideoDownloadViewTest (the endpoint previously had no test coverage)
covering the allowed-URL success path, rejection of disallowed URLs without
any outbound request, mixed allowed/disallowed batches, and the non-staff
permission gate.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
openedx#38790) (openedx#38794) (backport) Now, when pasting a container into a library: * Only a single draft change log is created, regardless of how many "things" are in the container, and * The change is properly attributed to the current user who pressed "paste"
…edx#38788) * feat: add platform glob scope support (openedx#38660) * feat: add platform-wide authz scope support * feat: enhance course listing authorization with global toggle support * chore: upgrade openedx-authz to 1.19.0 * docs: add docstring for mock authorization toggle in course listing tests * fix: add missing org scope support in instructor dashboard (openedx#38721) * feat: enhance role assignment handling for users with org-wide scopes * refactor: update role assertion methods * refactor: replace external_key initialization with build_external_key method * refactor: streamline role assignment by directly using build_external_key method * refactor: update role assignment scope initialization to use ScopeData * refactor: introduce helper function to extract org and course ID from AuthZ scope * refactor: replace has_access with administrative_accesses_to_course_for_user * docs: clarify legacy-only CourseAccessRole query in studio course list * refactor: simplify user role assignment retrieval by using scoped api method * fix: preserve catalog and staff checks for authZ about-page access (openedx#38736) * fix: preserve catalog and staff checks for authZ about-page access * refactor: remove about page catalog visibility error function and return CatalogVisibilityError directly
* feat: added ora reminder notification
…t-ora-reminder-verawood [Backport] feat: add ora reminder notification
…openedx#38852) Replace course_version in the sidebar cache key with a block_structure_version derived from BlockStructureModel.data_version. course_version changes eagerly on publish, causing a cache miss before the block structure is rebuilt — poisoning the cache with stale data for 1 hour. block_structure_version only changes after the async rebuild completes, so cache misses only occur when fresh data is available. This is a backport of openedx#38785.
The previous vendored pdf.js was 1.0.907 (May 2013), four major versions behind upstream and within the range covered by Mozilla's GHSA-wgrm-67xf-hhpq (arbitrary JavaScript execution upon opening a malicious PDF). 5.7.284 is well past the >= 4.2.67 fix line. The replacement comes from Mozilla's prebuilt `pdfjs-5.7.284-legacy-dist.zip` GitHub Release artifact rather than the `pdfjs-dist` npm package because the npm package is library-only -- it ships `pdf.mjs` plus a bare `PDFViewer` component class, but no `viewer.html` / `viewer.mjs` / `viewer.css` / locale files. A full npm integration would mean rewriting the viewer page against the bare component, which is appropriate as a non-security follow-up but not as the fix here. The viewer page (`lms/templates/pdf_viewer.html`) is rewritten as a Mako adaptation of upstream `web/viewer.html`. A `<base href>` makes the viewer's relative asset URLs resolve against the vendored copy. The analytics shim (`lms/static/js/pdf-analytics.js`) is rewritten in vanilla JS against `PDFViewerApplication.eventBus`. Four analytics events (`textbook.pdf.thumbnails.toggled`, `textbook.pdf.thumbnail.navigated`, `textbook.pdf.outline.toggled`, `textbook.pdf.page.scrolled`) no longer fire because the corresponding UI elements were refactored away in pdf.js 4.x's Views Manager redesign. A new `scripts/refresh-pdfjs-vendor.sh` is the tool for future bumps: update PDFJS_VERSION + PDFJS_LEGACY_ZIP_SHA256, re-run, commit. Closes GHSA-mj74-gfq3-2v9f. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ready exist (openedx#38840) (openedx#38858) * fix: Cannot rerun courses - authz role assignment expects rerun to already exist * squash!: Increase test coverage * squash!: Improve tests * squash!: Add TODO comments and improve assert handling
chore: upgrade to the latest openedx-authz version Commit generated by workflow `openedx/openedx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master` Co-authored-by: Maria Grimaldi (Majo) <maria.grimaldi@edunext.co>
|
Thanks for the pull request, @Kelketek! This repository is currently maintained by Once you've gone through the following steps feel free to tag them in a comment and let them know that your changes are ready for engineering review. 🔘 Get product approvalIf you haven't already, check this list to see if your contribution needs to go through the product review process.
🔘 Provide contextTo help your reviewers and other members of the community understand the purpose and larger context of your changes, feel free to add as much of the following information to the PR description as you can:
🔘 Get a green buildIf one or more checks are failing, continue working on your changes until this is no longer the case and your build turns green. DetailsWhere can I find more information?If you'd like to get more details on all aspects of the review process for open source pull requests (OSPRs), check out the following resources: When can I expect my changes to be merged?Our goal is to get community contributions seen and reviewed as efficiently as possible. However, the amount of time that it takes to review and merge a PR can vary significantly based on factors such as:
💡 As a result it may take up to several weeks or months to complete a review and merge your PR. |
|
Wrong branch |
Description
This is a backport of #38868 , added because PDF default support was slated for Verawood but was found to be missing during testing.
Supporting information
PDF block product proposal: https://openedx.atlassian.net/wiki/spaces/OEPM/pages/5335908397/Proposal+Add+PDF+Block+to+Base+Installation?focusedCommentId=6556647439
Testing instructions
Deadline
ASAP, so it's included for more people.