diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e5d46dcb7..00e6d02d0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,7 +4,6 @@ on: push: branches: [master] pull_request: - branches: [master] concurrency: group: ci-${{ github.event.pull_request.number || github.ref }} diff --git a/CHANGELOG.rst b/CHANGELOG.rst index b1c4c6109..4606fec71 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -17,11 +17,15 @@ Unreleased ---------- * nothing unreleased -[4.33.2] +[5.1.0] -------- * feat: update EnterpriseGroupMembershipSerializer to include learner course enrollment count * feat: updated learner query to filter by full name +[5.0.0] +-------- +* refactor: Removed `plotly_token/` API endpoint and related views from enterprise API. + [4.33.1] -------- * feat: Creating enterprise customer members endpoint for admin portal diff --git a/enterprise/__init__.py b/enterprise/__init__.py index a58b40b13..1a5c8140b 100644 --- a/enterprise/__init__.py +++ b/enterprise/__init__.py @@ -2,4 +2,4 @@ Your project description goes here. """ -__version__ = "4.33.2" +__version__ = "5.1.0" diff --git a/enterprise/api/v1/urls.py b/enterprise/api/v1/urls.py index 3d276bd93..f46d5b55d 100644 --- a/enterprise/api/v1/urls.py +++ b/enterprise/api/v1/urls.py @@ -27,7 +27,6 @@ notifications, pending_enterprise_customer_admin_user, pending_enterprise_customer_user, - plotly_auth, ) router = DefaultRouter() @@ -131,11 +130,6 @@ coupon_codes.CouponCodesView.as_view(), name='request-codes' ), - re_path( - r'^plotly_token/(?P[A-Za-z0-9-]+)$', - plotly_auth.PlotlyAuthView.as_view(), - name='plotly-token' - ), re_path( r'^enterprise_report_types/(?P[A-Za-z0-9-]+)$', enterprise_customer_reporting.EnterpriseCustomerReportTypesView.as_view(), diff --git a/enterprise/api/v1/views/enterprise_customer_members.py b/enterprise/api/v1/views/enterprise_customer_members.py index 4f0a3f79d..ca292aa4c 100644 --- a/enterprise/api/v1/views/enterprise_customer_members.py +++ b/enterprise/api/v1/views/enterprise_customer_members.py @@ -78,7 +78,7 @@ def get_members(self, request, *args, **kwargs): au.id, au.email, au.date_joined, - coalesce(NULLIF(aup.name, ' '), (au.first_name || ' ' || au.last_name)) as full_name + coalesce(NULLIF(aup.name, ''), (au.first_name || ' ' || au.last_name)) as full_name FROM enterprise_enterprisecustomeruser ecu INNER JOIN auth_user as au on ecu.user_id = au.id LEFT JOIN auth_userprofile as aup on au.id = aup.user_id diff --git a/enterprise/api/v1/views/plotly_auth.py b/enterprise/api/v1/views/plotly_auth.py deleted file mode 100644 index 2f9005704..000000000 --- a/enterprise/api/v1/views/plotly_auth.py +++ /dev/null @@ -1,62 +0,0 @@ -""" -Views for Plotly auth. -""" - -from time import time - -import jwt -from edx_rbac.decorators import permission_required -from rest_framework import generics -from rest_framework.permissions import IsAuthenticated - -from django.conf import settings -from django.http import JsonResponse - -from enterprise.models import EnterpriseCustomer - - -class PlotlyAuthView(generics.GenericAPIView): - """ - API to generate a signed token for an enterprise admin to use Plotly analytics. - """ - permission_classes = (IsAuthenticated,) - - @permission_required( - 'enterprise.can_access_admin_dashboard', - fn=lambda request, enterprise_uuid: enterprise_uuid - ) - def get(self, request, enterprise_uuid): - """ - Generate auth token for plotly. - """ - # This is a new secret key and will be only shared between LMS and our Plotly server. - secret_key = settings.ENTERPRISE_PLOTLY_SECRET - - now = int(time()) - expires_in = 3600 # time in seconds after which token will be expired - exp = now + expires_in - - CLAIMS = { - "exp": exp, - "iat": now - } - - jwt_payload = dict({ - 'enterprise_uuid': enterprise_uuid, - 'audit_data_reporting_enabled': self._is_audit_data_reporting_enabled(enterprise_uuid), - }, **CLAIMS) - - token = jwt.encode(jwt_payload, secret_key, algorithm='HS512') - json_payload = {'token': token} - return JsonResponse(json_payload) - - @staticmethod - def _is_audit_data_reporting_enabled(enterprise_uuid): - """ - Check if audit data reporting is enabled for the enterprise. - - Args: - enterprise_uuid (str): UUID of the enterprise. - """ - enterprise = EnterpriseCustomer.objects.filter(uuid=enterprise_uuid).first() - return getattr(enterprise, 'enable_audit_data_reporting', False) diff --git a/tests/test_enterprise/api/test_views.py b/tests/test_enterprise/api/test_views.py index d6cbe984c..1d4016719 100644 --- a/tests/test_enterprise/api/test_views.py +++ b/tests/test_enterprise/api/test_views.py @@ -14,7 +14,6 @@ from urllib.parse import parse_qs, urlencode, urljoin, urlsplit, urlunsplit import ddt -import jwt import pytz import responses from edx_toggles.toggles.testutils import override_waffle_flag @@ -7755,67 +7754,6 @@ def test_same_enable_universal_link(self): self.assertEqual(response['detail'], 'No changes') -@mark.django_db -class TestPlotlyAuthView(APITest): - """ - Test PlotlyAuthView - """ - - PLOTLY_TOKEN_ENDPOINT = 'plotly-token' - - def setUp(self): - """ - Common setup for all tests. - """ - super().setUp() - self.client.login(username=self.user.username, password=TEST_PASSWORD) - self.enterprise_uuid = fake.uuid4() - self.enterprise_uuid2 = fake.uuid4() - self.url = settings.TEST_SERVER + reverse( - self.PLOTLY_TOKEN_ENDPOINT, kwargs={'enterprise_uuid': self.enterprise_uuid} - ) - - def test_view_with_normal_user(self): - """ - Verify that a user without having `enterprise.can_access_admin_dashboard` role can't access the view. - """ - response = self.client.get(self.url) - assert response.status_code == status.HTTP_403_FORBIDDEN - assert response.json() == {'detail': 'Missing: enterprise.can_access_admin_dashboard'} - - def test_view_with_admin_user(self): - """ - Verify that an enterprise admin user having `enterprise.can_access_admin_dashboard` role can access the view. - """ - EnterpriseCustomerFactory.create(uuid=self.enterprise_uuid, enable_audit_data_reporting=True) - self.set_jwt_cookie(ENTERPRISE_ADMIN_ROLE, self.enterprise_uuid) - - self.client.login(username=self.user.username, password=TEST_PASSWORD) - - response = self.client.get(self.url) - assert response.status_code == status.HTTP_200_OK - assert 'token' in response.json() - token = response.json().get('token') - decoded_jwt = jwt.decode(token, settings.ENTERPRISE_PLOTLY_SECRET, algorithms=['HS512']) - assert decoded_jwt['audit_data_reporting_enabled'] is True - - def test_view_with_admin_user_tries(self): - """ - Verify that an enterprise admin can create token for enterprise uuid present in jwt roles only. - """ - self.set_jwt_cookie(ENTERPRISE_ADMIN_ROLE, self.enterprise_uuid) - - url = settings.TEST_SERVER + reverse( - self.PLOTLY_TOKEN_ENDPOINT, kwargs={'enterprise_uuid': self.enterprise_uuid2} - ) - - self.client.login(username=self.user.username, password=TEST_PASSWORD) - - response = self.client.get(url) - assert response.status_code == status.HTTP_403_FORBIDDEN - assert response.json() == {'detail': 'Missing: enterprise.can_access_admin_dashboard'} - - @mark.django_db class TestAnalyticsSummaryView(APITest): """