Versions Compared

Old Version 1

changes.mady.by.user George Babey

Saved on

compared with

New Version 2

changes.mady.by.user George Babey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Rationale:

Currently edx-platform contains openedx.core.lib.api contains which are building blocks for creating APIs through DRF such as serializers, permission decorators and error handlers. These building blocks could be used across multiple projects at edxedX, ensuring that we are consistent across our APIs, but because they are in the edx-platform it makes their reuse difficult. I'm proposing we move all classes to the edx-drf-extensions repo, which already gets built as a package and installed into edx-platform.



FileClass / MethodDescription
authentication.py
SessionAuthenticationAllowInactiveUser
Ensure that the user is logged in, but do not require the account to be active

OAuth2AuthenticationAllowInactiveUser
This is a temporary workaround while the is_active field on the user is coupled
with whether or not the user has verified ownership of their claimed email address
fields.py
ExpandableField
Field that can dynamically use a more detailed serializer based on a user-provided "expand" parameter
mixins.py
AbsoluteURLField
Field that serializes values to absolute URLs based on the current request

PutAsCreateMixin
Backwards compatibility with Django Rest Framework v2, which allowed
creation of a new resource using PUT
parsers.py
TypedFileUploadParser
Handles upload of files, ensuring that the media type is supported, and
that the uploaded filename matches the Content-type

MergePatchParser
Custom parser to be used with the "merge patch" implementation (https://tools.ietf.org/html/rfc7396).
permissions.py
ApiKeyHeaderPermission
Django REST Framework permissions class used to manage API Key integrations

ApiKeyHeaderPermissionIsAuthenticated
Allow someone to access the view if they have the API key OR they are authenticated

IsUserInUrl
Permission that checks to see if the request user matches the user in the URL

IsCourseStaffInstructor
Permission to check that user is a course instructor or staff of
a master course given a course object or the user is a coach of
the course itself

IsMasterCourseStaffInstructor
Permission to check that user is instructor or staff of the master course

IsStaff
Permission that checks to see if the request user has is_staff access

IsUserInUrlOrStaff
Permission that checks to see if the request user matches the user in the URL or has is_staff access

IsStaffOrReadOnly
Permission that checks to see if the user is global or course
staff, permitting only read-only access if they are not

IsStaffOrOwner
Permission that allows access to admin users or the owner of an object.
The owner is considered the User object represented by obj.user
serializers.py
CollapsedReferenceSerializer
Serializes arbitrary models in a collapsed format, with just an id and url

CourseKeyField
Serializer field for a model CourseKey field
test_utils.py
ApiTestCase
Parent test case for API workflow coverage
view_utils.py
DeveloperErrorViewMixin
A view mixin to handle common error cases other than validation failure
(auth failure, method not allowed, etc.) by generating an error response
conforming to our API conventions with a developer message

ExpandableFieldViewMixin
A view mixin to add expansion information to the serializer context for later use by an ExpandableField

view_auth_classes
Function and class decorator that abstracts the authentication and permission checks for api views.

add_serializer_errors
Adds errors from serializer validation to field_errors. data is the original data to deserialize

build_api_error
Build an error dict corresponding to edX API conventions

RetrievePatchAPIView
Concrete view for retrieving and updating a model instance