...
Lucidchart | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Common Questions
...
Courses and CourseRuns have many people and orgs through join tables which also specify their relation to the course/run. For example all courses will be related to the org which is running the course, but some courses also have a sponsor who is not directly running the course, but providing assistance in some way, like Databricks sponsoring this Berkley course on spark https://www.edx.org/course/introduction-spark-uc-berkeleyx-cs105x.
Authorization
The authorization progression would be as follows:
V1 - API is read-only. Anyone with a valid access token can read.
V2 - API has basic CRUD operations. Only super users can access non-read endpoints. Note: this would necessarily coincide with a switch making this the system of record for course metadata.
V3 - Super users can grant standard users create and update permissions at an organization level (TBD on delete). E.G. Harvard users may be given access to edit/update any course, course run, or person that exists under the Harvard organization.