Currently openedx.core.lib.api contains building blocks for creating APIs through DRF. These building blocks could be used across multiple projects at edx, but because they are in the edx-platform it makes their reuse difficult. I'm proposing we move all classes to the edx-drf-extensions repo, which already gets built as a package and installed into edx-platform.
File | Class / Method | Description |
---|---|---|
authentication.py | SessionAuthenticationAllowInactiveUser | Ensure that the user is logged in, but do not require the account to be active |
OAuth2AuthenticationAllowInactiveUser | This is a temporary workaround while the is_active field on the user is coupled | |
fields.py | ExpandableField | Field that can dynamically use a more detailed serializer based on a user-provided "expand" parameter |
mixins.py | AbsoluteURLField | Field that serializes values to absolute URLs based on the current request |
PutAsCreateMixin | Backwards compatibility with Django Rest Framework v2, which allowed | |
parsers.py | TypedFileUploadParser | Handles upload of files, ensuring that the media type is supported, and |
MergePatchParser | Custom parser to be used with the "merge patch" implementation (https://tools.ietf.org/html/rfc7396). | |
permissions.py | ApiKeyHeaderPermission | Django REST Framework permissions class used to manage API Key integrations |
ApiKeyHeaderPermissionIsAuthenticated | Allow someone to access the view if they have the API key OR they are authenticated | |
IsUserInUrl | Permission that checks to see if the request user matches the user in the URL | |
IsCourseStaffInstructor | Permission to check that user is a course instructor or staff of | |
IsMasterCourseStaffInstructor | Permission to check that user is instructor or staff of the master course | |
IsStaff | Permission that checks to see if the request user has is_staff access | |
IsUserInUrlOrStaff | Permission that checks to see if the request user matches the user in the URL or has is_staff access | |
IsStaffOrReadOnly | Permission that checks to see if the user is global or course | |
IsStaffOrOwner | Permission that allows access to admin users or the owner of an object. | |
serializers.py | CollapsedReferenceSerializer | Serializes arbitrary models in a collapsed format, with just an id and url |
CourseKeyField | Serializer field for a model CourseKey field | |
test_utils.py | ApiTestCase | Parent test case for API workflow coverage |
view_utils.py | DeveloperErrorViewMixin | A view mixin to handle common error cases other than validation failure |
ExpandableFieldViewMixin | A view mixin to add expansion information to the serializer context for later use by an ExpandableField | |
view_auth_classes | Function and class decorator that abstracts the authentication and permission checks for api views. | |
add_serializer_errors | Adds errors from serializer validation to field_errors. data is the original data to deserialize | |
build_api_error | Build an error dict corresponding to edX API conventions | |
RetrievePatchAPIView | Concrete view for retrieving and updating a model instance | |