Moving openedx.core.lib.api to edx-drf-extensions
- George Babey
- Nimisha Asthagiri (Deactivated)
Owned by George Babey
Rationale:
Currently edx-platform contains openedx.core.lib.api which are building blocks for creating APIs through DRF such as serializers, permission decorators and error handlers. These building blocks could be used across multiple projects at edX, ensuring that we are consistent across our APIs, but because they are in the edx-platform it makes their reuse difficult. I'm proposing we move all classes to the edx-drf-extensions repo, which already gets built as a package and installed into edx-platform.
| File | Class / Method | Description | Status | Status Explanation |
|---|---|---|---|---|
| authentication.py | SessionAuthenticationAllowInactiveUser | Ensure that the user is logged in, but do not require the account to be active | ||
OAuth2AuthenticationAllowInactiveUser | This is a temporary workaround while the is_active field on the user is coupled | |||
| fields.py | ExpandableField | Field that can dynamically use a more detailed serializer based on a user-provided "expand" parameter | ||
| mixins.py | AbsoluteURLField | Field that serializes values to absolute URLs based on the current request | ||
PutAsCreateMixin | Backwards compatibility with Django Rest Framework v2, which allowed | |||
| parsers.py | TypedFileUploadParser | Handles upload of files, ensuring that the media type is supported, and | ||
MergePatchParser | Custom parser to be used with the "merge patch" implementation (https://tools.ietf.org/html/rfc7396). | |||
| permissions.py | ApiKeyHeaderPermission | Django REST Framework permissions class used to manage API Key integrations | NOT DOING | ApiKey is deprecated. |
ApiKeyHeaderPermissionIsAuthenticated | Allow someone to access the view if they have the API key OR they are authenticated | NOT DOING | ApiKey is deprecated. | |
IsUserInUrl | Permission that checks to see if the request user matches the user in the URL | DONE | Moved to edx-drf-extensions | |
IsCourseStaffInstructor | Permission to check that user is a course instructor or staff of | |||
IsMasterCourseStaffInstructor | Permission to check that user is instructor or staff of the master course | |||
IsStaff | Permission that checks to see if the request user has is_staff access | DONE | Moved to edx-drf-extensions | |
IsUserInUrlOrStaff | Permission that checks to see if the request user matches the user in the URL or has is_staff access | NOT DOING | Use rest_condition instead. | |
IsStaffOrReadOnly | Permission that checks to see if the user is global or course | |||
IsStaffOrOwner | Permission that allows access to admin users or the owner of an object. | |||
| serializers.py | CollapsedReferenceSerializer | Serializes arbitrary models in a collapsed format, with just an id and url | ||
CourseKeyField | Serializer field for a model CourseKey field | DONE | Moved to opaque-keys | |
| test_utils.py | ApiTestCase | Parent test case for API workflow coverage | ||
| view_utils.py | DeveloperErrorViewMixin | A view mixin to handle common error cases other than validation failure | ||
ExpandableFieldViewMixin | A view mixin to add expansion information to the serializer context for later use by an ExpandableField | |||
view_auth_classes | Function and class decorator that abstracts the authentication and permission checks for api views. | |||
add_serializer_errors | Adds errors from serializer validation to field_errors. data is the original data to deserialize | |||
build_api_error | Build an error dict corresponding to edX API conventions | |||
RetrievePatchAPIView | Concrete view for retrieving and updating a model instance | |||