/
[Proposal] Block registration from particular countries
  • Ready for review

    • [Proposal] Block registration from particular countries

    Owned by Aamir Ayub
    Last updated: Feb 20, 2025 by aamir ayub
    4 min read

    View the Github ticket for proposal status updates.

    Feature proposal

    We propose introducing a feature that allows platform administrators to restrict users from selecting one or more countries during sign-up and on the accounts page. Currently, no such option exists in the platform. The current embargo feature blocks country access per course and does not allow global blocking. This feature would be valuable in scenarios where admins need to prevent users from specific countries from accessing their edX instance, either due to legal, regulatory, or strategic reasons. This will also provide an easy-to-manage system for controlling user access without requiring manual intervention or workarounds.

    image-20250220-103603.png
    image-20250220-103713.png

    Current implementation

    Micro-Frontends (MFEs)
    The Authentication (authn), Account, and Profile MFEs currently use the @edx/frontend-platform library to get a list of translated country names. This library depends on the i18n-iso-countries npm package, which provides the country list and ensures the names are translated according to the user’s locale. Each of these MFEs retrieves the country list individually and displays it.

    Mobile Apps (Android & iOS)
    The Android and iOS apps, on the other hand, utilize a backend API to fetch the country list and display it.

    Proposed implementation

    This solution focuses on utilizing a single source of truth for mobile apps and MFEs, ensuring consistency across platforms using the same registration API to retrieve the country list. A filtration layer will be added to the registration API to remove the disabled country from the country list. This ensures that both mobile apps and MFEs receive the same filtered list for display. MFEs will need significant modifications to switch from using the @edx/frontend-platform library to this registration API for fetching the country list. Mobile apps already utilize the registration API for the country list, so no changes will be required for them.

    Benefits:

    • By consolidating the country list retrieval into one API, we eliminate discrepancies between mobile and web platforms.

    • Both MFEs and mobile apps will display the same filtered list of countries, enhancing the user experience.

    Considerations:

    • A process will be required to ensure that the registration API returns a translated country list, similar to how the @edx/frontend-platform library currently handles it. This is essential to maintain consistency in the user experience across all platforms.

    • The country list returned by the registration API must match the one provided by the @edx/frontend-platform library in terms of both content and translation. This ensures that users on MFEs and mobile apps receive the same list, with appropriate translations.

    Backend Control Mechanism


    A new model(database table) will be created in the embargo app and admin users can add restricted countries in that table using the Django admin user interface. meaning no countries are disabled unless explicitly specified.

    Countries in the database will be hidden from users in the registration form (Legacy). Users will not be able to select or switch to these disabled countries. If users attempt to select a disabled country (e.g., through manipulation), validation errors will prevent the form from being submitted, ensuring proper control over country selection.

    The initial Implementation was done by using the Django setting DISABLED_COUNTRIES

    We want to move this feature to embargo the Django app because all code for a specific domain (Country restrictions) should be in related apps instead of auth and profile apps. So instead of Django settings new model will be created in the embargo app for Global country restrictions because the current implementation of the embargo app is tightly coupled with courses and It would make sense to introduce a new model instead of disturbing the current implementation.

    Admin users will be able to add/remove countries to a newly created table using the Django admin interface.

    Plan for long-term ownership

    The embargo app is currently owned by 2u Infinity team and the Infinity team will provide support and maintenance.

    Considerations for Basic Implementation Requirements:

    By the time of launch, the following requirements are met:

    • Unit tests written

    • Docs updated

    • Acceptance testing is complete.

    Technical implementation plan:

    1. Create a new model in the embargo Django app , and deprecate current implementation.

    2. Create a Django admin interface.

    3. Update Profile and Authn MFEs to use registration API to filter out disabled countries.

    4. Create user documentation for how to use this feature.

     

    Related content

    [Proposal] Graded Discussions (MVP)
    [Proposal] Graded Discussions (MVP)
    Open edX Product Management
    Read with this
    [Proposal] Block registration from particular countries
    [Proposal] Block registration from particular countries
    Open edX Community
    More like this
    How to submit an open source contribution for Product Review
    How to submit an open source contribution for Product Review
    Open edX Community
    Read with this
    Project - Learning Site Selection (FC-25a)
    Project - Learning Site Selection (FC-25a)
    Open edX Product Management
    More like this
    Proposed
    Proposed
    Open edX Product Management
    Read with this
    User Management
    User Management
    Architecture and Engineering
    More like this