Merge branch 'master' into chris/FAL-3921-remove-unpublished-collections

cms/djangoapps/contentstore/tests/test_utils.py

@@ -974,3 +974,18 @@ def test_if_content_is_plain_text(self):
         assert Notification.objects.all().count() == 1
         notification = Notification.objects.first()
         assert notification.content == "<p><strong>content Sub content heading</strong></p>"
+
+    def test_if_html_unescapes(self):
+        """
+        Tests if html unescapes when creating content of course update notification
+        """
+        user = UserFactory()
+        CourseEnrollment.enroll(user=user, course_key=self.course.id)
+        assert Notification.objects.all().count() == 0
+        content = "<p>&lt;p&gt; &amp;nbsp;&lt;/p&gt;<br />"\
+                  "&lt;p&gt;abcd&lt;/p&gt;<br />"\
+                  "&lt;p&gt;&amp;nbsp;&lt;/p&gt;<br /></p>"
+        send_course_update_notification(self.course.id, content, self.user)
+        assert Notification.objects.all().count() == 1
+        notification = Notification.objects.first()
+        assert notification.content == "<p><strong>abcd</strong></p>"

cms/djangoapps/contentstore/utils.py

@@ -3,6 +3,7 @@
 """
 from __future__ import annotations
 import configparser
+import html
 import logging
 import re
 from collections import defaultdict
@@ -2258,6 +2259,7 @@ def clean_html_body(html_body):
     """
     Get html body, remove tags and limit to 500 characters
     """
+    html_body = html.unescape(html_body).strip()
     html_body = BeautifulSoup(Truncator(html_body).chars(500, html=True), 'html.parser')
     text_content = html_body.get_text(separator=" ").strip()
     text_content = text_content.replace('\n', '').replace('\r', '')

cms/djangoapps/contentstore/views/tests/test_clipboard_paste.py

@@ -408,7 +408,6 @@ def setUp(self):
         self.store = modulestore()
 
         self.library = library_api.create_library(
-            library_type=library_api.COMPLEX,
             org=Organization.objects.create(name="Test Org", short_name="CL-TEST"),
             slug="lib",
             title="Library",

cms/djangoapps/contentstore/xblock_storage_handlers/view_handlers.py

@@ -558,6 +558,7 @@ def _create_block(request):
             "locator": str(created_xblock.location),
             "courseKey": str(created_xblock.location.course_key),
             "static_file_notices": asdict(notices),
+            "upstreamRef": str(created_xblock.upstream),
         })
 
     category = request.json["category"]

docs/docs_settings.py

@@ -4,7 +4,7 @@
 import all the Studio code.
 """
 
-
+from textwrap import dedent
 import os
 
 from openedx.core.lib.derived import derive_settings
@@ -27,18 +27,71 @@
         FEATURES[key] = True
 
 # Settings that will fail if we enable them, and we don't need them for docs anyway.
-FEATURES['RUN_AS_ANALYTICS_SERVER_ENABLED'] = False
-FEATURES['ENABLE_SOFTWARE_SECURE_FAKE'] = False
-FEATURES['ENABLE_MKTG_SITE'] = False
+FEATURES["RUN_AS_ANALYTICS_SERVER_ENABLED"] = False
+FEATURES["ENABLE_SOFTWARE_SECURE_FAKE"] = False
+FEATURES["ENABLE_MKTG_SITE"] = False
+
+INSTALLED_APPS.extend(
+    [
+        "cms.djangoapps.contentstore.apps.ContentstoreConfig",
+        "cms.djangoapps.course_creators",
+        "cms.djangoapps.xblock_config.apps.XBlockConfig",
+        "lms.djangoapps.lti_provider",
+    ]
+)
+
+# Swagger generation details
+openapi_security_info_basic = (
+    "Obtain with a `POST` request to `/user/v1/account/login_session/`.  "
+    "If needed, copy the cookies from the response to your new call."
+)
+openapi_security_info_jwt = dedent(
+    """
+    Obtain by making a `POST` request to `/oauth2/v1/access_token`.
+
+    You will need to be logged in and have a client ID and secret already created.
 
-INSTALLED_APPS.extend([
-    'cms.djangoapps.contentstore.apps.ContentstoreConfig',
-    'cms.djangoapps.course_creators',
-    'cms.djangoapps.xblock_config.apps.XBlockConfig',
-    'lms.djangoapps.lti_provider',
-])
+    Your request should have the headers
+
+    ```
+    'Content-Type': 'application/x-www-form-urlencoded'
+    ```
+
+    Your request should have the data payload
+
+    ```
+    'grant_type': 'client_credentials'
+    'client_id': [your client ID]
+    'client_secret':  [your client secret]
+    'token_type': 'jwt'
+    ```
+
+    Your JWT will be returned in the response as `access_token`. Prefix with `JWT ` in your header.
+    """
+)
+openapi_security_info_csrf = (
+    "Obtain by making a `GET` request to `/csrf/api/v1/token`. The token will be in the response cookie `csrftoken`."
+)
+SWAGGER_SETTINGS["SECURITY_DEFINITIONS"] = {
+    "Basic": {
+        "type": "basic",
+        "description": openapi_security_info_basic,
+    },
+    "jwt": {
+        "type": "apiKey",
+        "name": "Authorization",
+        "in": "header",
+        "description": openapi_security_info_jwt,
+    },
+    "csrf": {
+        "type": "apiKey",
+        "name": "X-CSRFToken",
+        "in": "header",
+        "description": openapi_security_info_csrf,
+    },
+}
 
 
-COMMON_TEST_DATA_ROOT = ''
+COMMON_TEST_DATA_ROOT = ""
 
 derive_settings(__name__)