Merge branch 'openedx:master' into kdmccormick/upload-delete-transcript

kdmccormick · web-flow · commit 696e7df0857d · 2025-11-20T11:41:11.000-05:00
diff --git a/.github/workflows/ci-static-analysis.yml b/.github/workflows/ci-static-analysis.yml
@@ -25,7 +25,7 @@ jobs:
         run: sudo apt update && sudo apt install -y libxmlsec1-dev
 
       - name: Install pip
-        run: python -m pip install -r requirements/pip.txt
+        run: make pre-requirements
 
       - name: Get pip cache dir
         id: pip-cache-dir
diff --git a/.github/workflows/lint-imports.yml b/.github/workflows/lint-imports.yml
@@ -25,7 +25,7 @@ jobs:
         run: sudo apt update && sudo apt install -y libxmlsec1-dev
 
       - name: Install pip
-        run: python -m pip install -r requirements/pip.txt
+        run: make pre-requirements
 
       - name: Get pip cache dir
         id: pip-cache-dir
@@ -40,7 +40,7 @@ jobs:
           restore-keys: ${{ runner.os }}-pip-
 
       - name: Install python dependencies
-        run: pip install -r requirements/edx/development.txt
+        run: make dev-requirements
 
       # As long there are sub-projects[1] in edx-platform, we analyze each
       # project separately here, in order to make import-linting errors easier
diff --git a/Makefile b/Makefile
@@ -66,7 +66,6 @@ detect_changed_source_translations: ## check if translation files are up-to-date
 	i18n_tool changed
 
 pre-requirements: ## install Python requirements for running pip-tools
-	pip install -r requirements/pip.txt
 	pip install -r requirements/pip-tools.txt
 
 local-requirements:
@@ -122,12 +121,10 @@ compile-requirements: pre-requirements $(COMMON_CONSTRAINTS_TXT) ## Re-compile *
 	@# time someone tries to use the outputs.
 	sed 's/Django<5.0//g' requirements/common_constraints.txt > requirements/common_constraints.tmp
 	mv requirements/common_constraints.tmp requirements/common_constraints.txt
-	sed 's/pip<24.3//g' requirements/common_constraints.txt > requirements/common_constraints.tmp
+	sed 's/pip<25.3//g' requirements/common_constraints.txt > requirements/common_constraints.tmp
 	mv requirements/common_constraints.tmp requirements/common_constraints.txt
-	pip-compile -v --allow-unsafe ${COMPILE_OPTS} -o requirements/pip.txt requirements/pip.in
-	pip install -r requirements/pip.txt
 
-	pip-compile -v ${COMPILE_OPTS} -o requirements/pip-tools.txt requirements/pip-tools.in
+	pip-compile -v --allow-unsafe ${COMPILE_OPTS} -o requirements/pip-tools.txt requirements/pip-tools.in
 	pip install -r requirements/pip-tools.txt
 
 	@ export REBUILD='--rebuild'; \
diff --git a/cms/djangoapps/contentstore/tasks.py b/cms/djangoapps/contentstore/tasks.py
@@ -945,17 +945,6 @@ def _get_users_by_access_level(v1_library_key):
             v2contentlib_api.set_library_user_permissions(v2_library_key, user, access_level)
 
 
-def _create_copy_content_task(v2_library_key, v1_library_key):
-    """
-    spin up a celery task to import the V1 Library's content into the V2 library.
-    This utilizes the fact that course and v1 library content is stored almost identically.
-    """
-    return v2contentlib_api.import_blocks_create_task(
-        v2_library_key, v1_library_key,
-        use_course_key_as_block_id_suffix=False
-    )
-
-
 @shared_task(time_limit=30)
 @set_code_owner_attribute
 def delete_v1_library(v1_library_key_string):
diff --git a/lms/djangoapps/courseware/access_utils.py b/lms/djangoapps/courseware/access_utils.py
@@ -23,7 +23,11 @@
     StartDateError,
 )
 from lms.djangoapps.courseware.masquerade import get_course_masquerade, is_masquerading_as_student
-from openedx.features.course_experience import COURSE_ENABLE_UNENROLLED_ACCESS_FLAG, COURSE_PRE_START_ACCESS_FLAG
+from openedx.features.course_experience import (
+    COURSE_ENABLE_UNENROLLED_ACCESS_FLAG,
+    COURSE_PRE_START_ACCESS_FLAG,
+    ENFORCE_MASQUERADE_START_DATES,
+)
 from xmodule.course_block import COURSE_VISIBILITY_PUBLIC  # lint-amnesty, pylint: disable=wrong-import-order
 
 DEBUG_ACCESS = False
@@ -137,7 +141,10 @@ def check_start_date(user, days_early_for_beta, start, course_key, display_error
     if start_dates_disabled and not masquerading_as_student:
         return ACCESS_GRANTED
     else:
-        if start is None or get_course_masquerade(user, course_key):
+        if start is None:
+            return ACCESS_GRANTED
+
+        if not ENFORCE_MASQUERADE_START_DATES.is_enabled(course_key) and get_course_masquerade(user, course_key):
             return ACCESS_GRANTED
 
         if now is None:
diff --git a/lms/djangoapps/courseware/tests/test_access.py b/lms/djangoapps/courseware/tests/test_access.py
@@ -17,6 +17,7 @@
 from django.test.client import RequestFactory
 from django.test.utils import override_settings
 from django.urls import reverse
+from edx_toggles.toggles.testutils import override_waffle_flag
 from milestones.tests.utils import MilestonesTestCaseMixin
 from opaque_keys.edx.locator import CourseLocator
 
@@ -30,6 +31,7 @@
 from openedx.core.djangoapps.content.course_overviews.tests.factories import CourseOverviewFactory
 from openedx.core.djangoapps.waffle_utils.testutils import WAFFLE_TABLES
 from openedx.features.content_type_gating.models import ContentTypeGatingConfig
+from openedx.features.course_experience import ENFORCE_MASQUERADE_START_DATES
 from common.djangoapps.student.models import CourseEnrollment
 from common.djangoapps.student.roles import CourseCcxCoachRole, CourseStaffRole
 from common.djangoapps.student.tests.factories import (
@@ -465,6 +467,50 @@ def test__has_access_to_block_with_start_date(self, start, expected_error_type):
 
         self.verify_access(mock_unit, expected_access, expected_error_type)
 
+    @ddt.data(
+        # Flag inactive (default)
+        (False, True, None),  # Masquerading, no start date
+        (False, True, YESTERDAY),  # Masquerading, past start date
+        (False, False, TOMORROW),  # Not masquerading, future start date
+        (False, True, TOMORROW),  # Masquerading, future start date
+        # Flag active
+        (True, True, None),  # Masquerading, no start date
+        (True, True, YESTERDAY),  # Masquerading, past start date
+        (True, False, TOMORROW),  # Not masquerading, future start date
+        (True, True, TOMORROW, False),  # Masquerading, future start date - no access
+    )
+    @ddt.unpack
+    @patch.dict("django.conf.settings.FEATURES", {"DISABLE_START_DATES": False})
+    def test_enforce_masquerade_start_dates_flag(self, flag_active, is_masquerading, start, expected_access=True):
+        """
+        Test that the ENFORCE_MASQUERADE_START_DATES flag controls whether masquerading bypasses start date
+        restrictions.
+
+        When the flag is disabled (default), masquerading users bypass start dates.
+        When the flag is enabled, masquerading users see the same start date restrictions as regular students.
+        """
+        mock_unit = Mock(
+            location=self.course.location,
+            user_partitions=[],
+            _class_tags={},
+            start=self.DATES[start],
+            visible_to_staff_only=False,
+            merged_group_access={},
+        )
+
+        if is_masquerading:
+            self.course_staff.masquerade_settings = {self.course.id: CourseMasquerade(self.course.id, role="student")}
+
+        with override_waffle_flag(ENFORCE_MASQUERADE_START_DATES, active=flag_active):
+            response = access._has_access_to_block(self.course_staff, "load", mock_unit, course_key=self.course.id)
+
+            if expected_access:
+                assert response == access.ACCESS_GRANTED
+            else:
+                assert isinstance(response, access_response.StartDateError)
+                assert response.to_json()["error_code"] is not None
+                assert str(self.DATES[start]) in response.developer_message
+
     def test__has_access_course_can_enroll(self):
         yesterday = datetime.datetime.now(pytz.utc) - datetime.timedelta(days=1)
         tomorrow = datetime.datetime.now(pytz.utc) + datetime.timedelta(days=1)
diff --git a/lms/static/sass/course/instructor/_instructor_2.scss b/lms/static/sass/course/instructor/_instructor_2.scss
@@ -708,16 +708,14 @@
     .hint {
       @extend %t-copy-sub2;
 
-      display: block;
+      display: none;
       position: absolute;
       top: ($baseline/2);
-
-      @include left(-9999em);
-
       padding: ($baseline/2);
       width: 50%;
       background-color: $light-gray3;
       box-shadow: 2px 2px 3px $shadow;
+      z-index: 1;
 
       .hint-caret {
         display: block;
@@ -736,11 +734,10 @@
     /* ***
      * Ideally we want to handle functionality with JS.
      * This functionality should eventually be moved into CS/JS, and out of here. */
-    .has-hint:hover > .hint {
-      @include left($baseline*10);
-    }
-
+    .has-hint:hover > .hint,
     .has-hint input:focus ~ .hint {
+      display: block;
+
       @include left($baseline*10);
     }
 
diff --git a/openedx/features/course_experience/__init__.py b/openedx/features/course_experience/__init__.py
@@ -83,6 +83,23 @@
 # .. toggle_tickets: https://openedx.atlassian.net/browse/AA-36
 CALENDAR_SYNC_FLAG = CourseWaffleFlag(f'{WAFFLE_FLAG_NAMESPACE}.calendar_sync', __name__)  # lint-amnesty, pylint: disable=toggle-missing-annotation
 
+# .. toggle_name: course_experience.enforce_masquerade_start_dates
+# .. toggle_implementation: CourseWaffleFlag
+# .. toggle_default: False
+# .. toggle_description: When enabled, staff masquerading as students will see the same start date
+#   restrictions as actual students. This provides a more accurate preview experience by enforcing
+#   section and subsection start dates even when viewing the course as a masqueraded user.
+#   When disabled (default), masquerading continues to bypass start date restrictions as before.
+# .. toggle_use_cases: opt_in
+# .. toggle_creation_date: 2025-10-08
+# .. toggle_warning: Enabling this flag means staff members masquerading as students will not be able to access course
+#   content before its start date, which may impact course testing workflows.
+#   Also, when you masquerade as a student in a course that starts in the future, you will lock yourself out of the
+#   course in the current Django session. To revert this, you need to log out and log back in.
+ENFORCE_MASQUERADE_START_DATES = CourseWaffleFlag(
+    f'{WAFFLE_FLAG_NAMESPACE}.enforce_masquerade_start_dates', __name__
+)
+
 
 def course_home_page_title(_course):
     """
diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt
@@ -28,4 +28,4 @@ elasticsearch<7.14.0
 # See issue https://github.com/openedx/public-engineering/issues/440 for details regarding the ongoing fix.
 # The constraint can be removed once a release (pip-tools > 7.5.1) is available with support for pip 25.3
 # Issue to track this dependency and unpin later on: https://github.com/openedx/edx-lint/issues/503
-pip<25.3
+
diff --git a/requirements/pip-tools.txt b/requirements/pip-tools.txt
@@ -20,5 +20,7 @@ wheel==0.45.1
     # via pip-tools
 
 # The following packages are considered to be unsafe in a requirements file:
-# pip
-# setuptools
+pip==25.3
+    # via pip-tools
+setuptools==80.9.0
+    # via pip-tools
diff --git a/requirements/pip.in b/requirements/pip.in
diff --git a/requirements/pip.txt b/requirements/pip.txt
