openfun / fonzie Goto Github PK
View Code? Open in Web Editor NEWAPI add-ons for Open edX as run by FUN MOOC
Home Page: https://fonzie.readthedocs.io
License: GNU Affero General Public License v3.0
API add-ons for Open edX as run by FUN MOOC
Home Page: https://fonzie.readthedocs.io
License: GNU Affero General Public License v3.0
We need to add documentation on how to install & configure Fonzie in a fun-platform's docker stack.
Once a we will have a running POC, we need to describe our procedure.
We need to document the way our contributors can start playing with Fonzie on their machine.
This section of the documentation can be written as a contributor/developer guide.
It may be related to #4.
We should use same code quality standards on every projects.
Use Richie's one on this project and fix new quality warnings
#15 added a new endpoint and it needs Dredd tests.
Being subject to multiple access control verifications this endpoint tests need specific fixtures to work (see unit tests).
When solving issue openfun/openedx-docker#106 (Controlling access to instructor dashboard CSV export files) we had to determine if user requesting the file was belonging to course staff.
Solution implemented by #15 may not safely scale if user belongs to a large amount of courses because we request ORM for an unknown number of lines and then calculate each course key sha1
list_report_downloads
) to append course_key to filenamesReportStore
classNone of these solutions were considered satisfying.
When instructor dashboard is used to generate CSV file for course problem responses, it create a file named with course and problem keys of the form:
INSTN_0000_session01_student_state_from_block-v1_instance+coursenumber+sessionnimber+type@poll+block@dc26dcd145d04ed18e13084e91e3748c_2019-10-07-1528.csv
this url pattern cant match it resulting in 404 error
when instructor attempt to download it
https://github.com/openfun/fonzie/blob/master/fonzie/urls/acl.py#L15
Problematic behavior
When a new user who doesn't validate his email want to log in, he is redirect to the source page. He cannot reach the login page.
The API endpoint /api/v1.0/user/me
return the code 403
.
Expected behavior/code
Have the login page with a message who request to validate the email.
Steps to Reproduce
Our development environment relies on Docker
and docker-compose
, leading to permission issues on HOST while working on the project. To solve these kind of issues and ease developer on-boarding on the project, we wrote a bunch of shell scripts (bash) to build, run and test Fonzie.
Even if those scripts are relevant to improve the developer experience, they raise two kind of problems we need to address:
We need to exhaustively document those scripts to explain what they are doing (by comparing them with docker(-compose) raw commands) and how they can ease the developer life.
It is commonly assumed to be a good practice to avoid using the root
user or any other privileged user to run an application in Docker containers. Moreover, when working on a dockerized project like Fonzie, we need to mount host volumes containing at least the sources of our application and temporary assets. In this condition, building the container (using a privileged user) can create files with high level permissions on the host system.
To prevent this last situation, we have wrapped docker build
and run
commands to use the local user/group ID in our containers. The counterpart of this is that our containers are system-specific and won't work anywhere else. For now, there is no big deal with this as long as our container will not get distributed or used anywhere else than on each developer's machine.
But this can appear as a complex implementation as things can get simpler following OpenShift guidelines.
In our Dockerfile
, give the container's user permission to write in the /etc/passwd
file, create a user (that will run our container) with a random user ID, and define an entrypoint that will create a new user mapping the host user with the container user:
RUN chmod g=u /etc/passwd
ENTRYPOINT [ "uid_entrypoint" ]
USER 1001
The entrypoint creating this user looks like:
if ! whoami &> /dev/null; then
if [ -w /etc/passwd ]; then
echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >> /etc/passwd
fi
fi
Neat. Classy. π
Writing documentation using Restructured Text format feels really painful nowadays. Now that PyPI natively supports rendering project descriptions formatted with markdown [1] and read the docs also supports markdown formatted documentation (using MkDocs), I think it's time to switch to markdown FTW!
[1] https://dustingram.com/articles/2018/03/16/markdown-descriptions-on-pypi
*.rst
documentation files to *.md
mkdocs
dependency and configure itMakefile
)We extensively use CircleCI these days. To avoid having to handle multiple CI platforms and scripts, let's switch to CircleCI for Fonzie too π
.travis.yml
bin/ci
steps to something more generic (at least not travis-driven).circleci/config.yml
We need to setup a POC for Fonzie packaging and publishing to PyPI.
setup.py
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.