search

appsembler / figures

Reporting and data retrieval app for Open edX
MIT License
44 stars 37 forks source link

Figures' /courses/... URL route matches request_utils' COURSE_REGEX, causing remainder to be interpreted as a course id #361

Open bryanlandia opened 3 years ago

bryanlandia commented 3 years ago

I am seeing 500 errors calling /courses/general/course-v1:... for the courses-general API

The API call isn't even getting processed by the DRF view, as it errors out in middlewares which interpret /general/course-v1:... as a course id.

For example, this traceback:

2021-06-03 17:13:22,487 WARNING 7580 [track.contexts] contexts.py:20 - unable to parse course_id "general/course-v1:HISP+D2EVENTS100+Q2_2020"
Traceback (most recent call last):
  File "/edx/app/edxapp/edx-platform/common/djangoapps/track/contexts.py", line 20, in course_context_from_url
    url = url or ''
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/opaque_keys/__init__.py", line 197, in from_string
    return cls.deprecated_fallback._from_deprecated_string(serialized)
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/opaque_keys/edx/locator.py", line 379, in _from_deprecated_string
    raise InvalidKeyError(cls, serialized)
InvalidKeyError: <class 'opaque_keys.edx.locator.CourseLocator'>: general/course-v1:HISP+D2EVENTS100+Q2_2020
2021-06-03 17:13:22,777 ERROR 7580 [root] signals.py:17 - Uncaught exception from None
Traceback (most recent call last):
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/django/core/handlers/exception.py", line 41, in inner
    response = get_response(request)
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 244, in _legacy_get_response
    response = middleware_method(request)
  File "/edx/app/edxapp/venvs/edxapp/src/organizations/organizations/middleware.py", line 32, in process_request
    org = CourseKey.from_string(course_id).org
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/opaque_keys/__init__.py", line 197, in from_string
    return cls.deprecated_fallback._from_deprecated_string(serialized)
  File "/edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/opaque_keys/edx/locator.py", line 379, in _from_deprecated_string
    raise InvalidKeyError(cls, serialized)
InvalidKeyError: <class 'opaque_keys.edx.locator.CourseLocator'>: general/course-v1:HISP+D2EVENTS100+Q2_2020

Track middleware uses COURSE_REGEX defined in util.request (Hawthorn) or request_utils (Juniper+) to check for a match, yielding:

>>> COURSE_REGEX.match('https://xxx.customer.appsembler.com/figures/api/courses/general/course-v1:HISP+D2EVENTS100+Q2_2020/').groups()[1]
'general/course-v1:HISP+D2EVENTS100+Q2_2020'

Unfortunately, because of this, the 'figures/api/courses/general/' URL path in Figures is not safe. It should probably be changed to something like figures/api/courses-general/

The result on my test site is that the info taken from CourseOverview like the course name and start date don't appear in the Single Course view.

image
bryanlandia commented 3 years ago

@johnbaldwin I'm going to look into some workarounds for now, too, but most likely the API route should be changed.