I originally added the learner_downloadable flag to ComponentVersionContent with the thought that it would reduce the odds of sensitive assets being made publicly downloadable. But in practice, it's just been a source of unnecessary complexity, and we're more or less ignoring it in libraries code that calls into openedx-learning. Instead, we're using the convention that any path starting with static/ is meant to be downloadable–a convention that Learning Core can stay completely ignorant of.
This would involve removing the model field and all calls to it. However, public API functions could continue to accept the field, and log a warning message–that might make it easier to support minor fixes to Sumac over the next few weeks without branching.
I originally added the
learner_downloadableflag toComponentVersionContentwith the thought that it would reduce the odds of sensitive assets being made publicly downloadable. But in practice, it's just been a source of unnecessary complexity, and we're more or less ignoring it in libraries code that calls into openedx-learning. Instead, we're using the convention that any path starting withstatic/is meant to be downloadable–a convention that Learning Core can stay completely ignorant of.This would involve removing the model field and all calls to it. However, public API functions could continue to accept the field, and log a warning message–that might make it easier to support minor fixes to Sumac over the next few weeks without branching.