openedx.core.djangoapps.profile_images package

openedx.core.djangoapps.profile_images package#

Submodules#

openedx.core.djangoapps.profile_images.exceptions module#

Exceptions related to the handling of profile images.

exception openedx.core.djangoapps.profile_images.exceptions.ImageValidationError#

Bases: Exception

Exception to use when the system rejects a user-supplied source image.

property user_message#

Translate the developer-facing exception message for API clients.

openedx.core.djangoapps.profile_images.images module#

Image file manipulation functions related to profile images.

class openedx.core.djangoapps.profile_images.images.ImageType(extensions, mimetypes, magic)#

Bases: tuple

extensions#

Alias for field number 0

magic#

Alias for field number 2

mimetypes#

Alias for field number 1

openedx.core.djangoapps.profile_images.images.create_profile_images(image_file, profile_image_names)#

Generates a set of image files based on image_file and stores them according to the sizes and filenames specified in profile_image_names.

Parameters:

  • image_file (file) – The uploaded image file to be cropped and scaled to use as a profile image. The image is cropped to the largest possible square, and centered on this image.

  • profile_image_names (dict) – A dictionary that maps image sizes to file names. The image size is an integer representing one side of the equilateral image to be created.

Returns:

None

openedx.core.djangoapps.profile_images.images.remove_profile_images(profile_image_names)#

Physically remove the image files specified in profile_image_names

openedx.core.djangoapps.profile_images.images.validate_uploaded_image(uploaded_file)#

Raises ImageValidationError if the server should refuse to use this uploaded file as the source image for a user’s profile image. Otherwise, returns nothing.

openedx.core.djangoapps.profile_images.urls module#

Defines the URL routes for this app.

NOTE: These views are deprecated. These routes are superseded by /api/user/v1/accounts/{username}/image, found in openedx.core.djangoapps.user_api.urls.

openedx.core.djangoapps.profile_images.views module#

This module implements the upload and remove endpoints of the profile image api.

class openedx.core.djangoapps.profile_images.views.ProfileImageRemoveView(**kwargs)#

Bases: APIView

DEPRECATION WARNING

/api/profile_images/v1/{username}/remove is deprecated. This endpoint’s POST is replaced by the DELETE method at /api/user/v1/accounts/{username}/image.

authentication_classes = (<class 'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication'>, <class 'openedx.core.lib.api.authentication.BearerAuthenticationAllowInactiveUser'>, <class 'edx_rest_framework_extensions.auth.session.authentication.SessionAuthenticationAllowInactiveUser'>)#
permission_classes = (<class 'rest_framework.permissions.IsAuthenticated'>, <class 'edx_rest_framework_extensions.permissions.IsUserInUrl'>)#
post(request, username)#

POST /api/profile_images/v1/{username}/remove

class openedx.core.djangoapps.profile_images.views.ProfileImageUploadView(**kwargs)#

Bases: APIView

DEPRECATION WARNING

/api/profile_images/v1/{username}/upload is deprecated. All requests should now be sent to /api/user/v1/accounts/{username}/image

authentication_classes = (<class 'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication'>, <class 'openedx.core.lib.api.authentication.BearerAuthenticationAllowInactiveUser'>, <class 'edx_rest_framework_extensions.auth.session.authentication.SessionAuthenticationAllowInactiveUser'>)#
parser_classes = (<class 'rest_framework.parsers.MultiPartParser'>, <class 'rest_framework.parsers.FormParser'>, <class 'openedx.core.lib.api.parsers.TypedFileUploadParser'>)#
permission_classes = (<class 'rest_framework.permissions.IsAuthenticated'>, <class 'edx_rest_framework_extensions.permissions.IsUserInUrl'>)#
post(request, username)#

POST /api/profile_images/v1/{username}/upload

class openedx.core.djangoapps.profile_images.views.ProfileImageView(**kwargs)#

Bases: DeveloperErrorViewMixin, APIView

Use Cases

Add or remove profile images associated with user accounts.

The requesting user must be signed in. Users can only add profile images to their own account. Users with staff access can remove profile images for other user accounts. All other users can remove only their own profile images.

Example Requests

POST /api/user/v1/accounts/{username}/image

DELETE /api/user/v1/accounts/{username}/image

Example POST Responses

When the requesting user attempts to upload an image for their own account, the request returns one of the following responses:

  • If the upload could not be performed, the request returns an HTTP 400 “Bad Request” response with information about why the request failed.

  • If the upload is successful, the request returns an HTTP 204 “No Content” response with no additional content.

If the requesting user tries to upload an image for a different user, the request returns one of the following responses:

  • If no user matches the “username” parameter, the request returns an HTTP 404 “Not Found” response.

  • If the user whose profile image is being uploaded exists, but the requesting user does not have staff access, the request returns an HTTP 404 “Not Found” response.

  • If the specified user exists, and the requesting user has staff access, the request returns an HTTP 403 “Forbidden” response.

Example DELETE Responses

When the requesting user attempts to remove the profile image for their own account, the request returns one of the following responses:

  • If the image could not be removed, the request returns an HTTP 400 “Bad Request” response with information about why the request failed.

  • If the request successfully removes the image, the request returns an HTTP 204 “No Content” response with no additional content.

When the requesting user tries to remove the profile image for a different user, the view will return one of the following responses:

  • If the requesting user has staff access, and the “username” parameter matches a user, the profile image for the specified user is deleted, and the request returns an HTTP 204 “No Content” response with no additional content.

  • If the requesting user has staff access, but no user is matched by the “username” parameter, the request returns an HTTP 404 “Not Found” response.

  • If the requesting user does not have staff access, the request returns an HTTP 404 “Not Found” response, regardless of whether the user exists or not.

authentication_classes = (<class 'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication'>, <class 'openedx.core.lib.api.authentication.BearerAuthenticationAllowInactiveUser'>, <class 'edx_rest_framework_extensions.auth.session.authentication.SessionAuthenticationAllowInactiveUser'>)#
delete(request, username)#

DELETE /api/user/v1/accounts/{username}/image

parser_classes = (<class 'rest_framework.parsers.MultiPartParser'>, <class 'rest_framework.parsers.FormParser'>, <class 'openedx.core.lib.api.parsers.TypedFileUploadParser'>)#
permission_classes = (<class 'rest_framework.permissions.IsAuthenticated'>, <class 'edx_rest_framework_extensions.permissions.IsUserInUrl'>)#
post(request, username)#

POST /api/user/v1/accounts/{username}/image

upload_media_types = {'image/gif', 'image/jpeg', 'image/pjpeg', 'image/png'}#

Module contents#