openedx.core.djangoapps.xblock.rest_api package

openedx.core.djangoapps.xblock.rest_api package#

Submodules#

openedx.core.djangoapps.xblock.rest_api.serializers module#

Serializers for the xblock REST API

class openedx.core.djangoapps.xblock.rest_api.serializers.XBlockOlxSerializer(*args, **kwargs)#

Bases: Serializer

Serializer for representing an XBlock’s OLX

openedx.core.djangoapps.xblock.rest_api.url_converters module#

URL pattern converters https://docs.djangoproject.com/en/5.1/topics/http/urls/#registering-custom-path-converters

class openedx.core.djangoapps.xblock.rest_api.url_converters.UsageKeyV2Converter#

Bases: object

Converter that matches V2 usage keys like:

lb:Org:LIB:drag-and-drop-v2:91c2b1d5

regex = '[\\w-]+(:[\\w\\-.]+)+'#
to_python(value: str) UsageKeyV2#
to_url(value: UsageKeyV2) str#
class openedx.core.djangoapps.xblock.rest_api.url_converters.VersionConverter#

Bases: object

Converter that matches a version string like “draft”, “published”, or a number, and converts it to either an ‘int’ or a LatestVersion enum value.

regex = '(draft|published|\\d+)'#
to_python(value: str | None) LatestVersion | int#

Convert from string to LatestVersion or integer version spec

to_url(value: LatestVersion | int | None) str#

Convert from LatestVersion or integer version spec to URL path string.

Note that if you provide any value at all, django won’t be able to match the paths that don’t have a version in the URL, so if you want LatestVersion.AUTO, don’t pass any value for ‘version’ to reverse(…).

openedx.core.djangoapps.xblock.rest_api.urls module#

URL configuration for the new XBlock API

openedx.core.djangoapps.xblock.rest_api.views module#

Views that implement a RESTful API for interacting with XBlocks.

class openedx.core.djangoapps.xblock.rest_api.views.BlockFieldsView(**kwargs)#

Bases: APIView

View to get/edit the field values of an XBlock as JSON (in the v2 runtime)

This class mimics the functionality of xblock_handler in block.py (for v1 xblocks), but for v2 xblocks. However, it only implements the exact subset of functionality needed to support the v2 editors (in the Course Authoring MFE). As such, it only supports GET and POST, and only the POSTing of data/metadata fields.

authentication_classes = (<class 'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication'>, <class 'openedx.core.lib.api.authentication.BearerAuthenticationAllowInactiveUser'>, <class 'edx_rest_framework_extensions.auth.session.authentication.SessionAuthenticationAllowInactiveUser'>)#
get(request, usage_key: UsageKeyV2, version: LatestVersion | int = LatestVersion.AUTO)#

retrieves the xblock, returning display_name, data, and metadata

get_explicitly_set_fields_by_scope(block, scope=(UserScope.NONE, BlockScope.DEFINITION, 'content'))#

Get a dictionary of the fields for the given scope which are set explicitly on the given xblock.

(Including any set to None.)

permission_classes = (<class 'rest_framework.permissions.IsAuthenticated'>,)#
post(request, usage_key, version: LatestVersion | int = LatestVersion.AUTO)#

edits the xblock, saving changes to data and metadata only (display_name included in metadata)

openedx.core.djangoapps.xblock.rest_api.views.block_metadata(request, *args, **kwargs)#

Get metadata about the specified block.

Accepts the following query parameters:

  • “include”: a comma-separated list of keys to include. Valid keys are “index_dictionary” and “student_view_data”.

openedx.core.djangoapps.xblock.rest_api.views.cors_allow_xblock_handler(sender, request, **kwargs)#

Sandboxed XBlocks need to be able to call XBlock handlers via POST, from a different domain. See ‘xblock_handler’ method for details and how security is enforced. Per the corsheaders docs, a signal is the only way to achieve this for just a specific view/URL.

openedx.core.djangoapps.xblock.rest_api.views.embed_block_view(request, *args, **kwargs)#

Render the given XBlock in an <iframe>

Unstable - may change after Sumac

openedx.core.djangoapps.xblock.rest_api.views.get_block_olx_view(request, *args, **kwargs)#

Get the OLX (XML serialization) of the specified XBlock

openedx.core.djangoapps.xblock.rest_api.views.get_handler_url(request, *args, **kwargs)#

Get an absolute URL which can be used (without any authentication) to call the given XBlock handler.

The URL will expire but is guaranteed to be valid for a minimum of 2 days.

openedx.core.djangoapps.xblock.rest_api.views.render_block_view(request, *args, **kwargs)#

Get the HTML, JS, and CSS needed to render the given XBlock.

openedx.core.djangoapps.xblock.rest_api.views.xblock_handler(request, user_id, secure_token: str, usage_key: UsageKeyV2, handler_name: str, suffix: str | None = None, version: LatestVersion | int = LatestVersion.AUTO)#

Run an XBlock’s handler and return the result

This endpoint has a unique authentication scheme that involves a temporary auth token included in the URL (see below). As a result it can be exempt from CSRF, session auth, and JWT/OAuth.

Module contents#