openedx.core.djangoapps.xblock.rest_api package#
Submodules#
openedx.core.djangoapps.xblock.rest_api.urls module#
URL configuration for the new XBlock API
openedx.core.djangoapps.xblock.rest_api.views module#
Views that implement a RESTful API for interacting with XBlocks.
- class openedx.core.djangoapps.xblock.rest_api.views.BlockFieldsView(**kwargs)#
Bases:
APIViewView to get/edit the field values of an XBlock as JSON (in the v2 runtime)
This class mimics the functionality of xblock_handler in block.py (for v1 xblocks), but for v2 xblocks. However, it only implements the exact subset of functionality needed to support the v2 editors (from the frontend-lib-content-components project). As such, it only supports GET and POST, and only the POSTing of data/metadata fields.
- authentication_classes = (<class 'edx_rest_framework_extensions.auth.jwt.authentication.JwtAuthentication'>, <class 'openedx.core.lib.api.authentication.BearerAuthenticationAllowInactiveUser'>, <class 'edx_rest_framework_extensions.auth.session.authentication.SessionAuthenticationAllowInactiveUser'>)#
- get(request, usage_key_str)#
retrieves the xblock, returning display_name, data, and metadata
- permission_classes = (<class 'rest_framework.permissions.IsAuthenticated'>,)#
- post(request, usage_key_str)#
edits the xblock, saving changes to data and metadata only (display_name included in metadata)
- openedx.core.djangoapps.xblock.rest_api.views.block_metadata(request, *args, **kwargs)#
Get metadata about the specified block.
Accepts the following query parameters:
“include”: a comma-separated list of keys to include. Valid keys are “index_dictionary” and “student_view_data”.
- openedx.core.djangoapps.xblock.rest_api.views.cors_allow_xblock_handler(sender, request, **kwargs)#
Sandboxed XBlocks need to be able to call XBlock handlers via POST, from a different domain. See ‘xblock_handler’ method for details and how security is enforced. Per the corsheaders docs, a signal is the only way to achieve this for just a specific view/URL.
- openedx.core.djangoapps.xblock.rest_api.views.get_handler_url(request, *args, **kwargs)#
Get an absolute URL which can be used (without any authentication) to call the given XBlock handler.
The URL will expire but is guaranteed to be valid for a minimum of 2 days.
- openedx.core.djangoapps.xblock.rest_api.views.render_block_view(request, *args, **kwargs)#
Get the HTML, JS, and CSS needed to render the given XBlock.
- openedx.core.djangoapps.xblock.rest_api.views.xblock_handler(request, user_id, secure_token, usage_key_str, handler_name, suffix=None)#
Run an XBlock’s handler and return the result
This endpoint has a unique authentication scheme that involves a temporary auth token included in the URL (see below). As a result it can be exempt from CSRF, session auth, and JWT/OAuth.