From d7e6b33bb5d40f0cb66c56a68e929d224f7a8291 Mon Sep 17 00:00:00 2001 From: Bryann Valderrama Date: Wed, 25 Feb 2026 15:53:26 -0500 Subject: [PATCH 1/4] chore: deprecate content library authorization rest apis and models --- .../core/djangoapps/content_libraries/models.py | 14 +++++++++++++- .../content_libraries/rest_api/libraries.py | 16 ++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/openedx/core/djangoapps/content_libraries/models.py b/openedx/core/djangoapps/content_libraries/models.py index 843b95cc2bdb..c4bd7e6f9a1f 100644 --- a/openedx/core/djangoapps/content_libraries/models.py +++ b/openedx/core/djangoapps/content_libraries/models.py @@ -36,8 +36,9 @@ import contextlib import logging -from typing import ClassVar import uuid +import warnings +from typing import ClassVar from django.contrib.auth import get_user_model from django.contrib.auth.models import Group @@ -65,6 +66,15 @@ log = logging.getLogger(__name__) + +warnings.warn( + ( + "ContentLibraryPermission model and related content library authorization " + "APIs are deprecated. See https://github.com/openedx/openedx-platform/issues/37409." + ), + DeprecationWarning +) + User = get_user_model() @@ -187,6 +197,8 @@ class ContentLibraryPermission(models.Model): """ Row recording permissions for a content library + Deprecated https://github.com/openedx/openedx-platform/issues/37409. + .. no_pii: """ library = models.ForeignKey(ContentLibrary, on_delete=models.CASCADE, related_name="permission_grants") diff --git a/openedx/core/djangoapps/content_libraries/rest_api/libraries.py b/openedx/core/djangoapps/content_libraries/rest_api/libraries.py index c407d64930dc..0485c7c8edc7 100644 --- a/openedx/core/djangoapps/content_libraries/rest_api/libraries.py +++ b/openedx/core/djangoapps/content_libraries/rest_api/libraries.py @@ -65,6 +65,7 @@ import itertools import json import logging +import warnings import edx_api_doc_tools as apidocs from django.conf import settings @@ -136,6 +137,15 @@ log = logging.getLogger(__name__) +warnings.warn( + ( + "Content library team authorization REST APIs are deprecated. " + "See https://github.com/openedx/openedx-platform/issues/37409." + ), + DeprecationWarning +) + + class LibraryApiPaginationDocs: """ API docs for query params related to paginating ContentLibraryMetadata objects. @@ -323,6 +333,8 @@ class LibraryTeamView(APIView): Note also the 'allow_public_' settings which can be edited by PATCHing the library itself (LibraryDetailsView.patch). + + Deprecated https://github.com/openedx/openedx-platform/issues/37409 """ @convert_exceptions def post(self, request, lib_key_str): @@ -369,6 +381,8 @@ class LibraryTeamUserView(APIView): """ View to add/remove/edit an individual user's permissions for a content library. + + Deprecated https://github.com/openedx/openedx-platform/issues/37409 """ @convert_exceptions def put(self, request, lib_key_str, username): @@ -422,6 +436,8 @@ def delete(self, request, lib_key_str, username): class LibraryTeamGroupView(APIView): """ View to add/remove/edit a group's permissions for a content library. + + Deprecated https://github.com/openedx/openedx-platform/issues/37409 """ @convert_exceptions def put(self, request, lib_key_str, group_name): From c6f5bcffa92085aa4948eecaec886face923670a Mon Sep 17 00:00:00 2001 From: Bryann Valderrama Date: Wed, 25 Feb 2026 15:53:41 -0500 Subject: [PATCH 2/4] refactor: remove ContentLibraryPermissionInline from admin interface --- openedx/core/djangoapps/content_libraries/admin.py | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/openedx/core/djangoapps/content_libraries/admin.py b/openedx/core/djangoapps/content_libraries/admin.py index f84cac7f62e2..42947250c5e8 100644 --- a/openedx/core/djangoapps/content_libraries/admin.py +++ b/openedx/core/djangoapps/content_libraries/admin.py @@ -2,16 +2,8 @@ Admin site for content libraries """ from django.contrib import admin -from .models import ContentLibrary, ContentLibraryPermission - -class ContentLibraryPermissionInline(admin.TabularInline): - """ - Inline form for a content library's permissions - """ - model = ContentLibraryPermission - raw_id_fields = ("user", "group", ) - extra = 0 +from .models import ContentLibrary @admin.register(ContentLibrary) @@ -29,7 +21,6 @@ class ContentLibraryAdmin(admin.ModelAdmin): "authorized_lti_configs", ) list_display = ("slug", "org",) - inlines = (ContentLibraryPermissionInline, ) def get_readonly_fields(self, request, obj=None): """ From b6a3b23e192d0cde6dcaf99319ada9f3ec8cd69b Mon Sep 17 00:00:00 2001 From: Bryann Valderrama Date: Wed, 25 Feb 2026 16:40:34 -0500 Subject: [PATCH 3/4] chore: deprecate legacy content library permissions and APIs. --- .../content_libraries/api/libraries.py | 25 +++++++++++++++++++ .../content_libraries/api/permissions.py | 5 +++- .../content_libraries/permissions.py | 3 +++ 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/openedx/core/djangoapps/content_libraries/api/libraries.py b/openedx/core/djangoapps/content_libraries/api/libraries.py index 339e2b7685d0..47a60066149e 100644 --- a/openedx/core/djangoapps/content_libraries/api/libraries.py +++ b/openedx/core/djangoapps/content_libraries/api/libraries.py @@ -42,6 +42,7 @@ from __future__ import annotations import logging +import warnings from dataclasses import dataclass from dataclasses import field as dataclass_field from datetime import datetime @@ -494,6 +495,12 @@ def get_library_team(library_key: LibraryLocatorV2) -> list[ContentLibraryPermis """ Get the list of users/groups granted permission to use this library. """ + warnings.warn( + "get_library_team is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + DeprecationWarning, + stacklevel=2, + ) + ref = ContentLibrary.objects.get_by_key(library_key) return [ ContentLibraryPermissionEntry(user=entry.user, group=entry.group, access_level=entry.access_level) @@ -506,6 +513,12 @@ def get_library_user_permissions(library_key: LibraryLocatorV2, user: UserType) Fetch the specified user's access information. Will return None if no permissions have been granted. """ + warnings.warn( + "get_library_user_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + DeprecationWarning, + stacklevel=2, + ) + if isinstance(user, AnonymousUser): return None # Mostly here for the type checker ref = ContentLibrary.objects.get_by_key(library_key) @@ -525,6 +538,12 @@ def set_library_user_permissions(library_key: LibraryLocatorV2, user: UserType, access_level should be one of the AccessLevel values defined above. """ + warnings.warn( + "set_library_user_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + DeprecationWarning, + stacklevel=2, + ) + if isinstance(user, AnonymousUser): raise TypeError("Invalid user type") # Mostly here for the type checker ref = ContentLibrary.objects.get_by_key(library_key) @@ -573,6 +592,12 @@ def set_library_group_permissions(library_key: LibraryLocatorV2, group, access_l access_level should be one of the AccessLevel values defined above. """ + warnings.warn( + "set_library_group_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + DeprecationWarning, + stacklevel=2, + ) + ref = ContentLibrary.objects.get_by_key(library_key) if access_level is None: diff --git a/openedx/core/djangoapps/content_libraries/api/permissions.py b/openedx/core/djangoapps/content_libraries/api/permissions.py index 5b8bd4ba7e1a..b3949985cd5c 100644 --- a/openedx/core/djangoapps/content_libraries/api/permissions.py +++ b/openedx/core/djangoapps/content_libraries/api/permissions.py @@ -1,5 +1,8 @@ """ -Public permissions that are part of the content libraries API +Public permissions that are part of the content libraries API. + +Deprecated. This module re-exports legacy content library permissions. +See https://github.com/openedx/openedx-platform/issues/37409. """ # pylint: disable=unused-import diff --git a/openedx/core/djangoapps/content_libraries/permissions.py b/openedx/core/djangoapps/content_libraries/permissions.py index 41ac240bab20..c031e288aa43 100644 --- a/openedx/core/djangoapps/content_libraries/permissions.py +++ b/openedx/core/djangoapps/content_libraries/permissions.py @@ -1,5 +1,8 @@ """ Permissions for Content Libraries (v2, openedx_content-based) + +Deprecated: The legacy permission rules and constants that rely on ContentLibraryPermission +are deprecated in favor of openedx-authz. See https://github.com/openedx/openedx-platform/issues/37409. """ from bridgekeeper import perms, rules from bridgekeeper.rules import Attribute, ManyRelation, Relation, blanket_rule, in_current_groups, Rule From fee0a1ae5f3bf71c52a94ac23db65cb9787566e5 Mon Sep 17 00:00:00 2001 From: Bryann Valderrama Date: Fri, 27 Feb 2026 16:24:28 -0500 Subject: [PATCH 4/4] chore: update deprecation warnings to include alternative methods and views --- .../content_libraries/api/libraries.py | 16 +++++-- .../content_libraries/rest_api/libraries.py | 42 +++++++++++++++++++ 2 files changed, 54 insertions(+), 4 deletions(-) diff --git a/openedx/core/djangoapps/content_libraries/api/libraries.py b/openedx/core/djangoapps/content_libraries/api/libraries.py index 47a60066149e..fce2ce5ec4f6 100644 --- a/openedx/core/djangoapps/content_libraries/api/libraries.py +++ b/openedx/core/djangoapps/content_libraries/api/libraries.py @@ -496,7 +496,9 @@ def get_library_team(library_key: LibraryLocatorV2) -> list[ContentLibraryPermis Get the list of users/groups granted permission to use this library. """ warnings.warn( - "get_library_team is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + "get_library_team is deprecated. " + "Use get_all_user_role_assignments_in_scope from the openedx-authz API instead. " + "See https://github.com/openedx/openedx-platform/issues/37409.", DeprecationWarning, stacklevel=2, ) @@ -514,7 +516,9 @@ def get_library_user_permissions(library_key: LibraryLocatorV2, user: UserType) permissions have been granted. """ warnings.warn( - "get_library_user_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + "get_library_user_permissions is deprecated. " + "Use get_user_role_assignments_in_scope from the openedx-authz API instead. " + "See https://github.com/openedx/openedx-platform/issues/37409.", DeprecationWarning, stacklevel=2, ) @@ -539,7 +543,9 @@ def set_library_user_permissions(library_key: LibraryLocatorV2, user: UserType, access_level should be one of the AccessLevel values defined above. """ warnings.warn( - "set_library_user_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + "set_library_user_permissions is deprecated. " + "Use assign_library_role_to_user instead. " + "See https://github.com/openedx/openedx-platform/issues/37409.", DeprecationWarning, stacklevel=2, ) @@ -593,7 +599,9 @@ def set_library_group_permissions(library_key: LibraryLocatorV2, group, access_l access_level should be one of the AccessLevel values defined above. """ warnings.warn( - "set_library_group_permissions is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.", + "set_library_group_permissions is deprecated. " + "Use assign_library_role_to_user instead. " + "See https://github.com/openedx/openedx-platform/issues/37409.", DeprecationWarning, stacklevel=2, ) diff --git a/openedx/core/djangoapps/content_libraries/rest_api/libraries.py b/openedx/core/djangoapps/content_libraries/rest_api/libraries.py index 0485c7c8edc7..3c531d629706 100644 --- a/openedx/core/djangoapps/content_libraries/rest_api/libraries.py +++ b/openedx/core/djangoapps/content_libraries/rest_api/libraries.py @@ -342,6 +342,12 @@ def post(self, request, lib_key_str): Add a user to this content library via email, with permissions specified in the request body. """ + warnings.warn( + "LibraryTeamView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) serializer = ContentLibraryAddPermissionByEmailSerializer(data=request.data) @@ -369,6 +375,12 @@ def get(self, request, lib_key_str): Get the list of users and groups who have permissions to view and edit this library. """ + warnings.warn( + "LibraryTeamView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_VIEW_THIS_CONTENT_LIBRARY_TEAM) team = api.get_library_team(key) @@ -390,6 +402,12 @@ def put(self, request, lib_key_str, username): Add a user to this content library, with permissions specified in the request body. """ + warnings.warn( + "LibraryTeamUserView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) serializer = ContentLibraryPermissionLevelSerializer(data=request.data) @@ -407,6 +425,12 @@ def get(self, request, lib_key_str, username): """ Gets the current permissions settings for a particular user. """ + warnings.warn( + "LibraryTeamUserView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_VIEW_THIS_CONTENT_LIBRARY_TEAM) user = get_object_or_404(User, username=username) @@ -421,6 +445,12 @@ def delete(self, request, lib_key_str, username): Remove the specified user's permission to access or edit this content library. """ + warnings.warn( + "LibraryTeamUserView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) user = get_object_or_404(User, username=username) @@ -445,6 +475,12 @@ def put(self, request, lib_key_str, group_name): Add a group to this content library, with permissions specified in the request body. """ + warnings.warn( + "LibraryTeamGroupView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) serializer = ContentLibraryPermissionLevelSerializer(data=request.data) @@ -459,6 +495,12 @@ def delete(self, request, lib_key_str, username): Remove the specified user's permission to access or edit this content library. """ + warnings.warn( + "LibraryTeamGroupView is deprecated. Use RoleUserAPIView from openedx-authz instead.", + DeprecationWarning, + stacklevel=2, + ) + key = LibraryLocatorV2.from_string(lib_key_str) api.require_permission_for_library_key(key, request.user, permissions.CAN_EDIT_THIS_CONTENT_LIBRARY_TEAM) group = get_object_or_404(Group, username=username)