Merge pull request #109 from open-craft/agrendalath/bb-9902-rest-api

feat: implement REST API for configuration checks

Author: Agrendalath

.coveragerc

@@ -4,6 +4,7 @@ data_file = .coverage
 source=learning_credentials
 omit =
     compat.py
+    manage.py
     test_settings.py
     */migrations/*
     *admin.py

CHANGELOG.rst

@@ -16,6 +16,14 @@ Unreleased
 
 *
 
+0.3.0 - 2025-09-17
+******************
+
+Added
+=====
+
+* REST API endpoint to check if credentials are configured for a learning context.
+
 0.2.4 - 2025-09-07
 
 Added

MANIFEST.in

@@ -1,6 +1,4 @@
 include CHANGELOG.rst
 include LICENSE.txt
 include README.rst
-include requirements/base.in
-include requirements/constraints.txt
 recursive-include learning_credentials *.html *.png *.gif *.js *.css *.jpg *.jpeg *.svg *.txt

learning_credentials/api/__init__.py

@@ -0,0 +1 @@
+"""Learning Credentials API package."""

learning_credentials/api/urls.py

@@ -0,0 +1,9 @@
+"""API URLs."""
+
+from django.urls import include, path
+
+from .v1 import urls as v1_urls
+
+urlpatterns = [
+    path("v1/", include((v1_urls, "learning_credentials_api_v1"), namespace="learning_credentials_api_v1")),
+]

learning_credentials/api/v1/__init__.py

@@ -0,0 +1 @@
+"""Learning Credentials API v1 package."""

learning_credentials/api/v1/permissions.py

@@ -0,0 +1,81 @@
+"""Django REST framework permissions."""
+
+from typing import TYPE_CHECKING
+
+from django.db.models import Q
+from learning_paths.models import LearningPath
+from opaque_keys import InvalidKeyError
+from opaque_keys.edx.keys import LearningContextKey
+from rest_framework.exceptions import NotFound, ParseError
+from rest_framework.permissions import BasePermission
+
+from learning_credentials.compat import get_course_enrollments
+
+if TYPE_CHECKING:
+    from django.contrib.auth.models import User
+    from learning_paths.keys import LearningPathKey
+    from opaque_keys.edx.keys import CourseKey
+    from rest_framework.request import Request
+    from rest_framework.views import APIView
+
+
+class CanAccessLearningContext(BasePermission):
+    """Permission to allow access to learning context if the user is enrolled."""
+
+    def has_permission(self, request: "Request", view: "APIView") -> bool:
+        """Check if the user can access the learning context."""
+        try:
+            key = view.kwargs.get("learning_context_key") or request.query_params.get("learning_context_key")
+            learning_context_key = LearningContextKey.from_string(key)
+        except InvalidKeyError as e:
+            msg = "Invalid learning context key."
+            raise ParseError(msg) from e
+
+        if request.user.is_staff:
+            return True
+
+        if learning_context_key.is_course:
+            if self._can_access_course(learning_context_key, request.user):
+                return True
+
+            msg = "Course not found or user does not have access."
+            raise NotFound(msg)
+
+        # For learning paths, check enrollment or if it's not invite-only.
+        if self._can_access_learning_path(learning_context_key, request.user):
+            return True
+
+        msg = "Learning path not found or user does not have access."
+        raise NotFound(msg)
+
+    def _can_access_course(self, course_key: "CourseKey", user: "User") -> bool:
+        """Check if user can access a course."""
+        # Check if user is enrolled in the course.
+        if get_course_enrollments(course_key, user.id):  # ty: ignore[unresolved-attribute]
+            return True
+
+        # Check if the course is a part of a learning path the user can access.
+        return self._can_access_course_via_learning_path(course_key, user)
+
+    def _get_accessible_learning_paths_filter(self, user: "User") -> Q:
+        """Get Q filter for learning paths that the user can access."""
+        return Q(invite_only=False) | Q(learningpathenrollment__user=user, learningpathenrollment__is_active=True)
+
+    def _can_access_course_via_learning_path(self, course_key: "CourseKey", user: "User") -> bool:
+        """Check if user can access a course through learning path membership."""
+        accessible_paths = (
+            LearningPath.objects.filter(steps__course_key=course_key)
+            .filter(self._get_accessible_learning_paths_filter(user))
+            .distinct()
+        )
+
+        return accessible_paths.exists()
+
+    def _can_access_learning_path(self, learning_path_key: "LearningPathKey", user: "User") -> bool:
+        """Check if user can access a learning path."""
+        # Single query to check if learning path exists and user can access it
+        accessible_path = LearningPath.objects.filter(key=learning_path_key).filter(
+            self._get_accessible_learning_paths_filter(user)
+        )
+
+        return accessible_path.exists()

learning_credentials/api/v1/urls.py

@@ -0,0 +1,13 @@
+"""API v1 URLs."""
+
+from django.urls import path
+
+from .views import CredentialConfigurationCheckView
+
+urlpatterns = [
+    path(
+        'configured/<str:learning_context_key>/',
+        CredentialConfigurationCheckView.as_view(),
+        name='credential_configuration_check',
+    ),
+]

learning_credentials/api/v1/views.py

@@ -0,0 +1,83 @@
+"""API views for Learning Credentials."""
+
+from typing import TYPE_CHECKING
+
+import edx_api_doc_tools as apidocs
+from edx_api_doc_tools import ParameterLocation
+from rest_framework import status
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+
+from learning_credentials.models import CredentialConfiguration
+
+from .permissions import CanAccessLearningContext
+
+if TYPE_CHECKING:
+    from rest_framework.request import Request
+
+
+class CredentialConfigurationCheckView(APIView):
+    """API view to check if any credentials are configured for a specific learning context."""
+
+    permission_classes = (IsAuthenticated, CanAccessLearningContext)
+
+    @apidocs.schema(
+        parameters=[
+            apidocs.string_parameter(
+                "learning_context_key",
+                ParameterLocation.PATH,
+                description=(
+                    "Learning context identifier. Can be a course key (course-v1:OpenedX+DemoX+DemoCourse) "
+                    "or learning path key (path-v1:OpenedX+DemoX+DemoPath+Demo)"
+                ),
+            ),
+        ],
+        responses={
+            200: "Boolean indicating if credentials are configured.",
+            400: "Invalid context key format.",
+            403: "User is not authenticated or does not have permission to access the learning context.",
+            404: "Learning context not found or user does not have access.",
+        },
+    )
+    def get(self, _request: "Request", learning_context_key: str) -> Response:
+        """
+        Check if any credentials are configured for the given learning context.
+
+        **Example Request**
+
+        ``GET /api/learning_credentials/v1/configured/course-v1:OpenedX+DemoX+DemoCourse/``
+
+        **Response Values**
+
+        - **200 OK**: Request successful, returns credential configuration status.
+        - **400 Bad Request**: Invalid learning context key format.
+        - **403 Forbidden**: User is not authenticated or does not have permission to access the learning context.
+        - **404 Not Found**: Learning context not found or user does not have access.
+
+        **Example Response**
+
+        .. code-block:: json
+
+            {
+              "has_credentials": true,
+              "credential_count": 2
+            }
+
+        **Response Fields**
+
+        - ``has_credentials``: Boolean indicating if any credentials are configured
+        - ``credential_count``: Number of credential configurations available
+
+        **Note**
+
+        This endpoint does not perform learning context existence validation, so it will not return 404 for staff users.
+        """
+        credential_count = CredentialConfiguration.objects.filter(learning_context_key=learning_context_key).count()
+
+        response_data = {
+            'has_credentials': credential_count > 0,
+            'credential_count': credential_count,
+        }
+
+        return Response(response_data, status=status.HTTP_200_OK)

learning_credentials/apps.py

@@ -5,6 +5,7 @@
 from typing import ClassVar
 
 from django.apps import AppConfig
+from edx_django_utils.plugins.constants import PluginSettings, PluginURLs
 
 
 class LearningCredentialsConfig(AppConfig):
@@ -15,10 +16,16 @@ class LearningCredentialsConfig(AppConfig):
 
     # https://edx.readthedocs.io/projects/edx-django-utils/en/latest/plugins/how_tos/how_to_create_a_plugin_app.html
     plugin_app: ClassVar[dict[str, dict[str, dict]]] = {
-        'settings_config': {
+        PluginURLs.CONFIG: {
             'lms.djangoapp': {
-                'common': {'relative_path': 'settings.common'},
-                'production': {'relative_path': 'settings.production'},
+                PluginURLs.NAMESPACE: name,
+                PluginURLs.APP_NAME: name,
+            }
+        },
+        PluginSettings.CONFIG: {
+            'lms.djangoapp': {
+                'common': {PluginSettings.RELATIVE_PATH: 'settings.common'},
+                'production': {PluginSettings.RELATIVE_PATH: 'settings.production'},
             },
         },
     }