feat: decouple courseware consent and start-date from enterprise

CoursewareViewStarted drives redirect URLs including consent. CourseStartDateValidationFailed swaps the enterprise-specific start-date error for a generic one.

ENT-11544

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Author: pwnage101

lms/djangoapps/course_home_api/course_metadata/tests/test_views.py

@@ -228,7 +228,10 @@ def test_course_access(
             self.update_masquerade(role=masquerade_role)
 
         consent_url = 'dump/consent/url' if dsc_required else None
-        with patch('openedx.features.enterprise_support.api.get_enterprise_consent_url', return_value=consent_url):
+        with patch(
+            'openedx_filters.learning.filters.CoursewareViewStarted.run_filter',
+            return_value=(consent_url, None, None),
+        ):
             response = self.client.get(self.url)
 
         self._assert_course_access_response(response, expect_course_access, error_code)

lms/djangoapps/course_wiki/middleware.py

@@ -8,13 +8,13 @@
 from django.http import Http404
 from django.shortcuts import redirect
 from django.utils.deprecation import MiddlewareMixin
+from openedx_filters.learning.filters import CoursewareViewStarted
 from wiki.models import reverse
 
 from common.djangoapps.student.models import CourseEnrollment
 from lms.djangoapps.courseware.access import has_access
 from lms.djangoapps.courseware.courses import get_course_overview_with_access, get_course_with_access
 from openedx.core.lib.request_utils import course_id_from_url
-from openedx.features.enterprise_support.api import get_enterprise_consent_url
 from xmodule.modulestore.django import modulestore
 
 
@@ -96,10 +96,14 @@ def process_view(self, request, view_func, view_args, view_kwargs):  # pylint: d
                     # we'll redirect them to the course about page
                     return redirect('about_course', str(course_id))
 
-                # If we need enterprise data sharing consent for this course, then redirect to the form.
-                consent_url = get_enterprise_consent_url(request, str(course_id), source='WikiAccessMiddleware')
-                if consent_url:
-                    return redirect(consent_url)
+                # If a plugin requires a redirect for this course, redirect now.
+                redirect_url, _, _ = CoursewareViewStarted.run_filter(
+                    redirect_url=None,
+                    request=request,
+                    course_key=course_id,
+                )
+                if redirect_url:
+                    return redirect(redirect_url)
 
             # set the course onto here so that the wiki template can show the course navigation
             request.course = course

lms/djangoapps/course_wiki/tests/tests.py

@@ -3,20 +3,19 @@
 """
 
 
-from unittest.mock import patch
+from unittest.mock import MagicMock, patch
 
 from django.urls import reverse
 
 from lms.djangoapps.courseware.tests.tests import LoginEnrollmentTestCase
 from openedx.features.course_experience.url_helpers import make_learning_mfe_courseware_url
-from openedx.features.enterprise_support.tests.mixins.enterprise import EnterpriseTestConsentRequired
 from xmodule.modulestore.tests.django_utils import (
     ModuleStoreTestCase,  # pylint: disable=wrong-import-order
 )
 from xmodule.modulestore.tests.factories import CourseFactory  # pylint: disable=wrong-import-order
 
 
-class WikiRedirectTestCase(EnterpriseTestConsentRequired, LoginEnrollmentTestCase, ModuleStoreTestCase):
+class WikiRedirectTestCase(LoginEnrollmentTestCase, ModuleStoreTestCase):
     """
     Tests for wiki course redirection.
     """
@@ -205,27 +204,33 @@ def test_create_wiki_with_long_course_id(self):
         assert resp.status_code == 200
 
     @patch.dict("django.conf.settings.FEATURES", {'ALLOW_WIKI_ROOT_ACCESS': True})
-    @patch('openedx.features.enterprise_support.api.enterprise_customer_for_request')
-    def test_consent_required(self, mock_enterprise_customer_for_request):
+    @patch('openedx_filters.learning.filters.CoursewareViewStarted.run_filter')
+    def test_consent_required(self, mock_run_filter):
         """
-        Test that enterprise data sharing consent is required when enabled for the various courseware views.
+        Test that wiki views redirect when the CoursewareViewStarted filter provides a URL.
         """
-        # ENT-924: Temporary solution to replace sensitive SSO usernames.
-        mock_enterprise_customer_for_request.return_value = None
+        redirect_url = 'http://example.com/grant_consent'
+        mock_run_filter.return_value = (redirect_url, MagicMock(), MagicMock())
 
         # Public wikis can be accessed by non-enrolled users, and so direct access is not gated by the consent page
         course = CourseFactory.create()
         course.allow_public_wiki_access = False
         course.save()
 
-        # However, for private wikis, enrolled users must pass through the consent gate
+        # However, for private wikis, enrolled users must pass through the filter redirect gate
         # (Unenrolled users are redirected to course/about)
         course_id = str(course.id)
         self.login(self.student, self.password)
         self.enroll(course)
 
-        for (url, status_code) in (
-                (reverse('course_wiki', kwargs={'course_id': course_id}), 302),
-                (f'/courses/{course_id}/wiki/', 200),
-        ):
-            self.verify_consent_required(self.client, url, status_code=status_code)  # pylint: disable=no-value-for-parameter
+        # The course_wiki view is decorated with courseware_view_hooks which calls the filter
+        url = reverse('course_wiki', kwargs={'course_id': course_id})
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response['Location'], redirect_url)
+
+        # The wiki middleware (/courses/.../wiki/) also calls the filter
+        url = f'/courses/{course_id}/wiki/'
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response['Location'], redirect_url)

lms/djangoapps/course_wiki/views.py

@@ -14,10 +14,10 @@
 from wiki.models import Article, URLPath
 
 from lms.djangoapps.course_wiki.utils import course_wiki_slug
+from lms.djangoapps.courseware.decorators import courseware_view_hooks
 from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
 from openedx.core.djangolib.markup import Text
 from openedx.core.lib.courses import get_course_by_id
-from openedx.features.enterprise_support.api import data_sharing_consent_required
 
 log = logging.getLogger(__name__)
 
@@ -31,7 +31,7 @@ def root_create(request):
     return redirect('wiki:get', path=root.path)
 
 
-@data_sharing_consent_required
+@courseware_view_hooks
 def course_wiki_redirect(request, course_id, wiki_path=""):
     """
     This redirects to whatever page on the wiki that the course designates

lms/djangoapps/courseware/access_response.py

@@ -144,31 +144,13 @@ def __init__(self, start_date, display_error_to_user=True):
         )
 
 
-class StartDateEnterpriseLearnerError(AccessError):
+class StartDateFiltersError(AccessError):
     """
-    Access denied because the course has not started yet and the user is not staff.  Use this error when this user is
-    also an enterprise learner and enrolled in the requested course.
+    Access denied because the course has not started yet and a plugin requested a more
+    specific error payload via the ``CourseStartDateValidationFailed`` filter.
     """
-    def __init__(self, start_date, display_error_to_user=True):
-        """
-        Arguments:
-            display_error_to_user: If True, display this error to users in the UI.
-        """
-        error_code = "course_not_started_enterprise_learner"
-        if start_date == DEFAULT_START_DATE:
-            developer_message = "Course has not started, and the learner is enrolled via an enterprise subsidy."
-            user_message = _("Course has not started")
-        else:
-            developer_message = (
-                f"Course does not start until {start_date}, and the learner is enrolled via an enterprise subsidy."
-            )
-            user_message = _("Course does not start until {}"  # pylint: disable=translation-of-non-string
-                             .format(f"{start_date:%B %d, %Y}"))
-        super().__init__(
-            error_code,
-            developer_message,
-            user_message if display_error_to_user else None
-        )
+    def __init__(self, error_code, developer_message, user_message):
+        super().__init__(error_code, developer_message, user_message)
 
 
 class MilestoneAccessError(AccessError):

lms/djangoapps/courseware/access_utils.py

@@ -8,7 +8,6 @@
 
 from crum import get_current_request
 from django.conf import settings
-from enterprise.models import EnterpriseCourseEnrollment, EnterpriseCustomerUser
 from pytz import UTC
 
 from common.djangoapps.student.models import CourseEnrollment
@@ -19,14 +18,14 @@
     DataSharingConsentRequiredAccessError,
     EnrollmentRequiredAccessError,
     IncorrectActiveEnterpriseAccessError,
-    StartDateEnterpriseLearnerError,
     StartDateError,
+    StartDateFiltersError
 )
 from lms.djangoapps.courseware.masquerade import get_course_masquerade, is_masquerading_as_student
 from openedx.features.course_experience import (
     COURSE_ENABLE_UNENROLLED_ACCESS_FLAG,
     COURSE_PRE_START_ACCESS_FLAG,
-    ENFORCE_MASQUERADE_START_DATES,
+    ENFORCE_MASQUERADE_START_DATES
 )
 from xmodule.course_block import COURSE_VISIBILITY_PUBLIC  # pylint: disable=wrong-import-order
 
@@ -70,60 +69,6 @@ def adjust_start_date(user, days_early_for_beta, start, course_key):
     return start
 
 
-def enterprise_learner_enrolled(request, user, course_key):
-    """
-    Determine if the learner should be redirected to the enterprise learner portal by checking their enterprise
-    memberships/enrollments.  If all of the following are true, then we are safe to redirect the learner:
-
-    * The learner is linked to an enterprise customer,
-    * The enterprise customer has subsidized the learner's enrollment in the requested course,
-    * The enterprise customer has the learner portal enabled.
-
-    NOTE: This function MUST be called from a view, or it will throw an exception.
-
-    Args:
-        request (django.http.HttpRequest): The current request being handled.  Must not be None.
-        user (User): The requesting enter, potentially an enterprise learner.
-        course_key (str): The requested course to check for enrollment.
-
-    Returns:
-        bool: True if the learner is enrolled via a linked enterprise customer and can safely be redirected to the
-        enterprise learner dashboard.
-    """
-    from openedx.features.enterprise_support.api import enterprise_customer_from_session_or_learner_data
-
-    if not user.is_authenticated:
-        return False
-
-    # enterprise_customer_data is either None (if learner is not linked to any customer) or a serialized
-    # EnterpriseCustomer representing the learner's active linked customer.
-    enterprise_customer_data = enterprise_customer_from_session_or_learner_data(request)
-    learner_portal_enabled = enterprise_customer_data and enterprise_customer_data["enable_learner_portal"]
-    if not learner_portal_enabled:
-        return False
-
-    # Additionally make sure the enterprise learner is actually enrolled in the requested course, subsidized
-    # via the discovered customer.
-    enterprise_enrollments = EnterpriseCourseEnrollment.objects.filter(
-        course_id=course_key,
-        enterprise_customer_user__user_id=user.id,
-        enterprise_customer_user__enterprise_customer__uuid=enterprise_customer_data["uuid"],
-    )
-    enterprise_enrollment_exists = enterprise_enrollments.exists()
-    log.info(
-        (
-            "[enterprise_learner_enrolled] Checking for an enterprise enrollment for "
-            "lms_user_id=%s in course_key=%s via enterprise_customer_uuid=%s. "
-            "Exists: %s"
-        ),
-        user.id,
-        course_key,
-        enterprise_customer_data["uuid"],
-        enterprise_enrollment_exists,
-    )
-    return enterprise_enrollment_exists
-
-
 def check_start_date(user, days_early_for_beta, start, course_key, display_error_to_user=True, now=None):
     """
     Verifies whether the given user is allowed access given the
@@ -133,8 +78,9 @@ def check_start_date(user, days_early_for_beta, start, course_key, display_error
         display_error_to_user: If True, display this error to users in the UI.
 
     Returns:
-        AccessResponse: Either ACCESS_GRANTED or StartDateError.
+        AccessResponse: Either ACCESS_GRANTED, StartDateError, or StartDateFiltersError.
     """
+    from openedx_filters.learning.filters import CourseStartDateValidationFailed
     start_dates_disabled = settings.FEATURES["DISABLE_START_DATES"]
     masquerading_as_student = is_masquerading_as_student(user, course_key)
 
@@ -155,11 +101,18 @@ def check_start_date(user, days_early_for_beta, start, course_key, display_error
         if should_grant_access:
             return ACCESS_GRANTED
 
-        # Before returning a StartDateError, determine if the learner should be redirected to the enterprise learner
-        # portal by returning StartDateEnterpriseLearnerError instead.
+        # Before returning a StartDateError, give plugins a chance to substitute a more specific access-error payload.
         request = get_current_request()
-        if request and enterprise_learner_enrolled(request, user, course_key):
-            return StartDateEnterpriseLearnerError(start, display_error_to_user=display_error_to_user)
+        if request is not None:
+            error_code, developer_message, user_message, _, _ = CourseStartDateValidationFailed.run_filter(
+                error_code=None,
+                developer_message=None,
+                user_message=None,
+                request=request,
+                course_key=course_key,
+            )
+            if error_code is not None:
+                return StartDateFiltersError(error_code, developer_message, user_message)
 
         return StartDateError(start, display_error_to_user=display_error_to_user)
 
@@ -232,22 +185,20 @@ def check_public_access(course, visibilities):
 
 def check_data_sharing_consent(course_id):
     """
-    Grants access if the user is do not need DataSharing consent, otherwise returns data sharing link.
+    Grants access if no courseware redirect is pending for this course; otherwise returns an access error.
 
     Returns:
         AccessResponse: Either ACCESS_GRANTED or DataSharingConsentRequiredAccessError
     """
-    from openedx.features.enterprise_support.api import get_enterprise_consent_url
-
-    consent_url = get_enterprise_consent_url(
-        request=get_current_request(),
-        course_id=str(course_id),
-        return_to="courseware",
-        enrollment_exists=True,
-        source="CoursewareAccess",
+    from openedx_filters.learning.filters import CoursewareViewStarted
+    request = get_current_request()
+    if not request:
+        return ACCESS_GRANTED
+    redirect_url, _, _ = CoursewareViewStarted.run_filter(
+        redirect_url=None, request=request, course_key=course_id,
     )
-    if consent_url:
-        return DataSharingConsentRequiredAccessError(consent_url=consent_url)
+    if redirect_url:
+        return DataSharingConsentRequiredAccessError(consent_url=redirect_url)
     return ACCESS_GRANTED
 
 
@@ -259,6 +210,7 @@ def check_correct_active_enterprise_customer(user, course_id):
     Returns:
         AccessResponse: Either ACCESS_GRANTED or IncorrectActiveEnterpriseAccessError
     """
+    from enterprise.models import EnterpriseCourseEnrollment, EnterpriseCustomerUser
     enterprise_enrollments = EnterpriseCourseEnrollment.objects.filter(
         course_id=course_id, enterprise_customer_user__user_id=user.id
     )

lms/djangoapps/courseware/decorators.py

@@ -0,0 +1,55 @@
+"""
+Decorators for courseware views.
+"""
+import functools
+
+from django.shortcuts import redirect
+from opaque_keys.edx.keys import CourseKey
+from openedx_filters.learning.filters import CoursewareViewStarted
+
+
+def courseware_view_hooks(view_func):
+    """
+    Decorator that calls the CoursewareViewStarted filter before rendering a courseware view.
+
+    If any pipeline step returns a non-None ``redirect_url``, the user is redirected to
+    that URL. Otherwise, the original view is rendered normally.
+
+    Usage::
+
+        @courseware_view_hooks
+        def my_view(request, course_id, ...):
+            ...
+
+    Works with both function-based views and ``method_decorator``-wrapped class-based views.
+    The decorator extracts the ``course_id`` or ``course_key`` from the view arguments.
+    """
+    @functools.wraps(view_func)
+    def _wrapper(request_or_self, *args, **kwargs):
+        # Support both function views (request as first arg) and method views
+        # (self as first arg, request as second arg).
+        if hasattr(request_or_self, 'method'):
+            # Function-based view: first arg is request
+            request = request_or_self
+        else:
+            # Class-based view via method_decorator: first arg is self, second is request
+            request = args[0] if args else kwargs.get('request')
+
+        course_id = kwargs.get('course_id') or (args[0] if args and not hasattr(request_or_self, 'method') else None)
+        try:
+            course_key = CourseKey.from_string(str(course_id)) if course_id else None
+        except Exception:  # pylint: disable=broad-except
+            course_key = None
+
+        if course_key is not None:
+            redirect_url, _request, _course_key = CoursewareViewStarted.run_filter(
+                redirect_url=None,
+                request=request,
+                course_key=course_key,
+            )
+            if redirect_url:
+                return redirect(redirect_url)
+
+        return view_func(request_or_self, *args, **kwargs)
+
+    return _wrapper