Coder Social home page Coder Social logo

edunext / eox-tenant Goto Github PK

View Code? Open in Web Editor NEW
7.0 5.0 4.0 827 KB

Plugin for managing multiple tenants (organizations) within a single Open edX instance.

License: GNU Affero General Public License v3.0

Makefile 0.88% Python 98.33% HTML 0.11% JavaScript 0.50% Shell 0.18%

eox-tenant's Introduction

EOX Tenant

Maintainance Status GitHub Actions Workflow Test Status PyPI - Version

Eox-tenant is a plugin for Open edX, and part of the Edunext Open edX Extensions (aka EOX), that replaces the microsites and site_configurations features, offering a more robust multi-tenancy model.

If you are looking for professional development or support with multitenancy or multi-sites in the Open edX platform, you can reach out to [email protected]

Installation

  1. Add this plugin in your Tutor config.yml with the OPENEDX_EXTRA_PIP_REQUIREMENTS setting.

    OPENEDX_EXTRA_PIP_REQUIREMENTS:
   - eox-tenant=={{version}}

  2. Save the configuration with tutor config save.

  3. Build the image and launch your platform with tutor local launch.

Usage

Once your instance is running, you can access the Django admin site and locate the EDUNEXT OPENEDX MULTITENANCY models.

  • Microsites: Store the microsite configuration.
  • Routes: Configure the URL for a tenant.
  • Tenant configs: Store the configuration for each tenant.
  • Tenant organizations: Link each organization with one or multiple tenants.

Add EDNX_USE_SIGNAL = True in each microsite/tenant that wants to use the plugin.

Compatibility Notes

Open edX Release Version
Ironwood < 3.0
Juniper >= 3.0 < 4.0
Koa >= 4.0 <= 5.1.3
Lilac >= 4.0 < 6.2
Maple >= 6.0
Nutmeg >= 6.2
Olive >= 8.0
Palm >= v11.7.0
Quince >= v11.7.0
Redwood >= v11.7.0

โš ๏ธ Since the 6.2 version, eox-tenant does not support Django 2.2

The plugin is configured for the latest release (Redwood). The following changes in the plugin settings should be applied to be used for previous releases.

Maple

For version 11.X compatible

EOX_TENANT_EDX_AUTH_BACKEND = "eox_tenant.edxapp_wrapper.backends.edx_auth_i_v1"

Those settings can be changed in eox_tenant/settings/common.py or, for example, in the instance settings.

๐Ÿšจ If the release you are looking for is not listed, please note:

  • If the Open edX release is compatible with the current eox-tenant version (see Compatibility Notes), the default configuration is sufficient.
  • If incompatible, you can refer to the README from the relevant version tag for configuration details (e.g., v6.2.0 README).

๐Ÿšจ For version < 10.0.0 you need to enable eox-tenant adding in the LMS configuration:

USE_EOX_TENANT = True

Commands

Synchronize Organizations

This command will synchronize the course_org_filter values in lms_configs(TenantConfig model) or values(Microsite model) with the TenantOrganization registers if the organization does not exist, it will be created, otherwise, it will be added to the organizations model field.

./manage.py lms synchronize_organizations  # only for TenantConfig and Microsite
./manage.py lms synchronize_organizations --model TenantConfig # only for TenantConfig
./manage.py lms synchronize_organizations --model Microsite # only for Microsite

Create/Edit tenant configuration

create_or_update_tenant_config helps to add or edit TenantConfig and linked Routes via command line.

# This command will create/edit an entry in TenantConfig with external_key lacolhost.com and update its JSONField(s) with passed JSON content.
./manage.py lms create_or_update_tenant_config --external-key lacolhost.com --config '{"lms_configs": {"PLATFORM_NAME": "Lacolhost"}, "studio_configs": {"PLATFORM_NAME": "Lacolhost"}}' lacolhost.com studio.lacolhost.com preview.lacolhost.com

# This command will create/edit an entry in TenantConfig with external_key lacolhost.com and update its JSONField(s) with passed JSON config file content.
./manage.py lms create_or_update_tenant_config --external-key lacolhost.com --config-file /tmp/some.json lacolhost.com studio.lacolhost.com preview.lacolhost.com

# Same as above, but it will override configuration instead of updating it.
./manage.py lms create_or_update_tenant_config --external-key lacolhost.com --config-file /tmp/some.json lacolhost.com studio.lacolhost.com preview.lacolhost.com --override

Migration notes

Migrating from 0.* version to 1.0.0

From version 1.0.0, RedirectionsMiddleware and PathRedirectionMiddleware are no longer supported in this plugin. These middleware were moved to the eox-core plugin here. From this, you can have three cases:

  1. You have already installed eox-core alongside eox-tenant. In this case, you need to:

    • Upgrade eox-core to version 2.0.0 (previous releases are not compatible with eox-tenant 1.0.0)
    • Run the plugin migrations as indicated below:
    ./manage.py lms migrate eox_tenant --settings=<your app settings>
./manage.py lms migrate eox_core --fake-initial --settings=<your app settings>

  2. You only have installed eox-tenant and you want to keep the functionality that middleware offer. You need to:

    • Install eox-core version 2.0.0 as edx-platform requirement. You can use Ansible to add this plugin as an extra requirement.
    • Run the plugin migrations as indicated below:
    ./manage.py lms migrate eox_tenant --settings=<your app settings>
./manage.py manage.py lms migrate eox_core --fake-initial --settings=<your app settings>

  3. In the case you are not using the redirection middleware, and only have eox-tenant installed, you can simply apply the database migrations for the eox-tenant plugin:

    ./manage.py manage.py lms migrate eox_tenant --settings=<your app settings>

    The table corresponding to the Redirection model will not be deleted but it will be discarded from the Django state

Caveats

  • SSO that uses the LMS while authenticating does so with server-to-server communication. Therefore, when the AvailableScreenMiddleware gets the current domain, it finds that lms:8000 as in SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT which does not exist, then raises a 404 exception. To avoid this error, set in your LMS settings file:
SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT = SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT

How to Contribute

Contributions are welcome! See our CONTRIBUTING file for more information โ€“ it also contains guidelines for how to maintain high code quality, which will make your contribution more likely to be accepted.

License

This project is licensed under the AGPL-3.0 License. See the LICENSE file for details.

eox-tenant's People

Contributors

andrey-canon avatar felipemontoya avatar jfavellar90 avatar squirrel18 avatar mariajgrimaldi avatar juandavidbuitrago avatar magajh avatar mafermazu avatar alec4r avatar vad33r avatar bryanttv avatar luisfelipec95 avatar moisesgsalas avatar navinkarkera avatar henrrypg avatar bra-i-am avatar ivanca avatar johanseto avatar dcoa avatar jignaciopm avatar asespinel avatar deimerm avatar dependabot[bot] avatar

Stargazers

Amjad Smadi avatar Tanjim Hossain avatar JayRam Nai avatar avatar William Humberto Herrera Rey avatar Nate Aune avatar avatar

Watchers

Elvin Quero avatar James Cloos avatar avatar avatar avatar

Forkers

vamshikrishnaum mafermazu open-craft channebertrand

eox-tenant's Issues

["FEAT"] Organizations are not created on course_org_filter modification

Describe the bug
When you add an organization to course_org_filter in the tenant the Organization is not created.

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'Tenant config admin table'
  2. Edit the field 'course_org_filter'
  3. Save the model
  4. Verify organization_organization is not created.

Expected behavior
An organization is created with its tenant organization model.

["BUG"] Tenant organization is created but not associated when sites are created

Describe the bug
When one saves a tenant config object, an tenant organization should be created, and associated with the current site. The second part is not happening

To Reproduce
Steps to reproduce the behavior:

  1. Go to '/admin/eox_tenant/tenantconfig/' and select a tenant config.
  2. Click on 'save'
  3. Verify tenant organization is not associated: /admin/eox_tenant/tenantorganization/

Expected behavior
Tenant organization is associated with the tenant config.

["INFO"] Clarify the plugin behavior

Hi!

I'm currently analyzing the code to figure out if it suits our needs and I hope I found the right place to ask some questions about the plugin ๐Ÿ™

  1. Is there any dedicated roadmap for the plugin development? What are your plans for it?
  2. What is the average delay between the openEdx release and the plugin update for usage with it?
  3. Organizations model in the edx-platform - is the core entity for the tenancy support using the SiteConfiguration. It allows to separate courses between the tenants, restricts organizations available for the course creation in the Studio, etc.
    But the plugin introduces a brand new model for storing the organizations - TenantOrganization.
    What was the reason to create a new model instead of reusing the edx-platform's one?
    Why is it connected to Microsite and TenantConfig models by the many-to-many relation? Do you use the same org filter for several tenants?
    I also didn't find any connections between the TenantOrganization and Organization models. Shouldn't they be at least synchronized?
  4. How does the plugin influence the Course Creator in the Studio?
  5. Am I right that each consequent request made from a different tenant (domain) is processed to override the settings object and requests from the same tenant (domain) are skipping the settings update for the timespan defined in the EOX_MAX_CONFIG_OVERRIDE_SECONDS? How does it affect the performance in general? Can you provide more details about caching?
  6. Are there any dependencies on the eox-theming or other plugins?

Thank you in advance! ๐Ÿซถ

["BUG"] FilterUserCourseEnrollmentsByTenant doesn't modify all needed views

Describe the bug
Views like api/enrollment/v1/enrollments/ are not filtered correctly.

To Reproduce
Steps to reproduce the behavior:
0. Crea at least two organizations, each one associated to only one tenant, and enroll users to course belonging to those organizations.

  1. Go to 'api/enrollment/v1/enrollments/'
  2. See all enrollment without filters

Expected behavior
FIlter enrollments using the current site.

Additional context
This is the view I found, but there might be others

["FEAT"] Palm compatibility

Is your feature request related to a problem? Please describe.
Since Palm release was cut on April 11th 2023, I would like to know if there is an eox-tenant date release for Palm version. Thanks

Describe the solution you'd like
Palm compatibility

["FEAT"] Add JWT Authentication support

Is your feature request related to a problem? Please describe.
At the moment eox tenant only supports Bearer authentication and Session Authentication. On future releases Bearer authentication is going to be deprecated, so we should be prepared by implementing JWT authentication to avoid any compatibility issues.

Describe the solution you'd like
JWT Authentication would allow to add Django applications so we could test the eox tenant API using Postmanor other similar clients

Additional context
Since Bearer authentication is going to be deprecated we could remove it completely from the plugin. The deprecation is described here: openedx/edx-drf-extensions#284

["BUG"] Error log in studio.

Hi team!

Describe the bug

When we access a subdomain of the LMS that does not exist it does not show us a 404 not found page but it takes us to a course listing, this problem was solved when we added the following setting in a yml tutor plugin.

common-env-features: |
       USE_MICROSITE_AVAILABLE_SCREEN: true

But when we try to log in to studio we get an error 404 Client error.

To Reproduce
Steps to reproduce the behavior:

  1. Create a nuez environment and configure your tenant.
  2. Configure the following yml tutor plugin, don't forget to change the SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT with your tenant url.
name: settings
version: 0.1.0
patches:

  common-env-features: |
    USE_MICROSITE_AVAILABLE_SCREEN: true

  openedx-cms-development-settings: |
    ALLOWED_HOSTS = ["*"]
    SESSION_COOKIE_DOMAIN = None
    EOX_CORE_APPEND_LMS_MIDDLEWARE_CLASSES = True
    # Celery's task autodiscovery won't find tasks nested in a tasks package.
    # Tasks are only registered when the module they are defined in is imported.
    FRONTEND_LOGIN_URL = 'https://login.studio.edunext.co/login'
    FRONTEND_LOGOUT_URL = '/logout/'
    # Attempting to solve the mysql connection errors
    # Studio sso
    SOCIAL_AUTH_EDX_OAUTH2_PUBLIC_URL_ROOT = "http://test.local.overhang.io:8000"

  openedx-lms-development-settings: |
     MIDDLEWARE += [
      'eox_core.middleware.PathRedirectionMiddleware',
      'eox_core.middleware.RedirectionsMiddleware',
      #'eox_core.middleware.TPAExceptionMiddleware',
      'eox_tenant.middleware.AvailableScreenMiddleware',
      'eox_tenant.middleware.MicrositeCrossBrandingFilterMiddleware',
     ]
  1. Attempt to log in to the studio.
  2. See error

Expected behavior
We hope that when you try to enter a subdomain that does not exist, it will show the 404 page and allow us to log in to the studio.

Screenshots
Screenshot from 2023-01-27 19-06-53
picture 1. Error displayed when trying to log into study.

Who is affected
This issue affects Saas since we cannot activate the flag to show the 404 not found page when someone tries to enter a subdomain that does not exist.

["BUG"] Tenant organization admin search

Describe the bug
We sometimes need to access the tenant organization admin and search for some client organizations for troubleshooting and fixes. As we have many Tenants associated to one organization, the time to load the page is higher and increases the memory usage, which arrives in 502 error as the container is stopped.

One can increase the memory but the higher load times can lead to timeout errors.

Expected behavior
It should load faster without errors.

["FEAT"] Oauth validator feature flag

Is your feature request related to a problem? Please describe.
In some environments, is needed to disable the extra validation for oauth tokens provided by eox-tenant:

eox-tenant/eox_tenant/settings/common.py

Lines 62 to 63 in 678ee1b

if hasattr(settings, 'OAUTH2_PROVIDER'):
settings.OAUTH2_PROVIDER['OAUTH2_VALIDATOR_CLASS'] = 'eox_tenant.validators.EoxTenantOAuth2Validator'

Describe the solution you'd like
A feature flag USE_OAUTH_FOR_TENANTS or similar trigger mechanism

Describe alternatives you've considered

Additional context

["DEPR"] Certificates, Auth and Util backends

Description
We should remove the backends and the configuration we are not using.

I propose to remove the following:

  • eox_tenant.edxapp_wrapper.backends.certificates_module_i_v1
  • eox_tenant.edxapp_wrapper.backends.edx_auth_n_v1
  • eox_tenant.edxapp_wrapper.backends.util_h_v1

And its settings. Checking that we will not break the plugin because we are no longer using it.

["FEAT"] Synchronize orgs in studio

Is your feature request related to a problem? Please describe.
When you are in studio->admin and you add a new value to the course_org_filter, that value is not created in the tenantOrganization table, the reason is that the method which creates that record is connected to a signal that is only register in the lms configuration

image

Describe the solution you'd like
3 different approaches

  1. Remove EDUNEXT OPENEDX MULTITENANCY section from studio, all the features should work no matter the environment
  2. Connect the receiver with the save signal in the cms configuration
  3. I implemented the signal behavior, but that is not the best approach since that add an implicit behavior and it's better to be explicit so another solution would be to overwrite the Model save method and add the update_tenant_organizations_receiver method into it.

["FEAT"] Don't cache configurations when in development mode

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

["FEAT"] add a querystring param that forces the reload

Is your feature request related to a problem? Please describe.
I'm often doing changes in sites that are not rendered because of the cache.
Cache is very necessary for perfomance but the only solutions that I have now are: waiting 5 minutes or restarting the server.

Describe the solution you'd like
when I have a site like: https://lms.olive.albacore.felipemontoya.co/dashboard
I would like to be able to call: https://lms.olive.albacore.felipemontoya.co/dashboard?eox_tenant=cleancache

or something similar and have the signal process this diferentely at:
https://github.com/eduNEXT/eox-tenant/blob/master/eox_tenant/signals.py#L181

Describe alternatives you've considered
Reset the thread where the process is running, but I don't know always which POD of the cluster is running.

Additional context
In the saas variant this is not so important because the cache busts when the process is a different one and thus is always breaking the cache for small test sites. The issue becomes more prominent in stratus like sites.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.