Skip to content

chore: deprecate content libraries authorization permissions, apis, rest apis and models#38052

Open
BryanttV wants to merge 4 commits intoopenedx:masterfrom
eduNEXT:bav/depr-content-libraries-permissions
Open

chore: deprecate content libraries authorization permissions, apis, rest apis and models#38052
BryanttV wants to merge 4 commits intoopenedx:masterfrom
eduNEXT:bav/depr-content-libraries-permissions

Conversation

@BryanttV
Copy link
Contributor

Description

This PR deprecates the Content Libraries team roles/permission system backed by the ContentLibraryPermission model, following OEP-0021.

Concretely, this PR:

  • Marks the ContentLibraryPermission model as deprecated via docstring and a DeprecationWarning.
  • Marks the Content Libraries authorization/team REST API endpoints as deprecated in their docstrings and via a module-level DeprecationWarning.
  • Marks the authorization API methods in openedx/core/djangoapps/content_libraries/api/libraries.py as deprecated (get_library_team, get_library_user_permissions, set_library_user_permissions, set_library_group_permissions) with a DeprecationWarning on each call.
  • Marks the legacy permission rules and constants in permissions.py (and the re-exports in api/permissions.py) as deprecated in their module docstrings, in favor of openedx-authz and HasPermissionInContentLibraryScope.
  • Removes the ContentLibraryPermission inline from the ContentLibrary Django admin so new permissions are no longer managed through that model.

Supporting information

Deadline

None

@openedx-webhooks openedx-webhooks added open-source-contribution PR author is not from Axim or 2U core contributor PR author is a Core Contributor (who may or may not have write access to this repo). labels Feb 25, 2026
@openedx-webhooks
Copy link

Thanks for the pull request, @BryanttV!

This repository is currently maintained by @openedx/wg-maintenance-openedx-platform.

Once you've gone through the following steps feel free to tag them in a comment and let them know that your changes are ready for engineering review.

🔘 Get product approval

If you haven't already, check this list to see if your contribution needs to go through the product review process.

  • If it does, you'll need to submit a product proposal for your contribution, and have it reviewed by the Product Working Group.
    • This process (including the steps you'll need to take) is documented here.
  • If it doesn't, simply proceed with the next step.
🔘 Provide context

To help your reviewers and other members of the community understand the purpose and larger context of your changes, feel free to add as much of the following information to the PR description as you can:

  • Dependencies

    This PR must be merged before / after / at the same time as ...

  • Blockers

    This PR is waiting for OEP-1234 to be accepted.

  • Timeline information

    This PR must be merged by XX date because ...

  • Partner information

    This is for a course on edx.org.

  • Supporting documentation
  • Relevant Open edX discussion forum threads
🔘 Get a green build

If one or more checks are failing, continue working on your changes until this is no longer the case and your build turns green.

Details
Where can I find more information?

If you'd like to get more details on all aspects of the review process for open source pull requests (OSPRs), check out the following resources:

When can I expect my changes to be merged?

Our goal is to get community contributions seen and reviewed as efficiently as possible.

However, the amount of time that it takes to review and merge a PR can vary significantly based on factors such as:

  • The size and impact of the changes that it introduces
  • The need for product review
  • Maintenance status of the parent repository

💡 As a result it may take up to several weeks or months to complete a review and merge your PR.

@github-project-automation github-project-automation bot moved this to Needs Triage in Contributions Feb 25, 2026
@BryanttV BryanttV force-pushed the bav/depr-content-libraries-permissions branch 2 times, most recently from c7ecdd5 to 52a41e4 Compare February 25, 2026 22:04
@mphilbrick211 mphilbrick211 moved this from Needs Triage to Ready for Review in Contributions Feb 26, 2026
@mphilbrick211 mphilbrick211 added the needs reviewer assigned PR needs to be (re-)assigned a new reviewer label Feb 26, 2026
@BryanttV BryanttV force-pushed the bav/depr-content-libraries-permissions branch from 52a41e4 to d8eb27c Compare February 26, 2026 16:34
Copy link
Contributor

@feanil feanil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking for some more clarification, the DEPRs make sense but it would be useful to point to more actionable docs for what to do when you see this warning. Where are the new APIs documented?

Get the list of users/groups granted permission to use this library.
"""
warnings.warn(
"get_library_team is deprecated. See https://github.com/openedx/openedx-platform/issues/37409.",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pointing to the DEPR is useful but if I saw this, I still wouldn't easily know what api endpoint things would need to switch to. Is there a new equivalent endpoint? Or is there a set of endpoints that I need to use? Is there a quick reference or doc I could look at to know what I should switch to if I've been calling this endpoint?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the feedback! I completely agree. I’ve updated the deprecation messaging, including the replacement of each api method or view.

@BryanttV BryanttV force-pushed the bav/depr-content-libraries-permissions branch from cf4d974 to 82d43e0 Compare February 27, 2026 21:40
@BryanttV BryanttV force-pushed the bav/depr-content-libraries-permissions branch from 82d43e0 to fee0a1a Compare February 27, 2026 21:49
@BryanttV BryanttV requested a review from feanil February 27, 2026 21:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

core contributor PR author is a Core Contributor (who may or may not have write access to this repo). needs reviewer assigned PR needs to be (re-)assigned a new reviewer open-source-contribution PR author is not from Axim or 2U

Projects

Status: Ready for Review

Development

Successfully merging this pull request may close these issues.

4 participants