Need an API to enroll a user/student in course even after enrollment end date or upgrade deadline

As an admin or staff user I want to create verified enrollments even after the enrollment end date or upgrade deadline has passed:

  • to address customer support issues
  • to test the system
  • to enroll staff

What I’ve tried is.

  • Keywords
    • URL: http://edxhost/support/enrollment/username_or_email
    • username_or_email: the username or email of the student to whom you want to enroll in the course
    • EnrollmentView: edx-platform/lms/djangoapps/support/views/enrollments.py:EnrollmentSupportListView
    • SupportStaffRole: edx-platform//common/djangoapps/student/roles.py:SupportStaffRole
    • CourseAccessRole: edx-platform/common/djangoapps/student/models.py:CourseAccessRole
    • GlobalStaffRole: is_staff=True in User Model
  • The URL (which points out to EnrollmentView) should be called out by a SupportStaffRole (Can be assigned to any user to a specific course using CourseAccessRole on edx) or by GlobalStaffRole.
  • Whenever I tried to hit the URL, I got redirected to Login URL
  • Initially, I was not able to understand why this is happening even though I was already sending the auth token
  • Then I found that the EnrollmentView has @login_required decorator implemented in the permission check decorator.
  • @login_required only works with browser requests and accepts CSRF token but not the auth token

What we can do here?

  • We can go with the first or second approach which I think will not be much feasible
  • We can make a fix on edx by creating an issue on openedx repo, The fixes I’ve in my mind are
    1. Edx follows the http://edxhost/api/url convention which accepts the auth token. We can make a new APIView to accept the auth token and this will also follow the http://edxhost/api/url convention. (this is an existing feature we just need it to accept the auth token)
    2. Or we can make changes to the existing EnrollmentView just by adding the support of auth token

Correct me if I’m wrong or if there is any other alternative available to achieve this requirement

reference: management command to create verified enrollment · Issue #1109 · mitodl/mitxonline · GitHub

There is also another option to make some changes here in the post method if the requesting user is GlobalStaff or has the CourseAccessRole. he can enroll a user in expired courses with some request payload like force_enrollment=True/False so the user will be enrolled in the course by setting up check_access=False here