chore: Upgrade Django to 4.2 (#2867)

* chore: Upgrade Django to 4.2.9

.github/workflows/ci.yml

@@ -6,7 +6,7 @@ jobs:
 
     services:
       db:
-        image: postgres:11.16
+        image: postgres:12.17
         # Health checks to wait until postgres has started
         options: >-
           --health-cmd pg_isready

affiliate/admin.py

@@ -2,21 +2,23 @@
 
 from django.contrib import admin
 
-from affiliate import models
+from affiliate.models import Affiliate, AffiliateReferralAction
 from mitxpro.admin import TimestampedModelAdmin
 
 
+@admin.register(Affiliate)
 class AffiliateAdmin(TimestampedModelAdmin):
     """Admin for Affiliate"""
 
-    model = models.Affiliate
+    model = Affiliate
     list_display = ["id", "code", "name"]
 
 
+@admin.register(AffiliateReferralAction)
 class AffiliateReferralActionAdmin(TimestampedModelAdmin):
     """Admin for AffiliateReferralAction"""
 
-    model = models.AffiliateReferralAction
+    model = AffiliateReferralAction
     include_created_on_in_list = True
     list_display = [
         "id",
@@ -33,20 +35,18 @@ def get_queryset(self, request):
         """Overrides base method"""
         return self.model.objects.select_related("affiliate")
 
+    @admin.display(
+        description="Affiliate Name",
+        ordering="affiliate__name",
+    )
     def get_affiliate_name(self, obj):
         """Returns the related Affiliate name"""
         return obj.affiliate.name
 
-    get_affiliate_name.short_description = "Affiliate Name"
-    get_affiliate_name.admin_order_field = "affiliate__name"
-
+    @admin.display(
+        description="Affiliate Code",
+        ordering="affiliate__code",
+    )
     def get_affiliate_code(self, obj):
         """Returns the related Affiliate code"""
         return obj.affiliate.code
-
-    get_affiliate_name.short_description = "Affiliate Code"
-    get_affiliate_name.admin_order_field = "affiliate__code"
-
-
-admin.site.register(models.Affiliate, AffiliateAdmin)
-admin.site.register(models.AffiliateReferralAction, AffiliateReferralActionAdmin)

affiliate/middleware_test.py

@@ -15,7 +15,7 @@ def test_affiliate_middleware(mocker):
     request = RequestFactory().get(f"/?{AFFILIATE_QS_PARAM}={affiliate_code}")
 
     # Add session capability to the request
-    SessionMiddleware().process_request(request)
+    SessionMiddleware(get_response=mocker.Mock()).process_request(request)
     request.session.save()
 
     middleware = AffiliateMiddleware(get_response=mocker.Mock())
@@ -30,7 +30,7 @@ def test_affiliate_middleware_session(mocker):
     request = RequestFactory().get("/")
 
     # Add session capability to the request and add the affiliate code to the session
-    SessionMiddleware().process_request(request)
+    SessionMiddleware(get_response=mocker.Mock()).process_request(request)
     request.session["affiliate_code"] = affiliate_code
     request.session.save()
 

authentication/middleware.py

@@ -1,6 +1,6 @@
 """Authentication middleware"""
 from django.shortcuts import redirect
-from django.utils.http import urlquote
+from urllib.parse import quote
 
 from social_core.exceptions import SocialAuthBaseException
 from social_django.middleware import SocialAuthExceptionMiddleware
@@ -30,6 +30,6 @@ def process_exception(self, request, exception):
 
             if url:
                 url += ("?" in url and "&" or "?") + "message={0}&backend={1}".format(
-                    urlquote(message), backend_name
+                    quote(message), backend_name
                 )
                 return redirect(url)

authentication/middleware_test.py

@@ -1,54 +1,54 @@
 """Tests for auth middleware"""
 from django.contrib.sessions.middleware import SessionMiddleware
 from django.shortcuts import reverse
-from django.utils.http import urlquote
+from urllib.parse import quote
 from rest_framework import status
 from social_core.exceptions import AuthAlreadyAssociated
 from social_django.utils import load_backend, load_strategy
 
 from authentication.middleware import SocialAuthExceptionRedirectMiddleware
 
 
-def test_process_exception_no_strategy(rf, settings):
+def test_process_exception_no_strategy(rf, settings, mocker):
     """Tests that if the request has no strategy it does nothing"""
     settings.DEBUG = False
     request = rf.get(reverse("social:complete", args=("email",)))
-    middleware = SocialAuthExceptionRedirectMiddleware()
+    middleware = SocialAuthExceptionRedirectMiddleware(get_response=mocker.Mock())
     assert middleware.process_exception(request, None) is None
 
 
-def test_process_exception(rf, settings):
+def test_process_exception(rf, settings, mocker):
     """Tests that a process_exception handles auth exceptions correctly"""
     settings.DEBUG = False
     msg = "This account is already in use."
     request = rf.get(reverse("social:complete", args=("email",)))
     # social_django depends on request.sesssion, so use the middleware to set that
-    SessionMiddleware().process_request(request)
+    SessionMiddleware(get_response=mocker.Mock()).process_request(request)
     strategy = load_strategy(request)
     backend = load_backend(strategy, "email", None)
     request.social_strategy = strategy
     request.backend = backend
 
-    middleware = SocialAuthExceptionRedirectMiddleware()
+    middleware = SocialAuthExceptionRedirectMiddleware(get_response=mocker.Mock())
     result = middleware.process_exception(request, AuthAlreadyAssociated(backend, msg))
     assert result.status_code == status.HTTP_302_FOUND
     assert result.url == "{}?message={}&backend={}".format(
-        reverse("login"), urlquote(msg), backend.name
+        reverse("login"), quote(msg), backend.name
     )
 
 
-def test_process_exception_non_auth_error(rf, settings):
+def test_process_exception_non_auth_error(rf, settings, mocker):
     """Tests that a process_exception handles non-auth exceptions correctly"""
     settings.DEBUG = False
     request = rf.get(reverse("social:complete", args=("email",)))
     # social_django depends on request.sesssion, so use the middleware to set that
-    SessionMiddleware().process_request(request)
+    SessionMiddleware(get_response=mocker.Mock()).process_request(request)
     strategy = load_strategy(request)
     backend = load_backend(strategy, "email", None)
     request.social_strategy = strategy
     request.backend = backend
 
-    middleware = SocialAuthExceptionRedirectMiddleware()
+    middleware = SocialAuthExceptionRedirectMiddleware(get_response=mocker.Mock())
     assert (
         middleware.process_exception(request, Exception("something bad happened"))
         is None

authentication/pipeline/user.py

@@ -240,7 +240,7 @@ def forbid_hijack(strategy, backend, **kwargs):  # pylint: disable=unused-argume
         backend (social_core.backends.base.BaseAuth): the backend being used to authenticate
     """
     # As first step in pipeline, stop a hijacking admin from going any further
-    if strategy.session_get("is_hijacked_user"):
+    if bool(strategy.session_get("hijack_history")):
         raise AuthException("You are hijacking another user, don't try to login again")
     return {}
 

authentication/pipeline/user_test.py

@@ -88,10 +88,10 @@ def validate_email_auth_request_not_email_backend(mocker):
     "has_user,expected", [(True, {"flow": SocialAuthState.FLOW_LOGIN}), (False, {})]
 )
 @pytest.mark.django_db
-def test_validate_email_auth_request(rf, has_user, expected):
+def test_validate_email_auth_request(rf, has_user, expected, mocker):
     """Test that validate_email_auth_request returns correctly given the input"""
     request = rf.post("/complete/email")
-    middleware = SessionMiddleware()
+    middleware = SessionMiddleware(get_response=mocker.Mock())
     middleware.process_request(request)
     request.session.save()
     strategy = load_strategy(request)
@@ -147,15 +147,15 @@ def test_user_password_not_email_backend(mocker):
 
 
 @pytest.mark.parametrize("user_password", ["abc123", "def456"])
-def test_user_password_login(rf, user, user_password):
+def test_user_password_login(rf, user, user_password, mocker):
     """Tests that user_password works for login case"""
     request_password = "abc123"
     user.set_password(user_password)
     user.save()
     request = rf.post(
         "/complete/email", {"password": request_password, "email": user.email}
     )
-    middleware = SessionMiddleware()
+    middleware = SessionMiddleware(get_response=mocker.Mock())
     middleware.process_request(request)
     request.session.save()
     strategy = load_strategy(request)
@@ -183,15 +183,15 @@ def test_user_password_login(rf, user, user_password):
             )
 
 
-def test_user_password_not_login(rf, user):
+def test_user_password_not_login(rf, user, mocker):
     """
     Tests that user_password performs denies authentication
     for an existing user if password not provided regardless of auth_type
     """
     user.set_password("abc123")
     user.save()
     request = rf.post("/complete/email", {"email": user.email})
-    middleware = SessionMiddleware()
+    middleware = SessionMiddleware(get_response=mocker.Mock())
     middleware.process_request(request)
     request.session.save()
     strategy = load_strategy(request)
@@ -207,12 +207,12 @@ def test_user_password_not_login(rf, user):
         )
 
 
-def test_user_password_not_exists(rf):
+def test_user_password_not_exists(rf, mocker):
     """Tests that user_password raises auth error for nonexistent user"""
     request = rf.post(
         "/complete/email", {"password": "abc123", "email": "doesntexist@localhost"}
     )
-    middleware = SessionMiddleware()
+    middleware = SessionMiddleware(get_response=mocker.Mock())
     middleware.process_request(request)
     request.session.save()
     strategy = load_strategy(request)

authentication/views.py

@@ -41,7 +41,7 @@ def get_serializer_cls(self):  # pragma: no cover
 
     def post(self, request):
         """Processes a request"""
-        if request.session.get("is_hijacked_user", False):
+        if bool(request.session.get("hijack_history")):
             return Response(status=status.HTTP_403_FORBIDDEN)
 
         serializer_cls = self.get_serializer_cls()
@@ -83,7 +83,7 @@ def get_serializer_cls(self):
 
     def post(self, request):
         """Verify recaptcha response before proceeding"""
-        if request.session.get("is_hijacked_user", False):
+        if bool(request.session.get("hijack_history")):
             return Response(status=status.HTTP_403_FORBIDDEN)
         if settings.RECAPTCHA_SITE_KEY:
             r = requests.post(

authentication/views_test.py

@@ -770,7 +770,7 @@ def test_login_email_error(client, mocker):
 def test_login_email_hijacked(client, user, admin_user):
     """Test that a 403 response is returned for email login view if user is hijacked"""
     client.force_login(admin_user)
-    client.post("/hijack/{}/".format(user.id))
+    client.post("/hijack/acquire/", {"user_pk": user.id})
     response = client.post(
         reverse("psa-login-email"),
         {"flow": SocialAuthState.FLOW_LOGIN, "email": "[email protected]"},
@@ -781,7 +781,7 @@ def test_login_email_hijacked(client, user, admin_user):
 def test_register_email_hijacked(client, user, admin_user):
     """Test that a 403 response is returned for email register view if user is hijacked"""
     client.force_login(admin_user)
-    client.post("/hijack/{}/".format(user.id))
+    client.post("/hijack/acquire/", {"user_pk": user.id})
     response = client.post(
         reverse("psa-register-email"),
         {"flow": SocialAuthState.FLOW_LOGIN, "email": "[email protected]"},

b2b_ecommerce/admin.py

@@ -6,31 +6,29 @@
 from mitxpro.admin import AuditableModelAdmin
 
 
+@admin.register(B2BCoupon)
 class B2BCouponAdmin(AuditableModelAdmin):
     """Admin for B2BCoupon"""
 
     model = B2BCoupon
 
 
+@admin.register(B2BCouponRedemption)
 class B2BCouponRedemptionAdmin(admin.ModelAdmin):
     """Admin for B2BCouponRedemption"""
 
     model = B2BCouponRedemption
 
 
+@admin.register(B2BReceipt)
 class B2BReceiptAdmin(admin.ModelAdmin):
     """Admin for B2BReceipt"""
 
     model = B2BReceipt
 
 
+@admin.register(B2BOrder)
 class B2BOrderAdmin(AuditableModelAdmin):
     """Admin for B2BOrder"""
 
     model = B2BOrder
-
-
-admin.site.register(B2BReceipt, B2BReceiptAdmin)
-admin.site.register(B2BCoupon, B2BCouponAdmin)
-admin.site.register(B2BOrder, B2BOrderAdmin)
-admin.site.register(B2BCouponRedemption, B2BCouponRedemptionAdmin)

b2b_ecommerce/migrations/0001_initial.py

@@ -75,7 +75,7 @@ class Migration(migrations.Migration):
                 ),
                 ("created_on", models.DateTimeField(auto_now_add=True)),
                 ("updated_on", models.DateTimeField(auto_now=True)),
-                ("data", django.contrib.postgres.fields.jsonb.JSONField()),
+                ("data", django.db.models.JSONField()),
                 (
                     "order",
                     models.ForeignKey(
@@ -136,15 +136,11 @@ class Migration(migrations.Migration):
                 ("updated_on", models.DateTimeField(auto_now=True)),
                 (
                     "data_before",
-                    django.contrib.postgres.fields.jsonb.JSONField(
-                        blank=True, null=True
-                    ),
+                    django.db.models.JSONField(blank=True, null=True),
                 ),
                 (
                     "data_after",
-                    django.contrib.postgres.fields.jsonb.JSONField(
-                        blank=True, null=True
-                    ),
+                    django.db.models.JSONField(blank=True, null=True),
                 ),
                 (
                     "acting_user",

b2b_ecommerce/migrations/0003_coupons.py

@@ -99,15 +99,11 @@ class Migration(migrations.Migration):
                 ("updated_on", models.DateTimeField(auto_now=True)),
                 (
                     "data_before",
-                    django.contrib.postgres.fields.jsonb.JSONField(
-                        blank=True, null=True
-                    ),
+                    django.db.models.JSONField(blank=True, null=True),
                 ),
                 (
                     "data_after",
-                    django.contrib.postgres.fields.jsonb.JSONField(
-                        blank=True, null=True
-                    ),
+                    django.db.models.JSONField(blank=True, null=True),
                 ),
                 (
                     "acting_user",

cms/api.py

@@ -1,9 +1,9 @@
 """API for the CMS app"""
 import itertools
 import logging
-from datetime import MAXYEAR, datetime
+from datetime import MAXYEAR, datetime, timezone
+
 
-import pytz
 from django.contrib.contenttypes.models import ContentType
 from wagtail.models import Page, Site
 from cms import models as cms_models
@@ -45,7 +45,7 @@ def filter_and_sort_catalog_pages(
 
     page_run_dates = {
         page: page.product.next_run_date
-        or datetime(year=MAXYEAR, month=1, day=1, tzinfo=pytz.UTC)
+        or datetime(year=MAXYEAR, month=1, day=1, tzinfo=timezone.utc)
         for page in itertools.chain(
             valid_program_pages,
             valid_course_pages,

cms/migrations/0054_create_external_courseware_asociations.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.18 on 2023-03-16 12:26
 
-import pytz
-from datetime import datetime
+
+from datetime import datetime, timezone
 from django.db import migrations, models
 import django.db.models.deletion
 
@@ -12,7 +12,7 @@
 
 def get_zone_aware_datetime(date):
     """Takes a date object and returns a zone aware datetime"""
-    return datetime.combine(date, datetime.max.time(), pytz.UTC) if date else None
+    return datetime.combine(date, datetime.max.time(), timezone.utc) if date else None
 
 
 def check_and_generate_associated_product(