Task - RBAC AuthZ - Implement new permissions for files #193
Description
Implement new permissions for files.
Should live behind the feature flag.
Relevant permissions:
courses.view_files
courses.create_files
courses.delete_files
courses.edit_files
Changes needed:
Endpoints:
Note: Assets have their own namespace, example: 1. "/asset-v1:OpenedX+DemoX+DemoCourse+type@asset+block@Open_edX_Demo_Course___Textbooks.pdf"
GET /assets/(courseid)/: List Files
GET /(assetid): Download a file -> Check if this is meant to be public so it doesn't apply, or if it needs to be handled by course authoring permissions
GET /assets/(courseid)/(assetid)/usage: Get file info
PUT /assets/(courseid)/(assetid)/, payload: {"locked":true}: Lock file (courses.edit_files)
DELETE /assets/(courseid)/(assetid)/: Delete file
(Check which endpoint is used for uploading files)
edx-platform: implement permission checks on endpoint handler behind flag
Reference implementation: https://github.com/openedx/openedx-platform/pull/38009/changes