Skip to content

Task - RBAC AuthZ - Implement new permissions for files #193

New issue
New issue
Open
openedx/openedx-platform
#38194
Open
Task - RBAC AuthZ - Implement new permissions for files#193
openedx/openedx-platform
#38194
Assignees
rodmgwgu
Labels
verawoodReleased in Verawood
@rodmgwgu

Description

@rodmgwgu
rodmgwgu
opened on Jan 21, 2026

Implement new permissions for files.

Should live behind the feature flag.

Relevant permissions:
courses.view_files
courses.create_files
courses.delete_files
courses.edit_files

Changes needed:

Endpoints:
Note: Assets have their own namespace, example: 1. "/asset-v1:OpenedX+DemoX+DemoCourse+type@asset+block@Open_edX_Demo_Course___Textbooks.pdf"

GET /assets/(courseid)/: List Files
GET /(assetid): Download a file -> Check if this is meant to be public so it doesn't apply, or if it needs to be handled by course authoring permissions
GET /assets/(courseid)/(assetid)/usage: Get file info
PUT /assets/(courseid)/(assetid)/, payload: {"locked":true}: Lock file (courses.edit_files)
DELETE /assets/(courseid)/(assetid)/: Delete file
(Check which endpoint is used for uploading files)

edx-platform: implement permission checks on endpoint handler behind flag

Reference implementation: https://github.com/openedx/openedx-platform/pull/38009/changes

Metadata

Metadata

Assignees

Labels

verawoodReleased in Verawood

Type

No type

Projects

RBAC AuthZ Board

Status

Ready for review

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions