Contingent on new feature toggle `VERIFY_USER_CHANGE_UNCONDITIONAL`, check
for request/response user mismatches on all requests, not just those
setting a session cookie on the response.

This is intended to *restore* an older behavior. I believe that almost all
requests used to set a new session cookie, and for some reason no longer
do, so this is really just an attempt to return to that previous behavior
no matter whether a new session cookie will be set. (Previously, the
cookie-to-be-deleted check would still have been in effect, so this is
actually a slight change from the earlier behavior -- the logout response
will now be included, and then quickly ignored due to a later check.)

The off-by-default switch moves several lines of code out of a try block,
but also out from under an if guard that checks for certain cookie
conditions. The movement out of the try block should be irrelevant, since
neither of the relocated lines should be raising a SafeCookieError.
However, there is some chance that they could raise other exceptions when
called from their new location (and new situations), hence the use of a
feature toggle -- we'll want to make it easy to switch the new behavior off
quickly if we start seeing an increase in errors.

Once the change is well-exercised, we can remove the toggle and the old
call locations.

I'm not entirely sure about the change to the `verify_error` utility
function in the unit tests, but it seems like even unauthenticated requests
in Django end up with a user and session on the request object, so this is
probably a close-enough way to mock that out.

I duplicated a couple of tests to test with feature toggle on/off.

ref: ARCHBOM-1952

This PR is an update on https://github.com/edx/edx-platform/pull/29280

This defines optional extra fields that are not hidden under the toggle on the 
registration page.

* feat: Adds a new discussion topic configuration mechanism

The new discussion configuration system links discussion topics directly to the course structure. This change adds a new task that sends a discussion update signal if there are any changes to the course. This signal includes all the context needed to update the configuration of the course.

The handler for this new event will create a new entry for each unit that needs a topic in the database. In the future this will be used to see the topics in the course.

* fix: add support for marking a provider as supporting LTI

* fix: review feedback

Removed hardcoded edx user info cookie name and used settings variable.

I have come across these unused variables and thought it's good to remove and clean up the code.

* feat: Django codemods on LMS (2)

* fix: Miscellaneous styling fixes for mobile

* fix: Add px fallback since outlook doesn't support rem

ENT-5095

* chore: update deprecated import from collections

* chore: remove outdated imports from markdown library

as it hasn't been supported since 2.0.3 and we're on 3.x.
This was deprecated at least as early as 2012!

* docs: add docstring and remove lint-amnesty to markdown plugin

* chore: remove deprecated etree import

* style: remove unnecessary-comprehension for sets

* style: resolve a number of amnestied pylint complaints

Co-authored-by: stvn <stvn@mit.edu>

feat: [AA-1082] fix 500 error on courses dashboard

When there are no selected blocks, the dict comprehension to
compare is throwing an exception. Handle the error more gracefully.
The blocks will not be sorted, but they should not be filtered.

* fix: pin docutils<0.18 due to Sphinx requirement

* fix: use pngs for the goal reminder email banner and remove redundant unsubscribe link

* fix: update

* fix: Miscellaneous UI fixes and fixed unsubscribe link

* feat: added program discussions admin view

* refactor: updated docstring

* refactor: updated constant

feat!: [BD-13] Deprecate ModuleSystem.render_template

When signing in from the LMS, the authentication request succeeds but
the user was never redirected to the dashboard. This is because of a
js error:

    Uncaught TypeError: userCookie is null
        userFromEdxUserCookie
        http://maple.openedx.overhang.io:8000/static/js/student_account/utils.js:32

The error comes from the fact that the util.js code ignores the
EDXAPP_EDXMKTG_USER_INFO_COOKIE_NAME setting name. Instead the cookie
name is abritrarily prefixed by "stage-" or "prod-" depending on the
hostname. This seems to be primarily motivated by the definition of
edX.org staging/prod environment hostnames :-(

To resolve this issue, we decided that the actual cookie name was not so
important. Instead, the js code needs to not crash even when the cookie
is absent.

This issue was first reported here:
https://github.com/edx/edx-platform/pull/28170#issuecomment-890449885

Close https://github.com/openedx/build-test-release-wg/issues/104

fix: use pngs for the goal reminder email banner and remove redundant unsubscribe link from the email (#29215)

* fix: use pngs for the goal reminder email banner and remove redundant unsubscribe link

* fix: update

fix: fix issues with LANGUAGE_CODE for legacy UI [BB-4823] [OSPR-6196]

chore: upgrade edx-proctoring to 4.7.0

feat: only show IDV panel until honor code replaces it

from test code.

from block code.

in favor of the added MakoSystem render_template method.

Related changes:
* Adds the MakoService to the StudioEditModuleRuntime,
  PreviewModuleSystem, LmsModuleSystem, and XBlockRuntime
* MakoService constructor takes a `namespace_prefix` string, so that the
  CMS PreviewModuleSystem can render to LMS templates, without needing
  the special render_from_lms helper method.
* ModuleSystem.render_template becomes a read-only property, so the
  constructor calls and test module systems are updated accordingly.
* Adds tests for the MakoService and module system shims.

When side-wide language is set via LANGUAGE_CODE site configuration,
some elements of legacy UI still use the language set in user
preferences (or None, which fallsback to 'en' if nothing is set in
preferences). The expectation is that everything should be translated to
the language which is set in the site configuration.

In legacy UI (i.e. templates) the code of the current language sometimes
is needed, and in these cases `user_language` variable from the context
is used. The value for that variable is inserted via context processor,
which takes the value from the user preferences.

The solution modifies the context processor to check if there is a
language set in site configuration, and if there is, send that value,
instead of whatever value there was in user peferences.

the integrity flag is a course waffle flag so until it's on for
everyone this will not be triggered - that's OK and expected

MST-1153

There are messages on each course card on learner dashboard that displays action panels to prompt learners to do IDV. With honor code signature feature on, those panel message should be disabled

Co-authored-by: Simon Chen <schen@edx-c02fw0guml85.lan>

- Add early exit for readability. Less indentation here may make the control flow easier to read.
- Wrap debug info generation in error-suppressing try-except block.

Co-authored-by: Robert Raposa <rraposa@edx.org>

feat: filter bulk course email recipients based on last_login date

[MST-1150] Add integrity signature flag to courseware api

[FAL-2457] Let ModuleSystem use UserService

[MICROBA-1569]
- filter bulk course email recipients based on the last_login date of a learner's user account
- introduces a new setting named `BULK_COURSE_EMAIL_LAST_LOGIN_ELIGIBILITY_PERIOD` that sets the login threshold to be included (in months) to a bulk course email message(if set)