MST-970. If name affirmation is enabled, a user should only be allowed to make limited edits to their profile name before they are required to go through IDV. Right now, the allowable edits are limited to:

* add/delete/replace one character (including one space on either side)

Edits that are not allowed, and therefore require IDV include:

* changing 2 or more characters
* changing their name 3 or more times

This behavior will not be enabled until name affirmation is fully rolled out, so there should be no noticeable difference in account settings behavior at the time this is merged.

REV-2133

Now that we're actively using the LMS_USER_ID inside credentials to
identify users, we need to make sure that users created by
notify_credentials are including it in the jwt scopes when authenticated
with credentials.

fix: VAN-474 - Deleted cookie for activation popup

fix: Removing un-necessary link from the constraint.

It was broken because "organizations" was erronously included
in the `search_fields` admin option. Many-to-many fields
may not be used for search.

TNL-8722

There was a JS bug that made it so the course creation rights
notice (the thing that invites new studio users to request
access to create content) disappeared if the user selected
the "Courses" or "Libraries" tab.

This is because it was incorrectly comparing the #courses-tab
URL frament against the string "courses" instead of "courses-tab".

TNL-8718

* feat: adding monitoring to CookieNameChange middleware

Adding custom attribute: cookie.change_name
if cookie.change_name in transaction and equal 0, cookie with alternate name is detected and deleted
if cookie.change_name in transaction and equal 1, cookie with current name not in request and added

feat: Change override date to datetime

ENT-4784

fix: RegexPattern, used by re_path(), no longer returns keyword argum…

fix: Added the condition on body_type in test_reset_password

When first building the Certificate Date Override feature, I set up the
CertificateDateOverride model to store the override dates as Dates
instead of DateTimes.

Turns out this is not how edX typically handles dates, and it’s causing
some minor headaches around needing to convert values. Also, using just
Dates causes timezone issues.

MICROBA-1488

commits
=======
- fix: skip automatic reviews for noisy community-engineering paths

REV-2329

feat: notify_credentials of changed overrides

This changes the "Sign out" link on Studio to point to Studio's own logout
view, which clears the session and then redirects to LMS's logout page. The
LMS logout page then skips loading the Studio logout because it is seen in
the Referer header.

This change also brings Studio better into line with how other IDAs perform
their logouts.

Background:

After the rollout of Studio OAuth, logouts initiated on Studio failed to
actually log out Studio (but all other IDAs were logged out). This was
because the LMS logout view loads the logout pages of other IDAs but skips
any that is a *prefix* match on the Referer header, and browsers now often
send a truncated version of the Referer for privacy. Therefore, Studio was
always skipped when coming from Studio.

The fix is to make sure that Studio has already performed its logout by the
time the LMS logout page is loaded.

One wrinkle here is that the LMS logout view is activated ...

We use the `notify_credentials` management command to keep certificate-
related data in the LMS and Credentials service in sync. We can run it
with specific arguments (user_ids, course_keys, etc.) when we notice a
data discrepancy; and it is run regularly by a Jenkins job with the
`--auto` flag every ~4 hours to keep things up-to-date.

Because we probably never want to notify credentials of of ALL the
GeneratedCertificates, the celery task must be given some arguments
to filter down to the relevant certificates. Running the management
command with the `--auto` flag (as the Jenkins job does) adds
`start_date` and `end_date` arguments of 4 hours ago and now,
respectively.

The handle_notify_credentials celery task then takes those arguments and
looks for any GeneratedCertificates that have been modified within the
given time range by checking the GeneratedCertificate modified_date.
It will send the current data for those certificates to credentials.

However, we also want to notify credentials about certificates that have
an associated CertificateDateOverride that has changed within that time
range: added, updated, or deleted. But changes to a
CertificateDateOverride won’t affect the GeneratedCertificate’s modified
date, and therefore wouldn’t be included in the list of certs cent to
credentials.

This commit adds a check for changed CertificateDateOverrides and
includes their associated GeneratedCertificates in the list of certs. We
use the CertificateDateOverride’s history model for this check so that
we can include certificates whose override was deleted.

MICROBA-1489

[MICROBA-1466]

Current State (before this commit):

  Studio, as of today doesn't have a way to restrict a user to
  create a course in a particular organization. What Studio
  provides right now is a CourseCreator permission which gives
  an Admin the power to grant a user the permission to create
  a course.

  For example: If the Admin has given a user Spiderman the
  permission to create courses, Spiderman can now create courses
  in any organization i.e Marvel as well as DC.
  There is no way to restrict Spiderman from creating courses
  under DC.

Purpose of this commit:

  The changes done here gives Admin the ability to restrict a
  user on an Organization level from creating courses via the
  Course Creators section of the Studio Django administration
  panel.

  For example: Now, the Admin can give the user Spiderman the
  privilege of creating courses only under Marvel organization.
  The moment Spiderman tries to create a course under some
  other organization(i.e DC), Studio will show an error message.

  This change is available to all Studio instances that
  enable the FEATURES['ENABLE_CREATOR_GROUP'] flag.
  Regardless of the flag, it will not affect any instances that choose
  not to use it.

BB-3622

fixes issue with get_remote_id when multiple idps

feat: notify MFE when a sequence is hidden-after-due

Do not immediately update profile name from IDV when name affirmation is on

fix: RegexPattern, used by re_path(), no longer returns keyword arguments with None values to be passed to the view for the optional named groups that are missing.

BOM-2793

as we aren't concerned with these and do not intend to actively monitor,
unless tagged explicitly.

Currently, if a learner manually loads a sequence page that would
normally be skipped for them because it is hidden-after-due, the
sequence renders anyway.

This commit tells the frontend when it should not show a sequence
because it's hidden.

AA-1000

original behavior does pass the empty name through to
_update_full_name rather than just considering that as full name not
set. That's a little weird but outside the scope of this work so I've
preserved it by checking is not None rather than just using full_name
as a boolean.

MST-1015

MST-1015

MST-1015

feat: Added support for enterprise id in course_grade_passed_first_time event