fix: Fix edX username validation to avoid username collision

[asadali145]

Pre-Flight checklist

• Testing
  • Code is tested
  • Changes have been manually tested

What are the relevant tickets?

Somewhat #259 and this slack discussion.
Fixes #1393

What's this PR do?

Fixes the username validation with edX.

• We implemented username validation in 734 - registration validate username against openedx #757. We were rooting on a validation message.
• edX updated validation messages under fix: remove legacy error messages openedx/edx-platform#30937.
• This PR fixes the validation and also makes it generic so that any issue with the username can be validated.

How should this be manually tested?

• Make sure that your edX integration works and FEATURES["ENABLE_UNICODE_USERNAME"] = True
• Create an account in MITxOnline with accented characters.
• Verify that the account is created in MitxOnline and in edX.
• Now try to create another account with the same username but unaccented characters.
• You should see an error message that A user already exists with this username. Please try a different one.

Any background context you want to provide?

Most of the details are available in the slack thread and #259

Here are the alternative approaches that I considered:

• Perform an unaccented search in MITxOnline in such cases by following https://docs.djangoproject.com/en/3.2/ref/contrib/postgres/lookups/#unaccent but that requires some setup in MitxOnline and Postgres.
• Perform an accented search in edX, but that might need some collation settings with MySQL that we are sure of.

[arslanashraf7]

So I was thinking. If edX returns some error message for the username while validating account registration and the message is not related to the existing username that we had in OPENEDX_USERNAME_VALIDATION_MSGS_MAP we will get None for openedx_validation_msg even though there can be some other error for username?

In the above case, I think the user creation would still succeed, whereas I think if we get any error for the username field we should block the registration process, and in this case, we can send a generic message to the frontend for the user that the registration can't proceed.

[arslanashraf7]

I think it would be good to take @rhysyngsun's opinion on this too.

[asadali145]

I have used the .get() method of the dictionary and provided the msg returned by edX as default. So, in case the msg does not exist in our OPENEDX_USERNAME_VALIDATION_MSGS_MAP then it will return the msg returned by edX as I am doing OPENEDX_USERNAME_VALIDATION_MSGS_MAP.get(openedx_validation_msg, openedx_validation_msg)

[rhysyngsun]

The approach here is fine to pass through the openedx error message.

[rhysyngsun]

In addition to the changes I'm suggesting here, we'd talked about making the username validation required (meaning if openedx fails, we don't allow account creation to proceed).

To accomplish this I think we should actually move the username validation out of validate_username and into the general purpose validate(). Then in that method we can update this so that if the API call to openedx fails, return an object-level error (make sure the form displays this) that we're unable to create an account at this time and to please reach out to support.

This is a bit more invasive than your original changes but I think we need to stop soft-failing when there's an openedx outage because then we're right back to having accounts get created that need username repairs, but if we block on openedx being available, if there's an outage there's no further effort required on our part once that system is available again.

[rhysyngsun]

Since you're fixing the type, can you fix the argument and property name too since it's not an error?

[rhysyngsun]

I'm dealing with rebuilding devstack at the moment, so I wasn't able to functionally test. One piece of feedback though.

[rhysyngsun]

Could you log this exception so we'll know registrations are failing?

[rhysyngsun]

@asadali145 if your PR is ready and @arslanashraf7 is able to functionally test it, don't let me own functional testing hold up merging this.

[codecov-commenter]

Codecov Report

Merging #1389 (fc316fa) into main (0d000ef) will decrease coverage by 0.03%.
The diff coverage is 88.00%.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

@@            Coverage Diff             @@
##             main    #1389      +/-   ##
==========================================
- Coverage   83.28%   83.25%   -0.03%     
==========================================
  Files         309      309              
  Lines       13105    13116      +11     
  Branches      930      931       +1     
==========================================
+ Hits        10914    10920       +6     
- Misses       1925     1928       +3     
- Partials      266      268       +2     

Impacted Files	Coverage Δ
users/serializers.py	93.68% <76.92%> (-0.37%)	⬇️
authentication/serializers.py	89.75% <100.00%> (+0.06%)	⬆️
...c/containers/pages/register/RegisterDetailsPage.js	95.00% <100.00%> (+0.55%)	⬆️
main/constants.py	100.00% <100.00%> (ø)
main/settings.py	93.69% <100.00%> (ø)
openedx/api.py	85.09% <100.00%> (ø)
openedx/exceptions.py	88.63% <100.00%> (ø)
ecommerce/views/v0/__init__.py	82.59% <0.00%> (-0.69%)	⬇️
ecommerce/models.py	85.36% <0.00%> (-0.55%)	⬇️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[arslanashraf7]

Functionality works fine 👍