Includes:
* Initial API implementation
* API_KEY header fix
* Fixed indentation error
* move api from common to lms
* Course-Group Relationships
* wip
* add parsing of overview content blob
* initial implementation
* get course updates API method
* get course static tabs API methods
* add unit tests
* fix some merge conflicts and remove some extra print statements picked up in rebase
* better constrain some of the course url regexs to expect a triple for courseId
* add ability to enroll users into courses
* wip
* add queryable group lists
* add a GET endpoint to /api/groups/{groupid}/courses to get the list of courses associated with the group (program)
* return the display names when listing all courses in a group (program)
* create optimized course tree query API endpoint
* make sure group profile data is properly serialized and deserialized. There appears to be a difference between how the Django test client handles things. Disabling unit test for now to unblock UI devs
* null guard
* fix broken unit test
* add GET endpoint to group/user relationships
* Added Security to session api as requested in #785
* Storing passoword history of user and validation for user's email and username
* Moved security tests to lms also
* add two FEATURE flag overrides to enable the security features
* remove unnecessary settings overrides (because they are 'feature flags')
* Adding ratelimiting on login api
* Migrated from Function-Based Views to Class-Based-Views
* Create new Account/Login Audit Log
* The API should provide for an audit log when a user creates a new account or logs into the system.
* UserList.post() now creates UserProfile, UserPreference records
* Group Profile fix
* Filter group subgroups by group type
* Application reorganization
* Name is now required during group creation
* Added null check for profile name
* User must reset password functionality added
* User must reset password dunctionality added
* Added user password reset functionality
* Add password reset api and implemented Password history
* Remove unused imports, password reset message text

Included commits:
* xblock-external-ui: Include CSRF token in the API answer
* xblock-external-ui: Adds support for CORS headers (cross-domain request)
* xblock-external-ui: Include full path when building local_url
* xblock-external-ui: Fix TestHandleXBlockCallback & bok_choy, add tests
* xblock-external-ui: Only return `instance` in `_invoke_xblock_handler()`
* xblock-external-ui: Group resources by hash tag to avoid duplicate loads
* xblock-external-ui: Alternate referer check for CORS requests
* session-cookie-httponly: Allow to disable httponly on session cookies
* remove errant log message
* xblock-no-anonymous: Fail early if the XBlock view is called anonymously

This reverts commit 85b3bfe4.

XCOM-312

This feature flag gates the exposure of the Full course/library
Import/Export API URLs in the LMS. This allows openedX deployments
that operate without Studio to take advantage of the API, while
others may turn the feature off to reserve all content authoring for
Studio.

This is a public, versioned, RESTful API for importing and
exporting full course content. The code was initially ripped from the
existing import/export API in the CMS contentstore djangoapp and wrapped
in Django Rest Framework view classes. It's a new djangoapp in
the openedx directory which is largely an abstraction off the CMS
Import/Export views.

This PR includes configuration changes. Most notably, Studio is
configured to serve the OAuth2 provider alongside the LMS.

This is the initial thread on the code list:
https://groups.google.com/forum/#!msg/edx-code/DmnHWmly25A/ZqjD1zb4o7oJ

And this thread contains another description of the changes:
https://groups.google.com/d/msg/edx-code/6dP9SEKsmqQ/Pvyn8fBDx68J

There are a numerous non-covered lines, all of which are missing
coverage in the CMS API this was ported from. They're mostly error
conditions, such as handling of multipart file upload errors.

* Delete reverification templates
* Delete photocapture.js
* Delete unused "name change" end-points
* Rebuild the reverification views using Backbone sub-views
* Stop passing template names to the JavaScript code
* Avoid hard-coding the parent view ID in the webcam view (for getting the capture click sound URL)

* Add end-point for initiating a request for credit from a provider.
* Add an end-point for a provider to update the status of a request (approved / denied).

JIRA: MA-799

TNL-1939

This functionality is provided to the user_api accounts and preferences api.
TNL-1701

- SOL-465: Initial implementation of certificates web view and signatories (names/titles)

- SOL-718 Close button is working properly

- SOL-801 Backbone Signatories Modeling

- SOL-803 Underscore template: Editor (Add)

- SOL-802 Signatories: Underscore template - Details

- SOL-804 Signatories: Underscore template: Editor (Edit)

- Add signatory delete Django view

- SOL-805 Signatory editor (Delete)

- Add Coffeescript router

- SOL-716 Jasmine Tests

- Added missing minified JS library

- client side validation of signatory fields

- SOL-390 signatories names

- Remove obsolete extends Sass files

- input maxlength limiting for signatory information

- SOL-389: Course title override

- SOL-466: Add capability to upload digitized signatures in Studio

- ziafazal: fixed css for upload signature image

- ziafazal: completed deletion of signature images

- UX-1741: Add initial static rendering/styling for Open edX web certs
  * creating new global static dir
  * adding static version of edX UX pattern library assets
  * adding web certificates static assets
  * adding static (+abstracted) web certificates rendering
  * creating two tiers of rendering (base + distinguished)
  * providing sample assets for certificate rendering
  * supporting RTL layouts
  * adding certifcates assests to edX static asset pipeline
  * temporarily hiding the mozilla open badges share action
  * wiring print button to print view/page
  * fixup! addressing conflict artifact in valid cert template
  * fixup! adding missing %hd-subsection sass extend + components comment clean up
  * fixup! correcting pattern library .hd-4 font-weight value

- SOL-468 Linked Student View for Web View Credential

- SOL-467: Add capability to upload organization logos for certificates

- SOL-391 / SOL-387: Signatory related info (assets) in certificates web view

- kelketek: Fixes for static asset collection in certificate HTML view.

- SOL-398 Web View: Public Access

- mattdrayer: Post-merge branch stabilization

- catong: Initial changes to Studio template and Help config file

- ziafazal: Branch stabilizations

- SOL-387: Display organization logo on LMS web view

- talbs/mattdrayer: Branch Stabilizations

- talbs: converting backpack action to use a button HTML element

- talbs: revising placeholder assets + their rendering in cert view

- mattdrayer: Username web view wireup

- SOL-386 Certificate Mode Previews

- SOL-905: Make organization logo and signatory signature uneditable

- SOL-922: Improve test coverage

- SOL-765: Add LinkedIn sharing

- [marco] temporary styling adjustment to account for smaller linkedin share image / fake button

- SOL-921: Address hardcoded template items

- SOL-927: Deleting certificate should delete org logo image also
  * updated invalid template
  * removed hr
  * fix invalid certificate error

- clrux: Add i18n to certificate templates and partials

- mattdrayer: Pylint violations

- SOL-920 Certificate Activation/Deactivation

- mattdrayer: Added LMS support

- SOL-932: Fix preview mode support in certificate view

- SOL-934: Fixed bug reported and broken tests

- SOL-935 removed the 'valid' word from web view title

- talbs: RTL support updates/fixes
  * revising certificate type icon/name vertical alignment
  * removing unused older certificate template
  * revising styling for message/banner actions
  * abstracting accomplishment type to use course mode + adding in honor/verified-specific placeholders

- mattdrayer: JSHint violations

Serve branded footer JSON/HTML/CSS/JS from an API endpoint
in the branding app.  Refactor OpenEdX and EdX.org footer templates
to use the Python version of the API, ensuring that the API
values are consistent with the footer included in main.html.

Detailed changes:

* Added footer API end-point to the branding app.
* Footer API allows the language to be set with querystring parameters.
* Footer API allows showing/hiding of the OpenEdX logo using querystring parameters.
* Deprecate ENABLE_FOOTER_V3 in favor of the branding API configuration flag.
* Move no referrer script into main.html from the edx footer template.
* Rename rwd_header_footer.js to rwd_header.js
* Cache API responses.

Authors:
Awais Qureshi, Aamir Khan, Will Daly

We are moving toward a single workflow for verification.

This is the first stage of the new Discussion API.

JIRA: MA-604

TNL-1502

TNL-1669

TNL-1789

TNL-1537

Co-Authored-By: Andy Armstrong <andya@edx.org>
Co-Authored-By: cahrens <christina@edx.org>

- Moved the CCX URLS into their django app.

Final official name is Custom Courses for EdX (CCX), rename all code to remove previous name.

Rename the FEATURE constant used to identify this feature

Rename the middleware for the CCX change

rename the constant used for storing the current poc id on the session.

rename the _PocContext threading local

rename the override provider in all places where it is referenced

`PersonalOnlineCoursesOverrideProvider` -> `CustomCoursesForEdxOverrideProvider`

generally rename symbols from overrides.py to replace `poc` with `ccx` where possible without changing model names or attributes

rename more symbols from poc to ccx
rename util functions from app utils module

general symbol renaming poc -> ccx in views.py and related url changes

Rename the coach role wherever it is used.

reword poc_coach to ccx_coach

UI rename

replace POC with CCX globally

template context variable renamed

rename poc_ to ccx_ in urls and all related locations (views, js, scss etc)

remove pocs migrations

Final massive renaming, including models.  Re-built migration.

cleaning up a few tailing references

Fix reference typo in schedule template JS

undo modifications made on the fly in test setup to ensure that our tests are properly isolated from the rest of the system tests.

Fixes jazkarta/edx-platform#38

Clean up some leftover strings and comments

fixing more strings and comments in python files

fix a naming error in the schedule tab that was causing problems in deleting courseware items.

Fixes jazkarta/edx-platform#36

updating tests and utility code to match changes in infrastructure from latest rebase

Ensure there is a consistent key for the session dict that will store the value of the poc_id if one is active.  If none is active, the mooc is assumed to be active.

Add mooc_name, mooc_url and active to the dict for each poc membership.

Update the navigation template to show link to mooc if poc is active, or to poc if not.

Ensure the switch_active_pocs view is covered well with tests.

Story #35 As a coach I can see and edit the json for the grading policy.

Story #34 Recalculate grading policy

Repair the broken test for grading by providing an explicit POC context for the request to run in

Story #4: Coaches sees grades.

Story #9: Coach downloads grades.

This feature provides the ability to designate a "coach" who can create customized runs of an existing course, invite students to participate, and manage students through the run of the course.

In this squashed commit we implement the initial scifi, add the 'POC Coach' course role, refine the scifi, add migrations for models, create POCs, enforce POC Coach role, provide panels for Coach Dashboard, set up rudimentary display of course outline, add and remove units, show/hide all units, and save schedule changes, set dates when adding units, edit dates on units already added and provide some tests.

We also provide mechanisms for invitation and enrollment in a POC (to become CCX) and control the display of blocks to students in a POC.

Adds an /xdomain_proxy.html endpoint that serves
the proxy file from the xdomain library.  This
allows IE9 users to iframe in the proxy page
to simulate a cross-domain request with cookies.