fix(ban): Add defensive coding for forum ban API calls

Author: mraman-2U

lms/djangoapps/discussion/rest_api/api.py

@@ -394,7 +394,7 @@ def _format_datetime(dt):
         "is_email_verified": request.user.is_active,
         "only_verified_users_can_post": ONLY_VERIFIED_USERS_CAN_POST.is_enabled(course_key),
         "content_creation_rate_limited": is_content_creation_rate_limited(request, course_key, increment=False),
-        "is_user_banned": forum_api.is_user_banned(request.user, course_key),
+        "is_user_banned": getattr(forum_api, 'is_user_banned', lambda u, c: False)(request.user, course_key),
         "enable_discussion_ban": ENABLE_DISCUSSION_BAN.is_enabled(course_key),
     }
 
@@ -1503,7 +1503,8 @@ def create_thread(request, thread_data):
         raise DiscussionBlackOutException
 
     # Check if user is banned from discussions
-    if forum_api.is_user_banned(user, course_key):
+    is_user_banned = getattr(forum_api, 'is_user_banned', None)
+    if is_user_banned and is_user_banned(user, course_key):
         raise PermissionDenied("You are banned from posting in this course's discussions.")
 
     notify_all_learners = thread_data.pop("notify_all_learners", False)
@@ -1563,7 +1564,8 @@ def create_comment(request, comment_data):
         raise DiscussionBlackOutException
 
     # Check if user is banned from discussions
-    if forum_api.is_user_banned(request.user, course.id):
+    is_user_banned = getattr(forum_api, 'is_user_banned', None)
+    if is_user_banned and is_user_banned(request.user, course.id):
         raise PermissionDenied("You are banned from posting in this course's discussions.")
 
     # if a thread is closed; no new comments could be made to it

lms/djangoapps/discussion/rest_api/serializers.py

@@ -298,7 +298,9 @@ def get_is_author_banned(self, obj):
             course_id = self.context.get("course_id")
 
             if course_id:
-                return forum_api.is_user_banned(user, course_id)
+                is_user_banned = getattr(forum_api, 'is_user_banned', None)
+                if is_user_banned:
+                    return is_user_banned(user, course_id)
             return None
         except (ObjectDoesNotExist, ValueError, Exception):  # pylint: disable=broad-exception-caught
             return None

lms/djangoapps/discussion/rest_api/views.py

@@ -1861,6 +1861,13 @@ def ban_user(self, request):
         from forum import api as forum_api
         from lms.djangoapps.discussion.rest_api.serializers import BanUserRequestSerializer
 
+        # Check if ban API is available
+        if not hasattr(forum_api, 'ban_user') or not hasattr(forum_api, 'is_user_banned'):
+            return Response(
+                {'error': 'Ban functionality is not available in this forum version'},
+                status=status.HTTP_501_NOT_IMPLEMENTED
+            )
+
         serializer = BanUserRequestSerializer(data=request.data, context={'request': request})
         if not serializer.is_valid():
             return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
@@ -2010,6 +2017,13 @@ def unban_user(self, request):
         from forum import api as forum_api
         from lms.djangoapps.discussion.rest_api.serializers import BanUserRequestSerializer
 
+        # Check if ban API is available
+        if not hasattr(forum_api, 'unban_user') or not hasattr(forum_api, 'is_user_banned'):
+            return Response(
+                {'error': 'Ban functionality is not available in this forum version'},
+                status=status.HTTP_501_NOT_IMPLEMENTED
+            )
+
         serializer = BanUserRequestSerializer(data=request.data, context={'request': request})
         if not serializer.is_valid():
             return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)