From 0a6676a58ebe14c379450c3e7131390d6295e662 Mon Sep 17 00:00:00 2001
From: stv <stv@stanford.edu>
Date: Thu, 30 Aug 2018 12:36:21 -0700
Subject: [PATCH] Remove POST from enrollment/roster API

since we're using PUT/DELETE instead.
---
 .../common/djangoapps/enrollment/views.py     | 26 -------------------
 1 file changed, 26 deletions(-)

diff --git a/openedx/stanford/common/djangoapps/enrollment/views.py b/openedx/stanford/common/djangoapps/enrollment/views.py
index fad45be3c32a..e0a8a50e56ea 100644
--- a/openedx/stanford/common/djangoapps/enrollment/views.py
+++ b/openedx/stanford/common/djangoapps/enrollment/views.py
@@ -77,32 +77,6 @@ def get(self, request, course_id=None):
         roster = get_roster(course_id)
         return Response(data=json.dumps({'roster': roster}))
 
-    @method_decorator(ensure_csrf_cookie_cross_domain)
-    def post(self, request, course_id):
-        """
-        Enroll/unenroll a user in a course; requires staff access
-
-        **Example Request**
-            POST /api/enrollment/v1/roster/course-v1:foo+bar+foobar
-            {
-                'email': 'foo@bar.com',
-                'action': 'enroll',
-                'email_students': false,
-                'auto_enroll': true
-            }
-        """
-        action = request.data.get('action')
-        if action == 'enroll':
-            return self.put(request, course_id)
-        if action == 'unenroll':
-            return self.delete(request, course_id)
-        return Response(
-            status=status.HTTP_400_BAD_REQUEST,
-            data={
-                'message': u'Unrecognized action',
-            },
-        )
-
     def put(self, request, course_id):
         """
         Enroll a user in a course; requires staff access