def post(self, questionnaire_id=None):
schema = ShadowDimensionSchema()
data, errors = schema.load(request.json)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'Dimension not created. Some errors occurred.',
'errors': errors
}, 400
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
dimension = Dimension.query.get_or_404(data['id'])
if not questionnaire.accessible_by(current_user()):
abort(403)
if not questionnaire.modifiable_by(current_user()):
abort(403)
if questionnaire.shadow:
abort(403)
if dimension.shadow:
abort(403)
shadow_dimension = questionnaire.add_shadow_dimension(dimension)
db.session.commit()
data = DimensionSchema().dump(shadow_dimension).data
return {
'message': 'Dimension created.',
'dimension': data
}
def delete(self):
dataclient_data = DataClientSchema().dump(current_user()).data
db.session.delete(current_user())
db.session.commit()
auth.session.logout()
return {
'message': 'DataClient removed',
'data_client': dataclient_data
}
def delete(self, **kwargs):
question = self.get_question_or_404(**kwargs)
if not question.accessible_by(current_user()):
abort(403)
if not question.modifiable_by(current_user()):
abort(403)
data = QuestionSchema().dump(question).data
question.dimension.remove_question(question)
db.session.commit()
return {'message': 'Question removed.', 'question': data}
def delete(self, questionnaire_id=None):
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
if not questionnaire.accessible_by(current_user()):
abort(403)
if not questionnaire.modifiable_by(current_user()):
abort(403)
data = QuestionnaireSchema().dump(questionnaire).data
questionnaire.delete()
db.session.commit()
return {'message': 'Questionnaire removed.', 'questionnaire': data}
def get(self, questionnaire_id: int=None):
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
if not questionnaire.accessible_by(current_user()):
abort(403)
if not questionnaire.modifiable_by(current_user()):
abort(403)
statistics = []
for dimension in questionnaire.dimensions:
for question in dimension.questions:
statistics.append(question.statistic)
return QuestionStatisticSchema(many=True).dump(statistics)
def patch(self,
questionnaire_id=None,
dimension_id=None,
question_id=None):
question = self.get_question_or_404(questionnaire_id, dimension_id,
question_id)
if not question.accessible_by(current_user()):
abort(403)
if not question.modifiable_by(current_user()):
abort(403)
schema = QuestionSchema()
data, errors = schema.load(request.json, partial=True)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'Question not updated. Some errors occurred.',
'errors': errors
}, 400
shadow_attributes = ['position']
for k, v in data.items():
if isinstance(question, ShadowQuestion):
if k not in shadow_attributes:
errors[k] = [
'Can\'t update {} of a ShadowQuestion. The contributor owning '
'the template is responsible for the Dimension\'s content.'
.format(k)
]
continue
else:
if 'k' == 'template':
if not current_has_minimum_role(Role.Contributor):
errors[k] = [
'You need to be a contributor to publish '
'templates.'
]
continue
setattr(question, k, v)
db.session.commit()
response = {
'message': 'Question updated.',
'question': schema.dump(question).data
}
if errors:
response['message'] += ' Some errors occurred.'
response['errors'] = errors
return response
def __init__(self):
self.__platform = "st3k101"
if current_user() and isinstance(current_user(), DataSubject):
self.__platform += " via {}".format(current_user().source)
self.__language = g._language.name
try:
ip = get_client_ip(
) if not g._config['DEBUG_SPOOF_LOCATION'] else "141.2.1.21"
location = geolite2.reader().get(ip)["location"]
self.__geolocation = (location["latitude"], location["longitude"])
except (ValueError, TypeError):
self.__geolocation = None
def get(self,
questionnaire_id: int=None,
dimension_id: int=None,
question_id: int=None
):
_, _, question = validate_resource_path(
questionnaire_id,
dimension_id,
question_id
)
if not question.accessible_by(current_user()):
abort(403)
if not question.modifiable_by(current_user()):
abort(403)
return QuestionStatisticSchema().dump(question.statistic)
def post(self):
schema = ShadowQuestionnaireSchema()
data, errors = schema.load(request.json)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'Questionnaire not created. Some errors occurred.',
'errors': errors
}, 400
questionnaire = Questionnaire.query.get_or_404(data['id'])
if not questionnaire.accessible_by(current_user()):
abort(403)
if questionnaire.shadow:
abort(403)
shadow_questionnaire = ShadowQuestionnaire(questionnaire)
db.session.add(shadow_questionnaire)
db.session.commit()
data = QuestionnaireSchema().dump(shadow_questionnaire).data
return {
'message': 'Questionnaire created.',
'questionnaire': data
}, 201
def track_translation_hybrid_updated(sender: 'SurveyBase',
property_name=None,
previous_value=None,
new_value=None):
if previous_value is None:
return
if previous_value == new_value:
return
previous_entries = TranslatedPropertyUpdatedTrackerEntry.query\
.filter_by(item=sender, property_name=property_name, language=g._language)
for p in previous_entries:
db.session.delete(p)
te = TranslatedPropertyUpdatedTrackerEntry(dataclient=current_user(),
item_name=sender.name,
item=sender,
property_name=property_name,
previous_value=previous_value,
new_value=new_value)
db.session.add(te)
te.owners.extend(sender.owners)
# make all people with a reference (shadow copy) of sender own the tracker
# entry, so that the change will be shown in their feed
if hasattr(sender, 'copies'):
for copy in sender.copies:
te.owners.extend(copy.owners)
def get(self, questionnaire_id=None, dimension_id=None, question_id=None):
question = self.get_question_or_404(questionnaire_id, dimension_id,
question_id)
if not question.accessible_by(current_user()):
abort(403)
return QuestionSchema().dump(question).data
def patch(self):
dataclient = current_user()
schema = DataClientSchema(partial=True)
data, errors = schema.load(request.json)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'DataClient not updated. Some errors occurred',
'errors': errors
}, 400
for k, v in data.items():
if k == 'roles':
if not current_has_minimum_role(Role.Admin):
errors[k] = [
'You are note allowed to change user\'s '
'roles'
]
continue
dataclient.update_roles(data['roles'])
setattr(dataclient, k, v)
db.session.commit()
response = {
'message': 'DataClient updated.',
'data_client': schema.dump(dataclient).data
}
if errors:
response['message'] += ' Some errors occurred.'
response['errors'] = errors
return response
def get(self, questionnaire_id=None):
schema = QuestionnaireSchema()
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
if not questionnaire.accessible_by(current_user()):
if not questionnaire.published:
abort(403)
db.session.commit()
return schema.dump(questionnaire).data
def get(self, questionnaire_id=None, dimension_id=None):
dimension = Dimension.query.get_or_404(dimension_id)
if questionnaire_id is not None:
if dimension.questionnaire_id != questionnaire_id:
abort(404)
if not dimension.accessible_by(current_user()):
abort(403)
return DimensionSchema().dump(dimension).data
def delete(self, questionnaire_id=None, dimension_id=None):
dimension = Dimension.query.get_or_404(dimension_id)
if questionnaire_id is not None:
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
else:
questionnaire = dimension.questionnaire
if not dimension.accessible_by(current_user()):
abort(403)
if not dimension.modifiable_by(current_user()):
abort(403)
data = DimensionSchema().dump(dimension).data
questionnaire.remove_dimension(dimension)
db.session.commit()
return {
'message': 'Dimension removed.',
'dimension': data
}
def build_owned_incoming_references(self, obj: SurveyBase):
return list(
map(
lambda q: {
"href": super(SurveyBaseSchema, self).build_href(q),
"id": q.id
}, filter(lambda q: q.accessible_by(current_user()),
obj.copies)))
def get(self, questionnaire_id: int = None, dimension_id: int = None):
dimension = Dimension.query.get_or_404(dimension_id)
if questionnaire_id is not None:
if questionnaire_id != dimension.questionnaire_id:
abort(404)
if not dimension.accessible_by(current_user()):
abort(403)
tracker_entries = tracker_entries_for_survey_base(dimension)
return serialize_mixed_list(tracker_entries, TRACKER_ENTRY_MAPPING)
def post(self, questionnaire_id: int = None, dimension_id: int = None):
schema = QuestionSchema()
data, errors = schema.load(request.json)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'Question not created. Some errors occurred.',
'errors': errors
}, 400
dimension = Dimension.query.get_or_404(dimension_id)
if questionnaire_id is not None:
if dimension.questionnaire_id != questionnaire_id:
abort(404)
if not dimension.accessible_by(current_user()):
abort(403)
if not dimension.modifiable_by(current_user()):
abort(403)
if dimension.shadow:
abort(403)
question = dimension.new_question(data['text'],
data['range_start_label'],
data['range_end_label'])
for k, v in data.items():
if 'k' == 'template':
if not current_has_minimum_role(Role.Contributor):
errors[k] = [
'You need to be a contributor to publish '
'templates.'
]
continue
setattr(question, k, v)
db.session.commit()
data = QuestionSchema().dump(question).data
response = {'message': 'Question created.', 'question': data}
if errors:
response['message'] += ' Some errors occurred.'
response['errors'] = errors
return response, 201
def get(self, dataclient_id=None):
schema = DataClientSchema()
if dataclient_id != current_user().id:
if not current_has_minimum_role(Role.Admin):
abort(403,
message='You are not allowed to access other user\'s'
' data.')
dataclient = DataClient.query.get_or_404(dataclient_id)
return schema.dump(dataclient).data
def get(self, questionnaire_id: int = None, dimension_id: int = None):
dimension = Dimension.query.get_or_404(dimension_id)
if not dimension.accessible_by(current_user()):
abort(403)
if questionnaire_id is not None:
if dimension.questionnaire_id != questionnaire_id:
abort(404)
schema = QuestionSchema(many=True)
return schema.dump(dimension.questions).data
def track_questionnaire_removed(sender: 'SurveyBase'):
te = QuestionnaireRemovedTrackerEntry(dataclient=current_user(),
questionnaire_name=sender.name)
db.session.add(te)
te.owners.extend(sender.owners)
# make all people with a reference (shadow copy) of sender own the tracker
# entry, so that the change will be shown in their feed
if hasattr(sender, 'copies'):
for copy in sender.copies:
te.owners.extend(copy.owners)
def get(self, questionnaire_id: int = None):
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
if not questionnaire.accessible_by(current_user()):
abort(403)
schema = QuestionResponseSchema(many=True)
responses = []
for dimension in questionnaire.dimensions:
for question in dimension.questions:
responses += question.responses
return schema.dump(responses).data
def get(self,
questionnaire_id: int = None,
dimension_id: int = None,
question_id: int = None):
_, _, question = validate_resource_path(questionnaire_id, dimension_id,
question_id)
if question is None:
abort(404)
if not question.accessible_by(current_user()):
abort(403)
schema = QuestionResponseSchema(many=True)
return schema.dump(question.responses).data
def track_item_removed(sender: 'SurveyBase', removed_item_name: str = None):
te = ItemRemovedTrackerEntry(dataclient=current_user(),
parent_item_name=sender.name,
parent_item=sender,
removed_item_name=removed_item_name)
db.session.add(te)
te.owners.extend(sender.owners)
# make all people with a reference (shadow copy) of sender own the tracker
# entry, so that the change will be shown in their feed
if hasattr(sender, 'copies'):
for copy in sender.copies:
te.owners.extend(copy.owners)
def get(self, dataclient_id=None):
if dataclient_id is None:
dataclient = current_user()
else:
if not current_has_minimum_role(Role.Admin):
abort(403)
dataclient = DataClient.query.get(dataclient_id)
query = query_owned(DataClient, dataclient.id, Questionnaire)
questionnaires = query.all()
schema = QuestionnaireSchema(many=True)
return schema.dump(questionnaires).data
def post(self, questionnaire_id=None):
schema = DimensionSchema()
data, errors = schema.load(request.json)
for err in errors:
if err in data:
del data[err]
if not data:
return {
'message': 'Dimension not created. Some errors occurred.',
'errors': errors
}, 400
questionnaire = Questionnaire.query.get_or_404(questionnaire_id)
if not questionnaire.accessible_by(current_user()):
abort(403)
if not questionnaire.modifiable_by(current_user()):
abort(403)
if questionnaire.shadow:
abort(403)
dimension = questionnaire.new_dimension(data['name'])
for k, v in data.items():
if k == 'template':
if not current_has_minimum_role(Role.Contributor):
errors[k] = ['You need to be a contributor to publish '
'templates.']
continue
setattr(dimension, k, v)
db.session.commit()
data = DimensionSchema().dump(dimension).data
response = {
'message': 'Dimension created.',
'dimension': data
}
if errors:
response['message'] += ' Some errors occurred.'
response['errors'] = errors
return response, 201
def get(self,
questionnaire_id: int = None,
dimension_id: int = None,
question_id: int = None,
response_id: int = None):
_, _, question = validate_resource_path(questionnaire_id, dimension_id,
question_id)
response = QuestionResponse.query.get_or_404(response_id)
if question is not None:
if response.question_id != question.id:
abort(404)
if not response.accessible_by(current_user()):
abort(403)
return QuestionResponseSchema().dump(response).data
def post(self, questionnaire_id: int = None, dimension_id: int = None):
schema = ShadowQuestionSchema()
data, errors = schema.load(request.json)
dimension = Dimension.query.get_or_404(dimension_id)
question = Question.query.get_or_404(data['id'])
if not dimension.accessible_by(current_user()):
abort(403)
if questionnaire_id is not None:
if dimension.questionnaire_id != questionnaire_id:
abort(404)
if not dimension.modifiable_by(current_user()):
abort(403)
if dimension.shadow:
abort(403)
if question.shadow:
abort(403)
shadow_question = dimension.add_shadow_question(question)
db.session.commit()
data = QuestionSchema().dump(shadow_question).data
return {'message': 'Question created.', 'question': data}, 201
def delete(self, dataclient_id=None):
if dataclient_id != current_user().id:
if not current_has_minimum_role(Role.Admin):
abort(403,
message='You are not allowed to remove other user\'s'
' accounts.')
dataclient = DataClient.query.get_or_404(dataclient_id)
dataclient_data = DataClientSchema().dump(dataclient).data
db.session.delete(dataclient)
db.session.commit()
return {
'message': 'DataClient removed',
'data_client': dataclient_data
}
def strip_private_fields(self, data, original_data: SurveyBase = None):
def _strip(d):
for k in self.get_private():
if k in d:
del d[k]
return d
if isinstance(original_data, list):
for od in original_data:
if od.id == data['id']:
original_data = od
break
if not original_data.modifiable_by(current_user()):
return _strip(data)
