Beispiel #1
0
def create_case(case_id, files, patient_case_id=None):
    """
    Handle case submission for the sonosite endpoint
    """
    # we already parsed what we need from this, so can just remove it
    # without worrying we will need it later
    files.pop('PT_PPS.XML', '')

    xform = render_sonosite_xform(files, case_id, patient_case_id)

    file_dict = {}
    for f in files:
        file_dict[f] = UploadedFile(files[f], f)

    submit_form_locally(
        instance=xform,
        attachments=file_dict,
        domain=UTH_DOMAIN,
    )
    # this is a bit of a hack / abstraction violation
    # would be nice if submit_form_locally returned info about cases updated
    case_ids = {
        case_update.id
        for case_update in get_case_updates(convert_xform_to_json(xform))
    }
    return [CommCareCase.get(case_id) for case_id in case_ids]
Beispiel #2
0
def _noauth_post(request, domain, app_id=None):
    instance, _ = receiver.get_instance_and_attachment(request)
    form_json = convert_xform_to_json(instance)
    case_updates = get_case_updates(form_json)

    def case_block_ok(case_updates):
        case_ids = set()
        for case_update in case_updates:
            case_ids.add(case_update.id)
            create_action = case_update.get_create_action()
            update_action = case_update.get_update_action()
            index_action = case_update.get_index_action()
            if create_action:
                if create_action.user_id not in ('demo_user', None):
                    return False
                if create_action.owner_id not in ('demo_user', None):
                    return False
            if update_action:
                if update_action.owner_id not in ('demo_user', None):
                    return False
            if index_action:
                for index in index_action.indices:
                    case_ids.add(index.referenced_id)
        cases = CommCareCase.bulk_get_lite(list(case_ids))
        for case in cases:
            if case.domain != domain:
                return False
            if case.owner_id or case.user_id != 'demo_user':
                return False
        return True

    if not case_block_ok(case_updates):
        return HttpResponseForbidden()

    return post(request, domain, app_id)
Beispiel #3
0
def _noauth_post(request, domain, app_id=None):
    instance, _ = couchforms.get_instance_and_attachment(request)
    form_json = convert_xform_to_json(instance)
    case_updates = get_case_updates(form_json)

    def form_ok(form_json):
        try:
            # require new-style meta/userID (reject Meta/chw_id)
            if form_json['meta']['userID'] == 'demo_user':
                return True
        except (KeyError, ValueError):
            pass
        if is_device_report(form_json):
            return True
        return False

    def case_block_ok(case_updates):
        case_ids = set()
        for case_update in case_updates:
            case_ids.add(case_update.id)
            create_action = case_update.get_create_action()
            update_action = case_update.get_update_action()
            index_action = case_update.get_index_action()
            if create_action:
                if create_action.user_id not in ('demo_user', None):
                    return False
                if create_action.owner_id not in ('demo_user', None):
                    return False
            if update_action:
                if update_action.owner_id not in ('demo_user', None):
                    return False
            if index_action:
                for index in index_action.indices:
                    case_ids.add(index.referenced_id)
        cases = CommCareCase.bulk_get_lite(list(case_ids))
        for case in cases:
            if case.domain != domain:
                return False
            if case.owner_id or case.user_id != 'demo_user':
                return False
        return True

    if not (form_ok(form_json) and case_block_ok(case_updates)):
        return HttpResponseForbidden()

    return _process_form(
        request=request,
        domain=domain,
        app_id=app_id,
        user_id=None,
        authenticated=False,
        auth_cls=WaivedAuthContext,
    )
Beispiel #4
0
def _noauth_post(request, domain, app_id=None):
    instance, _ = couchforms.get_instance_and_attachment(request)
    form_json = convert_xform_to_json(instance)
    case_updates = get_case_updates(form_json)

    def form_ok(form_json):
        try:
            # require new-style meta/userID (reject Meta/chw_id)
            if form_json['meta']['userID'] == 'demo_user':
                return True
        except (KeyError, ValueError):
            pass
        if is_device_report(form_json):
            return True
        return False

    def case_block_ok(case_updates):
        case_ids = set()
        for case_update in case_updates:
            case_ids.add(case_update.id)
            create_action = case_update.get_create_action()
            update_action = case_update.get_update_action()
            index_action = case_update.get_index_action()
            if create_action:
                if create_action.user_id not in ('demo_user', None):
                    return False
                if create_action.owner_id not in ('demo_user', None):
                    return False
            if update_action:
                if update_action.owner_id not in ('demo_user', None):
                    return False
            if index_action:
                for index in index_action.indices:
                    case_ids.add(index.referenced_id)
        cases = CommCareCase.bulk_get_lite(list(case_ids))
        for case in cases:
            if case.domain != domain:
                return False
            if case.owner_id or case.user_id != 'demo_user':
                return False