def application_add_org(request, pk_hash):
application = get_object_or_404(Application, pk=unhash_or_404(pk_hash))
if not request.htmx:
return redirect(application.get_approve_url())
OrgCreateForm = modelform_factory(Org, fields=["name"])
if request.POST:
form = OrgCreateForm(data=request.POST)
else:
form = OrgCreateForm()
if request.GET or not form.is_valid():
return TemplateResponse(
context={
"form": form,
"application": application
},
request=request,
template="staff/org_create.htmx.html",
)
org = form.save(commit=False)
org.created_by = request.user
org.save()
return HttpResponseClientRedirect(application.get_approve_url() +
f"?org-slug={org.slug}")
def dispatch(self, request, *args, **kwargs):
self.application = get_object_or_404(
Application, pk=unhash_or_404(self.kwargs["pk_hash"])
)
validate_application_access(request.user, self.application)
return super().dispatch(request, *args, **kwargs)
def get_object(self, queryset=None):
researcher = get_object_or_404(
ResearcherRegistration,
application__pk=unhash_or_404(self.kwargs["pk_hash"]),
pk=self.kwargs["researcher_pk"],
)
validate_application_access(self.request.user, researcher.application)
return researcher
def dispatch(self, request, *args, **kwargs):
application = get_object_or_404(
Application, pk=unhash_or_404(self.kwargs["pk_hash"])
)
# check the user can access this application
validate_application_access(request.user, application)
self.wizard = Wizard(application, form_specs)
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
self.application = get_object_or_404(Application,
pk=unhash_or_404(
self.kwargs["pk_hash"]))
if self.application.is_deleted:
msg = f"Application {self.application.pk_hash} has been deleted, you need to restore it before you can edit it."
messages.error(request, msg)
return redirect("staff:application-list")
return super().dispatch(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
application = get_object_or_404(
Application,
pk=unhash_or_404(self.kwargs["pk_hash"]),
)
if application.is_deleted:
application.deleted_at = None
application.deleted_by = None
application.save()
return redirect("staff:application-list")
def post(self, request, *args, **kwargs):
application = get_object_or_404(
Application,
pk=unhash_or_404(self.kwargs["pk_hash"]),
)
if application.created_by != request.user:
raise Http404
if application.is_deleted:
application.deleted_at = None
application.deleted_by = None
application.save()
return redirect("applications:list")
def post(self, request, *args, **kwargs):
researcher = get_object_or_404(
ResearcherRegistration,
application__pk=unhash_or_404(self.kwargs["pk_hash"]),
pk=self.kwargs["researcher_pk"],
)
validate_application_access(request.user, researcher.application)
researcher.delete()
messages.success(
request,
f'Successfully removed researcher "{researcher.email}" from application',
)
return redirect(get_next_url(request.GET))
def dispatch(self, request, *args, **kwargs):
self.application = get_object_or_404(Application,
pk=unhash_or_404(
self.kwargs["pk_hash"]))
if self.application.is_deleted:
msg = f"Application {self.application.pk_hash} has been deleted, you need to restore it before you can approve it."
messages.error(request, msg)
return redirect("staff:application-list")
if not hasattr(self.application, "studyinformationpage"):
msg = "The Study Information page must be filled in before an Application can be approved."
messages.error(request, msg)
return redirect(self.application.get_staff_url())
if self.application.approved_at:
return redirect(self.application.get_staff_url())
return super().dispatch(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
application = get_object_or_404(
Application,
pk=unhash_or_404(self.kwargs["pk_hash"]),
)
if application.is_approved:
messages.error(request,
"You cannot delete an approved Application.")
return redirect(application.get_staff_url())
if application.is_deleted:
messages.error(request, "Application has already been deleted")
return redirect(application.get_staff_url())
application.deleted_at = timezone.now()
application.deleted_by = request.user
application.save()
return redirect("staff:application-list")
def page(request, pk_hash, key):
application = get_object_or_404(Application, pk=unhash_or_404(pk_hash))
if application.is_deleted:
msg = f"Application {application.pk_hash} has been deleted, you need to restore it before you can view it."
messages.error(request, msg)
return redirect("applications:list")
# check the user can access this application
validate_application_access(request.user, application)
if application.approved_at:
messages.warning(
request, "This application has been approved and can no longer be edited"
)
return redirect("applications:confirmation", pk_hash=application.pk_hash)
try:
wizard_page = Wizard(application, form_specs).get_page(key)
except ValueError:
raise Http404
if request.method == "GET":
form = wizard_page.get_unbound_data_form()
else:
form = wizard_page.get_bound_data_form(request.POST)
if form.has_changed():
wizard_page.page_instance.is_approved = False
wizard_page.page_instance.save()
form.save()
if not wizard_page.form_spec.can_continue(application):
form.add_error(None, wizard_page.form_spec.cant_continue_message)
if form.is_valid():
return wizard_page.redirect_to_next_page()
ctx = wizard_page.form_context(form)
return TemplateResponse(request, "applications/page.html", ctx)
def post(self, request, *args, **kwargs):
application = get_object_or_404(
Application,
pk=unhash_or_404(self.kwargs["pk_hash"]),
)
if application.created_by != request.user:
raise Http404
if application.is_approved:
messages.error(request, "You cannot delete an approved Application.")
return redirect("applications:list")
if application.is_deleted:
messages.error(
request, f"Application {application.pk_hash} has already been deleted"
)
return redirect("applications:list")
application.deleted_at = timezone.now()
application.deleted_by = request.user
application.save()
return redirect("applications:list")
def test_unhash_or_404():
assert hash_utils.unhash_or_404("0000") == 0
with pytest.raises(Http404):
hash_utils.unhash_or_404("WXYZ")
