Ejemplo n.º 1
0
def feed_entries(request, form_code):
    user = request.user
    try:
        if not settings.FEEDS_ENABLED:
            return HttpResponse(404)
        if invalid_date(request.GET.get('start_date')):
            return convert_to_json_response(
                {"ERROR_CODE": 102, "ERROR_MESSAGE": 'Invalid Start Date provided'}, 400)
        if invalid_date(request.GET.get('end_date')):
            return convert_to_json_response(
                {"ERROR_CODE": 102, "ERROR_MESSAGE": 'Invalid End Date provided'}, 400)
        if lesser_end_date(request.GET.get('end_date'), request.GET.get('start_date')):
            return convert_to_json_response(
                {"ERROR_CODE": 103, "ERROR_MESSAGE": 'End Date provided is less than Start Date'}, 400)
        if _invalid_form_code(request, form_code):
            return convert_to_json_response({"ERROR_CODE": 101, "ERROR_MESSAGE": 'Invalid form code provided'}, 400)

        dbm = get_database_manager(user)
        form_model = get_form_model_by_code(dbm, form_code)
        questionnaire_id = form_model.id
        if user.is_ngo_admin() or user.is_extended_user() or \
                (user.is_project_manager() and has_permission(dbm, user.id, questionnaire_id)):
            feed_dbm = get_feeds_database(request.user)
            start_date = _parse_date(request.GET['start_date'])
            end_date = _parse_date(request.GET['end_date'])
            return HttpResponse(stream_feeds(feed_dbm, startkey=[form_code, start_date], endkey=[form_code, end_date]),
                                content_type='application/json; charset=utf-8')

        return convert_to_json_response({"ERROR_CODE": 104, "ERROR_MESSAGE": "You don't have access to this feed"}, 403)
    except Exception as e:
        logger = logging.getLogger('datawinners')
        logger.exception(e)
        return HttpResponse(content='Internal Server Error', status=500)
Ejemplo n.º 2
0
def get_unique_ids_for_form_code(request, form_code):
    if request.method == 'GET':
        user = request.user
        dbm = get_database_manager(user)
        response_limit = request.GET.get('limit', 15000)
        try:
            questionnaire_id = get_form_model_by_code(dbm, form_code).id
        except FormModelDoesNotExistsException:
            return HttpResponse(status=404)
        if user.is_ngo_admin() or user.is_extended_user() or \
                (user.is_project_manager() and has_permission(dbm, user.id, questionnaire_id)):
            unique_ids, questionnaire_dict = _get_response(
                dbm, form_code, user, response_limit)
            if unique_ids is None:
                return HttpResponse(status=404)
            return HttpResponse(json.dumps({
                'unique-ids': unique_ids,
                'questionnaire': questionnaire_dict
            }),
                                content_type='application/json; charset=UTF-8')
        return HttpResponse(
            content="Error: You don't have access to the information",
            status=403)
Ejemplo n.º 3
0
 def test_should_check_user_has_permission(self):
     form_model_id = self._create_sample_questionnaire()
     user_permission = UserPermission(self.manager, 1, [form_model_id])
     user_permission.save()
     self.assertTrue(has_permission(self.manager, 1, form_model_id))
     self.assertFalse(has_permission(self.manager, 1, 'some_other_project'))
Ejemplo n.º 4
0
    def wrapper(request, project_id, *args, **kw):
        user = request.user
        if (user.is_project_manager() or user.is_no_delete_pm()) and not has_permission(get_database_manager(user), user.id, project_id):
            return HttpResponseRedirect(django_settings.ACCESS_DENIED_PAGE)

        return f(request, project_id, *args, **kw)