def check_attachment(request, message_id, attachment_id):
"""
Handles check attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
if (request.user != attachment.message.sender
and not (request.user in attachment.message.recipients.all()
or request.user in attachment.message.ccs.all())):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
if os.path.exists('%s/attachments/%s' % (
settings.MEDIA_ROOT,
attachment.uuid,
)):
return HttpResponse("success")
else:
return err404(request)
def download_attachment(request, message_id, attachment_id):
"""
Handles download attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
:raises: Exception
"""
attachment = get_object_or_404(MessageAttachment,
message__uuid=message_id,
uuid=attachment_id)
if (request.user != attachment.message.sender
and not (request.user in attachment.message.recipients.all()
or request.user in attachment.message.ccs.all())):
return err403(
request,
err_msg=_("You don't seem to be a valid recipient for this file."))
url = attachment.decrypt_url(request)
if (url[0:4] == 'file'):
try:
content_type = attachment.content_type if attachment.content_type \
else "application/octet-stream"
response = HttpResponse(content_type=content_type)
attachment.get_file(request, response)
return response
except (IOError):
return err404(request)
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception(
_('A seemingly invalid URL has been stored: %(url)s, for '
'MessageAttachment %(attachment_id)s.') % {
'url': url,
'attachment_id': attachment_id
})
def fetchRecording(request, uuid):
"""
:returns: recording to twilio
"""
attachment = MessageAttachment.objects.filter(uuid=uuid)
if attachment:
attachment = attachment[0]
response = HttpResponse(content_type=attachment.content_type)
try:
attachment.get_file(request, response, ivr=True)
except:
body = "Unable to fetch recording, filename in storage: %s" % attachment.uuid
mail_admins("Error fetching recording", body)
with open(FETCH_ERROR, "rb") as f:
return HttpResponse(f.read(), mimetype='audio/wav')
return response
return err404()
def download_attachment(request, message_id, attachment_id):
"""
Handles download attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
:raises: Exception
"""
attachment = get_object_or_404(MessageAttachment, message__uuid=message_id, uuid=attachment_id)
if (request.user != attachment.message.sender and not
(request.user in attachment.message.recipients.all() or
request.user in attachment.message.ccs.all())):
return err403(request, err_msg=_("You don't seem to be a valid recipient for this file."))
url = attachment.decrypt_url(request)
if (url[0:4] == 'file'):
try:
content_type = attachment.content_type if attachment.content_type \
else "application/octet-stream"
response = HttpResponse(content_type=content_type)
attachment.get_file(request, response)
return response
except(IOError):
return err404(request)
elif (url[0:4] == 'http'):
# This is likely a fully qualified URL
if (not attachment.encrypted):
return HttpResponseRedirect(url)
else:
# Download and decrypt this attachment.
pass
else:
raise Exception(_('A seemingly invalid URL has been stored: %(url)s, for '
'MessageAttachment %(attachment_id)s.') % {'url': url, 'attachment_id': attachment_id})
def f(request, *args, **kwargs): if 'org_id' in request.REQUEST and \ request.REQUEST['org_id']: org_id = int(request.REQUEST['org_id']) request.session['SELECTED_ORG_ID'] = org_id elif 'SELECTED_ORG_ID' in request.session and \ request.session['SELECTED_ORG_ID']: org_id = request.session['SELECTED_ORG_ID'] try: request.org = PracticeLocation.objects.get(pk=org_id) except: return err404(request) ret_data = can_user_manage_this_org(org_id, request.user.id) if not ret_data["can_manage_org"]: return err403(request) request.org_setting = request.org.get_setting() request.org_mgr = ret_data["Office_Manager"] request.org_admin = ret_data["Administrator"] return func(request, *args, **kwargs)
def f(request, *args, **kwargs):
if 'org_id' in request.REQUEST and \
request.REQUEST['org_id']:
org_id = int(request.REQUEST['org_id'])
request.session['SELECTED_ORG_ID'] = org_id
elif 'SELECTED_ORG_ID' in request.session and \
request.session['SELECTED_ORG_ID']:
org_id = request.session['SELECTED_ORG_ID']
try:
request.org = PracticeLocation.objects.get(pk=org_id)
except:
return err404(request)
ret_data = can_user_manage_this_org(org_id, request.user.id)
if not ret_data["can_manage_org"]:
return err403(request)
request.org_setting = request.org.get_setting()
request.org_mgr = ret_data["Office_Manager"]
request.org_admin = ret_data["Administrator"]
return func(request, *args, **kwargs)
def check_attachment(request, message_id, attachment_id):
"""
Handles check attachment request.
:param request: The HTTP request
:type request: django.core.handlers.wsgi.WSGIRequest
:param message_id: Message id
:type message_id: int
:param attachment_id: Attachment id
:type attachment_id: int
:returns: django.http.HttpResponse -- the result in an HttpResonse object
"""
attachment = get_object_or_404(MessageAttachment, message__uuid=message_id, uuid=attachment_id)
if (request.user != attachment.message.sender and not
(request.user in attachment.message.recipients.all() or
request.user in attachment.message.ccs.all())):
return err403(request, err_msg=_("You don't seem to be a valid recipient for this file."))
if os.path.exists('%s/attachments/%s' % (settings.MEDIA_ROOT, attachment.uuid,)):
return HttpResponse("success")
else:
return err404(request)
def information_sub_ivr_view(request):
context = get_context_for_organization(request)
context['isClearData'] = 0
org_id = request.REQUEST['org_id']
try:
practice = PracticeLocation.objects.get(pk=org_id)
except:
return err404(request)
context['access_numbers'] = practice.accessnumber_set.all()
if(request.method == 'POST'):
# p = request.POST
if('newnumber' in request.POST):
addform = AccessNumberForm(request.POST)
if(addform.is_valid()):
number = addform.save(commit=False)
number.practice = practice
context['isClearData'] = 1
number.save()
else:
addform = AccessNumberForm()
if('delnumber' in request.POST):
removeform = RemoveForm(request.POST, choices=[(n.id, n.id) \
for n in context['access_numbers']])
if(removeform.is_valid()):
ids = removeform.cleaned_data['remove']
AccessNumber.objects.filter(practice=practice, id__in=ids)\
.delete()
else:
addform = AccessNumberForm()
context['addform'] = addform
context['access_numbers'] = practice.accessnumber_set.all()
return render_to_response(
'MHLOrganization/InformationSub/information_sub_ivr_view.html', context)
def addFollowUp(request, messageID, msg_obj_str=''):
#raise Exception('foo')
#raise Exception(', '.join([repr(type(messageID)), messageID, repr(type(msg_obj_str)), msg_obj_str]))
#raise Exception(messageId, msg_obj_str)
if (msg_obj_str in VALID_OBJECT_TYPES):
# The below code is temporary, pending Brian's new secure messaging
# code. - BK
if (msg_obj_str == 'Message'):
uuid_match = uuid_re.match(messageID)
id_match = id_re.match(messageID)
id = None
if (uuid_match):
id = Message.objects.filter(
uuid=uuid_match.group(1)).values_list('id', flat=True)
if (len(id) != 1):
raise Exception(
_('More than one message was found with uuid %s.') %
(uuid_match.group(1), ))
id = id[0]
elif (id_match):
id = int(messageID)
else:
# Validation error!
return err404(request)
msg_obj = get_object_or_404(Message, pk=id)
if (msg_obj.sender != request.user
and request.user not in msg_obj.recipients.all()
and request.user not in msg_obj.ccs.all()):
return err403(
request,
err_msg=
_("You don't seem to own the message that you're trying to create a follow-up item for."
))
# Rana's original code follows. We'll return to this once we get
# access verification for a user installed into relevant classes.
# Additionally, we need a standardized way to get followup strings
# out of all objects before this will work.
# msg_str = "get_object_or_404(%s, pk=%s)" % (msg_obj_str, messageID)
# msg_obj = eval(msg_str)
else:
return err404(request)
context = get_context(request)
if (request.method == "POST"):
addfollowup_form = AddFollowUpForm(request.POST)
if (addfollowup_form.is_valid()):
followup_obj = addfollowup_form.save(commit=False)
followup_obj.user = request.user
followup_obj.msg_object = msg_obj
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
followup_obj.due_date = convert_dt_to_stz(followup_obj.due_date,
user, practice)
followup_obj.save()
return HttpResponseRedirect(
reverse('MHLogin.MHLogin_Main.views.main'))
else: # if not (addfollowup_form.is_valid()):
context['addfollowup_form'] = addfollowup_form
else: # if (request.method != "POST"):
init_followup = {}
if (msg_obj_str == 'Message'):
body = MessageBody.objects.get(message=msg_obj).decrypt(request)
init_followup['note'] = body
init_followup['task'] = _('Followup on: ') + body[:30] + '...'
else:
init_followup['note'] = ''
init_followup['task'] = ''
if ('taskname' in request.GET):
init_followup['task'] = request.GET['taskname']
if ('duedate' in request.GET):
init_followup['due_date'] = request.GET['duedate']
context['addfollowup_form'] = AddFollowUpForm(initial=init_followup)
context['messageID'] = messageID
context['msg_obj_str'] = msg_obj_str
return render_to_response('FollowUp/addfollowup.html', context)
def addFollowUp(request, messageID, msg_obj_str=''):
#raise Exception('foo')
#raise Exception(', '.join([repr(type(messageID)), messageID, repr(type(msg_obj_str)), msg_obj_str]))
#raise Exception(messageId, msg_obj_str)
if (msg_obj_str in VALID_OBJECT_TYPES):
# The below code is temporary, pending Brian's new secure messaging
# code. - BK
if (msg_obj_str == 'Message'):
uuid_match = uuid_re.match(messageID)
id_match = id_re.match(messageID)
id = None
if (uuid_match):
id = Message.objects.filter(uuid=uuid_match.group(1)).values_list('id', flat=True)
if (len(id) != 1):
raise Exception(_('More than one message was found with uuid %s.') % (uuid_match.group(1),))
id = id[0]
elif (id_match):
id = int(messageID)
else:
# Validation error!
return err404(request)
msg_obj = get_object_or_404(Message, pk=id)
if (msg_obj.sender != request.user and request.user not in msg_obj.recipients.all() and request.user not in msg_obj.ccs.all()):
return err403(request, err_msg=_("You don't seem to own the message that you're trying to create a follow-up item for."))
# Rana's original code follows. We'll return to this once we get
# access verification for a user installed into relevant classes.
# Additionally, we need a standardized way to get followup strings
# out of all objects before this will work.
# msg_str = "get_object_or_404(%s, pk=%s)" % (msg_obj_str, messageID)
# msg_obj = eval(msg_str)
else:
return err404(request)
context = get_context(request)
if (request.method == "POST"):
addfollowup_form = AddFollowUpForm(request.POST)
if (addfollowup_form.is_valid()):
followup_obj = addfollowup_form.save(commit=False)
followup_obj.user = request.user
followup_obj.msg_object = msg_obj
user = request.session['MHL_Users']['MHLUser']
practice = context['current_practice']
followup_obj.due_date =convert_dt_to_stz(
followup_obj.due_date, user, practice)
followup_obj.save()
return HttpResponseRedirect(reverse('MHLogin.MHLogin_Main.views.main'))
else: # if not (addfollowup_form.is_valid()):
context['addfollowup_form'] = addfollowup_form
else: # if (request.method != "POST"):
init_followup = {}
if (msg_obj_str == 'Message'):
body = MessageBody.objects.get(message=msg_obj).decrypt(request)
init_followup['note'] = body
init_followup['task'] = _('Followup on: ') + body[:30] + '...'
else:
init_followup['note'] = ''
init_followup['task'] = ''
if ('taskname' in request.GET):
init_followup['task'] = request.GET['taskname']
if ('duedate' in request.GET):
init_followup['due_date'] = request.GET['duedate']
context['addfollowup_form'] = AddFollowUpForm(initial=init_followup)
context['messageID'] = messageID
context['msg_obj_str'] = msg_obj_str
return render_to_response('FollowUp/addfollowup.html', context)