def test_location_restricted_cases(self):
domain_obj = bootstrap_domain(self.domain)
self.addCleanup(domain_obj.delete)
location_type_names = ['state', 'county', 'city']
location_structure = [('Massachusetts', [('Middlesex', [
('Cambridge', []),
('Somerville', []),
]), ('Suffolk', [
('Boston', []),
])])]
locations = setup_locations_and_types(self.domain, location_type_names,
[], location_structure)[1]
middlesex_user = CommCareUser.create(self.domain, 'guy-from-middlesex',
'***', None, None)
middlesex_user.add_to_assigned_locations(locations['Middlesex'])
restrict_user_by_location(self.domain, middlesex_user)
fake_request = MagicMock()
fake_request.domain = self.domain
fake_request.couch_user = middlesex_user
self._send_case_to_es(owner_id=locations['Boston'].get_id)
middlesex_case = self._send_case_to_es(
owner_id=locations['Middlesex'].get_id)
cambridge_case = self._send_case_to_es(
owner_id=locations['Cambridge'].get_id)
returned_case_ids = query_location_restricted_cases(
CaseES().domain(self.domain), fake_request).get_ids()
self.assertItemsEqual(returned_case_ids,
[middlesex_case.case_id, cambridge_case.case_id])
def get_data_response(self, endpoint):
query = self._get_base_query()
for report_filter_context in endpoint.report_context.get('reportFilters'):
report_filter = self.get_report_filter(report_filter_context)
query = report_filter.get_filtered_query(query)
expressions = []
for column_context in endpoint.report_context.get('columns', []):
expression_builder = ColumnXpathExpressionBuilder(
self.request,
self.domain,
column_context,
self.column_filters
)
expression = expression_builder.get_expression()
if expression:
expressions.append(expression)
if expressions:
xpath_final = " and ".join(expressions)
query = query.xpath_query(self.domain, xpath_final)
# apply location restriction
if not self.request.can_access_all_locations:
query = query_location_restricted_cases(query, self.request)
return endpoint.get_response(query, CaseDataFormatter)
def obj_get_list(self, bundle, domain, **kwargs):
config = get_document_or_404(CaseExportInstance, domain,
self.config_id)
query = get_case_export_base_query(domain, config.case_type)
for filter in config.get_filters():
query = query.filter(filter.to_es_filter())
if not bundle.request.couch_user.has_permission(
domain, 'access_all_locations'):
query = query_location_restricted_cases(query, bundle.request)
return query
def _build_query(self):
query = (self.search_class().domain(self.domain).size(
self.pagination.count).start(self.pagination.start))
query.es_query['sort'] = self.get_sorting_block()
mobile_user_and_group_slugs = self.request.GET.getlist(EMWF.slug)
if self.case_filter:
query = query.filter(self.case_filter)
query = query.NOT(case_es.case_type("user-owner-mapping-case"))
if self.case_type:
query = query.case_type(self.case_type)
if self.case_status:
query = query.is_closed(self.case_status == 'closed')
case_owner_filters = []
if (self.request.can_access_all_locations
and EMWF.show_project_data(mobile_user_and_group_slugs)):
case_owner_filters.append(
all_project_data_filter(self.domain,
mobile_user_and_group_slugs))
if (self.request.can_access_all_locations
and EMWF.show_deactivated_data(mobile_user_and_group_slugs)):
case_owner_filters.append(deactivated_case_owners(self.domain))
# Only show explicit matches
if (EMWF.selected_user_ids(mobile_user_and_group_slugs)
or EMWF.selected_user_types(mobile_user_and_group_slugs)
or EMWF.selected_group_ids(mobile_user_and_group_slugs)
or EMWF.selected_location_ids(mobile_user_and_group_slugs)):
track_es_report_load(self.domain, self.slug, len(self.case_owners))
case_owner_filters.append(case_es.owner(self.case_owners))
query = query.OR(*case_owner_filters)
if not self.request.can_access_all_locations:
query = query_location_restricted_cases(query, self.request)
search_string = CaseSearchFilter.get_value(self.request, self.domain)
if search_string:
query = query.set_query({"query_string": {"query": search_string}})
return query
def _build_query(self):
query = (self.search_class()
.domain(self.domain)
.size(self.pagination.count)
.start(self.pagination.start))
query.es_query['sort'] = self.get_sorting_block()
mobile_user_and_group_slugs = self.request.GET.getlist(EMWF.slug)
if self.case_filter:
query = query.filter(self.case_filter)
query = query.NOT(case_es.case_type("user-owner-mapping-case"))
if self.case_type:
query = query.case_type(self.case_type)
if self.case_status:
query = query.is_closed(self.case_status == 'closed')
if self.request.can_access_all_locations and (
EMWF.show_all_data(mobile_user_and_group_slugs)
or EMWF.no_filters_selected(mobile_user_and_group_slugs)
):
pass
elif (self.request.can_access_all_locations
and EMWF.show_project_data(mobile_user_and_group_slugs)):
query = query_all_project_data(
query, self.domain, mobile_user_and_group_slugs
)
elif (self.request.can_access_all_locations
and EMWF.show_deactivated_data(mobile_user_and_group_slugs)):
query = query_deactivated_data(query, self.domain)
else: # Only show explicit matches
query = query.owner(self.case_owners)
if not self.request.can_access_all_locations:
query = query_location_restricted_cases(query, self.request)
search_string = CaseSearchFilter.get_value(self.request, self.domain)
if search_string:
query = query.set_query({"query_string": {"query": search_string}})
return query
def obj_get_list(self, bundle, domain, **kwargs):
config = get_document_or_404(CaseExportInstance, domain,
self.config_id)
if raise_odata_permissions_issues(bundle.request.couch_user, domain,
config):
raise ImmediateHttpResponse(
HttpForbidden(
ugettext_noop(
"You do not have permission to view this feed.")))
query = get_case_export_base_query(domain, config.case_type)
for filter in config.get_filters():
query = query.filter(filter.to_es_filter())
if not bundle.request.couch_user.has_permission(
domain, 'access_all_locations'):
query = query_location_restricted_cases(query, bundle.request)
return query
def get_data_response(self, endpoint):
query = self._get_base_query()
for report_filter_context in endpoint.report_context.get(
'reportFilters'):
report_filter = self.get_report_filter(report_filter_context)
query = report_filter.get_filtered_query(query)
expressions = []
for column_context in endpoint.report_context.get('columns', []):
if column_context.get('sort'):
descending = column_context['sort'] == 'desc'
prop_name = column_context['name']
try:
special_property = SPECIAL_CASE_PROPERTIES_MAP[prop_name]
query = query.sort(special_property.sort_property,
desc=descending)
except KeyError:
query = query.sort_by_case_property(prop_name,
desc=descending)
expression_builder = ColumnXpathExpressionBuilder(
self.request, self.domain, column_context, self.column_filters)
expression = expression_builder.get_expression()
if expression:
expressions.append(expression)
if expressions:
xpath_final = " and ".join(expressions)
query = query.xpath_query(self.domain, xpath_final)
# apply location restriction
if not self.request.can_access_all_locations:
query = query_location_restricted_cases(query, self.request)
return endpoint.get_response(query, CaseDataFormatter)
def get_data_response(self, endpoint):
query = self._get_base_query()
for report_filter_context in endpoint.report_context.get(
'reportFilters'):
report_filter = self.get_report_filter(report_filter_context)
query = report_filter.get_filtered_query(query)
expressions = []
for column_context in endpoint.report_context.get('columns', []):
expression_builder = ColumnXpathExpressionBuilder(
self.request, self.domain, column_context, self.column_filters)
expression = expression_builder.get_expression()
if expression:
expressions.append(expression)
if expressions:
xpath_final = " and ".join(expressions)
query = query.xpath_query(self.domain, xpath_final)
# apply location restriction
if not self.request.can_access_all_locations:
query = query_location_restricted_cases(query, self.request)
return endpoint.get_response(query, CaseDataFormatter)
