def dispatch(self, request, *args, **kwargs): user_has_tools_access = request.user.user_permissions.filter( codename="start_all_applications", content_type=ContentType.objects.get_for_model( ApplicationInstance), ).exists() if "dataset_uuid" in self.kwargs: catalogue_item = find_dataset(self.kwargs["dataset_uuid"], request.user) user_has_dataset_access = ( catalogue_item.user_has_access(self.request.user) if catalogue_item.type != DataSetType.REFERENCE else None) else: catalogue_item = None user_has_dataset_access = True if user_has_dataset_access and not user_has_tools_access: access_request = models.AccessRequest.objects.create( requester=self.request.user, catalogue_item_id=catalogue_item.id if catalogue_item else None, ) return HttpResponseRedirect( reverse("request-access:tools-1", kwargs={"pk": access_request.pk})) elif user_has_dataset_access and user_has_tools_access: return render(request, "request_access/you_have_access.html") return super().dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs): dataset = find_dataset( self.kwargs.get('group_slug'), self.kwargs.get('set_slug') ) if not dataset.user_has_access(self.request.user): return HttpResponseForbidden() query = get_object_or_404( self.model, id=self.kwargs.get('query_id'), dataset=dataset ) log_event( request.user, EventLog.TYPE_DATASET_CUSTOM_QUERY_DOWNLOAD, query.dataset, extra={'path': request.get_full_path(), **model_to_dict(query)}, ) dataset.number_of_downloads = F('number_of_downloads') + 1 dataset.save(update_fields=['number_of_downloads']) return streaming_query_response( request.user.email, query.database.memorable_name, sql.SQL(query.query), query.get_filename(), )
def form_valid(self, form): user_has_tools_access = self.request.user.user_permissions.filter( codename="start_all_applications", content_type=ContentType.objects.get_for_model( ApplicationInstance), ).exists() catalogue_item = find_dataset(self.kwargs["dataset_uuid"], self.request.user) access_request = models.AccessRequest.objects.create( requester=self.request.user, catalogue_item_id=catalogue_item.id, contact_email=form.cleaned_data["contact_email"], reason_for_access=form.cleaned_data["reason_for_access"], eligibility_criteria_met=resolve(self.request.path_info).url_name != "eligibility_criteria_not_met", ) if user_has_tools_access or catalogue_item.type in [ DataSetType.VISUALISATION, DataSetType.DATACUT, ]: return HttpResponseRedirect( reverse("request-access:summary-page", kwargs={"pk": access_request.pk})) return HttpResponseRedirect( reverse("request-access:tools-1", kwargs={"pk": access_request.pk}))
def get(self, request, *args, **kwargs): dataset = find_dataset(self.kwargs.get('dataset_uuid'), request.user) if not dataset.user_has_access(self.request.user): return HttpResponseForbidden() query = get_object_or_404(self.model, id=self.kwargs.get('query_id'), dataset=dataset) if not query.reviewed and not request.user.is_superuser: return HttpResponseForbidden() log_event( request.user, EventLog.TYPE_DATASET_CUSTOM_QUERY_DOWNLOAD, query.dataset, extra={ 'path': request.get_full_path(), **serializers.serialize('python', [query])[0], }, ) dataset.number_of_downloads = F('number_of_downloads') + 1 dataset.save(update_fields=['number_of_downloads']) return streaming_query_response( request.user.email, query.database.memorable_name, sql.SQL(query.query), query.get_filename(), )
def request_access_success_view(request, dataset_uuid): # yes this could cause 400 errors but Todo - replace with session / messages ticket = request.GET['ticket'] dataset = find_dataset(dataset_uuid, request.user) return render(request, 'request_access_success.html', { 'ticket': ticket, 'dataset': dataset })
def eligibility_criteria_view(request, dataset_uuid): dataset = find_dataset(dataset_uuid, request.user) if request.method == 'POST': form = EligibilityCriteriaForm(request.POST) if form.is_valid(): if form.cleaned_data['meet_criteria']: return HttpResponseRedirect( reverse('datasets:request_access', args=[dataset_uuid])) else: return HttpResponseRedirect( reverse('datasets:eligibility_criteria_not_met', args=[dataset_uuid])) return render(request, 'eligibility_criteria.html', {'dataset': dataset})
def dataset_full_path_view(request, group_slug, set_slug): dataset = find_dataset(group_slug, set_slug) source_tables = sorted(dataset.sourcetable_set.all(), key=lambda x: x.name) source_views = dataset.sourceview_set.all() custom_queries = dataset.customdatasetquery_set.all() if source_tables: columns = [] for table in source_tables: columns += [ "{}.{}".format(table.table, column) for column in datasets_db.get_columns( table.database.memorable_name, schema=table.schema, table=table.table, ) ] elif source_views: columns = datasets_db.get_columns( source_views[0].database.memorable_name, schema=source_views[0].schema, table=source_views[0].view, ) elif custom_queries: columns = datasets_db.get_columns( custom_queries[0].database.memorable_name, query=custom_queries[0].query ) else: columns = None context = { 'model': dataset, 'has_access': dataset.user_has_access(request.user), 'data_links': sorted( chain( dataset.sourcelink_set.all(), source_tables, source_views, custom_queries, ), key=lambda x: x.name, ), 'fields': columns, } if dataset.type == dataset.TYPE_MASTER_DATASET: return render(request, 'datasets/master_dataset.html', context) return render(request, 'datasets/data_cut_dataset.html', context)
def get_context_data(self, **kwargs): user_has_tools_access = self.request.user.user_permissions.filter( codename="start_all_applications", content_type=ContentType.objects.get_for_model( ApplicationInstance), ).exists() catalogue_item = find_dataset(self.kwargs["dataset_uuid"], self.request.user) context = super().get_context_data(**kwargs) context["catalogue_item"] = catalogue_item context["is_visualisation"] = isinstance(catalogue_item, VisualisationCatalogueItem) context["user_has_tools_access"] = user_has_tools_access context["eligibility_criteria_not_met"] = (resolve( self.request.path_info).url_name == "eligibility_criteria_not_met") return context
def get(self, request, *args, **kwargs): dataset = find_dataset( self.kwargs.get('group_slug'), self.kwargs.get('set_slug') ) if not dataset.user_has_access(self.request.user): return HttpResponseForbidden() source_link = get_object_or_404( SourceLink, id=self.kwargs.get('source_link_id'), dataset=dataset ) log_event( request.user, EventLog.TYPE_DATASET_SOURCE_LINK_DOWNLOAD, source_link.dataset, extra={'path': request.get_full_path(), **model_to_dict(source_link)}, ) dataset.number_of_downloads = F('number_of_downloads') + 1 dataset.save(update_fields=['number_of_downloads']) if source_link.link_type == source_link.TYPE_EXTERNAL: return HttpResponseRedirect(source_link.url) client = boto3.client('s3') try: file_object = client.get_object( Bucket=settings.AWS_UPLOADS_BUCKET, Key=source_link.url ) except ClientError as ex: try: return HttpResponse( status=ex.response['ResponseMetadata']['HTTPStatusCode'] ) except KeyError: return HttpResponseServerError() response = StreamingHttpResponse( file_object['Body'].iter_chunks(), content_type=file_object['ContentType'] ) response['Content-Disposition'] = 'attachment; filename="{}"'.format( os.path.split(source_link.url)[-1] ) return response
def get(self, request, *args, **kwargs): dataset = find_dataset(self.kwargs.get('dataset_uuid'), request.user) if not dataset.user_has_access(self.request.user): return HttpResponseForbidden() source_link = get_object_or_404(SourceLink, id=self.kwargs.get('source_link_id'), dataset=dataset) log_event( request.user, EventLog.TYPE_DATASET_SOURCE_LINK_DOWNLOAD, source_link.dataset, extra={ 'path': request.get_full_path(), **serializers.serialize('python', [source_link])[0], }, ) dataset.number_of_downloads = F('number_of_downloads') + 1 dataset.save(update_fields=['number_of_downloads']) if source_link.link_type == source_link.TYPE_EXTERNAL: return HttpResponseRedirect(source_link.url) client = boto3.client('s3') try: file_object = client.get_object(Bucket=settings.AWS_UPLOADS_BUCKET, Key=source_link.url) except ClientError as ex: try: return HttpResponse( status=ex.response['ResponseMetadata']['HTTPStatusCode']) except KeyError: return HttpResponseServerError() response = StreamingHttpResponseWithoutDjangoDbConnection( file_object['Body'].iter_chunks(chunk_size=65536), content_type=file_object['ContentType'], ) response[ 'Content-Disposition'] = f'attachment; filename="{source_link.get_filename()}"' response['Content-Length'] = file_object['ContentLength'] return response
def get(self, request, *args, **kwargs): access_request = self.get_object() if not access_request.zendesk_reference_number: catalogue_item = (find_dataset(access_request.catalogue_item_id, self.request.user) if access_request.catalogue_item_id else None) if (isinstance(catalogue_item, VisualisationCatalogueItem) and catalogue_item.visualisation_template is not None): access_request.zendesk_reference_number = ( zendesk.notify_visualisation_access_request( request, access_request, catalogue_item, )) else: access_request.zendesk_reference_number = zendesk.create_zendesk_ticket( request, access_request, catalogue_item, ) access_request.save() if catalogue_item: log_event( request.user, EventLog.TYPE_DATASET_ACCESS_REQUEST, catalogue_item, extra={ "ticket_reference": access_request.zendesk_reference_number, }, ) else: log_event( request.user, EventLog.TYPE_TOOLS_ACCESS_REQUEST, extra={ "ticket_reference": access_request.zendesk_reference_number, }, ) return super().get(request, *args, **kwargs)
def get(self, request, *args, **kwargs): dataset = find_dataset(self.kwargs.get('dataset_uuid'), request.user) if not dataset.user_has_access(self.request.user): return HttpResponseForbidden() query = get_object_or_404(self.model, id=self.kwargs.get('query_id'), dataset=dataset) if not query.reviewed and not request.user.is_superuser: return HttpResponseForbidden() database = query.database.memorable_name columns = datasets_db.get_columns(database, query=query.query) records = [] sample_size = settings.DATACUT_DATASET_PREVIEW_NUM_OF_ROWS if columns: rows = get_random_data_sample(database, sql.SQL(query.query), sample_size) for row in rows: record_data = {} for i, column in enumerate(columns): record_data[column] = row[i] records.append(record_data) return render( request, 'datasets/data_cut_preview.html', { 'dataset': dataset, 'query': query, 'fields': columns, 'records': records, 'preview_limit': sample_size, 'record_count': len(records), 'fixed_table_height_limit': 10, 'truncate_limit': 100, }, )
def get(self, request, *args, **kwargs): user = self.request.user dataset = find_dataset(self.kwargs.get('dataset_uuid'), user) if not dataset.user_has_access(user): return HttpResponseForbidden() source_object, columns, query = self.get_preview_data(dataset) records = [] sample_size = settings.DATASET_PREVIEW_NUM_OF_ROWS if columns: rows = get_random_data_sample( source_object.database.memorable_name, sql.SQL(query), sample_size, ) for row in rows: record_data = {} for i, column in enumerate(columns): record_data[column] = row[i] records.append(record_data) can_download = source_object.can_show_link_for_user(user) return render( request, 'datasets/dataset_preview.html', { 'dataset': dataset, 'source_object': source_object, 'fields': columns, 'records': records, 'preview_limit': sample_size, 'record_count': len(records), 'fixed_table_height_limit': 10, 'truncate_limit': 100, 'can_download': can_download, 'type': source_object.type, }, )
def request_access_view(request, dataset_uuid): dataset = find_dataset(dataset_uuid, request.user) if request.method == 'POST': form = RequestAccessForm(request.POST) if form.is_valid(): goal = form.cleaned_data['goal'] contact_email = form.cleaned_data['email'] user_edit_relative = reverse('admin:auth_user_change', args=[request.user.id]) user_url = request.build_absolute_uri(user_edit_relative) dataset_url = request.build_absolute_uri( dataset.get_absolute_url()) ticket_reference = create_zendesk_ticket( contact_email, request.user, goal, user_url, dataset.name, dataset_url, dataset.information_asset_owner, dataset.information_asset_manager, ) url = reverse('datasets:request_access_success', args=[dataset_uuid]) return HttpResponseRedirect(f'{url}?ticket={ticket_reference}') return render( request, 'request_access.html', { 'dataset': dataset, 'authenticated_user': request.user }, )
def get(self, request, *_, **__): dataset = find_dataset( self.kwargs.get('group_slug'), self.kwargs.get('set_slug') ) db_object = get_object_or_404( self.model, id=self.kwargs.get('source_id'), dataset=dataset ) if not db_object.dataset.user_has_access(self.request.user): return HttpResponseForbidden() if not self.db_object_exists(db_object): return HttpResponseNotFound() log_event( request.user, self.event_log_type, db_object.dataset, extra={'path': request.get_full_path(), **model_to_dict(db_object)}, ) dataset.number_of_downloads = F('number_of_downloads') + 1 dataset.save(update_fields=['number_of_downloads']) return self.get_table_data(db_object)
def eligibility_criteria_not_met_view(request, dataset_uuid): dataset = find_dataset(dataset_uuid, request.user) return render(request, 'eligibility_criteria_not_met.html', {'dataset': dataset})
def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) context["catalogue_item"] = (find_dataset( self.object.catalogue_item_id, self.request.user) if self.object.catalogue_item_id else None) return context
def get_context_data(self, **kwargs): ctx = super().get_context_data(**kwargs) ctx["catalogue_item"] = (find_dataset(ctx["object"].catalogue_item_id, self.request.user) if ctx["object"].catalogue_item_id else None) return ctx