def post(self, request, format=None):
site = request.query_params.get('site', None)
blueprint = request.query_params.get('blueprint', None)
if site is not None:
try:
site = get_object_or_404(Site, id=site)
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND, data={"detail": "Object not found."})
if check_site_permission(request, site.id):
files = request.FILES.getlist('files')
doc_type = request.POST.get('doc_type')
name = request.POST.get('name')
if len(files) > 0:
objs = [
BluePrints(
site=site,
image=file,
name=name,
doc_type=doc_type
)
for file in files
]
BluePrints.objects.bulk_create(objs)
return Response(status=status.HTTP_201_CREATED, data={"detail": "successfully created blueprints."})
else:
return Response(status=status.HTTP_400_BAD_REQUEST, data={"detail": "Please select at least one file."})
else:
return Response(status=status.HTTP_403_FORBIDDEN,
data={"detail": "You do not have permission to perform this action."})
elif blueprint is not None:
try:
blueprint = BluePrints.objects.get(id=blueprint)
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND, data={"detail": "Object not found."})
if check_site_permission(request, blueprint.site.id):
blueprint.delete()
return Response(status=status.HTTP_204_NO_CONTENT, data={"detail": "successfully deleted."})
else:
return Response(status=status.HTTP_403_FORBIDDEN,
data={"detail": "You do not have permission to perform this action."})
else:
return Response(status=status.HTTP_404_NOT_FOUND, data={'detail': 'site or blueprint params is required.'})
def has_permission(self, request, view):
project = request.query_params.get('project', None)
site = request.query_params.get('site', None)
if request.is_super_admin:
return True
if project is not None:
try:
project = Project.objects.select_related('organization').get(
id=project)
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND,
data={"detail": "Not found."})
organization_id = project.organization_id
user_role_org_admin = request.roles.filter(
organization_id=organization_id,
group__name="Organization Admin")
if user_role_org_admin:
return True
user_role_as_manager = request.roles.filter(
project_id=project.id,
group__name__in=["Project Manager", "Project Donor"])
if user_role_as_manager:
return True
elif site is not None:
return check_site_permission(request, site)
def delete_blueprint(request, pk):
blueprint = get_object_or_404(BluePrints, id=pk)
if check_site_permission(request, blueprint.site.id):
blueprint.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
else:
return Response(status=status.HTTP_403_FORBIDDEN, data={"detail": "You do not have permission to perform this action."})
def site_map(request, pk):
if check_site_permission(request, int(pk)):
pk = int(pk)
obj = get_object_or_404(Site, pk=pk, is_active=True)
data = serialize('custom_geojson', [obj], geometry_field='location',
fields=('name', 'public_desc', 'additional_desc', 'address', 'location', 'phone', 'id'))
return Response(json.loads(data))
else:
return Response(status=status.HTTP_403_FORBIDDEN, data={"detail": "You do not have permission to perform this action."})
def site_recent_pictures(request):
query_params = request.query_params
site_id = query_params.get('site')
if check_site_permission(request, int(site_id)):
try:
site_featured_images = Site.objects.get(pk=int(site_id)).site_featured_images
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
recent_pictures = get_recent_images(int(site_id))
return Response({'site_featured_images': site_featured_images,
'recent_pictures': recent_pictures})
else:
return Response(status=status.HTTP_403_FORBIDDEN,
data={"detail": "You do not have permission to perform this action."})
def filter_queryset(self, queryset):
try:
site = Site.objects.get(pk=int(self.kwargs.get('pk')))
except ObjectDoesNotExist:
return Site.objects.all().none()
content_site = ContentType.objects.get(app_label="fieldsight",
model="site")
if check_site_permission(self.request, site.id):
project = site.project
query = Q(site_id=self.kwargs.get('pk')) | (
Q(content_type=content_site)
& Q(object_id=self.kwargs.get('pk'))) | (
Q(extra_content_type=content_site)
& Q(extra_object_id=self.kwargs.get('pk')))
meta_dict = {}
for meta in project.site_meta_attributes:
if meta['question_type'] == "Link" and meta[
'question_name'] in site.site_meta_attributes_ans:
meta_site_id = Site.objects.filter(
identifier=site.site_meta_attributes_ans[
meta['question_name']],
project_id=meta['project_id'])
if meta_site_id:
selected_metas = [
sub_meta['question_name'] for sub_meta in
meta['metas'][str(meta['project_id'])]
]
meta_dict[meta_site_id[0].id] = selected_metas
for key, value in meta_dict.items():
for item in value:
query |= (Q(type=15) & Q(content_type=content_site)
& Q(object_id=key)
& Q(extra_json__contains='"' + item + '":'))
return queryset.filter(query)
else:
return Site.objects.all().none()
def site_documents(request):
query_params = request.query_params
site_id = query_params.get('site_id')
site_obj = get_object_or_404(Site, id=site_id)
site_id = int(site_id)
site_blueprints = BluePrints.objects.filter(site=site_obj).count()
show_button = True if site_blueprints < 10 else False
if check_site_permission(request, site_id):
try:
blueprints_obj = Site.objects.get(pk=site_id).blueprints.all()[:10]
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
data = [{'id': blueprint.id, 'name': doc_name(blueprint), 'file': blueprint.image.url, 'doc_type': blueprint.doc_type,
'added_date': readable_date(blueprint.added_date),
'type': check_file_extension((blueprint.image.url.lower()))}
for blueprint in blueprints_obj]
return Response(data={'show_button': show_button, 'documents': data, 'breadcrumbs': {'name': 'Site Documents', 'site': site_obj.name,
'site_url': site_obj.get_absolute_url()}})
else:
return Response(status=status.HTTP_403_FORBIDDEN,
data={"detail": "You do not have permission to perform this action."})