def instance(request, username, id_string): import re if request.META and request.META.get('HTTP_REFERER'): if re.match(r'.*-0.enketo.*/webform/edit.*', request.META.get('HTTP_REFERER')): return HttpResponseRedirect('/app/') xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) context = RequestContext(request) audit = { "xform": xform.id_string, } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) return render_to_response('instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit }, context_instance=context)
def instance(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) context = RequestContext(request) audit = { "xform": xform.id_string, } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) return render_to_response('instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit }, context_instance=context)
def survey_responses(request, instance_id): pi = get_object_or_404(ParsedInstance, instance=instance_id) xform, is_owner, can_edit, can_view = get_xform_and_perms( pi.instance.user.username, pi.instance.xform.id_string, request ) # no access if not (xform.shared_data or can_view or request.session.get("public_link")): return HttpResponseRedirect("/") data = pi.to_dict() # get rid of keys with leading underscores data_for_display = {} for k, v in data.items(): if not k.startswith(u"_"): data_for_display[k] = v xpaths = data_for_display.keys() xpaths.sort(cmp=pi.data_dictionary.get_xpath_cmp()) label_value_pairs = [(parse_label_for_display(pi, xpath), data_for_display[xpath]) for xpath in xpaths] languages = label_value_pairs[-1][0] return render_to_response( "survey.html", { "label_value_pairs": label_value_pairs, "image_urls": image_urls(pi.instance), "languages": languages, "default_language": languages[0][0], }, )
def instance(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms(username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get("public_link")): return HttpResponseForbidden("Not shared.") return render_to_response("instance.html", {"username": username, "id_string": id_string, "xform": xform})
def survey_responses(request, instance_id): pi = get_object_or_404(ParsedInstance, instance=instance_id) xform, is_owner, can_edit, can_view = get_xform_and_perms(\ pi.instance.user.username, pi.instance.xform.id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link')): return HttpResponseRedirect('/') data = pi.to_dict() # get rid of keys with leading underscores data_for_display = {} for k, v in data.items(): if not k.startswith(u"_"): data_for_display[k] = v xpaths = data_for_display.keys() xpaths.sort(cmp=pi.data_dictionary.get_xpath_cmp()) label_value_pairs = [ (parse_label_for_display(pi, xpath), data_for_display[xpath]) for xpath in xpaths ] languages = label_value_pairs[-1][0] return render_to_response('survey.html', { 'label_value_pairs': label_value_pairs, 'image_urls': image_urls(pi.instance), 'languages': languages, 'default_language': languages[0][0] })
def show_submission(request, username, id_string, uuid): xform, is_owner, can_edit, can_view = get_xform_and_perms(username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get("public_link")): return HttpResponseRedirect(reverse(home)) submission = get_object_or_404(Instance, uuid=uuid) return HttpResponseRedirect(reverse(survey_responses, kwargs={"instance_id": submission.pk}))
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session["public_link"] = xform.uuid if MetaData.public_link(xform) else False return HttpResponseRedirect( reverse(show, kwargs={"username": xform.user.username, "id_string": xform.id_string}) ) xform, is_owner, can_edit, can_view = get_xform_and_perms(username, id_string, request) # no access if not (xform.shared or can_view or request.session.get("public_link")): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = ( len(XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX)) > 0 ) context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get("public_link") context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: context.sms_support_form = ActivateSMSSupportFom( initial={"enable_sms_support": xform.allows_sms, "sms_id_string": xform.sms_id_string} ) if not xform.allows_sms: context.sms_compatible = check_form_sms_compatibility(None, json_survey=json.loads(xform.json)) else: url_root = request.build_absolute_uri("/")[:-1] context.sms_providers_doc = providers_doc(url_root=url_root, username=username, id_string=id_string) context.url_root = url_root context.form_license_form = FormLicenseForm(initial={"value": context.form_license}) context.data_license_form = DataLicenseForm(initial={"value": context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.media_form = MediaForm() context.mapbox_layer_form = MapboxLayerForm() users_with_perms = [] for perm in get_users_with_perms(xform, attach_perms=True).items(): has_perm = [] if "change_xform" in perm[1]: has_perm.append(_(u"Can Edit")) if "view_xform" in perm[1]: has_perm.append(_(u"Can View")) users_with_perms.append((perm[0], u" | ".join(has_perm))) context.users_with_perms = users_with_perms context.permission_form = PermissionForm(username) if xform.allows_sms: context.sms_support_doc = get_autodoc_for(xform) return render_to_response("show.html", context_instance=context)
def show_submission(request, username, id_string, uuid): xform, is_owner, can_edit, can_view = get_xform_and_perms(username,\ id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) submission = get_object_or_404(Instance, uuid=uuid) return HttpResponseRedirect(reverse(survey_responses, kwargs={'instance_id': submission.pk}))
def instance(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms(\ username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link')): return HttpResponseForbidden('Not shared.') return render_to_response('instance.html', { 'username': username, 'id_string': id_string, 'xform': xform })
def instance(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link')): return HttpResponseForbidden(_(u'Not shared.')) return render_to_response('instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit })
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session['public_link'] = MetaData.public_link(xform) return HttpResponseRedirect(reverse(show, kwargs={ 'username': xform.user.username, 'id_string': xform.id_string })) xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = len( XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX) ) > 0 context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get('public_link') context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: context.form_license_form = FormLicenseForm( initial={'value': context.form_license}) context.data_license_form = DataLicenseForm( initial={'value': context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.media_form = MediaForm() context.mapbox_layer_form = MapboxLayerForm() context.users_with_perms = get_users_with_perms( xform, attach_perms=True ).items() context.permission_form = PermissionForm(username) user_list = [u.username for u in User.objects.exclude(username=username)] context.user_json_list = simplejson.dumps(user_list) return render_to_response("show.html", context_instance=context)
def show_submission(request, username, id_string, uuid): xform, is_owner, can_edit, can_view = get_xform_and_perms(username, id_string, request) owner = xform.user # no access if not (xform.shared_data or can_view or request.session.get("public_link") == xform.uuid): return HttpResponseRedirect(reverse(home)) submission = get_object_or_404(Instance, uuid=uuid) audit = {"xform": xform.id_string} audit_log( Actions.SUBMISSION_ACCESSED, request.user, owner, _("Submission '%(uuid)s' on '%(id_string)s' accessed.") % {"id_string": xform.id_string, "uuid": uuid}, audit, request, ) return HttpResponseRedirect(reverse(survey_responses, kwargs={"instance_id": submission.pk}))
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session['public_link'] = MetaData.public_link(xform) return HttpResponseRedirect(reverse(show, kwargs={ 'username': xform.user.username, 'id_string': xform.id_string })) xform, is_owner, can_edit, can_view = get_xform_and_perms(username,\ id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = len( XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX) ) > 0 context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get('public_link') context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: context.form_license_form = FormLicenseForm( initial={'value': context.form_license}) context.data_license_form = DataLicenseForm( initial={'value': context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.media_form = MediaForm() context.mapbox_layer_form = MapboxLayerForm() context.users_with_perms = get_users_with_perms(xform, attach_perms=True).items() context.permission_form = PermissionForm(username) return render_to_response("show.html", context_instance=context)
def survey_responses(request, instance_id): pi = get_object_or_404(ParsedInstance, instance=instance_id) xform, is_owner, can_edit, can_view = \ get_xform_and_perms(pi.instance.user.username, pi.instance.xform.id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseRedirect('/') data = pi.to_dict() # get rid of keys with leading underscores data_for_display = {} for k, v in data.items(): if not k.startswith(u"_"): data_for_display[k] = v xpaths = data_for_display.keys() xpaths.sort(cmp=pi.data_dictionary.get_xpath_cmp()) label_value_pairs = [ (parse_label_for_display(pi, xpath), data_for_display[xpath]) for xpath in xpaths ] languages = label_value_pairs[-1][0] audit = { "xform": xform.id_string, "instance_id": instance_id } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested survey with id '%(instance_id)s' on '%(id_string)s'.") % { 'id_string': xform.id_string, 'instance_id': instance_id }, audit, request) return render_to_response('survey.html', { 'label_value_pairs': label_value_pairs, 'image_urls': image_urls(pi.instance), 'languages': languages, 'default_language': languages[0][0] })
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session['public_link'] = MetaData.public_link(xform) return HttpResponseRedirect(reverse(show, kwargs={ 'username': xform.user.username, 'id_string': xform.id_string })) xform, is_owner, can_edit, can_view = get_xform_and_perms(username,\ id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get('public_link') context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) if is_owner: context.form_license_form = FormLicenseForm( initial={'value': context.form_license}) context.data_license_form = DataLicenseForm( initial={'value': context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.users_with_perms = get_users_with_perms(xform, attach_perms=True).items() context.permission_form = PermissionForm(username) return render_to_response("show.html", context_instance=context)
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session['public_link'] = xform.uuid if MetaData.public_link(xform) else False return HttpResponseRedirect(reverse(show, kwargs={ 'username': xform.user.username, 'id_string': xform.id_string })) xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not ( xform.shared or can_view or\ request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = len( XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX) ) > 0 context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get('public_link') context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: context.sms_support_form = ActivateSMSSupportFom( initial={'enable_sms_support': xform.allows_sms, 'sms_id_string': xform.sms_id_string}) if not xform.allows_sms: context.sms_compatible = check_form_sms_compatibility(None, json_survey=json.loads(xform.json)) else: url_root = request.build_absolute_uri('/')[:-1] context.sms_providers_doc = providers_doc( url_root=url_root, username=username, id_string=id_string) context.url_root = url_root context.form_license_form = FormLicenseForm( initial={'value': context.form_license}) context.data_license_form = DataLicenseForm( initial={'value': context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.media_form = MediaForm() context.mapbox_layer_form = MapboxLayerForm() context.users_with_perms = get_users_with_perms( xform, attach_perms=True ).items() context.permission_form = PermissionForm(username) context.sms_support_doc = get_autodoc_for(xform) user_list = [u.username for u in User.objects.exclude(username=username)] context.user_json_list = simplejson.dumps(user_list) return render_to_response("show.html", context_instance=context)