def test_location_restricted_cases(self): domain_obj = bootstrap_domain(self.domain) self.addCleanup(domain_obj.delete) location_type_names = ['state', 'county', 'city'] location_structure = [('Massachusetts', [('Middlesex', [ ('Cambridge', []), ('Somerville', []), ]), ('Suffolk', [ ('Boston', []), ])])] locations = setup_locations_and_types(self.domain, location_type_names, [], location_structure)[1] middlesex_user = CommCareUser.create(self.domain, 'guy-from-middlesex', '***', None, None) middlesex_user.add_to_assigned_locations(locations['Middlesex']) restrict_user_by_location(self.domain, middlesex_user) fake_request = MagicMock() fake_request.domain = self.domain fake_request.couch_user = middlesex_user self._send_case_to_es(owner_id=locations['Boston'].get_id) middlesex_case = self._send_case_to_es( owner_id=locations['Middlesex'].get_id) cambridge_case = self._send_case_to_es( owner_id=locations['Cambridge'].get_id) returned_case_ids = query_location_restricted_cases( CaseES().domain(self.domain), fake_request).get_ids() self.assertItemsEqual(returned_case_ids, [middlesex_case.case_id, cambridge_case.case_id])
def get_data_response(self, endpoint): query = self._get_base_query() for report_filter_context in endpoint.report_context.get('reportFilters'): report_filter = self.get_report_filter(report_filter_context) query = report_filter.get_filtered_query(query) expressions = [] for column_context in endpoint.report_context.get('columns', []): expression_builder = ColumnXpathExpressionBuilder( self.request, self.domain, column_context, self.column_filters ) expression = expression_builder.get_expression() if expression: expressions.append(expression) if expressions: xpath_final = " and ".join(expressions) query = query.xpath_query(self.domain, xpath_final) # apply location restriction if not self.request.can_access_all_locations: query = query_location_restricted_cases(query, self.request) return endpoint.get_response(query, CaseDataFormatter)
def obj_get_list(self, bundle, domain, **kwargs): config = get_document_or_404(CaseExportInstance, domain, self.config_id) query = get_case_export_base_query(domain, config.case_type) for filter in config.get_filters(): query = query.filter(filter.to_es_filter()) if not bundle.request.couch_user.has_permission( domain, 'access_all_locations'): query = query_location_restricted_cases(query, bundle.request) return query
def _build_query(self): query = (self.search_class().domain(self.domain).size( self.pagination.count).start(self.pagination.start)) query.es_query['sort'] = self.get_sorting_block() mobile_user_and_group_slugs = self.request.GET.getlist(EMWF.slug) if self.case_filter: query = query.filter(self.case_filter) query = query.NOT(case_es.case_type("user-owner-mapping-case")) if self.case_type: query = query.case_type(self.case_type) if self.case_status: query = query.is_closed(self.case_status == 'closed') case_owner_filters = [] if (self.request.can_access_all_locations and EMWF.show_project_data(mobile_user_and_group_slugs)): case_owner_filters.append( all_project_data_filter(self.domain, mobile_user_and_group_slugs)) if (self.request.can_access_all_locations and EMWF.show_deactivated_data(mobile_user_and_group_slugs)): case_owner_filters.append(deactivated_case_owners(self.domain)) # Only show explicit matches if (EMWF.selected_user_ids(mobile_user_and_group_slugs) or EMWF.selected_user_types(mobile_user_and_group_slugs) or EMWF.selected_group_ids(mobile_user_and_group_slugs) or EMWF.selected_location_ids(mobile_user_and_group_slugs)): track_es_report_load(self.domain, self.slug, len(self.case_owners)) case_owner_filters.append(case_es.owner(self.case_owners)) query = query.OR(*case_owner_filters) if not self.request.can_access_all_locations: query = query_location_restricted_cases(query, self.request) search_string = CaseSearchFilter.get_value(self.request, self.domain) if search_string: query = query.set_query({"query_string": {"query": search_string}}) return query
def _build_query(self): query = (self.search_class() .domain(self.domain) .size(self.pagination.count) .start(self.pagination.start)) query.es_query['sort'] = self.get_sorting_block() mobile_user_and_group_slugs = self.request.GET.getlist(EMWF.slug) if self.case_filter: query = query.filter(self.case_filter) query = query.NOT(case_es.case_type("user-owner-mapping-case")) if self.case_type: query = query.case_type(self.case_type) if self.case_status: query = query.is_closed(self.case_status == 'closed') if self.request.can_access_all_locations and ( EMWF.show_all_data(mobile_user_and_group_slugs) or EMWF.no_filters_selected(mobile_user_and_group_slugs) ): pass elif (self.request.can_access_all_locations and EMWF.show_project_data(mobile_user_and_group_slugs)): query = query_all_project_data( query, self.domain, mobile_user_and_group_slugs ) elif (self.request.can_access_all_locations and EMWF.show_deactivated_data(mobile_user_and_group_slugs)): query = query_deactivated_data(query, self.domain) else: # Only show explicit matches query = query.owner(self.case_owners) if not self.request.can_access_all_locations: query = query_location_restricted_cases(query, self.request) search_string = CaseSearchFilter.get_value(self.request, self.domain) if search_string: query = query.set_query({"query_string": {"query": search_string}}) return query
def obj_get_list(self, bundle, domain, **kwargs): config = get_document_or_404(CaseExportInstance, domain, self.config_id) if raise_odata_permissions_issues(bundle.request.couch_user, domain, config): raise ImmediateHttpResponse( HttpForbidden( ugettext_noop( "You do not have permission to view this feed."))) query = get_case_export_base_query(domain, config.case_type) for filter in config.get_filters(): query = query.filter(filter.to_es_filter()) if not bundle.request.couch_user.has_permission( domain, 'access_all_locations'): query = query_location_restricted_cases(query, bundle.request) return query
def get_data_response(self, endpoint): query = self._get_base_query() for report_filter_context in endpoint.report_context.get( 'reportFilters'): report_filter = self.get_report_filter(report_filter_context) query = report_filter.get_filtered_query(query) expressions = [] for column_context in endpoint.report_context.get('columns', []): if column_context.get('sort'): descending = column_context['sort'] == 'desc' prop_name = column_context['name'] try: special_property = SPECIAL_CASE_PROPERTIES_MAP[prop_name] query = query.sort(special_property.sort_property, desc=descending) except KeyError: query = query.sort_by_case_property(prop_name, desc=descending) expression_builder = ColumnXpathExpressionBuilder( self.request, self.domain, column_context, self.column_filters) expression = expression_builder.get_expression() if expression: expressions.append(expression) if expressions: xpath_final = " and ".join(expressions) query = query.xpath_query(self.domain, xpath_final) # apply location restriction if not self.request.can_access_all_locations: query = query_location_restricted_cases(query, self.request) return endpoint.get_response(query, CaseDataFormatter)
def get_data_response(self, endpoint): query = self._get_base_query() for report_filter_context in endpoint.report_context.get( 'reportFilters'): report_filter = self.get_report_filter(report_filter_context) query = report_filter.get_filtered_query(query) expressions = [] for column_context in endpoint.report_context.get('columns', []): expression_builder = ColumnXpathExpressionBuilder( self.request, self.domain, column_context, self.column_filters) expression = expression_builder.get_expression() if expression: expressions.append(expression) if expressions: xpath_final = " and ".join(expressions) query = query.xpath_query(self.domain, xpath_final) # apply location restriction if not self.request.can_access_all_locations: query = query_location_restricted_cases(query, self.request) return endpoint.get_response(query, CaseDataFormatter)