def show(request, username=None, id_string=None, uuid=None): if uuid: return redirect_to_public_link(request, uuid) xform, is_owner, can_edit, can_view, can_delete_data = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) data = {} data['cloned'] = len( XForm.objects.filter( user__username__iexact=request.user.username, id_string__exact=id_string + XForm.CLONED_SUFFIX)) > 0 data['public_link'] = MetaData.public_link(xform) data['is_owner'] = is_owner data['can_edit'] = can_edit data['can_view'] = can_view or request.session.get('public_link') data['can_delete_data'] = can_delete_data data['xform'] = xform data['content_user'] = xform.user data['base_url'] = "https://%s" % request.get_host() data['supporting_docs'] = MetaData.supporting_docs(xform) data['media_upload'] = MetaData.media_upload(xform) if is_owner: data['media_form'] = MediaForm() if xform.kpi_asset_uid: data['kpi_url'] = ( f'{settings.KOBOFORM_URL}/#/forms/{xform.kpi_asset_uid}') return render(request, "show.html", data)
def instance(request, username, id_string): """ Data view for browsing submissions one at a time. """ # pylint: disable=W0612 xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) audit = { "xform": xform.id_string, } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) return render( request, 'instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit })
def charts(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) try: lang_index = int(request.GET.get('lang', 0)) except ValueError: lang_index = 0 try: page = int(request.GET.get('page', 0)) except ValueError: page = 0 else: page = max(page - 1, 0) summaries = build_chart_data(xform, lang_index, page) if request.is_ajax(): template = 'charts_snippet.html' else: template = 'charts.html' return render(request, template, { 'xform': xform, 'summaries': summaries, 'page': page + 1 })
def instance(request, username, id_string): """ Data view for browsing submissions one at a time. """ # pylint: disable=W0612 xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) audit = { "xform": xform.id_string, } audit_log(Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) return render(request, 'instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit })
def show(request, username=None, id_string=None, uuid=None): if uuid: xform = get_object_or_404(XForm, uuid=uuid) request.session["public_link"] = xform.uuid if MetaData.public_link(xform) else False return HttpResponseRedirect( reverse(show, kwargs={"username": xform.user.username, "id_string": xform.id_string}) ) xform, is_owner, can_edit, can_view = get_xform_and_perms(username, id_string, request) # no access if not (xform.shared or can_view or request.session.get("public_link")): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = ( len(XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX)) > 0 ) context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get("public_link") context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: context.sms_support_form = ActivateSMSSupportFom( initial={"enable_sms_support": xform.allows_sms, "sms_id_string": xform.sms_id_string} ) if not xform.allows_sms: context.sms_compatible = check_form_sms_compatibility(None, json_survey=json.loads(xform.json)) else: url_root = request.build_absolute_uri("/")[:-1] context.sms_providers_doc = providers_doc(url_root=url_root, username=username, id_string=id_string) context.url_root = url_root context.form_license_form = FormLicenseForm(initial={"value": context.form_license}) context.data_license_form = DataLicenseForm(initial={"value": context.data_license}) context.doc_form = SupportDocForm() context.source_form = SourceForm() context.media_form = MediaForm() context.mapbox_layer_form = MapboxLayerForm() users_with_perms = [] for perm in get_users_with_perms(xform, attach_perms=True).items(): has_perm = [] if "change_xform" in perm[1]: has_perm.append(_(u"Can Edit")) if "view_xform" in perm[1]: has_perm.append(_(u"Can View")) users_with_perms.append((perm[0], u" | ".join(has_perm))) context.users_with_perms = users_with_perms context.permission_form = PermissionForm(username) if xform.allows_sms: context.sms_support_doc = get_autodoc_for(xform) return render_to_response("show.html", context_instance=context)
def stats_tables(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) return render(request, 'stats_tables.html', {'xform': xform})
def pending_instance(request, username, id_string): print('(apps/viewer/views.py) Action: data view from instance controller') xform_owner = get_object_or_404(XForm, id_string__exact=id_string) xform, is_owner, can_edit, can_view = get_xform_and_perms( xform_owner.user.username, id_string, request) if request.user.username is not None: username = request.user.username print('\n\n username : '******'\n form_id: ' + id_string + '\n' + '\n submission_id: ' + request.GET.get('s_id', '') + '\n') # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) audit = { "xform": xform.id_string, } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) _id_string = request.GET.get('s_id', '') _instance = get_object_or_404(Instance, id__exact=_id_string) note_list = Note.objects.filter(instance=_instance).distinct() approvals = ApprovalList.objects.filter(userid=username, formid=id_string, subbmissionid=_id_string).first() is_approved_or_reject = 'true' if approvals is not None: is_approved_or_reject = 'false' if approvals.status == 'Approved' or approvals.status == 'Reject': is_approved_or_reject = 'true' elif approvals.status == 'Upcoming' or approvals.status == 'Notify': is_approved_or_reject = 'true' return render( request, 'pending_instance.html', { 'username': xform.user.username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit, 'note_list': note_list, 'is_approved_or_reject': is_approved_or_reject })
def charts(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) context = RequestContext(request) summaries = build_chart_data(xform) return render_to_response('charts.html', { 'xform': xform, 'summaries': summaries }, context_instance=context)
def instance_diff(request, username, id_string,instance_id,data_id): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) return render(request, 'audit_log/submission_diff.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit, 'instance_id': instance_id, 'data_id':data_id, })
def getFormData(request): username = request.user _DATETIME_FORMAT_SUBMIT = '%Y-%m-%d' from_date = request.POST.get('from_date') to_date = request.POST.get('to_date') form_id = request.POST.get('form_id') filter_query = "where json_diff_old_json(old_json,new_json) <> '' and change_time::date between '" + str( from_date) + "' and '" + str(to_date) + "'" if form_id != "": filter_query += " and form_id = " + str(form_id) audit_log_view_json = {} cursor = connection.cursor() get_all_query = "SELECT id,form_id,instance_id,old_json,new_json,change_time FROM audit_logger_instance " + str( filter_query) + " order by change_time desc" cursor.execute(get_all_query) xform_instances = cursor.fetchall() for xform in xform_instances: data_id = xform[0] xform_id = xform[1] instance_id = xform[2] row_data = {} try: xform_obj = XForm.objects.get(pk=xform_id) json_data = json.dumps(xform[3]) submittedBy = get_username(str(json_data)) row_data['form_title'] = xform_obj.title row_data['form_id_string'] = xform_obj.id_string row_data['instance_id'] = instance_id row_data['submittedBy'] = submittedBy row_data['form_time'] = xform[5].strftime(_DATETIME_FORMAT_SUBMIT) row_data['data_id'] = data_id key = "instances" xform, is_owner, can_edit, can_view = get_xform_and_perms( username, xform_obj.id_string, request) # print('is_owner, can_edit, can_view', is_owner,can_edit,can_view) if (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): audit_log_view_json.setdefault(key, []) audit_log_view_json[key].append(row_data) except Exception: #XForm.DoesNotExist print('corresponding xfomr not present', Exception) xform_obj = None #xform_obj = XForm.objects.get(pk=xform_id) log_data = json.dumps(audit_log_view_json) return HttpResponse(log_data)
def audit_log_main(request): username = request.user _DATETIME_FORMAT_SUBMIT = '%Y-%m-%d' audit_log_view_json = {} xform_id = 0 instance_id = 0 cursor = connection.cursor() get_all_query = "SELECT id,form_id,instance_id,old_json,new_json,change_time FROM audit_logger_instance order by change_time desc" cursor.execute(get_all_query) xform_instances = cursor.fetchall() rowcount = cursor.rowcount # print('xform::',xform_instances) for xform in xform_instances: data_id = xform[0] xform_id = xform[1] instance_id = xform[2] row_data = {} try: xform_obj = XForm.objects.get(pk=xform_id) json_data = json.dumps(xform[3]) submittedBy = get_username(str(json_data)) row_data['form_title'] = xform_obj.title row_data['form_id_string'] = xform_obj.id_string row_data['instance_id'] = instance_id row_data['submittedBy'] = submittedBy row_data['form_time'] = xform[5].strftime(_DATETIME_FORMAT_SUBMIT) row_data['data_id'] = data_id key = "instances" xform, is_owner, can_edit, can_view = get_xform_and_perms( username, xform_obj.id_string, request) # print('is_owner, can_edit, can_view', is_owner,can_edit,can_view) if (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): audit_log_view_json.setdefault(key, []) audit_log_view_json[key].append(row_data) except Exception, e: #XForm.DoesNotExist print('corresponding xfomr not present',e) xform_obj = None
def show_form_settings(request, username=None, id_string=None, uuid=None): if uuid: return redirect_to_public_link(request, uuid) xform, is_owner, can_edit, can_view, can_delete_data = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) data = {} data['cloned'] = len( XForm.objects.filter( user__username__iexact=request.user.username, id_string__exact=id_string + XForm.CLONED_SUFFIX)) > 0 data['public_link'] = MetaData.public_link(xform) data['is_owner'] = is_owner data['can_edit'] = can_edit data['can_view'] = can_view or request.session.get('public_link') data['can_delete_data'] = can_delete_data data['xform'] = xform data['content_user'] = xform.user data['base_url'] = "https://%s" % request.get_host() data['source'] = MetaData.source(xform) data['media_upload'] = MetaData.media_upload(xform) # https://html.spec.whatwg.org/multipage/input.html#attr-input-accept # e.g. .csv,.xml,text/csv,text/xml media_upload_types = [] for supported_type in settings.SUPPORTED_MEDIA_UPLOAD_TYPES: extension = '.{}'.format(supported_type.split('/')[-1]) media_upload_types.append(extension) media_upload_types.append(supported_type) data['media_upload_types'] = ','.join(media_upload_types) if is_owner: data['media_form'] = MediaForm() return render(request, "show_form_settings.html", data)
def instance(request, username, id_string): xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): return HttpResponseForbidden(_(u'Not shared.')) context = RequestContext(request) audit = { "xform": xform.id_string, } audit_log( Actions.FORM_DATA_VIEWED, request.user, xform.user, _("Requested instance view for '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) return render_to_response('instance.html', { 'username': username, 'id_string': id_string, 'xform': xform, 'can_edit': can_edit }, context_instance=context)
def show(request, username=None, id_string=None, uuid=None): if uuid: return redirect_to_public_link(request, uuid) xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) context = RequestContext(request) context.cloned = len( XForm.objects.filter(user__username=request.user.username, id_string=id_string + XForm.CLONED_SUFFIX) ) > 0 context.public_link = MetaData.public_link(xform) context.is_owner = is_owner context.can_edit = can_edit context.can_view = can_view or request.session.get('public_link') context.xform = xform context.content_user = xform.user context.base_url = "https://%s" % request.get_host() context.source = MetaData.source(xform) context.form_license = MetaData.form_license(xform).data_value context.data_license = MetaData.data_license(xform).data_value context.supporting_docs = MetaData.supporting_docs(xform) context.media_upload = MetaData.media_upload(xform) context.mapbox_layer = MetaData.mapbox_layer_upload(xform) if is_owner: set_xform_owner_context(context, xform, request, username, id_string) if xform.allows_sms: context.sms_support_doc = get_autodoc_for(xform) return render_to_response("show.html", context_instance=context)
def show(request, username=None, id_string=None, uuid=None): if uuid: return redirect_to_public_link(request, uuid) xform, is_owner, can_edit, can_view = get_xform_and_perms( username, id_string, request) # no access if not (xform.shared or can_view or request.session.get('public_link')): return HttpResponseRedirect(reverse(home)) data = {} data['cloned'] = len( XForm.objects.filter(user__username__iexact=request.user.username, id_string__iexact=id_string + XForm.CLONED_SUFFIX) ) > 0 data['public_link'] = MetaData.public_link(xform) data['is_owner'] = is_owner data['can_edit'] = can_edit data['can_view'] = can_view or request.session.get('public_link') data['xform'] = xform data['content_user'] = xform.user data['base_url'] = "https://%s" % request.get_host() data['source'] = MetaData.source(xform) data['form_license'] = MetaData.form_license(xform).data_value data['data_license'] = MetaData.data_license(xform).data_value data['supporting_docs'] = MetaData.supporting_docs(xform) data['media_upload'] = MetaData.media_upload(xform) data['mapbox_layer'] = MetaData.mapbox_layer_upload(xform) if is_owner: set_xform_owner_data(data, xform, request, username, id_string) if xform.allows_sms: data['sms_support_doc'] = get_autodoc_for(xform) return render(request, "show.html", data)
def audit_log_main(request): username = request.user _DATETIME_FORMAT_SUBMIT = '%Y-%m-%d' audit_log_view_json = {} xform_id = 0 instance_id = 0 cursor = connection.cursor() get_all_query = "SELECT id,form_id,instance_id,old_json,new_json,change_time FROM audit_logger_instance where json_diff_old_json(old_json,new_json) <> '' order by change_time desc" cursor.execute(get_all_query) xform_instances = cursor.fetchall() rowcount = cursor.rowcount # print('xform::',xform_instances) for xform in xform_instances: data_id = xform[0] xform_id = xform[1] instance_id = xform[2] row_data = {} try: xform_obj = XForm.objects.get(pk=xform_id) json_data = json.dumps(xform[3]) submittedBy = get_username(str(json_data)) row_data['form_title'] = xform_obj.title row_data['form_id_string'] = xform_obj.id_string row_data['instance_id'] = instance_id row_data['submittedBy'] = submittedBy row_data['form_time'] = xform[5].strftime(_DATETIME_FORMAT_SUBMIT) row_data['data_id'] = data_id key = "instances" xform, is_owner, can_edit, can_view = get_xform_and_perms( username, xform_obj.id_string, request) # print('is_owner, can_edit, can_view', is_owner,can_edit,can_view) if (xform.shared_data or can_view or request.session.get('public_link') == xform.uuid): audit_log_view_json.setdefault(key, []) audit_log_view_json[key].append(row_data) except Exception: #XForm.DoesNotExist print('corresponding xfomr not present', Exception) xform_obj = None #xform_obj = XForm.objects.get(pk=xform_id) print 'audit_log_view_json::----' # print audit_log_view_json form_id_query = "select distinct form_id,(select id_string from logger_xform where id = form_id) form_name from audit_logger_instance where form_id in (select id from logger_xform)" df = pandas.DataFrame() df = pandas.read_sql(form_id_query, connection) form_id = [] form_name = [] if not df.empty: form_id = df.form_id.tolist() form_name = df.form_name.tolist() form = zip(form_id, form_name) response = HttpResponse() print(json.dumps(audit_log_view_json)) variables = RequestContext( request, { 'head_title': 'Project Summary', 'log_detail': json.dumps(audit_log_view_json), 'request_user': username, 'form': form }) response = render(request, 'audit_log/audit_main_view.html', variables) return response