def _inner(request, domain, *args, **kwargs): if toggles.DISABLE_WEB_APPS.enabled_for_request(request): message = 'Service Temporarily Unavailable' is_superuser = hasattr( request, "couch_user") and request.couch_user.is_superuser if is_superuser or toggles.SUPPORT.enabled_for_request( request): message += " (due to 'disable_web_apps' feature flag)" return HttpResponse(message, content_type='text/plain', status=503) if hasattr(request, "couch_user"): if request.couch_user.is_web_user(): return require_permission( Permissions.access_web_apps)(view_func)(request, domain, *args, **kwargs) else: assert request.couch_user.is_commcare_user(), \ "user was neither a web user or a commcare user!" return login_and_domain_required(view_func)(request, domain, *args, **kwargs) return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
def _inner(request, domain, *args, **kwargs): if toggles.DISABLE_WEB_APPS.enabled_for_request(request): apps_in_domain = get_apps_in_domain(domain) if (len(apps_in_domain) == 1): app_or_domain_name = apps_in_domain[0].name else: app_or_domain_name = domain context = { "app_or_domain_name": app_or_domain_name, "is_superuser": hasattr(request, "couch_user") and request.couch_user.is_superuser } return render(request, "cloudcare/web_apps_disabled.html", context) if hasattr(request, "couch_user"): if request.couch_user.is_web_user(): return require_permission( Permissions.access_web_apps)(view_func)(request, domain, *args, **kwargs) else: assert request.couch_user.is_commcare_user(), \ "user was neither a web user or a commcare user!" return login_and_domain_required(view_func)(request, domain, *args, **kwargs) return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
def _inner(request, domain, *args, **kwargs): if hasattr(request, "couch_user"): if request.couch_user.is_web_user(): return require_permission(Permissions.edit_data)(view_func)(request, domain, *args, **kwargs) else: assert request.couch_user.is_commcare_user(), \ "user was neither a web user or a commcare user!" return login_and_domain_required(view_func)(request, domain, *args, **kwargs) return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
def locations_access_required(view_fn): """ Decorator controlling domain-level access to locations. """ return login_and_domain_required( requires_privilege_raise404(privileges.LOCATIONS)(view_fn) )
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm( domain, app, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled(request.user.username) ) if not form.is_valid(): from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form) gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, link_domain, data, master_domain=domain): clear_app_cache(request, link_domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, link_domain, True, namespace=toggles.NAMESPACE_DOMAIN) linked = data.get('linked') if linked: return _create_linked_app(request, app, link_domain, data['name']) else: return _copy_app_helper( request, master_domain, app_id_or_source, link_domain, data['name'], app_id) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data)
def locations_access_required(view_fn): """ Decorator controlling domain-level access to locations. """ return login_and_domain_required( requires_privilege_raise404(privileges.LOCATIONS)(view_fn) )
def copy_app(request, domain): app_id = request.POST.get('app') form = CopyApplicationForm( domain, app_id, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled( request.user.username)) if form.is_valid(): gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, domain, data): clear_app_cache(request, domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, domain, True, namespace=toggles.NAMESPACE_DOMAIN) app_copy = import_app_util(app_id_or_source, domain, {'name': data['name']}) return back_to_main(request, app_copy.domain, app_id=app_copy._id) return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data) else: from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form)
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm(domain, app, request.POST) if not form.is_valid(): from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id, copy_app_form=form) def _inner(request, to_domain, data, from_domain=domain): clear_app_cache(request, to_domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, to_domain, True, namespace=toggles.NAMESPACE_DOMAIN) linked = data.get('linked') if linked: return _create_linked_app(request, app_id, data['build_id'], from_domain, to_domain, data['name']) else: return _copy_app_helper(request, data['build_id'] or app_id, to_domain, data['name']) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data)
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm( domain, app, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled(request.user.username) ) if not form.is_valid(): from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form) gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, link_domain, data, master_domain=domain): clear_app_cache(request, link_domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, link_domain, True, namespace=toggles.NAMESPACE_DOMAIN) linked = data.get('linked') if linked: return _create_linked_app(request, app, link_domain, data['name']) else: return _copy_app_helper( request, master_domain, app_id_or_source, link_domain, data['name'], app_id) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data)
def copy_app(request, domain): app_id = request.POST.get("app") form = CopyApplicationForm( domain, app_id, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled(request.user.username), ) if form.is_valid(): gzip = request.FILES.get("gzip") if gzip: with zipfile.ZipFile(gzip, "r", zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, domain, data): clear_app_cache(request, domain) if data["toggles"]: for slug in data["toggles"].split(","): set_toggle(slug, domain, True, namespace=toggles.NAMESPACE_DOMAIN) app_copy = import_app_util(app_id_or_source, domain, {"name": data["name"]}) return back_to_main(request, app_copy.domain, app_id=app_copy._id) return login_and_domain_required(_inner)(request, form.cleaned_data["domain"], form.cleaned_data) else: from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form)
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm( domain, app, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled(request.user.username) ) if form.is_valid(): gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, link_domain, data, master_domain=domain): clear_app_cache(request, link_domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, link_domain, True, namespace=toggles.NAMESPACE_DOMAIN) linked = data.get('linked') if linked: master_version = get_latest_released_app_version(app.domain, app_id) if not master_version: messages.error(request, _("Creating linked app failed." " Unable to get latest released version of your app." " Make sure you have at least one released build.")) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) linked_app = create_linked_app(master_domain, app_id, link_domain, data['name']) try: update_linked_app(linked_app, request.couch_user.get_id) except AppLinkError as e: linked_app.delete() messages.error(request, str(e)) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) messages.success(request, _('Application successfully copied and linked.')) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[link_domain, linked_app.get_id])) else: extra_properties = {'name': data['name']} try: app_copy = import_app_util(app_id_or_source, link_domain, extra_properties) except ReportConfigurationNotFoundError: messages.error(request, _("Copying the application failed because " "your application contains a Report Module " "that references a static UCR configuration.")) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) return back_to_main(request, app_copy.domain, app_id=app_copy._id) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data) else: from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form)
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm( domain, app, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled(request.user.username) ) if form.is_valid(): gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, link_domain, data, master_domain=domain): clear_app_cache(request, link_domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, link_domain, True, namespace=toggles.NAMESPACE_DOMAIN) linked = data.get('linked') if linked: for module in app.modules: if isinstance(module, ReportModule): messages.error(request, _('This linked application uses mobile UCRs which ' 'are currently not supported. For this application to ' 'function correctly, you will need to remove those modules.')) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) master_version = get_latest_released_app_version(app.domain, app_id) if not master_version: messages.error(request, _("Creating linked app failed." " Unable to get latest released version of your app." " Make sure you have at least one released build.")) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) linked_app = create_linked_app(master_domain, app_id, link_domain, data['name']) try: update_linked_app(linked_app, request.couch_user.get_id) except AppLinkError as e: messages.error(request, str(e)) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[domain, app_id])) messages.success(request, _('Application successfully copied and linked.')) return HttpResponseRedirect(reverse_util('app_settings', params={}, args=[link_domain, linked_app.get_id])) else: extra_properties = {'name': data['name']} app_copy = import_app_util(app_id_or_source, link_domain, extra_properties) return back_to_main(request, app_copy.domain, app_id=app_copy._id) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data) else: from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form)
def copy_app(request, domain): app_id = request.POST.get('app') app = get_app(domain, app_id) form = CopyApplicationForm( domain, app, request.POST, export_zipped_apps_enabled=toggles.EXPORT_ZIPPED_APPS.enabled( request.user.username)) if form.is_valid(): gzip = request.FILES.get('gzip') if gzip: with zipfile.ZipFile(gzip, 'r', zipfile.ZIP_DEFLATED) as z: source = z.read(z.filelist[0].filename) app_id_or_source = source else: app_id_or_source = app_id def _inner(request, domain, data): clear_app_cache(request, domain) if data['toggles']: for slug in data['toggles'].split(","): set_toggle(slug, domain, True, namespace=toggles.NAMESPACE_DOMAIN) extra_properties = {'name': data['name']} linked = data.get('linked') if linked: extra_properties['master'] = app_id extra_properties['doc_type'] = 'LinkedApplication' if domain not in app.linked_whitelist: app.linked_whitelist.append(domain) app.save() app_copy = import_app_util(app_id_or_source, domain, extra_properties) if linked: for module in app_copy.modules: if isinstance(module, ReportModule): messages.error( request, _('This linked application uses mobile UCRs which ' 'are currently not supported. For this application to ' 'function correctly, you will need to remove those modules.' )) break return back_to_main(request, app_copy.domain, app_id=app_copy._id) # having login_and_domain_required validates that the user # has access to the domain we're copying the app to return login_and_domain_required(_inner)(request, form.cleaned_data['domain'], form.cleaned_data) else: from corehq.apps.app_manager.views.view_generic import view_generic return view_generic(request, domain, app_id=app_id, copy_app_form=form)
def _inner(request, domain, *args, **kwargs): if DISABLE_WEB_APPS.enabled_for_request(request): return HttpResponse('Service Temporarily Unavailable', content_type='text/plain', status=503) if hasattr(request, "couch_user"): if request.couch_user.is_web_user(): return require_permission( Permissions.access_web_apps)(view_func)(request, domain, *args, **kwargs) else: assert request.couch_user.is_commcare_user(), \ "user was neither a web user or a commcare user!" return login_and_domain_required(view_func)(request, domain, *args, **kwargs) return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
def _inner(request, domain, couch_user_id, *args, **kwargs): go_ahead = False if hasattr(request, "couch_user"): user = request.couch_user if user.is_superuser or user.user_id == couch_user_id or (hasattr(user, "is_domain_admin") and user.is_domain_admin()): go_ahead = True else: couch_user = CouchUser.get_by_user_id(couch_user_id) if couch_user.is_commcare_user() and request.couch_user.can_edit_commcare_users(): go_ahead = True elif couch_user.is_web_user() and request.couch_user.can_edit_web_users(): go_ahead = True if go_ahead: return login_and_domain_required(view_func)(request, domain, couch_user_id, *args, **kwargs) else: raise Http404()
def _inner(request, domain, couch_user_id, *args, **kwargs): go_ahead = False if hasattr(request, "couch_user"): user = request.couch_user if user.is_superuser or user.user_id == couch_user_id or (hasattr(user, "is_domain_admin") and user.is_domain_admin()): go_ahead = True else: couch_user = CouchUser.get_by_user_id(couch_user_id) if not couch_user: raise Http404() if couch_user.is_commcare_user() and request.couch_user.can_edit_commcare_users(): go_ahead = True elif couch_user.is_web_user() and request.couch_user.can_edit_web_users(): go_ahead = True if go_ahead: return login_and_domain_required(view_func)(request, domain, couch_user_id, *args, **kwargs) else: raise Http404()
url(r'^fixtures/', include('corehq.apps.fixtures.urls')), url(r'^importer/', include('corehq.apps.case_importer.urls')), url(r'^ilsgateway/', include('custom.ilsgateway.urls')), url(r'^ewsghana/', include('custom.ewsghana.urls')), url(r'^up_nrhm/', include('custom.up_nrhm.urls')), url(r'^', include('custom.m4change.urls')), url(r'^dashboard/', include('corehq.apps.dashboard.urls')), url(r'^configurable_reports/', include('corehq.apps.userreports.urls')), url(r'^', include('custom.icds_reports.urls')), url(r'^champ_cameroon/', include('custom.champ.urls')), url(r'^motech/', include('corehq.motech.urls')), url(r'^dhis2/', include('corehq.motech.dhis2.urls')), url(r'^openmrs/', include('corehq.motech.openmrs.urls')), url( r'^_base_template/$', login_and_domain_required(lambda request, domain: render( request, 'hqwebapp/base.html', {'domain': domain}))), url(r'^zapier/', include('corehq.apps.zapier.urls')), url(r'^zipline/', include('custom.zipline.urls')), url(r'^remote_link/', include('corehq.apps.linked_domain.urls')), url(r'^translations/', include('corehq.apps.translations.urls')), ] urlpatterns = [ url( r'^favicon\.ico$', RedirectView.as_view(url=static('hqwebapp/images/favicon2.png'), permanent=True)), url(r'^auditcare/', include('auditcare.urls')), url(r'^admin/', admin.site.urls), url(r'^analytics/', include('corehq.apps.analytics.urls')), url(r'^register/', include('corehq.apps.registration.urls')),
url(r'^fixtures/', include('corehq.apps.fixtures.urls')), url(r'^importer/', include('corehq.apps.case_importer.urls')), url(r'^up_nrhm/', include('custom.up_nrhm.urls')), url(r'^', include('custom.m4change.urls')), url(r'^dashboard/', include('corehq.apps.dashboard.urls')), url(r'^configurable_reports/', include('corehq.apps.userreports.urls')), url(r'^', include('custom.icds_reports.urls')), url(r'^', include('custom.icds.urls')), url(r'^', include('custom.icds.data_management.urls')), url(r'^', include('custom.aaa.urls')), url(r'^champ_cameroon/', include('custom.champ.urls')), url(r'^motech/', include('corehq.motech.urls')), url(r'^dhis2/', include('corehq.motech.dhis2.urls')), url(r'^openmrs/', include('corehq.motech.openmrs.urls')), url(r'^_base_template/$', login_and_domain_required( lambda request, domain: render(request, 'hqwebapp/base.html', {'domain': domain}) )), url(r'^zapier/', include('corehq.apps.zapier.urls')), url(r'^remote_link/', include('corehq.apps.linked_domain.urls')), url(r'^translations/', include('corehq.apps.translations.urls')), url(r'^submit_feedback/$', submit_feedback, name='submit_feedback'), ] urlpatterns = [ url(r'^favicon\.ico$', RedirectView.as_view( url=static('hqwebapp/images/favicon2.png'), permanent=True)), url(r'^auditcare/', include('auditcare.urls')), url(r'^admin/', admin.site.urls), url(r'^analytics/', include('corehq.apps.analytics.urls')), url(r'^register/', include('corehq.apps.registration.urls')), url(r'^a/(?P<domain>%s)/' % legacy_domain_re, include(domain_specific)),
(r'^cloudcare/', include('corehq.apps.cloudcare.urls')), (r'^fixtures/', include('corehq.apps.fixtures.urls')), (r'^importer/', include('corehq.apps.importer.urls')), (r'^sqlextract/', include('ctable_view.urls')), (r'^fri/', include('custom.fri.urls')), (r'^ilsgateway/', include('custom.ilsgateway.urls')), (r'^ewsghana/', include('custom.ewsghana.urls')), (r'^up_nrhm/', include('custom.up_nrhm.urls')), (r'^', include('custom.m4change.urls')), (r'^', include('custom.uth.urls')), (r'^dashboard/', include('corehq.apps.dashboard.urls')), (r'^configurable_reports/', include('corehq.apps.userreports.urls')), (r'^performance_messaging/', include('corehq.apps.performance_sms.urls')), (r'^', include('custom.icds.urls')), (r'^_base_template/$', login_and_domain_required( lambda request, domain: render(request, 'style/base.html', {'domain': domain}) )) ) urlpatterns = patterns('', (r'^favicon\.ico$', RedirectView.as_view( url=static('hqwebapp/img/favicon2.png'))), (r'^auditcare/', include('auditcare.urls')), (r'^admin/', include(admin.site.urls)), (r'^analytics/', include('corehq.apps.analytics.urls')), (r'^register/', include('corehq.apps.registration.urls')), (r'^a/(?P<domain>%s)/' % legacy_domain_re, include(domain_specific)), (r'^account/', include('corehq.apps.settings.urls')), (r'^project_store(.*)$', 'corehq.apps.appstore.views.rewrite_url'), (r'^exchange/', include('corehq.apps.appstore.urls')), (r'^webforms/', include('touchforms.formplayer.urls')),
def locations_access_required(view_fn): """ Decorator controlling domain-level access to locations. Mostly a placeholder, soon this will also check for standard plan """ return login_and_domain_required(view_fn)