def find_by_id(request, domain): from corehq.apps.export.views.utils import ( can_view_case_exports, can_view_form_exports, ) can_view_cases = can_view_case_exports(request.couch_user, domain) can_view_forms = can_view_form_exports(request.couch_user, domain) if not can_view_cases and not can_view_forms: raise Http403() name = _("Find Case or Form Submission by ID") return render( request, 'data_interfaces/find_by_id.html', { 'domain': domain, 'current_page': { 'title': name, 'page_name': name, }, 'section': { 'page_name': DataInterfaceSection.section_name, 'url': reverse(DataInterfaceSection.urlname, args=[domain]), }, 'can_view_cases': can_view_cases, 'can_view_forms': can_view_forms, })
def get(self, request, *args, **kwargs): if _has_permission(self.domain, request.couch_user, self.report_config_id): context = super(DownloadUCRStatusView, self).main_context context.update({ 'domain': self.domain, 'download_id': kwargs['download_id'], 'poll_url': reverse('ucr_download_job_poll', args=[self.domain, kwargs['download_id']], params={'config_id': self.report_config_id}), 'title': _("Download Report Status"), 'progress_text': _("Preparing report download."), 'error_text': _("There was an unexpected error! Please try again or report an issue." ), 'next_url': reverse(ConfigurableReportView.slug, args=[self.domain, self.report_config_id]), 'next_url_text': _("Go back to report"), }) return render(request, 'hqwebapp/soil_status_full.html', context) else: raise Http403()
def post(self, request, *args, **kwargs): if self.has_permissions(self.domain, request.couch_user): self.get_spec_or_404() if request.is_ajax(): return self.get_ajax(self.request.POST) else: return HttpResponseBadRequest() else: raise Http403()
def location_restriction_for_users(request, domain): if not toggles.RESTRICT_WEB_USERS_BY_LOCATION.enabled(request.domain): raise Http403() project = Domain.get_by_name(domain) if "restrict_users" in request.POST: project.location_restriction_for_users = json.loads( request.POST["restrict_users"]) project.save() return HttpResponse()
def dispatch(self, request, domain=None, **kwargs): user = request.couch_user if self.has_permissions(domain, user): if request.is_ajax() or request.GET.get('format', None) == 'json': return self.get_ajax(request, domain, **kwargs) self.content_type = None return super(TestReport, self).dispatch(request, domain, **kwargs) else: raise Http403()
def ucr_download_job_poll(request, domain, download_id, template="hqwebapp/partials/shared_download_status.html"): config_id = request.GET.get('config_id') if config_id and _has_permission(domain, request.couch_user, config_id): try: context = get_download_context(download_id, 'Preparing download') context.update({'link_text': _('Download Report')}) except TaskFailedError as e: return HttpResponseServerError(e.errors) return render(request, template, context) else: raise Http403()
def user(self): if self._user is None: user_param = self.request.GET.get('user') if user_param: username = '******' % (user_param, DOMAIN) self._user = CommCareUser.get_by_username(username) # Check permissions if not self.request.couch_user.is_domain_admin(DOMAIN) and \ self.request.couch_user.raw_username != user_param: raise Http403("You can only view your own report.") else: self._user = self.request.couch_user if self._user is None: raise Http404 return self._user
def dispatch(self, request, report_config_id, **kwargs): self.request = request self.domain = request.domain self.report_config_id = report_config_id self.lang = self.request.couch_user.language or default_language() user = request.couch_user if self.has_permissions(self.domain, user): self.get_spec_or_404() if kwargs.get('render_as') == 'email': return self.email_response elif kwargs.get('render_as') == 'excel': return self.excel_response elif request.is_ajax() or request.GET.get('format', None) == 'json': return self.get_ajax(request, **kwargs) self.content_type = None self.add_warnings(request) return super(ConfigurableReport, self).dispatch(request, self.domain, **kwargs) else: raise Http403()
def get(self, request, *args, **kwargs): if self.has_permissions(self.domain, request.couch_user): self.get_spec_or_404() if kwargs.get('render_as') == 'email': return self.email_response elif kwargs.get('render_as') == 'excel': return self.excel_response elif request.GET.get('format', None) == "export": return self.export_response elif request.GET.get('format', None) == 'export_size_check': return self.export_size_check_response elif request.is_ajax() or request.GET.get('format', None) == 'json': return self.get_ajax(self.request.GET) self.content_type = None try: self.add_warnings(self.request) except UserReportsError as e: details = '' if isinstance(e, DataSourceConfigurationNotFoundError): error_message = DATA_SOURCE_NOT_FOUND_ERROR_MESSAGE else: error_message = _( 'It looks like there is a problem with your report. ' 'You may need to delete and recreate the report. ' 'If you believe you are seeing this message in error, please report an issue.' ) details = unicode(e) self.template_name = 'userreports/report_error.html' context = { 'report_id': self.report_config_id, 'is_static': self.is_static, 'error_message': error_message, 'details': details, } context.update(self.main_context) return self.render_to_response(context) return super(ConfigurableReport, self).get(request, *args, **kwargs) else: raise Http403()
def no_permissions_exception(request, template_name="403.html", message=None): return Http403(_no_permissions_message(request, template_name, message))