def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
dd = DataDictionary.objects.get(id_string=id_string,
user=owner)
if request.GET.get('raw'):
id_string = None
# create zip_file
tmp = NamedTemporaryFile()
z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED)
photos = image_urls_for_form(xform)
for photo in photos:
f = NamedTemporaryFile()
req = urllib2.Request(photo)
f.write(urllib2.urlopen(req).read())
f.seek(0)
z.write(f.name, urlparse(photo).path[1:])
f.close()
z.close()
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string,
file_path=tmp.name,
use_local_filesystem=True)
return response
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u"Not shared."))
query = request.GET.get("query")
force_xlsx = request.GET.get("xlsx") == "true"
xls_df_builder = XLSDataFrameBuilder(username, id_string, query)
excel_defs = {
"xls": {"suffix": ".xls", "mime_type": "vnd.ms-excel"},
"xlsx": {"suffix": ".xlsx", "mime_type": "vnd.openxmlformats"}, # TODO: check xlsx mime type
}
ext = "xls" if not force_xlsx else "xlsx"
if xls_df_builder.exceeds_xls_limits:
ext = "xlsx"
try:
temp_file = NamedTemporaryFile(suffix=excel_defs[ext]["suffix"])
xls_df_builder.export_to(temp_file.name)
if request.GET.get("raw"):
id_string = None
response = response_with_mimetype_and_name(excel_defs[ext]["mime_type"], id_string, extension=ext)
response.write(temp_file.read())
temp_file.seek(0, os.SEEK_END)
response["Content-Length"] = temp_file.tell()
temp_file.close()
return response
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
owner = User.objects.get(username=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
audit = {
"xform": xform.id_string
}
audit_log(
Actions.FORM_XLS_DOWNLOADED, request.user, xform.user,
_("Downloaded XLS file for form '%(id_string)s'.") %
{
"id_string": xform.id_string
}, audit, request)
split_path = file_path.split(os.extsep)
extension = 'xls'
if len(split_path) > 1:
extension = split_path[len(split_path) - 1]
response = response_with_mimetype_and_name(
'vnd.ms-excel', id_string, show_date=False, extension=extension,
file_path=file_path)
return response
else:
messages.add_message(request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>')
% {'id': id_string})
return HttpResponseRedirect("/%s" % username)
def download_xform(request, username, id_string):
xform = XForm.objects.get(user__username=username, id_string=id_string)
# TODO: protect for users who have settings to use auth
response = response_with_mimetype_and_name('xml', id_string,
show_date=False)
response.content = xform.xml
return response
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden('Not shared.')
dd = DataDictionary.objects.get(id_string=id_string,
user=owner)
if request.GET.get('raw'):
id_string = None
# create zip_file
tmp = NamedTemporaryFile()
z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED)
photos = image_urls_for_form(xform)
for photo in photos:
f = NamedTemporaryFile()
req = urllib2.Request(photo)
f.write(urllib2.urlopen(req).read())
f.seek(0)
z.write(f.name, urlparse(photo).path[1:])
f.close()
z.close()
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string,
file_path=tmp.name, use_local_filesystem=True)
return response
def download_metadata(request, username, id_string, data_id):
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
owner = xform.user
if username == request.user.username or xform.shared:
data = get_object_or_404(MetaData, pk=data_id)
file_path = data.data_file.name
filename, extension = os.path.splitext(file_path.split('/')[-1])
extension = extension.strip('.')
dfs = get_storage_class()()
if dfs.exists(file_path):
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_UPDATED, request.user, owner,
_("Document '%(filename)s' for '%(id_string)s' downloaded.") %
{
'id_string': xform.id_string,
'filename': "%s.%s" % (filename, extension)
}, audit, request)
response = response_with_mimetype_and_name(
data.data_file_type,
filename, extension=extension, show_date=False,
file_path=file_path)
return response
else:
return HttpResponseNotFound()
return HttpResponseForbidden(_(u'Permission denied.'))
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username,
id_string=id_string)
owner = User.objects.get(username=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
audit = {"xform": xform.id_string}
audit_log(
Actions.FORM_XLS_DOWNLOADED, request.user, xform.user,
_("Downloaded XLS file for form '%(id_string)s'.") %
{"id_string": xform.id_string}, audit, request)
split_path = file_path.split(os.extsep)
extension = 'xls'
if len(split_path) > 1:
extension = split_path[len(split_path) - 1]
response = response_with_mimetype_and_name('vnd.ms-excel',
id_string,
show_date=False,
extension=extension,
file_path=file_path)
return response
else:
messages.add_message(
request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>') % {'id': id_string})
return HttpResponseRedirect("/%s" % username)
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if request.GET.get('raw'):
id_string = None
attachments = Attachment.objects.filter(instance__xform=xform)
zip_file = create_attachments_zipfile(attachments)
audit = {"xform": xform.id_string, "export_type": Export.ZIP_EXPORT}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip',
id_string,
file_path=zip_file,
use_local_filesystem=True)
return response
def export_download(request, username, id_string, export_type, filename):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export = get_object_or_404(Export, xform=xform, filename=filename)
if export_type == Export.GDOC_EXPORT and export.export_url is not None:
return HttpResponseRedirect(export.export_url)
ext, mime_type = export_def_from_filename(export.filename)
audit = {
"xform": xform.id_string,
"export_type": export.export_type
}
audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export '%(filename)s' on '%(id_string)s'.") %\
{
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
basename = os.path.splitext(export.filename)[0]
response = response_with_mimetype_and_name(
mime_type, name=basename, extension=ext,
file_path=export.filepath, show_date=False)
return response
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if request.GET.get('raw'):
id_string = None
attachments = Attachment.objects.filter(instance__xform=xform)
zip_file = create_attachments_zipfile(attachments)
audit = {
"xform": xform.id_string,
"export_type": Export.ZIP_EXPORT
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string,
file_path=zip_file,
use_local_filesystem=True)
return response
def data_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
audit = {
"xform": xform.id_string,
"export_type": export_type
}
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type) or query:
try:
export = generate_export(
export_type, extension, username, id_string, None, query)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
else:
export = newset_export_for(xform, export_type)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def download_jsonform(request, username, id_string):
owner = User.objects.get(username=username)
xform = XForm.objects.get(user__username=username, id_string=id_string)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
response = response_with_mimetype_and_name('json', id_string,
show_date=False)
response.content = xform.json
return response
def download_xform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username,
id_string=id_string)
# TODO: protect for users who have settings to use auth
response = response_with_mimetype_and_name('xml',
id_string,
show_date=False)
response.content = xform.xml
return response
def download_metadata(request, username, id_string, data_id):
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
if username == request.user.username or xform.shared:
data = MetaData.objects.get(pk=data_id)
return response_with_mimetype_and_name(
data.data_file_type,
data.data_value, '', None, False,
data.data_file.name)
return HttpResponseForbidden('Permission denied.')
def download_jsonform(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, user__username=username, id_string=id_string)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden("Not shared.")
response = response_with_mimetype_and_name("json", id_string, show_date=False)
if "callback" in request.GET and request.GET.get("callback") != "":
callback = request.GET.get("callback")
response.content = "%s(%s)" % (callback, xform.json)
else:
response.content = xform.json
return response
def download_media_data(request, username, id_string, data_id):
xform = get_object_or_404(
XForm, user__username=username, id_string=id_string)
owner = xform.user
data = get_object_or_404(MetaData, id=data_id)
dfs = get_storage_class()()
if request.GET.get('del', False):
if username == request.user.username:
try:
dfs.delete(data.data_file.name)
data.delete()
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_UPDATED, request.user, owner,
_("Media download '%(filename)s' deleted from "
"'%(id_string)s'.") %
{
'id_string': xform.id_string,
'filename': os.path.basename(data.data_file.name)
}, audit, request)
return HttpResponseRedirect(reverse(show, kwargs={
'username': username,
'id_string': id_string
}))
except Exception:
return HttpResponseServerError()
else:
if username: # == request.user.username or xform.shared:
file_path = data.data_file.name
filename, extension = os.path.splitext(file_path.split('/')[-1])
extension = extension.strip('.')
if dfs.exists(file_path):
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_UPDATED, request.user, owner,
_("Media '%(filename)s' downloaded from "
"'%(id_string)s'.") %
{
'id_string': xform.id_string,
'filename': os.path.basename(file_path)
}, audit, request)
response = response_with_mimetype_and_name(
data.data_file_type,
filename, extension=extension, show_date=False,
file_path=file_path)
return response
else:
return HttpResponseNotFound()
return HttpResponseForbidden(_(u'Permission denied.'))
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm, user__username=username, id_string=id_string)
owner = User.objects.get(username=username)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden("Not shared.")
file_path = xform.xls.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
response = response_with_mimetype_and_name(
"vnd.ms-excel", id_string, show_date=False, extension="xls", file_path=file_path
)
return response
else:
messages.add_message(request, messages.WARNING, "No XLS file for your form <strong>%s</strong>" % id_string)
return HttpResponseRedirect("/%s" % username)
def download_jsonform(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, user__username=username,
id_string=id_string)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden(_(u'Not shared.'))
response = response_with_mimetype_and_name('json', id_string,
show_date=False)
if 'callback' in request.GET and request.GET.get('callback') != '':
callback = request.GET.get('callback')
response.content = "%s(%s)" % (callback, xform.json)
else:
response.content = xform.json
return response
def download_jsonform(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm,
user__username=username,
id_string=id_string)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
response = response_with_mimetype_and_name('json',
id_string,
show_date=False)
if 'callback' in request.GET and request.GET.get('callback') != '':
callback = request.GET.get('callback')
response.content = "%s(%s)" % (callback, xform.json)
else:
response.content = xform.json
return response
def download_metadata(request, username, id_string, data_id):
xform = get_object_or_404(XForm, user__username=username, id_string=id_string)
if username == request.user.username or xform.shared:
data = get_object_or_404(MetaData, pk=data_id)
file_path = data.data_file.name
filename, extension = os.path.splitext(file_path.split("/")[-1])
extension = extension.strip(".")
default_storage = get_storage_class()()
if default_storage.exists(file_path):
response = response_with_mimetype_and_name(
data.data_file_type, filename, extension=extension, show_date=False, file_path=file_path
)
return response
else:
return HttpResponseNotFound()
return HttpResponseForbidden(_(u"Permission denied."))
def export_download(request, username, id_string, export_type, filename):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export = get_object_or_404(Export, xform=xform, filename=filename)
ext, mime_type = export_def_from_filename(export.filename)
if request.GET.get('raw'):
id_string = None
basename = os.path.splitext(export.filename)[0]
response = response_with_mimetype_and_name(mime_type,
name=basename, extension=ext, file_path=export.filepath, show_date=False)
return response
def csv_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden('Not shared.')
valid, dd = dd_for_params(id_string, owner, request)
if not valid: return dd
writer = CsvWriter(dd, dd.get_data_for_excel(), dd.get_keys(),\
dd.get_variable_name)
file_path = writer.get_default_file_path()
writer.write_to_file(file_path)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('application/csv', id_string,
extension='csv',
file_path=file_path, use_local_filesystem=True)
return response
def csv_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden("Not shared.")
valid, dd = dd_for_params(id_string, owner, request)
if not valid:
return dd
writer = CsvWriter(dd, dd.get_data_for_excel(), dd.get_keys(), dd.get_variable_name)
file_path = writer.get_default_file_path()
writer.write_to_file(file_path)
if request.GET.get("raw"):
id_string = None
response = response_with_mimetype_and_name(
"application/csv", id_string, extension="csv", file_path=file_path, use_local_filesystem=True
)
return response
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
dd = DataDictionary.objects.get(id_string=id_string,
user=owner)
if request.GET.get('raw'):
id_string = None
# create zip_file
tmp = NamedTemporaryFile()
z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED)
photos = image_urls_for_form(xform)
for photo in photos:
f = NamedTemporaryFile()
req = urllib2.Request(photo)
f.write(urllib2.urlopen(req).read())
f.seek(0)
z.write(f.name, urlparse(photo).path[1:])
f.close()
z.close()
audit = {
"xform": xform.id_string,
"export_type": Export.ZIP_EXPORT
}
audit_log(Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string,
file_path=tmp.name,
use_local_filesystem=True)
return response
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden('Not shared.')
valid, dd = dd_for_params(id_string, owner, request)
if not valid: return dd
ddw = XlsWriter()
ddw.set_data_dictionary(dd)
temp_file = ddw.save_workbook_to_file()
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('vnd.ms-excel', id_string,
extension='xls')
response.write(temp_file.getvalue())
temp_file.seek(0, os.SEEK_END)
response['Content-Length'] = temp_file.tell()
temp_file.close()
return response
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden("Not shared.")
valid, dd = dd_for_params(id_string, owner, request)
if not valid:
return dd
ddw = XlsWriter()
ddw.set_data_dictionary(dd)
temp_file = ddw.save_workbook_to_file()
if request.GET.get("raw"):
id_string = None
response = response_with_mimetype_and_name("vnd.ms-excel", id_string, extension="xls")
response.write(temp_file.getvalue())
temp_file.seek(0, os.SEEK_END)
response["Content-Length"] = temp_file.tell()
temp_file.close()
return response
def xls_export(request, username, id_string):
owner = User.objects.get(username=username)
xform = XForm.objects.get(id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden('Not shared.')
valid, dd = dd_for_params(id_string, owner, request)
if not valid: return dd
ddw = XlsWriter()
ddw.set_data_dictionary(dd)
temp_file = ddw.save_workbook_to_file()
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('vnd.ms-excel', id_string,
extension='xls')
response.write(temp_file.getvalue())
temp_file.seek(0, os.SEEK_END)
response['Content-Length'] = temp_file.tell()
temp_file.close()
return response
def download_xform(request, username, id_string):
user = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, user=user, id_string=id_string)
profile, created =\
UserProfile.objects.get_or_create(user=user)
if profile.require_auth:
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
audit = {"xform": xform.id_string}
audit_log(
Actions.FORM_XML_DOWNLOADED, request.user, xform.user,
_("Downloaded XML for form '%(id_string)s'.") %
{"id_string": xform.id_string}, audit, request)
response = response_with_mimetype_and_name('xml',
id_string,
show_date=False)
response.content = xform.xml
return response
def csv_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
ext = Export.CSV_EXPORT
try:
export = generate_export(Export.CSV_EXPORT, ext, username, id_string,
None, query)
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
else:
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username,
id_string=id_string)
owner = User.objects.get(username=username)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
response = response_with_mimetype_and_name('vnd.ms-excel',
id_string,
show_date=False,
extension='xls',
file_path=file_path)
return response
else:
messages.add_message(
request, messages.WARNING,
'No XLS file for your form <strong>%s</strong>' % id_string)
return HttpResponseRedirect("/%s" % username)
def csv_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u"Not shared."))
query = request.GET.get("query")
csv_dataframe_builder = CSVDataFrameBuilder(username, id_string, query)
try:
temp_file = NamedTemporaryFile(suffix=".csv")
csv_dataframe_builder.export_to(temp_file)
if request.GET.get("raw"):
id_string = None
response = response_with_mimetype_and_name("application/csv", id_string, extension="csv")
temp_file.seek(0)
response.write(temp_file.read())
temp_file.seek(0, os.SEEK_END)
response["Content-Length"] = temp_file.tell()
temp_file.close()
return response
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
force_xlsx = request.GET.get('xlsx') == 'true'
ext = 'xls' if not force_xlsx else 'xlsx'
try:
export = generate_export(
Export.XLS_EXPORT, ext, username, id_string, None, query)
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
else:
audit = {
"xform": xform.id_string,
"export_type": Export.XLS_EXPORT
}
audit_log(Actions.EXPORT_CREATED, request.user, owner,
_("Created XLS export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded XLS export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def export_download(request, username, id_string, export_type, filename):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export = get_object_or_404(Export, xform=xform, filename=filename)
if export_type == Export.GDOC_EXPORT and export.export_url is not None:
return HttpResponseRedirect(export.export_url)
ext, mime_type = export_def_from_filename(export.filename)
audit = {
"xform": xform.id_string,
"export_type": export.export_type
}
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export '%(filename)s' "
"on '%(id_string)s'.") %
{
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
default_storage = get_storage_class()()
if not isinstance(default_storage, FileSystemStorage):
return HttpResponseRedirect(default_storage.url(export.filepath))
basename = os.path.splitext(export.filename)[0]
response = response_with_mimetype_and_name(
mime_type, name=basename, extension=ext,
file_path=export.filepath, show_date=False)
return response
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
force_xlsx = request.GET.get('xlsx') == 'true'
ext = 'xls' if not force_xlsx else 'xlsx'
try:
export = generate_export(Export.XLS_EXPORT, ext, username, id_string,
None, query)
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
else:
# get extension from file_path, exporter could modify to xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def download_xform(request, username, id_string):
user = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm,
user=user, id_string=id_string)
profile, created =\
UserProfile.objects.get_or_create(user=user)
if profile.require_auth:
response = helper_auth_helper(request)
if response:
return response
audit = {
"xform": xform.id_string
}
audit_log(Actions.FORM_XML_DOWNLOADED, request.user, xform.user,
_("Downloaded XML for form '%(id_string)s'.") %\
{
"id_string": xform.id_string
}, audit, request)
response = response_with_mimetype_and_name('xml', id_string,
show_date=False)
response.content = xform.xml
return response
def csv_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
ext = Export.CSV_EXPORT
try:
export = generate_export(
Export.CSV_EXPORT, ext, username, id_string, None, query)
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
else:
audit = {
"xform": xform.id_string,
"export_type": Export.CSV_EXPORT
}
audit_log(Actions.EXPORT_CREATED, request.user, owner,
_("Created CSV export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded CSV export on '%(id_string)s'.") %\
{
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def download_xform(request, username, id_string):
user = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm,
user=user, id_string=id_string)
profile, created =\
UserProfile.objects.get_or_create(user=user)
if profile.require_auth:
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
audit = {
"xform": xform.id_string
}
audit_log(
Actions.FORM_XML_DOWNLOADED, request.user, xform.user,
_("Downloaded XML for form '%(id_string)s'.") %
{
"id_string": xform.id_string
}, audit, request)
response = response_with_mimetype_and_name('xml', id_string,
show_date=False)
response.content = xform.xml
return response
def xls_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
force_xlsx = request.GET.get('xlsx') == 'true'
xls_df_builder = XLSDataFrameBuilder(username, id_string, query)
excel_defs = {
'xls': {
'suffix': '.xls',
'mime_type': 'vnd.ms-excel'
},
'xlsx': {
'suffix': '.xlsx',
'mime_type': 'vnd.openxmlformats' # TODO: check xlsx mime type
}
}
ext = 'xls' if not force_xlsx else 'xlsx'
if xls_df_builder.exceeds_xls_limits:
ext = 'xlsx'
try:
temp_file = NamedTemporaryFile(suffix=excel_defs[ext]['suffix'])
xls_df_builder.export_to(temp_file.name)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(excel_defs[ext]['mime_type'], id_string,
extension=ext)
response.write(temp_file.read())
temp_file.seek(0, os.SEEK_END)
response['Content-Length'] = temp_file.tell()
temp_file.close()
return response
except NoRecordsFoundError:
return HttpResponse(_("No records found to export"))
def data_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
elif export_type == Export.CSV_ZIP_EXPORT:
extension = 'zip'
audit = {
"xform": xform.id_string,
"export_type": export_type
}
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type) or query or\
'start' in request.GET or 'end' in request.GET:
format_date_for_mongo = lambda x, datetime: datetime.strptime(
x, '%y_%m_%d_%H_%M_%S').strftime('%Y-%m-%dT%H:%M:%S')
# check for start and end params
if 'start' in request.GET or 'end' in request.GET:
if not query:
query = '{}'
query = json.loads(query)
query[SUBMISSION_TIME] = {}
try:
if request.GET.get('start'):
query[SUBMISSION_TIME]['$gte'] = format_date_for_mongo(
request.GET['start'], datetime)
if request.GET.get('end'):
query[SUBMISSION_TIME]['$lte'] = format_date_for_mongo(
request.GET['end'], datetime)
except ValueError:
return HttpResponseBadRequest(
_("Dates must be in the format YY_MM_DD_hh_mm_ss"))
else:
query = json.dumps(query)
try:
export = generate_export(
export_type, extension, username, id_string, None, query)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
else:
export = newset_export_for(xform, export_type)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
data.delete()
return HttpResponseRedirect(reverse(show, kwargs={
'username': username,
'id_string': id_string
}))
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
if username == request.user.username or xform.shared:
data = get_object_or_404(MetaData, pk=data_id)
file_path = data.data_file.name
filename, extension = os.path.splitext(file_path.split('/')[-1])
extension = extension.strip('.')
default_storage = get_storage_class()()
if default_storage.exists(file_path):
response = response_with_mimetype_and_name(
data.data_file_type,
filename, extension=extension, show_date=False,
file_path=file_path)
return response
else:
return HttpResponseNotFound()
return HttpResponseForbidden(_(u'Permission denied.'))
def download_media_data(request, username, id_string, data_id):
data = get_object_or_404(MetaData, id=data_id)
default_storage = get_storage_class()()
if request.GET.get('del', False) and username == request.user.username:
try:
default_storage.delete(data.data_file.name)
data.delete()
return HttpResponseRedirect(reverse(show, kwargs={
return HttpResponseServerError()
elif request.GET.get('map_name_del', False) and \
username == request.user.username:
data.delete()
return HttpResponseRedirect(reverse(show, kwargs={
'username': username,
'id_string': id_string
}))
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
if username == request.user.username or xform.shared:
data = get_object_or_404(MetaData, pk=data_id)
file_path = data.data_file.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
response = response_with_mimetype_and_name(data.data_file_type, data.data_value,
show_date=False, file_path=file_path)
return response
else:
return HttpResponseNotFound()
return HttpResponseForbidden('Permission denied.')
def download_media_data(request, username, id_string, data_id):
data = get_object_or_404(MetaData, id=data_id)
default_storage = get_storage_class()()
if request.GET.get('del', False) and username == request.user.username:
try:
default_storage.delete(data.data_file.name)
data.delete()
return HttpResponseRedirect(reverse(show, kwargs={
'username': username,
'id_string': id_string
def data_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
elif export_type == Export.CSV_ZIP_EXPORT:
extension = 'zip'
audit = {"xform": xform.id_string, "export_type": export_type}
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type) or query or\
'start' in request.GET or 'end' in request.GET:
format_date_for_mongo = lambda x, datetime: datetime.strptime(
x, '%y_%m_%d_%H_%M_%S').strftime('%Y-%m-%dT%H:%M:%S')
# check for start and end params
if 'start' in request.GET or 'end' in request.GET:
if not query:
query = '{}'
query = json.loads(query)
query[SUBMISSION_TIME] = {}
try:
if request.GET.get('start'):
query[SUBMISSION_TIME]['$gte'] = format_date_for_mongo(
request.GET['start'], datetime)
if request.GET.get('end'):
query[SUBMISSION_TIME]['$lte'] = format_date_for_mongo(
request.GET['end'], datetime)
except ValueError:
return HttpResponseBadRequest(
_("Dates must be in the format YY_MM_DD_hh_mm_ss"))
else:
query = json.dumps(query)
try:
export = generate_export(export_type, extension, username,
id_string, None, query)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
else:
export = newset_export_for(xform, export_type)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(Export.EXPORT_MIMES[ext],
id_string,
extension=ext,
file_path=export.filepath)
return response
