def post(self, request, *args, **kwargs):
if self.has_permissions(self.domain, request.couch_user):
self.get_spec_or_404()
if is_ajax(request):
return self.get_ajax(self.request.POST)
else:
return HttpResponseBadRequest()
else:
raise Http403()
def _invoke_remote_method(self, request, args, kwargs, data=None):
if not is_ajax(request):
return self._dispatch_super(request, *args, **kwargs)
remote_method = request.META.get('HTTP_DJNG_REMOTE_METHOD')
handler = remote_method and getattr(self, remote_method, None)
if not callable(handler):
return self._dispatch_super(request, *args, **kwargs)
if not hasattr(handler, 'allow_rmi'):
return HttpResponseForbidden(
f"Method '{type(self).__name__}.{remote_method}' has no decorator '@allow_remote_invocation'"
)
data_args = (data(), ) if data is not None else ()
try:
response_data = handler(*data_args)
except JSONResponseException as e:
return self.json_response({'message': e.args[0]}, e.status_code)
return self.json_response(response_data)
def _inner(request, domain, *args, **kwargs):
if not hasattr(request, "couch_user"):
return redirect_for_login_or_domain(request)
elif permission_check_v2 is not None:
if permission_check_v2(request, domain):
return view_func(request, domain, *args, **kwargs)
else:
raise PermissionDenied()
elif request.user.is_superuser or permission_check(
request.couch_user, domain):
request.is_view_only = False
return view_func(request, domain, *args, **kwargs)
elif (view_only_permission_check is not None
and view_only_permission_check(request.couch_user, domain)):
request.is_view_only = True
return view_func(request, domain, *args, **kwargs)
else:
if is_ajax(request):
return HttpResponse(_(
"Sorry, you don't have permission to do this action!"),
status=403)
raise PermissionDenied()
def get(self, request, *args, **kwargs):
if self.has_permissions(self.domain, request.couch_user):
self.get_spec_or_404()
if kwargs.get('render_as') == 'email':
return self.email_response
elif kwargs.get('render_as') == 'excel':
return self.excel_response
elif request.GET.get('format', None) == "export":
return self.export_response
elif is_ajax(request) or request.GET.get('format', None) == 'json':
return self.get_ajax(self.request.GET)
self.content_type = None
try:
self.add_warnings(self.request)
except UserReportsError as e:
details = ''
if isinstance(e, DataSourceConfigurationNotFoundError):
error_message = DATA_SOURCE_NOT_FOUND_ERROR_MESSAGE
else:
error_message = _(
'It looks like there is a problem with your report. '
'You may need to delete and recreate the report. '
'If you believe you are seeing this message in error, please report an issue.'
)
details = str(e)
self.template_name = 'userreports/report_error.html'
context = {
'report_id': self.report_config_id,
'is_static': self.is_static,
'error_message': error_message,
'details': details,
}
context.update(self.main_context)
return self.render_to_response(context)
return super(ConfigurableReportView,
self).get(request, *args, **kwargs)
else:
raise Http403()
def export_list(self):
exports = []
if (
self.request.method == 'POST'
and 'export_list' in self.request.POST
and not is_ajax(self.request)
):
raw_export_list = json.loads(self.request.POST['export_list'])
exports = [self.view_helper.get_export(e['id']) for e in raw_export_list]
elif self.export_id or self.sms_export:
exports = [self.view_helper.get_export(self.export_id)]
if not self.permissions.has_view_permissions:
if self.permissions.has_deid_view_permissions:
exports = [x for x in exports if x.is_safe]
else:
raise Http404()
# if there are no exports, this page doesn't exist
if not exports:
raise Http404()
exports = [self.download_export_form.format_export_data(e) for e in exports]
return exports
def post(self, request, *args, **kwargs):
if not is_ajax(request):
context = self.get_context_data(**kwargs)
return self.render_to_response(context)
return super(BaseDownloadExportView, self).post(request, *args, **kwargs)