def make_same_request(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
message = get_object_or_404(FoiMessage, id=int(message_id))
if not request.user.is_authenticated():
return render_403(request)
if not foirequest == message.request:
return render_400(request)
if not message.not_publishable:
return render_400(request)
if foirequest.same_as is not None:
foirequest = foirequest.same_as
same_requests = FoiRequest.objects.filter(user=request.user, same_as=foirequest).count()
if same_requests:
messages.add_message(request, messages.ERROR,
_("You already made an identical request"))
return render_400(request)
body = u"%s\n\n%s" % (foirequest.description,
_('Please see this request on FragDenStaat.de where you granted access to this information: %(url)s') % {'url': foirequest.get_absolute_domain_short_url()})
fr = FoiRequest.from_request_form(
request.user, foirequest.public_body,
foirequest.law,
form_data=dict(
subject=foirequest.title,
body=body,
public=foirequest.public
)) # Don't pass post_data, get default letter of law
fr.same_as = foirequest
fr.save()
messages.add_message(request, messages.SUCCESS,
_('You successfully requested this document! Your request is displayed below.'))
return HttpResponseRedirect(fr.get_absolute_url())
def set_public_body(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
try:
public_body_pk = int(request.POST.get('suggestion', ''))
except ValueError:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return redirect(foirequest)
try:
public_body = PublicBody.objects.get(pk=public_body_pk)
except PublicBody.DoesNotExist:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return render_400(request)
if not foirequest.needs_public_body():
messages.add_message(request, messages.ERROR,
_("This request doesn't need a Public Body!"))
return render_400(request)
foilaw = public_body.default_law
foirequest.set_public_body(public_body, foilaw)
messages.add_message(request, messages.SUCCESS,
_("Request was sent to: %(name)s.") % {"name": public_body.name})
return redirect(foirequest)
def set_public_body(request, foirequest):
try:
publicbody_pk = int(request.POST.get('suggestion', ''))
except ValueError:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return redirect(foirequest)
try:
publicbody = PublicBody.objects.get(pk=publicbody_pk)
except PublicBody.DoesNotExist:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return render_400(request)
if not foirequest.needs_public_body():
messages.add_message(request, messages.ERROR,
_("This request doesn't need a Public Body!"))
return render_400(request)
throttle_message = check_throttle(request.user, FoiRequest)
if throttle_message:
messages.add_message(request, messages.ERROR, throttle_message)
return render_400(request)
foilaw = publicbody.default_law
foirequest.set_publicbody(publicbody, foilaw)
messages.add_message(
request, messages.SUCCESS,
_("Request was sent to: %(name)s.") % {"name": publicbody.name})
return redirect(foirequest)
def add_postal_reply_attachment(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
try:
message = FoiMessage.objects.get(request=foirequest, pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not request.user.is_authenticated():
return render_403(request)
if request.user != foirequest.user:
return render_403(request)
if not message.is_postal:
return render_400(request)
form = PostalAttachmentForm(request.POST, request.FILES)
if form.is_valid():
scan = request.FILES['scan']
scan_name = scan.name.rsplit(".", 1)
scan_name = ".".join([slugify(n) for n in scan_name])
try:
att = FoiAttachment.objects.get(belongs_to=message, name=scan_name)
status_message = _('Your document was added to the message and replaced '
'an existing attachment with the same name.')
except FoiAttachment.DoesNotExist:
att = FoiAttachment(belongs_to=message, name=scan_name)
status_message = _('Your document was added to the message as a '
'new attachment.')
att.size = scan.size
att.filetype = scan.content_type
att.file.save(scan_name, scan)
att.approved = False
att.save()
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
messages.add_message(request, messages.ERROR,
form._errors['scan'][0])
return render_400(request)
def add_postal_reply_attachment(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_postal:
return render_400(request)
form = get_postal_attachment_form(request.POST,
request.FILES,
foimessage=message)
if form.is_valid():
result = form.save(message)
added, updated = result
if updated > 0 and not added:
status_message = _(
'You updated %d document(s) on this message') % updated
elif updated > 0 and added > 0:
status_message = _(
'You added %(added)d and updated %(updated)d document(s) on this message'
) % {
'updated': updated,
'added': added
}
elif added > 0:
status_message = _(
'You added %d document(s) to this message.') % added
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors['files'][0])
return render_400(request)
def make_same_request(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
message = get_object_or_404(FoiMessage, id=int(message_id))
if not message.not_publishable:
return render_400(request)
if not foirequest == message.request:
return render_400(request)
if foirequest.same_as is not None:
foirequest = foirequest.same_as
if not request.user.is_authenticated:
new_user_form = NewUserForm(request.POST)
if not new_user_form.is_valid():
return show(request, slug, context={"new_user_form": new_user_form}, status=400)
else:
user, password = AccountManager.create_user(**new_user_form.cleaned_data)
else:
user = request.user
if foirequest.user == user:
return render_400(request)
same_requests = FoiRequest.objects.filter(user=user, same_as=foirequest).count()
if same_requests:
messages.add_message(request, messages.ERROR,
_("You already made an identical request"))
return render_400(request)
throttle_message = check_throttle(request.user, FoiRequest)
if throttle_message:
messages.add_message(request, messages.ERROR, throttle_message)
return render_400(request)
body = u"%s\n\n%s" % (foirequest.description,
_('Please see this request on %(site_name)s where you granted access to this information: %(url)s') % {
'url': foirequest.get_absolute_domain_short_url(),
'site_name': settings.SITE_NAME
})
kwargs = registry.run_hook('pre_request_creation', request,
user=user,
public_body=foirequest.public_body,
foi_law=foirequest.law,
form_data=dict(
subject=foirequest.title,
body=body,
public=foirequest.public
) # Don't pass post_data, get default letter of law
)
fr = FoiRequest.from_request_form(**kwargs)
fr.same_as = foirequest
fr.save()
if user.is_active:
messages.add_message(request, messages.SUCCESS,
_('You successfully requested this document! Your request is displayed below.'))
return redirect(fr)
else:
AccountManager(user).send_confirmation_mail(request_id=fr.pk,
password=password)
messages.add_message(request, messages.INFO,
_('Please check your inbox for mail from us to confirm your mail address.'))
# user cannot access the request yet!
return redirect("/")
def make_same_request(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
message = get_object_or_404(FoiMessage, id=int(message_id))
if not message.not_publishable:
return render_400(request)
if not foirequest == message.request:
return render_400(request)
if foirequest.same_as is not None:
foirequest = foirequest.same_as
if not request.user.is_authenticated():
new_user_form = NewUserForm(request.POST)
if not new_user_form.is_valid():
return show(request, slug, context={"new_user_form": new_user_form}, status=400)
else:
user, password = AccountManager.create_user(**new_user_form.cleaned_data)
else:
user = request.user
if foirequest.user == user:
return render_400(request)
same_requests = FoiRequest.objects.filter(user=user, same_as=foirequest).count()
if same_requests:
messages.add_message(request, messages.ERROR,
_("You already made an identical request"))
return render_400(request)
throttle_message = check_throttle(request.user, FoiRequest)
if throttle_message:
messages.add_message(request, messages.ERROR, throttle_message)
return render_400(request)
body = u"%s\n\n%s" % (foirequest.description,
_('Please see this request on %(site_name)s where you granted access to this information: %(url)s') % {
'url': foirequest.get_absolute_domain_short_url(),
'site_name': settings.SITE_NAME
})
kwargs = registry.run_hook('pre_request_creation', request,
user=user,
public_body=foirequest.public_body,
foi_law=foirequest.law,
form_data=dict(
subject=foirequest.title,
body=body,
public=foirequest.public
) # Don't pass post_data, get default letter of law
)
fr = FoiRequest.from_request_form(**kwargs)
fr.same_as = foirequest
fr.save()
if user.is_active:
messages.add_message(request, messages.SUCCESS,
_('You successfully requested this document! Your request is displayed below.'))
return redirect(fr)
else:
AccountManager(user).send_confirmation_mail(request_id=fr.pk,
password=password)
messages.add_message(request, messages.INFO,
_('Please check your inbox for mail from us to confirm your mail address.'))
# user cannot access the request yet!
return redirect("/")
def add_postal_reply_attachment(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
try:
message = FoiMessage.objects.get(request=foirequest, pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not request.user.is_authenticated():
return render_403(request)
if request.user != foirequest.user:
return render_403(request)
if not message.is_postal:
return render_400(request)
form = PostalAttachmentForm(request.POST, request.FILES)
if form.is_valid():
scan = request.FILES["scan"]
scan_name = scan.name.rsplit(".", 1)
scan_name = ".".join([slugify(n) for n in scan_name])
try:
att = FoiAttachment.objects.get(belongs_to=message, name=scan_name)
status_message = _(
"Your document was added to the message and replaced " "an existing attachment with the same name."
)
except FoiAttachment.DoesNotExist:
att = FoiAttachment(belongs_to=message, name=scan_name)
status_message = _("Your document was added to the message as a " "new attachment.")
att.size = scan.size
att.filetype = scan.content_type
att.file.save(scan_name, scan)
att.approved = False
att.save()
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors["scan"][0])
return render_400(request)
def add_postal_reply_attachment(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
try:
message = FoiMessage.objects.get(request=foirequest, pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not request.user.is_authenticated():
return render_403(request)
if request.user != foirequest.user:
return render_403(request)
if not message.is_postal:
return render_400(request)
form = PostalAttachmentForm(request.POST, request.FILES)
if form.is_valid():
scan = request.FILES['scan']
scan_name = scan.name.rsplit(".", 1)
scan_name = ".".join([slugify(n) for n in scan_name])
att = FoiAttachment(belongs_to=message,
name=scan_name,
size=scan.size,
filetype=scan.content_type)
att.file.save(scan_name, scan)
att.approved = True
att.save()
messages.add_message(request, messages.SUCCESS,
_('Your document was attached to the message.'))
return HttpResponseRedirect(message.get_absolute_url())
messages.add_message(request, messages.ERROR,
form._errors['scan'][0])
return render_400(request)
def suggest_public_body(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not foirequest.needs_public_body():
return render_400(request)
form = MakePublicBodySuggestionForm(request.POST)
if form.is_valid():
publicbody = form.publicbody_object
user = None
if request.user.is_authenticated:
user = request.user
response = foirequest.suggest_public_body(
publicbody,
form.cleaned_data['reason'],
user
)
if response:
messages.add_message(request, messages.SUCCESS,
_('Your Public Body suggestion has been added.'))
else:
messages.add_message(request, messages.WARNING,
_('This Public Body has already been suggested.'))
return redirect(foirequest)
messages.add_message(request, messages.ERROR,
_("You need to specify a Public Body!"))
return render_400(request)
def suggest_public_body(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not foirequest.needs_public_body():
return render_400(request)
form = MakePublicBodySuggestionForm(request.POST)
if form.is_valid():
publicbody = form.publicbody_object
user = None
if request.user.is_authenticated:
user = request.user
response = foirequest.suggest_public_body(publicbody,
form.cleaned_data['reason'],
user)
if response:
messages.add_message(
request, messages.SUCCESS,
_('Your Public Body suggestion has been added.'))
else:
messages.add_message(
request, messages.WARNING,
_('This Public Body has already been suggested.'))
return redirect(foirequest)
messages.add_message(request, messages.ERROR,
_("You need to specify a Public Body!"))
return render_400(request)
def set_public_body(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
try:
public_body_pk = int(request.POST.get('suggestion', ''))
except ValueError:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return HttpResponseRedirect(foirequest.get_absolute_url())
try:
public_body = PublicBody.objects.get(pk=public_body_pk)
except PublicBody.DoesNotExist:
messages.add_message(request, messages.ERROR,
_('Missing or invalid input!'))
return render_400(request)
if not foirequest.needs_public_body():
messages.add_message(request, messages.ERROR,
_("This request doesn't need a Public Body!"))
return render_400(request)
# FIXME: make foilaw dynamic
foilaw = public_body.default_law
foirequest.set_public_body(public_body, foilaw)
messages.add_message(request, messages.SUCCESS,
_("Request was sent to: %(name)s.") % {"name": public_body.name})
return HttpResponseRedirect(foirequest.get_absolute_url())
def add_postal_reply_attachment(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(
request=foirequest, pk=int(message_id)
)
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_postal:
return render_400(request)
form = get_postal_attachment_form(
request.POST, request.FILES, foimessage=message
)
if form.is_valid():
result = form.save(message)
added, updated = result
if request.is_ajax():
return JsonResponse({
'added': [
FoiAttachmentSerializer(a, context={
'request': request
}).data for a in added
],
'updated': [
FoiAttachmentSerializer(u, context={
'request': request
}).data for u in updated
],
})
added_count = len(added)
updated_count = len(updated)
if updated_count > 0 and not added_count:
status_message = _(
'You updated %d document(s) on this message'
) % updated_count
elif updated_count > 0 and added_count > 0:
status_message = _(
'You added %(added)d and updated %(updated)d '
'document(s) on this message') % {
'updated': updated_count, 'added': added_count
}
elif added_count > 0:
status_message = _(
'You added %d document(s) to this message.'
) % added_count
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
if request.is_ajax():
return JsonResponse({
'error': form._errors['files'][0],
})
messages.add_message(request, messages.ERROR,
form._errors['files'][0])
return render_400(request)
def delete_request(request, foirequest):
if foirequest.status != 'awaiting_user_confirmation':
return render_400(request)
if foirequest.user != request.user:
return render_400(request)
foirequest.delete()
return get_redirect(request)
def confirm_request(request, foirequest):
if foirequest.status != 'awaiting_user_confirmation':
return render_400(request)
req_service = ActivatePendingRequestService({'foirequest': foirequest})
foirequest = req_service.process(request=request)
if not foirequest:
return render_400(request)
return redirect(foirequest)
def confirm_request(request, foirequest):
if foirequest.status != 'awaiting_user_confirmation':
return render_400(request)
req_service = ActivatePendingRequestService({'foirequest': foirequest})
foirequest = req_service.process(request=request)
if not foirequest:
return render_400(request)
return redirect(foirequest)
def delete_request(request, foirequest):
if foirequest.status != 'awaiting_user_confirmation':
return render_400(request)
if foirequest.user != request.user:
return render_400(request)
foirequest.delete()
return get_redirect(request)
def add_postal_reply_attachment(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_postal:
return render_400(request)
form = get_postal_attachment_form(request.POST,
request.FILES,
foimessage=message)
if form.is_valid():
result = form.save(message)
added, updated = result
if request.is_ajax():
return JsonResponse({
'added': [
FoiAttachmentSerializer(a, context={
'request': request
}).data for a in added
],
'updated': [
FoiAttachmentSerializer(u, context={
'request': request
}).data for u in updated
],
})
added_count = len(added)
updated_count = len(updated)
if updated_count > 0 and not added_count:
status_message = _(
'You updated %d document(s) on this message') % updated_count
elif updated_count > 0 and added_count > 0:
status_message = _('You added %(added)d and updated %(updated)d '
'document(s) on this message') % {
'updated': updated_count,
'added': added_count
}
elif added_count > 0:
status_message = _(
'You added %d document(s) to this message.') % added_count
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
if request.is_ajax():
return JsonResponse({
'error': form._errors['files'][0],
})
messages.add_message(request, messages.ERROR, form._errors['files'][0])
return render_400(request)
def set_summary(request, foirequest):
if not foirequest.status_is_final():
return render_400(request)
summary = request.POST.get('summary', None)
if summary is None:
return render_400(request)
foirequest.summary = summary
foirequest.save()
messages.add_message(request, messages.SUCCESS,
_('The outcome summary has been saved.'))
return redirect(foirequest)
def set_message_sender(request, foirequest, message_id):
message = get_object_or_404(FoiMessage, request=foirequest, pk=message_id)
if not message.is_response:
return render_400(request)
form = get_message_sender_form(request.POST, foimessage=message)
if form.is_valid():
form.save()
return redirect(message)
messages.add_message(request, messages.ERROR,
form._errors['sender'][0])
return render_400(request)
def set_summary(request, foirequest):
if not foirequest.status_is_final():
return render_400(request)
summary = request.POST.get('summary', None)
if summary is None:
return render_400(request)
foirequest.summary = summary
foirequest.save()
messages.add_message(request, messages.SUCCESS,
_('The outcome summary has been saved.'))
return redirect(foirequest)
def add_postal_reply_attachment(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_postal:
return render_400(request)
form = get_postal_attachment_form(request.POST,
request.FILES,
foimessage=message)
if form.is_valid():
result = form.save(message)
added, updated = result
FoiEvent.objects.create_event(FoiEvent.EVENTS.ATTACHMENT_UPLOADED,
foirequest,
message=message,
user=request.user,
**{
'added': str(added),
'updated': str(updated)
})
if request.is_ajax():
return get_attachment_update_response(request, added, updated)
added_count = len(added)
updated_count = len(updated)
if updated_count > 0 and not added_count:
status_message = _(
'You updated %d document(s) on this message') % updated_count
elif updated_count > 0 and added_count > 0:
status_message = _('You added %(added)d and updated %(updated)d '
'document(s) on this message') % {
'updated': updated_count,
'added': added_count
}
elif added_count > 0:
status_message = _(
'You added %d document(s) to this message.') % added_count
messages.add_message(request, messages.SUCCESS, status_message)
return redirect(message)
if request.is_ajax():
return JsonResponse({
'error': form._errors['files'][0],
})
messages.add_message(request, messages.ERROR, form._errors['files'][0])
return render_400(request)
def set_law(request, foirequest):
if not foirequest.response_messages():
return render_400(request)
if not foirequest.law.meta:
return render_400(request)
form = ConcreteLawForm(request.POST, foirequest=foirequest)
if not form.is_valid():
return render_400(request)
form.save()
messages.add_message(request, messages.SUCCESS,
_('A concrete law has been set for this request.'))
return redirect(foirequest)
def set_law(request, foirequest):
if not foirequest.response_messages():
return render_400(request)
if not foirequest.law.meta:
return render_400(request)
form = ConcreteLawForm(foirequest, request.POST)
if not form.is_valid():
return render_400(request)
form.save()
messages.add_message(request, messages.SUCCESS,
_('A concrete law has been set for this request.'))
return redirect(foirequest)
def set_summary(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.status_is_final():
return render_400(request)
summary = request.POST.get("summary", None)
if summary is None:
return render_400(request)
foirequest.summary = summary
foirequest.save()
messages.add_message(request, messages.SUCCESS, _("The outcome summary has been saved."))
return redirect(foirequest)
def set_summary(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.status_is_final():
return render_400(request)
summary = request.POST.get('summary', None)
if summary is None:
return render_400(request)
foirequest.summary = summary
foirequest.save()
messages.add_message(request, messages.SUCCESS,
_('The outcome summary has been saved.'))
return redirect(foirequest)
def set_law(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.response_messages():
return render_400(request)
if not foirequest.law.meta:
return render_400(request)
form = ConcreteLawForm(foirequest, request.POST)
if form.is_valid():
form.save()
messages.add_message(request, messages.SUCCESS,
_('A concrete law has been set for this request.'))
return HttpResponseRedirect(foirequest.get_absolute_url())
def set_message_sender(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_response:
return render_400(request)
form = get_message_sender_form(request.POST, foimessage=message)
if form.is_valid():
form.save()
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors['sender'][0])
return render_400(request)
def set_summary(request, foirequest):
if not foirequest.status_is_final():
return render_400(request)
summary = request.POST.get('summary', None)
if summary is None:
return render_400(request)
foirequest.summary = summary
foirequest.save()
FoiEvent.objects.create_event(FoiEvent.EVENTS.SET_SUMMARY,
foirequest,
user=request.user)
messages.add_message(request, messages.SUCCESS,
_('The outcome summary has been saved.'))
return redirect(foirequest)
def set_resolution(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.status_is_final():
return render_400(request)
resolution = request.POST.get('resolution', None)
if resolution is None:
return render_400(request)
foirequest.resolution = resolution
foirequest.save()
messages.add_message(request, messages.SUCCESS,
_('The resolution summary has been saved.'))
return HttpResponseRedirect(foirequest.get_absolute_url())
def set_message_sender(request, foirequest, message_id):
message = get_object_or_404(FoiMessage, request=foirequest, pk=message_id)
if not message.is_response:
return render_400(request)
form = get_message_sender_form(request.POST, foimessage=message)
if form.is_valid():
form.save()
FoiEvent.objects.create_event(FoiEvent.EVENTS.SENDER_CHANGED,
foirequest,
message=message,
user=request.user,
public_body=message.sender_public_body)
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors['sender'][0])
return render_400(request)
def set_law(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.response_messages():
return render_400(request)
if not foirequest.law.meta:
return render_400(request)
form = ConcreteLawForm(foirequest, request.POST)
if not form.is_valid():
return render_400(request)
form.save()
messages.add_message(request, messages.SUCCESS,
_('A concrete law has been set for this request.'))
return redirect(foirequest)
def set_message_sender(request, foirequest, message_id):
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not message.is_response:
return render_400(request)
form = get_message_sender_form(request.POST, foimessage=message)
if form.is_valid():
form.save()
return redirect(message)
messages.add_message(request, messages.ERROR,
form._errors['sender'][0])
return render_400(request)
def set_status(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.status_settable:
return render_400(request)
form = get_status_form_class(foirequest)(request.POST)
if form.is_valid():
foirequest.set_status(form.cleaned_data)
messages.add_message(request, messages.SUCCESS,
_('Status of request has been updated.'))
else:
messages.add_message(request, messages.ERROR,
_('Invalid value for form submission!'))
return render_400(request)
return HttpResponseRedirect(foirequest.get_absolute_url())
def add_postal_reply(
request,
foirequest,
form_func=get_postal_reply_form,
success_message=_('A postal reply was successfully added!'),
error_message=_('There were errors with your form submission!'),
form_key='postal_reply_form'):
if not foirequest.public_body:
return render_400(request)
form = form_func(request.POST, request.FILES, foirequest=foirequest)
if form.is_valid():
message = form.save()
messages.add_message(request, messages.SUCCESS, success_message)
url = reverse('foirequest-upload_attachments',
kwargs={
'slug': foirequest.slug,
'message_id': message.id
})
return redirect(url)
messages.add_message(request, messages.ERROR, error_message)
return show_foirequest(request,
foirequest,
context={form_key: form},
status=400)
def add_postal_reply(request,
foirequest,
form_func=get_postal_reply_form,
success_message=POSTAL_REPLY_SUCCESS,
error_message=POSTAL_REPLY_ERROR,
signal=FoiRequest.message_received,
form_key='postal_reply_form'):
if not foirequest.public_body:
return render_400(request)
form = form_func(request.POST, request.FILES, foirequest=foirequest)
if form.is_valid():
message = form.save()
signal.send(sender=foirequest, message=message, user=request.user)
messages.add_message(request, messages.SUCCESS, success_message)
url = reverse('foirequest-upload_attachments',
kwargs={
'slug': foirequest.slug,
'message_id': message.id
})
return redirect(url)
messages.add_message(request, messages.ERROR, error_message)
return show_foirequest(request,
foirequest,
context={form_key: form},
status=400)
def set_public_body(request, foirequest):
form = PublicBodySuggestionsForm(request.POST, foirequest=foirequest)
if not form.is_valid():
return render_400(request)
throttle_message = check_throttle(request.user, FoiRequest)
if throttle_message:
messages.add_message(request, messages.ERROR, throttle_message)
return render_400(request)
form.save()
messages.add_message(
request, messages.SUCCESS,
_('Request was sent to: {name}.').format(
name=foirequest.public_body.name))
return redirect(foirequest)
def edit_message(request, foirequest, message_id):
message = get_object_or_404(FoiMessage, request=foirequest, pk=message_id)
if not message.can_edit:
return render_400(request)
form = EditMessageForm(data=request.POST, message=message)
if form.is_valid():
form.save()
return redirect(message.get_absolute_url())
def extend_deadline(request, foirequest):
form = ExtendDeadlineForm(request.POST)
if form.is_valid():
form.save(foirequest)
messages.add_message(request, messages.INFO,
_('Deadline has been extended.'))
FoiEvent.objects.create_event('deadline_extended', foirequest)
return redirect(foirequest)
return render_400(request)
def redact_attachment(request, slug, attachment_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not can_write_foirequest(foirequest, request):
return render_403(request)
attachment = get_object_or_404(FoiAttachment, pk=int(attachment_id),
belongs_to__request=foirequest)
already = None
if attachment.redacted:
already = attachment.redacted
elif attachment.is_redacted:
already = attachment
if request.method == 'POST':
# Python 2.7/3.5 requires str for json.loads
instructions = json.loads(request.body.decode('utf-8'))
path = redact_file(attachment.file.file, instructions)
if path is None:
return render_400(request)
name = attachment.name.rsplit('.', 1)[0]
name = re.sub(r'[^\w\.\-]', '', name)
if already:
att = already
else:
att = FoiAttachment(
belongs_to=attachment.belongs_to,
name=_('%s_redacted.pdf') % name,
is_redacted=True,
filetype='application/pdf',
approved=True,
can_approve=True
)
with open(path, 'rb') as f:
pdf_file = File(f)
att.file = pdf_file
att.size = pdf_file.size
att.approve_and_save()
if not attachment.is_redacted:
attachment.redacted = att
attachment.can_approve = False
attachment.approved = False
attachment.save()
return JsonResponse({'url': att.get_anchor_url()})
attachment_url = get_accessible_attachment_url(foirequest, attachment)
ctx = {
'foirequest': foirequest,
'attachment': attachment,
'attachment_url': attachment_url,
'config': json.dumps(get_redact_context(foirequest, attachment))
}
return render(request, 'foirequest/redact.html', ctx)
def set_message_sender(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
try:
message = FoiMessage.objects.get(request=foirequest, pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not request.user.is_authenticated():
return render_403(request)
if request.user != foirequest.user:
return render_403(request)
if not message.is_response:
return render_400(request)
form = MessagePublicBodySenderForm(message, request.POST)
if form.is_valid():
form.save()
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors["sender"][0])
return render_400(request)
def set_public_body(request, foirequest):
form = PublicBodySuggestionsForm(request.POST, foirequest=foirequest)
if not form.is_valid():
return render_400(request)
throttle_message = check_throttle(request.user, FoiRequest)
if throttle_message:
messages.add_message(request, messages.ERROR, '\n'.join(throttle_message))
return render_400(request)
form.save()
messages.add_message(
request,
messages.SUCCESS,
_('Request was sent to: {name}.').format(
name=foirequest.public_body.name)
)
return redirect(foirequest)
def set_message_sender(request, slug, message_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
try:
message = FoiMessage.objects.get(request=foirequest,
pk=int(message_id))
except (ValueError, FoiMessage.DoesNotExist):
raise Http404
if not request.user.is_authenticated:
return render_403(request)
if request.user != foirequest.user and not request.user.is_staff:
return render_403(request)
if not message.is_response:
return render_400(request)
form = MessagePublicBodySenderForm(message, request.POST)
if form.is_valid():
form.save()
return redirect(message)
messages.add_message(request, messages.ERROR, form._errors['sender'][0])
return render_400(request)
def resend_message(request, foirequest):
try:
mes = FoiMessage.objects.get(sent=False,
request=foirequest,
pk=int(request.POST.get('message', 0)))
except (FoiMessage.DoesNotExist, ValueError):
messages.add_message(request, messages.ERROR, _('Invalid input!'))
return render_400(request)
mes.resend()
return redirect('admin:foirequest_foimessage_change', mes.id)
def resend_message(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated():
return render_403(request)
if not request.user.is_staff:
return render_403(request)
try:
mes = FoiMessage.objects.get(sent=False, request=foirequest, pk=int(request.POST.get("message", 0)))
except (FoiMessage.DoesNotExist, ValueError):
messages.add_message(request, messages.ERROR, _("Invalid input!"))
return render_400(request)
mes.send(notify=False)
return redirect("admin:foirequest_foimessage_change", mes.id)
def resend_message(request, foirequest):
try:
mes = FoiMessage.objects.get(
sent=False,
request=foirequest,
pk=int(request.POST.get('message', 0))
)
except (FoiMessage.DoesNotExist, ValueError):
messages.add_message(request, messages.ERROR,
_('Invalid input!'))
return render_400(request)
mes.resend()
return redirect('admin:foirequest_foimessage_change', mes.id)
def edit_message(request, foirequest, message_id):
message = get_object_or_404(FoiMessage, request=foirequest, pk=message_id)
if not message.can_edit:
return render_400(request)
form = EditMessageForm(data=request.POST, message=message)
if form.is_valid():
form.save()
FoiEvent.objects.create_event(FoiEvent.EVENTS.MESSAGE_EDITED,
foirequest,
message=message,
user=request.user,
**form.cleaned_data)
return redirect(message.get_absolute_url())
def resend_message(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated():
return render_403(request)
if not request.user.is_staff:
return render_403(request)
try:
mes = FoiMessage.objects.get(sent=False, request=foirequest, pk=int(request.POST.get('message', 0)))
except (FoiMessage.DoesNotExist, ValueError):
messages.add_message(request, messages.ERROR,
_('Invalid input!'))
return render_400(request)
mes.send(notify=False)
return redirect('admin:foirequest_foimessage_change', mes.id)
def send_message(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated():
return render_403(request)
if request.user != foirequest.user:
return render_403(request)
form = SendMessageForm(request.POST)
if form.is_valid() and foirequest.replyable():
foirequest.add_message(request.user, **form.cleaned_data)
messages.add_message(request, messages.SUCCESS,
_('Your Message has been sent.'))
return HttpResponseRedirect(foirequest.get_absolute_url())
else:
return render_400(request)
def redact_attachment(request, slug, attachment_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_staff and not request.user == foirequest.user:
return render_403(request)
attachment = get_object_or_404(FoiAttachment,
pk=int(attachment_id),
belongs_to__request=foirequest)
if not attachment.can_approve and not request.user.is_staff:
return render_403(request)
already = None
if attachment.redacted:
already = attachment.redacted
elif attachment.is_redacted:
already = attachment
if already is not None and not already.can_approve and not request.user.is_staff:
return render_403(request)
if request.method == 'POST':
# Python 2.7/3.5 requires str for json.loads
instructions = json.loads(request.body.decode('utf-8'))
path = redact_file(attachment.file.file, instructions)
if path is None:
return render_400(request)
name = attachment.name.rsplit('.', 1)[0]
name = re.sub(r'[^\w\.\-]', '', name)
pdf_file = File(open(path, 'rb'))
if already:
att = already
else:
att = FoiAttachment(belongs_to=attachment.belongs_to,
name=_('%s_redacted.pdf') % name,
is_redacted=True,
filetype='application/pdf',
approved=True,
can_approve=True)
att.file = pdf_file
att.size = pdf_file.size
att.approve_and_save()
if not attachment.is_redacted:
attachment.redacted = att
attachment.can_approve = False
attachment.approved = False
attachment.save()
return JsonResponse({'url': att.get_anchor_url()})
return render(request, 'foirequest/redact.html', {
'foirequest': foirequest,
'attachment': attachment
})
def extend_deadline(request, foirequest):
try:
months = int(request.POST.get('months', 6))
except ValueError:
messages.add_message(request, messages.ERROR, _('Invalid input!'))
return render_400(request)
foirequest.due_date = foirequest.law.calculate_due_date(
foirequest.due_date, months)
if foirequest.due_date > timezone.now() and foirequest.status == 'overdue':
foirequest.status = 'awaiting_response'
foirequest.save()
messages.add_message(request, messages.INFO,
_('Deadline has been extended.'))
FoiEvent.objects.create_event('deadline_extended', foirequest)
return redirect(foirequest)
def extend_deadline(request, foirequest):
try:
months = int(request.POST.get('months', 6))
except ValueError:
messages.add_message(request, messages.ERROR,
_('Invalid input!'))
return render_400(request)
foirequest.due_date = foirequest.law.calculate_due_date(foirequest.due_date, months)
if foirequest.due_date > timezone.now() and foirequest.status == 'overdue':
foirequest.status = 'awaiting_response'
foirequest.save()
messages.add_message(request, messages.INFO,
_('Deadline has been extended.'))
FoiEvent.objects.create_event('deadline_extended', foirequest)
return redirect(foirequest)
def suggest_public_body(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not foirequest.needs_public_body():
return render_400(request)
form = MakePublicBodySuggestionForm(request.POST)
if form.is_valid():
# FIXME: make foilaw dynamic
# foilaw = public_body.default_law
public_body = form.public_body_object
user = None
if request.user.is_authenticated():
user = request.user
response = foirequest.suggest_public_body(public_body,
form.cleaned_data['reason'], user)
if response:
messages.add_message(request, messages.SUCCESS,
_('Your Public Body suggestion has been added.'))
else:
messages.add_message(request, messages.NOTICE,
_('This Public Body has already been suggested.'))
return HttpResponseRedirect(foirequest.get_absolute_url())
messages.add_message(request, messages.ERROR,
_("You need to specify a Public Body!"))
return render_400(request)
def add_postal_reply(request, slug, form_class=PostalReplyForm,
success_message=_('A postal reply was successfully added!'),
error_message=_('There were errors with your form submission!'),
form_key='"postal_reply_form"'):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated or request.user != foirequest.user:
return render_403(request)
if not foirequest.public_body:
return render_400(request)
form = form_class(request.POST, request.FILES, foirequest=foirequest)
if form.is_valid():
message = form.save()
messages.add_message(request, messages.SUCCESS, success_message)
return redirect(message)
messages.add_message(request, messages.ERROR, error_message)
return show(request, slug, context={form_key: form}, status=400)
def set_status(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.message_needs_status():
return render_400(request)
form = FoiRequestStatusForm(foirequest, request.POST)
if form.is_valid():
foirequest.set_status(form)
messages.add_message(request, messages.SUCCESS,
_('Status of request has been updated.'))
else:
messages.add_message(request, messages.ERROR,
_('Invalid value for form submission!'))
return show(request, slug, context={"status_form": form}, status=400)
return HttpResponseRedirect(foirequest.get_absolute_url())
def redact_attachment(request, slug, attachment_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_staff and not request.user == foirequest.user:
return render_403(request)
attachment = get_object_or_404(FoiAttachment, pk=int(attachment_id),
belongs_to__request=foirequest)
if not attachment.can_approve and not request.user.is_staff:
return render_403(request)
already = None
if attachment.redacted:
already = attachment.redacted
elif attachment.is_redacted:
already = attachment
if already is not None and not already.can_approve and not request.user.is_staff:
return render_403(request)
if request.method == 'POST':
path = convert_to_pdf(request.POST)
if path is None:
return render_400(request)
name = attachment.name.rsplit('.', 1)[0]
name = re.sub('[^\w\.\-]', '', name)
pdf_file = File(open(path, 'rb'))
if already:
att = already
else:
att = FoiAttachment(
belongs_to=attachment.belongs_to,
name=_('%s_redacted.pdf') % name,
is_redacted=True,
filetype='application/pdf',
approved=True,
can_approve=True
)
att.file = pdf_file
att.size = pdf_file.size
att.approve_and_save()
if not attachment.is_redacted:
attachment.redacted = att
attachment.can_approve = False
attachment.approved = False
attachment.save()
return redirect(att.get_anchor_url())
return render(request, 'foirequest/redact.html', {
'foirequest': foirequest,
'attachment': attachment
})
def add_postal_reply(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated() or request.user != foirequest.user:
return render_403(request)
if not foirequest.public_body:
return render_400(request)
form = PostalReplyForm(request.POST, request.FILES)
if form.is_valid():
message = FoiMessage(request=foirequest,
is_response=True,
is_postal=True,
sender_name=form.cleaned_data['sender'],
sender_public_body=foirequest.public_body)
# TODO: Check if timezone support is correct
date = datetime.datetime.combine(form.cleaned_data['date'], datetime.time())
message.timestamp = timezone.get_current_timezone().localize(date)
message.subject = form.cleaned_data.get('subject', '')
message.subject_redacted = message.redact_subject()[:250]
message.plaintext = ""
if form.cleaned_data.get('text'):
message.plaintext = form.cleaned_data.get('text')
message.plaintext_redacted = message.get_content()
message.not_publishable = form.cleaned_data['not_publishable']
message.save()
foirequest.last_message = message.timestamp
foirequest.status = 'awaiting_classification'
foirequest.save()
foirequest.add_postal_reply.send(sender=foirequest)
if form.cleaned_data.get('scan'):
scan = request.FILES['scan']
scan_name = scan.name.rsplit(".", 1)
scan_name = ".".join([slugify(n) for n in scan_name])
att = FoiAttachment(belongs_to=message,
name=scan_name,
size=scan.size,
filetype=scan.content_type)
att.file.save(scan_name, scan)
att.approved = False
att.save()
messages.add_message(request, messages.SUCCESS,
_('A postal reply was successfully added!'))
return redirect(message)
messages.add_message(request, messages.ERROR,
_('There were errors with your form submission!'))
return show(request, slug, context={"postal_reply_form": form}, status=400)
def extend_deadline(request, slug):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_authenticated():
return render_403(request)
if not request.user.is_staff:
return render_403(request)
try:
months = int(request.POST.get("months", 6))
except ValueError:
messages.add_message(request, messages.ERROR, _("Invalid input!"))
return render_400(request)
foirequest.due_date = foirequest.law.calculate_due_date(foirequest.due_date, months)
if foirequest.due_date > timezone.now() and foirequest.status == "overdue":
foirequest.status = "awaiting_response"
foirequest.save()
messages.add_message(request, messages.INFO, _("Deadline has been extended."))
FoiEvent.objects.create_event("deadline_extended", foirequest)
return redirect(foirequest)
def redact_attachment(request, slug, attachment_id):
foirequest = get_object_or_404(FoiRequest, slug=slug)
if not request.user.is_staff and not request.user == foirequest.user:
return render_403(request)
attachment = get_object_or_404(FoiAttachment, pk=int(attachment_id), belongs_to__request=foirequest)
if not attachment.can_approve and not request.user.is_staff:
return render_403(request)
already = None
if attachment.redacted:
already = attachment.redacted
elif attachment.is_redacted:
already = attachment
if already is not None and not already.can_approve and not request.user.is_staff:
return render_403(request)
if request.method == "POST":
path = convert_to_pdf(request.POST)
if path is None:
return render_400(request)
name = attachment.name.rsplit(".", 1)[0]
name = re.sub("[^\w\.\-]", "", name)
pdf_file = File(open(path, "rb"))
if already:
att = already
else:
att = FoiAttachment(
belongs_to=attachment.belongs_to,
name=_("%s_redacted.pdf") % name,
is_redacted=True,
filetype="application/pdf",
approved=True,
can_approve=True,
)
att.file = pdf_file
att.size = pdf_file.size
att.approve()
att.save()
if not attachment.is_redacted:
attachment.redacted = att
attachment.can_approve = False
attachment.approved = False
attachment.save()
return redirect(att.get_anchor_url())
return render(request, "foirequest/redact.html", {"foirequest": foirequest, "attachment": attachment})
def confirm(request):
if not request.user.is_authenticated:
return render_403(request)
if not request.user.is_staff and not request.user.is_superuser:
return render_403(request)
try:
pb = get_object_or_404(PublicBody, pk=int(request.POST.get('public_body', '')))
except ValueError:
return render_400(request)
result = pb.confirm()
if result is None:
messages.add_message(request, messages.ERROR,
_('This request was already confirmed.'))
else:
messages.add_message(request, messages.ERROR,
ungettext('%(count)d message was sent.',
'%(count)d messages were sent', result
) % {"count": result})
return redirect('admin:publicbody_publicbody_change', pb.id)