def download_excel_analyser(request, username, form_id_string):
xform = get_object_or_404(XForm,
user__username__iexact=username,
id_string__exact=form_id_string)
owner = User.objects.get(username__iexact=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
# Get the XLSForm.
xlsform_io= _get_xlsform(request, username, form_id_string)
# FIXME: Really don't like this overloading...
if isinstance(xlsform_io, HttpResponse):
return xlsform_io
# Get the data.
data_export= Export.objects.filter(
xform=xform, export_type=Export.XLS_EXPORT).order_by('-created_on').first()
if not data_export:
raise Http404('Please generate an XLS export of your data before generating an Excel Analyser copy.')
analyser_filename= os.path.splitext(data_export.filename)[0] + '_EXCEL_ANALYSER.xlsx'
with get_storage_class()().open(data_export.filepath) as data_file_xlsx:
analyser_io= generate_analyser(xlsform_io, data_file_xlsx)
response = StreamingHttpResponse(FileWrapper(analyser_io),
content_type='application/vnd.ms-excel; charset=utf-8')
response['Content-Disposition'] = 'attachment; filename={}'.format(analyser_filename)
return response
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
owner = User.objects.get(username=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
if default_storage.exists(file_path):
audit = {
"xform": xform.id_string
}
audit_log(
Actions.FORM_XLS_DOWNLOADED, request.user, xform.user,
_("Downloaded XLS file for form '%(id_string)s'.") %
{
"id_string": xform.id_string
}, audit, request)
split_path = file_path.split(os.extsep)
extension = 'xls'
if len(split_path) > 1:
extension = split_path[len(split_path) - 1]
response = response_with_mimetype_and_name(
'vnd.ms-excel', id_string, show_date=False, extension=extension,
file_path=file_path)
return response
else:
messages.add_message(request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>')
% {'id': id_string})
return HttpResponseRedirect("/%s" % username)
def download_spss_labels(request, username, form_id_string):
xform = get_object_or_404(XForm,
user__username__iexact=username,
id_string__exact=form_id_string)
owner = User.objects.get(username__iexact=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
try:
xlsform_io= xform.to_xlsform()
if not xlsform_io:
messages.add_message(request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>')
% {'id': form_id_string})
return HttpResponseRedirect("/%s" % username)
except:
return HttpResponseServerError('Error retrieving XLSForm.')
survey= survey_from.xls(filelike_obj=xlsform_io)
zip_filename= '{}_spss_labels.zip'.format(xform.id_string)
zip_io= survey_to_spss_label_zip(survey, xform.id_string)
response = StreamingHttpResponse(FileWrapper(zip_io),
content_type='application/zip; charset=utf-8')
response['Content-Disposition'] = 'attachment; filename={}'.format(zip_filename)
return response
def export_list(request, username, id_string, export_type):
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(
export_list,
kwargs={
'username': username, 'id_string': id_string,
'export_type': export_type})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if should_create_new_export(xform, export_type):
try:
create_async_export(
xform, export_type, query=None, force_xlsx=True)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
context = RequestContext(request)
context.username = owner.username
context.xform = xform
# TODO: better output e.g. Excel instead of XLS
context.export_type = export_type
context.export_type_name = Export.EXPORT_TYPE_DICT[export_type]
exports = Export.objects.filter(xform=xform, export_type=export_type)\
.order_by('-created_on')
context.exports = exports
return render_to_response('export_list.html', context_instance=context)
def export_list(request, username, id_string, export_type):
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(
export_list,
kwargs={
'username': username, 'id_string': id_string,
'export_type': export_type})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__iexact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if should_create_new_export(xform, export_type):
try:
create_async_export(
xform, export_type, query=None, force_xlsx=True)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
data = {
'username': owner.username,
'xform': xform,
'export_type': export_type,
'export_type_name': Export.EXPORT_TYPE_DICT[export_type],
'exports': Export.objects.filter(
xform=xform, export_type=export_type).order_by('-created_on')
}
return render(request, 'export_list.html', data)
def download_jsonform(request, username, id_string):
"""
XForm JSON view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({
'user__username__iexact': username,
'id_string__iexact': id_string
})
if request.method == "OPTIONS":
response = HttpResponse()
add_cors_headers(response)
return response
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
response = HttpResponseForbidden(_(u'Not shared.'))
add_cors_headers(response)
return response
response = response_with_mimetype_and_name(
'json', id_string, show_date=False)
if 'callback' in request.GET and request.GET.get('callback') != '':
callback = request.GET.get('callback')
response.content = "%s(%s)" % (callback, xform.json)
else:
add_cors_headers(response)
response.content = xform.json
return response
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if request.GET.get('raw'):
id_string = None
attachments = Attachment.objects.filter(instance__xform=xform)
zip_file = create_attachments_zipfile(attachments)
audit = {
"xform": xform.id_string,
"export_type": Export.ZIP_EXPORT
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string,
file_path=zip_file,
use_local_filesystem=True)
return response
def delete_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
export_id = request.POST.get('export_id')
# find the export entry in the db
export = get_object_or_404(Export, id=export_id)
export.delete()
audit = {
"xform": xform.id_string,
"export_type": export.export_type
}
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Deleted %(export_type)s export '%(filename)s'"
" on '%(id_string)s'.") %
{
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
return HttpResponseRedirect(reverse(
export_list,
kwargs={
"username": username,
"id_string": id_string,
"export_type": export_type
}))
def view_download_submission(request, username):
form_user = get_object_or_404(User, username__iexact=username)
profile, created = UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
data = {}
formId = request.GET.get("formId", None)
if not isinstance(formId, six.string_types):
return HttpResponseBadRequest()
id_string = formId[0 : formId.find("[")]
form_id_parts = formId.split("/")
if form_id_parts.__len__() < 2:
return HttpResponseBadRequest()
uuid = _extract_uuid(form_id_parts[1])
instance = get_object_or_404(
Instance, xform__id_string__exact=id_string, uuid=uuid, xform__user__username=username, deleted_at=None
)
xform = instance.xform
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden("Not shared.")
submission_xml_root_node = instance.get_root_node()
submission_xml_root_node.setAttribute("instanceID", u"uuid:%s" % instance.uuid)
submission_xml_root_node.setAttribute("submissionDate", instance.date_created.isoformat())
data["submission_data"] = submission_xml_root_node.toxml()
data["media_files"] = Attachment.objects.filter(instance=instance)
data["host"] = request.build_absolute_uri().replace(request.get_full_path(), "")
return render(request, "downloadSubmission.xml", data, content_type="text/xml; charset=utf-8")
def view_submission_list(request, username):
form_user = get_object_or_404(User, username__iexact=username)
profile, created = UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
id_string = request.GET.get("formId", None)
xform = get_object_or_404(XForm, id_string__exact=id_string, user__username__iexact=username)
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden("Not shared.")
num_entries = request.GET.get("numEntries", None)
cursor = request.GET.get("cursor", None)
instances = xform.instances.filter(deleted_at=None).order_by("pk")
cursor = _parse_int(cursor)
if cursor:
instances = instances.filter(pk__gt=cursor)
num_entries = _parse_int(num_entries)
if num_entries:
instances = instances[:num_entries]
data = {"instances": instances}
resumptionCursor = 0
if instances.count():
last_instance = instances[instances.count() - 1]
resumptionCursor = last_instance.pk
elif instances.count() == 0 and cursor:
resumptionCursor = cursor
data["resumptionCursor"] = resumptionCursor
return render(request, "submissionList.xml", data, content_type="text/xml; charset=utf-8")
def kml_export(request, username, id_string):
# read the locations from the database
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
data = {'data': kml_export_data(id_string, user=owner)}
response = \
render(request, "survey.kml", data,
content_type="application/vnd.google-earth.kml+xml")
response['Content-Disposition'] = \
disposition_ext_and_date(id_string, 'kml')
audit = {
"xform": xform.id_string,
"export_type": Export.KML_EXPORT
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created KML export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded KML export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
return response
def _get_xlsform(request, username, form_id_string):
xform = get_object_or_404(XForm,
user__username__iexact=username,
id_string__exact=form_id_string)
owner = User.objects.get(username__iexact=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
# FIXME: Is there not a 403 exception equivalent to `Http404`?
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
try:
if file_path != '' and default_storage.exists(file_path):
with default_storage.open(file_path) as xlsform_file:
if file_path.endswith('.csv'):
xlsform_io = convert_csv_to_xls(xlsform_file.read())
else:
xlsform_io= io.BytesIO(xlsform_file.read())
return xlsform_io
else:
messages.add_message(request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>')
% {'id': form_id_string})
return HttpResponseRedirect("/%s" % username)
except:
return HttpResponseServerError('Error retrieving XLSForm.')
def export_progress(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export_ids = request.GET.getlist('export_ids')
exports = Export.objects.filter(xform=xform, id__in=export_ids)
statuses = []
for export in exports:
status = {
'complete': False,
'url': None,
'filename': None,
'export_id': export.id
}
if export.status == Export.SUCCESSFUL:
status['url'] = reverse(export_download, kwargs={
'username': owner.username,
'id_string': xform.id_string,
'export_type': export.export_type,
'filename': export.filename
})
status['filename'] = export.filename
if export.export_type == Export.GDOC_EXPORT and \
export.export_url is None:
redirect_url = reverse(
export_progress,
kwargs={
'username': username, 'id_string': id_string,
'export_type': export_type})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
status['url'] = None
try:
url = google_export_xls(
export.full_filepath, xform.title, token, blob=True)
except Exception, e:
status['error'] = True
status['message'] = e.message
else:
export.export_url = url
export.save()
status['url'] = url
if export.export_type == Export.EXTERNAL_EXPORT \
and export.export_url is None:
status['url'] = url
# mark as complete if it either failed or succeeded but NOT pending
if export.status == Export.SUCCESSFUL \
or export.status == Export.FAILED:
status['complete'] = True
statuses.append(status)
def export_list(request, username, id_string, export_type):
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(
export_list,
kwargs={
'username': username, 'id_string': id_string,
'export_type': export_type})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform=xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
# Get meta and token
export_token = request.GET.get('token')
export_meta = request.GET.get('meta')
options = {
'meta': export_meta,
'token': export_token,
}
if should_create_new_export(xform, export_type):
try:
create_async_export(
xform, export_type, query=None, force_xlsx=True,
options=options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
metadata = MetaData.objects.filter(xform=xform,
data_type="external_export")\
.values('id', 'data_value')
for m in metadata:
m['data_value'] = m.get('data_value').split('|')[0]
data = {
'username': owner.username,
'xform': xform,
'export_type': export_type,
'export_type_name': Export.EXPORT_TYPE_DICT[export_type],
'exports': Export.objects.filter(
xform=xform, export_type=export_type).order_by('-created_on'),
'metas': metadata
}
return render(request, 'export_list.html', data)
def create_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.POST.get("query")
force_xlsx = request.POST.get('xls') != 'true'
# export options
group_delimiter = request.POST.get("options[group_delimiter]", '/')
if group_delimiter not in ['.', '/']:
return HttpResponseBadRequest(
_("%s is not a valid delimiter" % group_delimiter))
# default is True, so when dont_.. is yes
# split_select_multiples becomes False
split_select_multiples = request.POST.get(
"options[dont_split_select_multiples]", "no") == "no"
binary_select_multiples = getattr(settings, 'BINARY_SELECT_MULTIPLES',
False)
options = {
'group_delimiter': group_delimiter,
'split_select_multiples': split_select_multiples,
'binary_select_multiples': binary_select_multiples
}
try:
create_async_export(xform, export_type, query, force_xlsx, options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
else:
audit = {
"xform": xform.id_string,
"export_type": export_type
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") %
{
'export_type': export_type.upper(),
'id_string': xform.id_string,
}, audit, request)
return HttpResponseRedirect(reverse(
export_list,
kwargs={
"username": username,
"id_string": id_string,
"export_type": export_type
})
)
def enketo_preview(request, username, id_string):
xform = get_object_or_404(XForm, user__username=username, id_string=id_string)
owner = xform.user
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden(_(u"Not shared."))
enekto_preview_url = "%(enketo_url)s?server=%(profile_url)s&id=%(id_string)s" % {
"enketo_url": settings.ENKETO_PREVIEW_URL,
"profile_url": request.build_absolute_uri(reverse(profile, kwargs={"username": owner.username})),
"id_string": xform.id_string,
}
return HttpResponseRedirect(enekto_preview_url)
def download_xlsform(request, username, id_string):
xform = get_object_or_404(XForm,
user__username__iexact=username,
id_string__exact=id_string)
owner = User.objects.get(username__iexact=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden('Not shared.')
file_path = xform.xls.name
default_storage = get_storage_class()()
if file_path != '' and default_storage.exists(file_path):
audit = {
"xform": xform.id_string
}
audit_log(
Actions.FORM_XLS_DOWNLOADED, request.user, xform.user,
_("Downloaded XLS file for form '%(id_string)s'.") %
{
"id_string": xform.id_string
}, audit, request)
if file_path.endswith('.csv'):
with default_storage.open(file_path) as ff:
xls_io = convert_csv_to_xls(ff.read())
response = StreamingHttpResponse(
xls_io, content_type='application/vnd.ms-excel; charset=utf-8')
response[
'Content-Disposition'] = 'attachment; filename=%s.xls' % xform.id_string
return response
split_path = file_path.split(os.extsep)
extension = 'xls'
if len(split_path) > 1:
extension = split_path[len(split_path) - 1]
response = response_with_mimetype_and_name(
'vnd.ms-excel', id_string, show_date=False, extension=extension,
file_path=file_path)
return response
else:
messages.add_message(request, messages.WARNING,
_(u'No XLS file for your form '
u'<strong>%(id)s</strong>')
% {'id': id_string})
return HttpResponseRedirect("/%s" % username)
def enketo_preview(request, username, id_string):
xform = get_object_or_404(
XForm, user__username__iexact=username, id_string__iexact=id_string)
owner = xform.user
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden(_(u'Not shared.'))
enekto_preview_url = \
"%(enketo_url)s?server=%(profile_url)s&id=%(id_string)s" % {
'enketo_url': settings.ENKETO_PREVIEW_URL,
'profile_url': request.build_absolute_uri(
reverse(profile, kwargs={'username': owner.username})),
'id_string': xform.id_string
}
return HttpResponseRedirect(enekto_preview_url)
def google_xls_export(request, username, id_string):
"""
Google export view, uploads an excel export to google drive and then
redirects to the uploaded google sheet.
"""
token = None
if request.user.is_authenticated:
try:
token_storage = TokenStorageModel.objects.get(id=request.user)
except TokenStorageModel.DoesNotExist:
pass
else:
token = token_storage.token
elif request.session.get('access_token'):
token = request.session.get('access_token')
if token is None:
request.session["google_redirect_url"] = reverse(
google_xls_export,
kwargs={'username': username,
'id_string': id_string})
return HttpResponseRedirect(google_flow.step1_get_authorize_url())
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
is_valid, data_dictionary = set_instances_for_export(
id_string, owner, request)
if not is_valid:
return data_dictionary
xls_writer = XlsWriter()
tmp = NamedTemporaryFile(delete=False)
xls_writer.set_file(tmp)
xls_writer.set_data_dictionary(data_dictionary)
temp_file = xls_writer.save_workbook_to_file()
temp_file.close()
url = None
os.unlink(tmp.name)
audit = {"xform": xform.id_string, "export_type": "google"}
audit_log(Actions.EXPORT_CREATED, request.user, owner,
_("Created Google Docs export on '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
return HttpResponseRedirect(url)
def view_submission_list(request, username):
"""
Submission list view.
Briefcase Aggregate API view/submissionList.
"""
form_user = get_object_or_404(User, username__iexact=username)
__, ___ = UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
id_string = request.GET.get('formId', None)
xform_kwargs = {
'id_string__iexact': id_string,
'user__username__iexact': username
}
xform = get_form(xform_kwargs)
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden('Not shared.')
num_entries = request.GET.get('numEntries', None)
cursor = request.GET.get('cursor', None)
instances = xform.instances.filter(deleted_at=None).order_by('pk')
cursor = _parse_int(cursor)
if cursor:
instances = instances.filter(pk__gt=cursor)
num_entries = _parse_int(num_entries)
if num_entries:
instances = instances[:num_entries]
data = {'instances': instances}
resumption_cursor = 0
if instances.count():
last_instance = instances[instances.count() - 1]
resumption_cursor = last_instance.pk
elif instances.count() == 0 and cursor:
resumption_cursor = cursor
data['resumptionCursor'] = resumption_cursor
return render(
request,
'submissionList.xml',
data,
content_type="text/xml; charset=utf-8")
def google_xls_export(request, username, id_string):
token = None
if request.user.is_authenticated():
try:
ts = TokenStorageModel.objects.get(id=request.user)
except TokenStorageModel.DoesNotExist:
pass
else:
token = ts.token
elif request.session.get('access_token'):
token = request.session.get('access_token')
if token is None:
request.session["google_redirect_url"] = reverse(
google_xls_export,
kwargs={'username': username, 'id_string': id_string})
return HttpResponseRedirect(redirect_uri)
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
valid, dd = dd_for_params(id_string, owner, request)
if not valid:
return dd
ddw = XlsWriter()
tmp = NamedTemporaryFile(delete=False)
ddw.set_file(tmp)
ddw.set_data_dictionary(dd)
temp_file = ddw.save_workbook_to_file()
temp_file.close()
url = google_export_xls(tmp.name, xform.title, token, blob=True)
os.unlink(tmp.name)
audit = {
"xform": xform.id_string,
"export_type": "google"
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created Google Docs export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
return HttpResponseRedirect(url)
def view_download_submission(request, username):
"""
Submission download view.
Briefcase Aggregate API view/downloadSubmissionList.
"""
form_user = get_object_or_404(User, username__iexact=username)
__, ___ = UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
data = {}
form_id = request.GET.get('formId', None)
if not isinstance(form_id, six.string_types):
return HttpResponseBadRequest()
id_string = form_id[0:form_id.find('[')]
form_id_parts = form_id.split('/')
if form_id_parts.__len__() < 2:
return HttpResponseBadRequest()
uuid = _extract_uuid(form_id_parts[1])
instance = get_object_or_404(
Instance,
xform__id_string__iexact=id_string,
uuid=uuid,
xform__user__username=username,
deleted_at__isnull=True)
xform = instance.xform
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden('Not shared.')
submission_xml_root_node = instance.get_root_node()
submission_xml_root_node.setAttribute('instanceID',
u'uuid:%s' % instance.uuid)
submission_xml_root_node.setAttribute('submissionDate',
instance.date_created.isoformat())
data['submission_data'] = submission_xml_root_node.toxml()
data['media_files'] = Attachment.objects.filter(instance=instance)
data['host'] = request.build_absolute_uri().replace(
request.get_full_path(), '')
return render(
request,
'downloadSubmission.xml',
data,
content_type="text/xml; charset=utf-8")
def export_progress(request, username, id_string, export_type):
"""
Async export progress view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export_ids = request.GET.getlist('export_ids')
exports = Export.objects.filter(
xform=xform, id__in=export_ids, export_type=export_type)
statuses = []
for export in exports:
status = {
'complete': False,
'url': None,
'filename': None,
'export_id': export.id
}
if export.status == Export.SUCCESSFUL:
status['url'] = reverse(
export_download,
kwargs={
'username': owner.username,
'id_string': xform.id_string,
'export_type': export.export_type,
'filename': export.filename
})
status['filename'] = export.filename
if export.export_type == Export.GOOGLE_SHEETS_EXPORT and \
export.export_url is None:
status['url'] = None
if export.export_type == Export.EXTERNAL_EXPORT \
and export.export_url is None:
status['url'] = None
# mark as complete if it either failed or succeeded but NOT pending
if export.status == Export.SUCCESSFUL \
or export.status == Export.FAILED:
status['complete'] = True
statuses.append(status)
return HttpResponse(json.dumps(statuses), content_type='application/json')
def download_excel_analyser(request, username, form_id_string):
xform = get_object_or_404(XForm, user__username__iexact=username, id_string__exact=form_id_string)
owner = User.objects.get(username__iexact=username)
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
return HttpResponseForbidden("Not shared.")
# Get the XLSForm.
xlsform_io = _get_xlsform(request, username, form_id_string)
# FIXME: Really don't like this overloading...
if isinstance(xlsform_io, HttpResponse):
return xlsform_io
# Get the data.
data_export = Export.objects.filter(xform=xform, export_type=Export.XLS_EXPORT).order_by("-created_on").first()
if not data_export or not data_export.filename:
if not data_export:
err_msg = _(u"Please generate an XLS export of your data before generating an Excel Analyser copy.")
elif data_export.status == Export.PENDING:
err_msg = _(
u"Please wait for your XLS export to be generated " u"before trying to generate an Excel Analyser copy."
)
elif data_export.status == Export.FAILED:
err_msg = _(
u"Last attempt for XLS export creation failed. An XLS export of your data must "
u"have been successfully generated before trying to generate an Excel Analyser copy."
)
else:
err_msg = _(
u"Unknown XLS export state. "
u"Please generate an XLS export of your data before generating an Excel Analyser copy."
)
return HttpResponseNotFound(
loader.render_to_string("404_xls_analyzer_error.html", {"error_message": err_msg}, RequestContext(request))
)
analyser_filename = os.path.splitext(data_export.filename)[0] + "_EXCEL_ANALYSER.xlsx"
with get_storage_class()().open(data_export.filepath) as data_file_xlsx:
analyser_io = generate_analyser(xlsform_io, data_file_xlsx)
response = StreamingHttpResponse(FileWrapper(analyser_io), content_type="application/vnd.ms-excel; charset=utf-8")
response["Content-Disposition"] = "attachment; filename={}".format(analyser_filename)
return response
def data_view(request, username, id_string):
"""
Data view displays submission data.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'id_string__iexact': id_string, 'user': owner})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
data = {'owner': owner, 'xform': xform}
audit = {
"xform": xform.id_string,
}
audit_log(Actions.FORM_DATA_VIEWED, request.user, owner,
_("Requested data view for '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
return render(request, "data_view.html", data)
def data_view(request, username, id_string):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
context = RequestContext(request)
context.owner = owner
context.xform = xform
audit = {
"xform": xform.id_string,
}
audit_log(
Actions.FORM_DATA_VIEWED, request.user, owner,
_("Requested data view for '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
return render_to_response("data_view.html", context_instance=context)
def map_view(request, username, id_string, template='map.html'):
"""
Map view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
data = {'content_user': owner, 'xform': xform}
data['profile'], __ = UserProfile.objects.get_or_create(user=owner)
data['form_view'] = True
data['jsonform_url'] = reverse(
download_jsonform,
kwargs={"username": username,
"id_string": id_string})
data['enketo_edit_url'] = reverse(
'edit_data',
kwargs={"username": username,
"id_string": id_string,
"data_id": 0})
data['enketo_add_url'] = reverse(
'enter_data', kwargs={"username": username,
"id_string": id_string})
data['enketo_add_with_url'] = reverse(
'add_submission_with',
kwargs={"username": username,
"id_string": id_string})
data['mongo_api_url'] = reverse(
'mongo_view_api',
kwargs={"username": username,
"id_string": id_string})
data['delete_data_url'] = reverse(
'delete_data', kwargs={"username": username,
"id_string": id_string})
data['mapbox_layer'] = MetaData.mapbox_layer_upload(xform)
audit = {"xform": xform.id_string}
audit_log(Actions.FORM_MAP_VIEWED, request.user, owner,
_("Requested map on '%(id_string)s'.") %
{'id_string': xform.id_string}, audit, request)
return render(request, template, data)
def export_download(request, username, id_string, export_type, filename):
"""
Export download view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
# find the export entry in the db
export = get_object_or_404(Export, xform=xform, filename=filename)
if (export_type == Export.GOOGLE_SHEETS_EXPORT or
export_type == Export.EXTERNAL_EXPORT) and \
export.export_url is not None:
return HttpResponseRedirect(export.export_url)
ext, mime_type = export_def_from_filename(export.filename)
audit = {"xform": xform.id_string, "export_type": export.export_type}
audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export '%(filename)s' "
"on '%(id_string)s'.") % {
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
default_storage = get_storage_class()()
if not isinstance(default_storage, FileSystemStorage):
return HttpResponseRedirect(default_storage.url(export.filepath))
basename = os.path.splitext(export.filename)[0]
response = response_with_mimetype_and_name(
mime_type,
name=basename,
extension=ext,
file_path=export.filepath,
show_date=False)
return response
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if request.GET.get('raw'):
id_string = None
attachments = Attachment.objects.filter(instance__xform=xform)
zip_file = None
try:
zip_file = create_attachments_zipfile(attachments)
audit = {
"xform": xform.id_string,
"export_type": Export.ZIP_EXPORT
}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string)
response.write(FileWrapper(zip_file))
response['Content-Length'] = zip_file.tell()
zip_file.seek(0)
finally:
zip_file and zip_file.close()
return response
def download_jsonform(request, username, id_string):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, user__username__iexact=username, id_string__exact=id_string)
if request.method == "OPTIONS":
response = HttpResponse()
add_cors_headers(response)
return response
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
response = HttpResponseForbidden(_(u"Not shared."))
add_cors_headers(response)
return response
response = response_with_mimetype_and_name("json", id_string, show_date=False)
if "callback" in request.GET and request.GET.get("callback") != "":
callback = request.GET.get("callback")
response.content = "%s(%s)" % (callback, xform.json)
else:
add_cors_headers(response)
response.content = xform.json
return response
def export_download(request, username, id_string, export_type, filename):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_('Not shared.'))
# find the export entry in the db
export = get_object_or_404(Export, xform=xform, filename=filename)
if export_type == Export.GDOC_EXPORT and export.export_url is not None:
return HttpResponseRedirect(export.export_url)
ext, mime_type = export_def_from_filename(export.filename)
audit = {"xform": xform.id_string, "export_type": export.export_type}
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export '%(filename)s' "
"on '%(id_string)s'.") % {
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
default_storage = get_storage_class()()
if not isinstance(default_storage, FileSystemStorage):
return HttpResponseRedirect(default_storage.url(export.filepath))
basename = os.path.splitext(export.filename)[0]
response = response_with_mimetype_and_name(mime_type,
name=basename,
extension=ext,
file_path=export.filepath,
show_date=False)
return response
def view_download_submission(request, username):
form_user = get_object_or_404(User, username__iexact=username)
profile, created = \
UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
data = {}
formId = request.GET.get('formId', None)
if not isinstance(formId, six.string_types):
return HttpResponseBadRequest()
id_string = formId[0:formId.find('[')]
form_id_parts = formId.split('/')
if form_id_parts.__len__() < 2:
return HttpResponseBadRequest()
uuid = _extract_uuid(form_id_parts[1])
instance = get_object_or_404(
Instance, xform__id_string__iexact=id_string, uuid=uuid,
xform__user__username=username, deleted_at=None)
xform = instance.xform
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden('Not shared.')
submission_xml_root_node = instance.get_root_node()
submission_xml_root_node.setAttribute(
'instanceID', u'uuid:%s' % instance.uuid)
submission_xml_root_node.setAttribute(
'submissionDate', instance.date_created.isoformat()
)
data['submission_data'] = submission_xml_root_node.toxml()
data['media_files'] = Attachment.objects.filter(instance=instance)
data['host'] = request.build_absolute_uri().replace(
request.get_full_path(), '')
return render(
request, 'downloadSubmission.xml', data,
content_type="text/xml; charset=utf-8")
def zip_export(request, username, id_string):
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if request.GET.get('raw'):
id_string = None
attachments = Attachment.objects.filter(instance__xform=xform)
zip_file = None
try:
zip_file = create_attachments_zipfile(attachments)
audit = {"xform": xform.id_string, "export_type": Export.ZIP_EXPORT}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created ZIP export on '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded ZIP export on '%(id_string)s'.") % {
'id_string': xform.id_string,
}, audit, request)
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name('zip', id_string)
response.write(FileWrapper(zip_file))
response['Content-Length'] = zip_file.tell()
zip_file.seek(0)
finally:
zip_file and zip_file.close()
return response
def view_submission_list(request, username):
form_user = get_object_or_404(User, username__iexact=username)
profile, created = \
UserProfile.objects.get_or_create(user=form_user)
authenticator = HttpDigestAuthenticator()
if not authenticator.authenticate(request):
return authenticator.build_challenge_response()
id_string = request.GET.get('formId', None)
xform = get_object_or_404(
XForm, id_string__iexact=id_string, user__username__iexact=username)
if not has_permission(xform, form_user, request, xform.shared_data):
return HttpResponseForbidden('Not shared.')
num_entries = request.GET.get('numEntries', None)
cursor = request.GET.get('cursor', None)
instances = xform.instances.filter(deleted_at=None).order_by('pk')
cursor = _parse_int(cursor)
if cursor:
instances = instances.filter(pk__gt=cursor)
num_entries = _parse_int(num_entries)
if num_entries:
instances = instances[:num_entries]
data = {'instances': instances}
resumptionCursor = 0
if instances.count():
last_instance = instances[instances.count() - 1]
resumptionCursor = last_instance.pk
elif instances.count() == 0 and cursor:
resumptionCursor = cursor
data['resumptionCursor'] = resumptionCursor
return render(
request, 'submissionList.xml', data,
content_type="text/xml; charset=utf-8")
def map_view(request, username, id_string, template='map.html'):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
data = {'content_user': owner, 'xform': xform}
data['profile'], created = UserProfile.objects.get_or_create(user=owner)
data['form_view'] = True
data['jsonform_url'] = reverse(download_jsonform,
kwargs={"username": username,
"id_string": id_string})
data['enketo_edit_url'] = reverse('edit_data',
kwargs={"username": username,
"id_string": id_string,
"data_id": 0})
data['enketo_add_url'] = reverse('enter_data',
kwargs={"username": username,
"id_string": id_string})
data['enketo_add_with_url'] = reverse('add_submission_with',
kwargs={"username": username,
"id_string": id_string})
data['mongo_api_url'] = reverse('mongo_view_api',
kwargs={"username": username,
"id_string": id_string})
data['delete_data_url'] = reverse('delete_data',
kwargs={"username": username,
"id_string": id_string})
data['mapbox_layer'] = MetaData.mapbox_layer_upload(xform)
audit = {
"xform": xform.id_string
}
audit_log(Actions.FORM_MAP_VIEWED, request.user, owner,
_("Requested map on '%(id_string)s'.")
% {'id_string': xform.id_string}, audit, request)
return render(request, template, data)
def delete_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
export_id = request.POST.get('export_id')
# find the export entry in the db
export = get_object_or_404(Export, id=export_id)
export.delete()
audit = {"xform": xform.id_string, "export_type": export.export_type}
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Deleted %(export_type)s export '%(filename)s'"
" on '%(id_string)s'.") % {
'export_type': export.export_type.upper(),
'filename': export.filename,
'id_string': xform.id_string,
}, audit, request)
# mpower start: added for redirection to custom view
custom = request.POST.get("custom", "default")
if custom != 'default':
return HttpResponseRedirect('/usermodule/' + owner.username +
'/projects-views/' + xform.id_string +
'/?tab_selection=' + custom)
# mpower end: added for redirection to custom view
return HttpResponseRedirect(
reverse(export_list,
kwargs={
"username": username,
"id_string": id_string,
"export_type": export_type
}))
def download_jsonform(request, username, id_string):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm,
user__username__iexact=username,
id_string__exact=id_string)
if request.method == "OPTIONS":
response = HttpResponse()
add_cors_headers(response)
return response
helper_auth_helper(request)
if not has_permission(xform, owner, request, xform.shared):
response = HttpResponseForbidden(_(u'Not shared.'))
add_cors_headers(response)
return response
response = response_with_mimetype_and_name('json',
id_string,
show_date=False)
if 'callback' in request.GET and request.GET.get('callback') != '':
callback = request.GET.get('callback')
response.content = "%s(%s)" % (callback, xform.json)
else:
add_cors_headers(response)
response.content = xform.json
return response
def export_list(request, username, id_string, export_type):
try:
Export.EXPORT_TYPE_DICT[export_type]
except KeyError:
return HttpResponseBadRequest(_('Invalid export type'))
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(export_list,
kwargs={
'username': username,
'id_string': id_string,
'export_type': export_type
})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_('Not shared.'))
data = {
'username':
owner.username,
'xform':
xform,
'export_type':
export_type,
'export_type_name':
Export.EXPORT_TYPE_DICT[export_type],
'exports':
Export.objects.filter(xform=xform,
export_type=export_type).order_by('-created_on')
}
return render(request, 'export_list.html', data)
def export_list(request, username, id_string, export_type):
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(export_list,
kwargs={
'username': username,
'id_string': id_string,
'export_type': export_type
})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if should_create_new_export(xform, export_type):
try:
create_async_export(xform,
export_type,
query=None,
force_xlsx=True)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
context = RequestContext(request)
context.username = owner.username
context.xform = xform
# TODO: better output e.g. Excel instead of XLS
context.export_type = export_type
context.export_type_name = Export.EXPORT_TYPE_DICT[export_type]
exports = Export.objects.filter(xform=xform, export_type=export_type)\
.order_by('-created_on')
context.exports = exports
return render_to_response('export_list.html', context_instance=context)
def data_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
elif export_type in [Export.CSV_ZIP_EXPORT, Export.SAV_ZIP_EXPORT]:
extension = 'zip'
audit = {"xform": xform.id_string, "export_type": export_type}
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type) or query or\
'start' in request.GET or 'end' in request.GET:
# check for start and end params
if 'start' in request.GET or 'end' in request.GET:
if not query:
query = '{}'
query = json.dumps(
_set_submission_time_to_query(json.loads(query), request))
try:
export = generate_export(export_type, extension, username,
id_string, None, query)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
else:
export = newset_export_for(xform, export_type)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(Export.EXPORT_MIMES[ext],
id_string,
extension=ext,
file_path=export.filepath)
return response
def set_perm(request, username, id_string):
xform = get_object_or_404(XForm,
user__username=username, id_string=id_string)
owner = xform.user
if username != request.user.username\
and not has_permission(xform, username, request):
return HttpResponseForbidden(_(u'Permission denied.'))
try:
perm_type = request.POST['perm_type']
for_user = request.POST['for_user']
except KeyError:
return HttpResponseBadRequest()
if perm_type in ['edit', 'view', 'report', 'remove']:
try:
user = User.objects.get(username=for_user)
except User.DoesNotExist:
messages.add_message(
request, messages.INFO,
_(u"Wrong username <b>%s</b>." % for_user),
extra_tags='alert-error')
else:
if perm_type == 'edit' and\
not user.has_perm('change_xform', xform):
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_PERMISSIONS_UPDATED, request.user, owner,
_("Edit permissions on '%(id_string)s' assigned to "
"'%(for_user)s'.") %
{
'id_string': xform.id_string,
'for_user': for_user
}, audit, request)
assign_perm('change_xform', user, xform)
elif perm_type == 'view' and\
not user.has_perm('view_xform', xform):
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_PERMISSIONS_UPDATED, request.user, owner,
_("View permissions on '%(id_string)s' "
"assigned to '%(for_user)s'.") %
{
'id_string': xform.id_string,
'for_user': for_user
}, audit, request)
assign_perm('view_xform', user, xform)
elif perm_type == 'report' and\
not user.has_perm('report_xform', xform):
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_PERMISSIONS_UPDATED, request.user, owner,
_("Report permissions on '%(id_string)s' "
"assigned to '%(for_user)s'.") %
{
'id_string': xform.id_string,
'for_user': for_user
}, audit, request)
assign_perm('report_xform', user, xform)
elif perm_type == 'remove':
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_PERMISSIONS_UPDATED, request.user, owner,
_("All permissions on '%(id_string)s' "
"removed from '%(for_user)s'.") %
{
'id_string': xform.id_string,
'for_user': for_user
}, audit, request)
remove_perm('change_xform', user, xform)
remove_perm('view_xform', user, xform)
elif perm_type == 'link':
current = MetaData.public_link(xform)
if for_user == 'all':
MetaData.public_link(xform, True)
elif for_user == 'none':
MetaData.public_link(xform, False)
elif for_user == 'toggle':
MetaData.public_link(xform, not current)
audit = {
'xform': xform.id_string
}
audit_log(
Actions.FORM_PERMISSIONS_UPDATED, request.user, owner,
_("Public link on '%(id_string)s' %(action)s.") %
{
'id_string': xform.id_string,
'action': "created"
if for_user == "all" or
(for_user == "toggle" and not current) else "removed"
}, audit, request)
if request.is_ajax():
return HttpResponse(
json.dumps(
{'status': 'success'}), mimetype='application/json')
return HttpResponseRedirect(reverse(show, kwargs={
'username': username,
'id_string': id_string
}))
def export_list(request, username, id_string, export_type):
credential = None
if export_type not in Export.EXPORT_TYPE_DICT:
return HttpResponseBadRequest(
_(u'Export type "%s" is not supported.' % export_type))
if export_type == Export.GOOGLE_SHEETS_EXPORT:
# Retrieve google creds or redirect to google authorization page
credential = _get_google_credential(request)
if isinstance(credential, HttpResponseRedirect):
return credential
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
# Get meta and token
export_token = request.GET.get('token')
export_meta = request.GET.get('meta')
options = {
'group_delimiter': DEFAULT_GROUP_DELIMITER,
'remove_group_name': False,
'split_select_multiples': True,
'binary_select_multiples': False,
'meta': export_meta,
'token': export_token,
'google_credentials': credential
}
if should_create_new_export(xform, export_type, options):
try:
create_async_export(xform,
export_type,
query=None,
force_xlsx=True,
options=options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
metadata = MetaData.objects.filter(object_id=xform.id,
data_type="external_export")\
.values('id', 'data_value')
for m in metadata:
m['data_value'] = m.get('data_value').split('|')[0]
data = {
'username':
owner.username,
'xform':
xform,
'export_type':
export_type,
'export_type_name':
Export.EXPORT_TYPE_DICT[export_type],
'exports':
Export.objects.filter(xform=xform,
export_type=export_type).order_by('-created_on'),
'metas':
metadata
}
return render(request, 'export_list.html', data)
def create_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
credential = None
if export_type == Export.GOOGLE_SHEETS_EXPORT:
credential = _get_google_credential(request)
if isinstance(credential, HttpResponseRedirect):
return credential
query = request.POST.get("query")
force_xlsx = request.POST.get('xls') != 'true'
# export options
group_delimiter = request.POST.get("options[group_delimiter]", '/')
if group_delimiter not in ['.', '/']:
return HttpResponseBadRequest(
_("%s is not a valid delimiter" % group_delimiter))
# default is True, so when dont_.. is yes
# split_select_multiples becomes False
split_select_multiples = request.POST.get(
"options[dont_split_select_multiples]", "no") == "no"
binary_select_multiples = getattr(settings, 'BINARY_SELECT_MULTIPLES',
False)
remove_group_name = request.POST.get("options[remove_group_name]", "false")
# external export option
meta = request.POST.get("meta")
options = {
'group_delimiter': group_delimiter,
'split_select_multiples': split_select_multiples,
'binary_select_multiples': binary_select_multiples,
'remove_group_name': str_to_bool(remove_group_name),
'meta': meta.replace(",", "") if meta else None,
'google_credentials': credential
}
try:
create_async_export(xform, export_type, query, force_xlsx, options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
else:
audit = {"xform": xform.id_string, "export_type": export_type}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") % {
'export_type': export_type.upper(),
'id_string': xform.id_string,
}, audit, request)
return HttpResponseRedirect(
reverse(export_list,
kwargs={
"username": username,
"id_string": id_string,
"export_type": export_type
}))
def _wrapper(request, username, id_string, *args, **kwargs):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(owner.xforms, id_string=id_string)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
return func(request, username, id_string, *args, **kwargs)
def custom_data_view(request, username, id_string):
ACTIVATE_CUSTOM_VIEW_QUERY = False
# Query parameter must need to declare Column name using as clause.
# In Query Make sure that instance id is fetched and it should be fetched in first parameter as select id, other column name from table.
column_query = ''
#db_test_column_query = "id as submission_id, json->>'Name' as Name, json->>'Gender' as Gender, json->>'group_family/Father_s_Name' as Father_Name, json->>'group_family/Mother_s_Name' as Mother_Name, json->>'Date_of_Birth' as DOB,json->>'group_family/Present_Address' as present_address, json->>'group_family/Same_as_Present_Address' as same_as_present";
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
submission_start = '%'
submission_end = '%'
submitted_by = '%'
status = '%'
submitter_id = 0
if 'filter' in request.GET:
filter_required = int(request.GET.get('filter'))
# print ('incoming filter data:: ', filter_required)
if 'start_date' in request.GET:
submission_start = str(request.GET.get('start_date'))
if 'end_date' in request.GET:
submission_end = str(request.GET.get('end_date'))
if 'submitted_by' in request.GET:
submitted_by = str(request.GET.get('submitted_by'))
if 'status' in request.GET:
status = str(request.GET.get('status'))
if submitted_by != 'custom':
submitter_obj = get_object_or_404(User,
username__iexact=submitted_by)
submitter_id = submitter_obj.id
#print ('submitter_id:: ', submitter_id)
sub_query_user = ""
sub_query_date_range = ""
sub_query_status = ""
if submitter_id != 0:
sub_query_user += " AND logger_instance.user_id = " + str(submitter_id)
if submission_start and submission_end is not '%':
sub_query_date_range += " AND logger_instance.date_created BETWEEN '" + str(
submission_start) + "' AND '" + str(submission_end) + "'"
if status is not '%' and status != 'custom':
sub_query_status += " AND app_inst.status = '" + str(status) + "'"
if xform.id_string == 'CSVGM':
db_test_column_query = "logger_instance.id,(select username from auth_user where id=logger_instance.user_id) user_id,(select ngo_english from vwNGO where ngoid=logger_instance.json->>'ngo') ngo,(select village_english from vwVillage where village_id=logger_instance.json->>'village') village ,(select label_english from vwLegend where legend=logger_instance.json->>'legendIdentification') legend,logger_instance.json->>'legendID' legendid"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
elif xform.id_string == 'bd_month_activity_tracking':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
else:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
submission_instance_query = "SELECT DISTINCT " + column_query + " FROM logger_instance LEFT JOIN approval_instanceapproval app_inst ON app_inst.instance_id = logger_instance.id WHERE xform_id = " + str(
xform.id) + str(sub_query_user) + str(sub_query_date_range) + str(
sub_query_status)
print submission_instance_query
data_list = []
col_names = []
cursor = connection.cursor()
try:
if ACTIVATE_CUSTOM_VIEW_QUERY:
cursor.execute(submission_instance_query)
fetchVal = cursor.fetchall()
col_names = [i[0] for i in cursor.description]
col_names.append('details')
for eachval in fetchVal:
#details_link = '/' + username + '/' + 'forms' + '/' + id_string + '/' + 'pending_instance' + '/' + '?s_id=' + str(eachval[0]) + '#/' + str(eachval[0])
details_link = '/' + username + '/' + 'forms' + '/' + id_string + '/' + 'instance/#/' + str(
eachval[0])
details_button = '<a class="btn red" href="' + details_link + '" role="button">Details</a>'
eachval = eachval + (details_button, )
data_list.append(list(eachval))
print('Col Names:: ', col_names)
print('Col Data', data_list)
except Exception, e:
if connection is not None:
connection.rollback()
print('DB query error:: ', str(e))
ACTIVATE_CUSTOM_VIEW_QUERY = False
def pending_data_view(request, username, id_string):
ACTIVATE_CUSTOM_VIEW_QUERY = False
# Query parameter must need to declare Column name using as clause.
# In Query Make sure that instance id is fetched and it should be fetched in first parameter as select id, other column name from table.
column_query = ''
#db_test_column_query = "id as submission_id, json->>'Name' as Name, json->>'Gender' as Gender, json->>'group_family/Father_s_Name' as Father_Name, json->>'group_family/Mother_s_Name' as Mother_Name, json->>'Date_of_Birth' as DOB,json->>'group_family/Present_Address' as present_address, json->>'group_family/Same_as_Present_Address' as same_as_present";
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
submission_start = '%'
submission_end = '%'
submitted_by = '%'
status = '%'
submitter_id = 0
if 'filter' in request.GET:
filter_required = int(request.GET.get('filter'))
# print ('incoming filter data:: ', filter_required)
if 'start_date' in request.GET:
submission_start = str(request.GET.get('start_date'))
if 'end_date' in request.GET:
submission_end = str(request.GET.get('end_date'))
if 'submitted_by' in request.GET:
submitted_by = str(request.GET.get('submitted_by'))
if 'status' in request.GET:
status = str(request.GET.get('status'))
if submitted_by != 'custom':
submitter_obj = get_object_or_404(User,
username__iexact=submitted_by)
submitter_id = submitter_obj.id
#print ('submitter_id:: ', submitter_id)
sub_query_user = ""
sub_query_date_range = ""
sub_query_status = ""
if submitter_id != 0:
sub_query_user += " WHERE p.user_id = " + str(submitter_id)
if submission_start and submission_end is not '%':
if sub_query_user == '':
sub_query_date_range += " WHERE p.date_created BETWEEN '" + str(
submission_start) + "' AND '" + str(submission_end) + "'"
else:
sub_query_date_range += " AND p.date_created BETWEEN '" + str(
submission_start) + "' AND '" + str(submission_end) + "'"
if status is not '%' and status != 'custom':
if sub_query_user == '' and sub_query_date_range == '':
sub_query_status += " WHERE p.status = '" + str(status) + "'"
else:
sub_query_status += " AND p.status = '" + str(status) + "'"
if xform.id == 256:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 249:
if xform.id_string == 'bd_boys_girls_profile':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'profile/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 250:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 251:
if xform.id_string == 'bd_evaw_profile':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 252:
if xform.id_string == 'bd_ff_observation_journal':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 253:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'date/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 254:
if xform.id_string == 'bd_quarterly_case_study_form':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'case/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 255:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 263:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 240:
if xform.id_string == 'np_monthly_meeting_document':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'meeting/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 248:
if xform.id_string == 'np_VCPC_profile':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 259:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 261:
if xform.id_string == 'np_quarterly_case_study':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 199:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'basic/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
if xform.id == 266:
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'note/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 267:
if xform.id_string == 'np_boys_girls_profile':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'profile/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
#if xform.id == 272:
if xform.id_string == 'bd_month_activity_tracking':
db_test_column_query = "logger_instance.id ID, logger_instance.user_id , to_char(logger_instance.date_created,'DD Mon YYYY') Received, logger_instance.json->>'geo/pngo' PNGO, app_inst.status ApprovalStatus"
column_query = db_test_column_query
ACTIVATE_CUSTOM_VIEW_QUERY = True
submission_instance_query = "SELECT * FROM (SELECT " + column_query + " FROM logger_instance LEFT JOIN approval_instanceapproval app_inst ON app_inst.instance_id = logger_instance.id WHERE xform_id = " + str(
xform.id
) + " AND (app_inst.status='Pending' OR app_inst.status='New')) p" + str(
sub_query_user) + str(sub_query_date_range) + str(sub_query_status)
#print submission_instance_query
data_list = []
col_names = []
cursor = connection.cursor()
try:
if ACTIVATE_CUSTOM_VIEW_QUERY:
cursor.execute(submission_instance_query)
fetchVal = cursor.fetchall()
col_names = [i[0] for i in cursor.description]
col_names.append('details')
for eachval in fetchVal:
details_link = '/' + username + '/' + 'forms' + '/' + id_string + '/' + 'pending_instance' + '/' + '?s_id=' + str(
eachval[0]) + '#/' + str(eachval[0])
details_button = '<a class="btn red" href="' + details_link + '" role="button">Details</a>'
eachval = eachval + (details_button, )
data_list.append(list(eachval))
# print ('Col Names:: ', col_names)
# print ('Col Data', data_list)
except Exception, e:
if connection is not None:
connection.rollback()
print('DB query error:: ', str(e))
ACTIVATE_CUSTOM_VIEW_QUERY = False
def data_export(request, username, id_string, export_type):
"""
Data export view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_form({'user': owner, 'id_string__iexact': id_string})
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
elif export_type in [Export.CSV_ZIP_EXPORT, Export.SAV_ZIP_EXPORT]:
extension = 'zip'
audit = {"xform": xform.id_string, "export_type": export_type}
options = {
"extension": extension,
"username": username,
"id_string": id_string
}
if query:
options['query'] = query
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type, options) or query or\
'start' in request.GET or 'end' in request.GET:
# check for start and end params
start, end = _get_start_end_submission_time(request)
options.update({"start": start, "end": end})
try:
export = generate_export(export_type, xform, None, options)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
except SPSSIOError as e:
return HttpResponseBadRequest(str(e))
else:
export = newest_export_for(xform, export_type, options)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") % {
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename and not export.error_message:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
elif not export.filename and export.error_message:
return HttpResponseBadRequest(str(export.error_message))
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
__, extension = os.path.splitext(export.filename)
extension = extension[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(Export.EXPORT_MIMES[extension],
id_string,
extension=extension,
file_path=export.filepath)
return response
def data_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username=username)
xform = get_object_or_404(XForm, id_string=id_string, user=owner)
helper_auth_helper(request)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
query = request.GET.get("query")
extension = export_type
# check if we should force xlsx
force_xlsx = request.GET.get('xls') != 'true'
if export_type == Export.XLS_EXPORT and force_xlsx:
extension = 'xlsx'
elif export_type in [Export.CSV_ZIP_EXPORT, Export.SAV_ZIP_EXPORT]:
extension = 'zip'
audit = {
"xform": xform.id_string,
"export_type": export_type
}
# check if we need to re-generate,
# we always re-generate if a filter is specified
if should_create_new_export(xform, export_type) or query or\
'start' in request.GET or 'end' in request.GET:
format_date_for_mongo = lambda x, datetime: datetime.strptime(
x, '%y_%m_%d_%H_%M_%S').strftime('%Y-%m-%dT%H:%M:%S')
# check for start and end params
if 'start' in request.GET or 'end' in request.GET:
if not query:
query = '{}'
query = json.loads(query)
query[SUBMISSION_TIME] = {}
try:
if request.GET.get('start'):
query[SUBMISSION_TIME]['$gte'] = format_date_for_mongo(
request.GET['start'], datetime)
if request.GET.get('end'):
query[SUBMISSION_TIME]['$lte'] = format_date_for_mongo(
request.GET['end'], datetime)
except ValueError:
return HttpResponseBadRequest(
_("Dates must be in the format YY_MM_DD_hh_mm_ss"))
else:
query = json.dumps(query)
try:
export = generate_export(
export_type, extension, username, id_string, None, query)
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
except NoRecordsFoundError:
return HttpResponseNotFound(_("No records found to export"))
else:
export = newset_export_for(xform, export_type)
# log download as well
audit_log(
Actions.EXPORT_DOWNLOADED, request.user, owner,
_("Downloaded %(export_type)s export on '%(id_string)s'.") %
{
'id_string': xform.id_string,
'export_type': export_type.upper()
}, audit, request)
if not export.filename:
# tends to happen when using newset_export_for.
return HttpResponseNotFound("File does not exist!")
# get extension from file_path, exporter could modify to
# xlsx if it exceeds limits
path, ext = os.path.splitext(export.filename)
ext = ext[1:]
if request.GET.get('raw'):
id_string = None
response = response_with_mimetype_and_name(
Export.EXPORT_MIMES[ext], id_string, extension=ext,
file_path=export.filepath)
return response
def attachment_url(request, size='medium'):
media_file = request.GET.get('media_file')
# TODO: how to make sure we have the right media file,
# this assumes duplicates are the same file.
#
# Django seems to already handle that. It appends datetime to the filename.
# It means duplicated would be only for the same user who uploaded two files
# with same name at the same second.
if media_file:
mtch = re.search(r'^([^/]+)/attachments/([^/]+)$', media_file)
if mtch:
# in cases where the media_file url created by instance.html's
# _attachment_url function is in the wrong format, this will
# match attachments with the correct owner and the same file name
(username, filename) = mtch.groups()
result = Attachment.objects.filter(
instance__xform__user__username=username, ).filter(
Q(media_file_basename=filename)
| Q(media_file_basename=None,
media_file__endswith='/' + filename))[0:1]
else:
# search for media_file with exact matching name
result = Attachment.objects.filter(media_file=media_file)[0:1]
try:
attachment = result[0]
return redirect(attachment.media_file.url)
except IndexError:
media_file_logger.info('attachment not found')
return HttpResponseNotFound(_(u'Attachment not found'))
# Checks whether users are allowed to see the media file before giving them
# the url
xform = attachment.instance.xform
if not request.user.is_authenticated():
# This is not a DRF view, but we need to honor things like
# `DigestAuthentication` (ODK Briefcase uses it!) and
# `TokenAuthentication`. Let's try all the DRF authentication
# classes before giving up
drf_request = rest_framework.request.Request(request)
for auth_class in api_settings.DEFAULT_AUTHENTICATION_CLASSES:
auth_tuple = auth_class().authenticate(drf_request)
if auth_tuple is not None:
# Is it kosher to modify `request`? Let's do it anyway
# since that's what `has_permission()` requires...
request.user = auth_tuple[0]
# `DEFAULT_AUTHENTICATION_CLASSES` are ordered and the
# first match wins; don't look any further
break
if not has_permission(xform, xform.user, request):
return HttpResponseForbidden(_(u'Not shared.'))
media_url = None
if not attachment.mimetype.startswith('image'):
media_url = attachment.media_file.url
else:
try:
media_url = image_url(attachment, size)
except:
media_file_logger.error('could not get thumbnail for image',
exc_info=True)
if media_url:
# We want nginx to serve the media (instead of redirecting the media itself)
# PROS:
# - It avoids revealing the real location of the media.
# - Full control on permission
# CONS:
# - When using S3 Storage, traffic is multiplied by 2.
# S3 -> Nginx -> User
response = HttpResponse()
default_storage = get_storage_class()()
if not isinstance(default_storage, FileSystemStorage):
# Double-encode the S3 URL to take advantage of NGINX's
# otherwise troublesome automatic decoding
# protected_url = '/protected-s3/{}'.format(urlquote(media_url))
return redirect(media_url)
else:
return redirect(media_url)
# protected_url = media_url.replace(settings.MEDIA_URL, "/protected/")
# Let nginx determine the correct content type
response["Content-Type"] = ""
response["X-Accel-Redirect"] = protected_url
return response
return HttpResponseNotFound(_(u'Error: Attachment not found'))
def create_export(request, username, id_string, export_type):
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform=xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
query = request.POST.get("query")
force_xlsx = request.POST.get('xls') != 'true'
# export options
export_data_type = request.POST.get('rprt_data_type', 'xml')
group_delimiter = request.POST.get("options[group_delimiter]", '/')
if group_delimiter not in ['.', '/']:
return HttpResponseBadRequest(
_("%s is not a valid delimiter" % group_delimiter))
# default is True, so when dont_.. is yes
# split_select_multiples becomes False
split_select_multiples = request.POST.get(
"options[dont_split_select_multiples]", "no") == "no"
binary_select_multiples = getattr(settings, 'BINARY_SELECT_MULTIPLES',
False)
# external export option
meta = request.POST.get("meta")
options = {
'group_delimiter': group_delimiter,
'split_select_multiples': split_select_multiples,
'binary_select_multiples': binary_select_multiples,
'meta': meta.replace(",", "") if meta else None,
'exp_data_typ': export_data_type
}
try:
create_async_export(xform, export_type, query, force_xlsx, options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
else:
audit = {"xform": xform.id_string, "export_type": export_type}
audit_log(
Actions.EXPORT_CREATED, request.user, owner,
_("Created %(export_type)s export on '%(id_string)s'.") % {
'export_type': export_type.upper(),
'id_string': xform.id_string,
}, audit, request)
# mpower start: added for redirection to custom view
custom = request.POST.get("custom", "default")
if custom != 'default':
return HttpResponseRedirect('/usermodule/' + owner.username +
'/projects-views/' + xform.id_string +
'/?tab_selection=' + custom)
# mpower end: added for redirection to custom view
return HttpResponseRedirect(
reverse(export_list,
kwargs={
"username": username,
"id_string": id_string,
"export_type": export_type
}))
def export_list(request, username, id_string, export_type):
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(export_list,
kwargs={
'username': username,
'id_string': id_string,
'export_type': export_type
})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform=xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
# Get meta and token
export_token = request.GET.get('token')
export_meta = request.GET.get('meta')
options = {
'meta': export_meta,
'token': export_token,
}
if should_create_new_export(xform, export_type):
try:
create_async_export(xform,
export_type,
query=None,
force_xlsx=True,
options=options)
except Export.ExportTypeError:
return HttpResponseBadRequest(
_("%s is not a valid export type" % export_type))
metadata = MetaData.objects.filter(xform=xform,
data_type="external_export")\
.values('id', 'data_value')
for m in metadata:
m['data_value'] = m.get('data_value').split('|')[0]
data = {
'username':
owner.username,
'xform':
xform,
'export_type':
export_type,
'export_type_name':
Export.EXPORT_TYPE_DICT[export_type],
'exports':
Export.objects.filter(xform=xform,
export_type=export_type).order_by('-created_on'),
'metas':
metadata
}
return render(request, 'export_list.html', data)
def custom_project_window(request, username, id_string, **kwargs):
"""
Replaces the default kobo project window.
Creates a one page solution with one page view.
"""
owner = get_object_or_404(User, username__iexact=username)
xform = get_object_or_404(XForm, id_string__exact=id_string, user=owner)
if not has_permission(xform, owner, request):
return HttpResponseForbidden(_(u'Not shared.'))
user_list = get_own_and_partner_orgs_usermodule_users(request)
username_list = [
str(custom_user.user.username) for custom_user in user_list
]
username_list.append(str(request.user.username))
# data grid view part
data = {
'owner': owner,
'xform': xform,
'form_map_url':
'/' + owner.username + '/forms/' + xform.id_string + '/map',
'user_list': username_list
}
# start: export part
export_type = 'xls'
if export_type == Export.GDOC_EXPORT:
redirect_url = reverse(export_list,
kwargs={
'username': username,
'id_string': id_string,
'export_type': export_type
})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
if export_type == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform=xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
# Get meta and token
export_token = request.GET.get('token')
export_meta = request.GET.get('meta')
options = {
'meta': export_meta,
'token': export_token,
}
export_type_zip = 'zip'
if export_type_zip == Export.GDOC_EXPORT:
redirect_url = reverse(export_list,
kwargs={
'username': username,
'id_string': id_string,
'export_type': export_type_zip
})
token = _get_google_token(request, redirect_url)
if isinstance(token, HttpResponse):
return token
if export_type_zip == Export.EXTERNAL_EXPORT:
# check for template before trying to generate a report
if not MetaData.external_export(xform=xform):
return HttpResponseForbidden(_(u'No XLS Template set.'))
#code is commented to stop auto export generation
# if should_create_new_export(xform, export_type):
# try:
# create_async_export(
# xform, export_type, query=None, force_xlsx=True,
# options=options)
# except Export.ExportTypeError:
# return HttpResponseBadRequest(
# _("%s is not a valid export type" % export_type))
metadata = MetaData.objects.filter(xform=xform,
data_type="external_export")\
.values('id', 'data_value')
for m in metadata:
m['data_value'] = m.get('data_value').split('|')[0]
#tab_selection = '#' + request.GET.get('tab_selection','grid')
tab_selection = '#' + request.GET.get('tab_selection', 'data_table')
# print tab_selection
data.update({
'username':
owner.username,
'xform':
xform,
'export_type':
export_type,
'export_type_zip':
export_type_zip,
'export_type_name':
Export.EXPORT_TYPE_DICT[export_type],
'export_type_name_zip':
Export.EXPORT_TYPE_DICT[export_type_zip],
'exports':
Export.objects.filter(
Q(xform=xform, export_type='xls')
| Q(xform=xform, export_type='csv')).order_by('-created_on'),
'exports_zip':
Export.objects.filter(xform=xform,
export_type='zip').order_by('-created_on'),
'metas':
metadata,
'tab_selection':
tab_selection,
})
# end: export part
# start: image gallery part
# instances = Instance.objects.filter(xform=xform).values('id')
# instances_list = [instance['id'] for instance in instances]
# attachments = Attachment.objects.filter(instance__in=instances_list,mimetype__icontains='image').values('media_file')
# image_list = []
# for i in attachments:
# image = {}
# image['url'] = request.build_absolute_uri('/media/'+i['media_file'])
# image['title'] = i['media_file'][i['media_file'].rfind('/')+1:]
# image_list.append(image)
# data.update({
# 'image_list': image_list,
# })
# end: image gallery part
return render(request, "usermodule/custom_project_window.html", data)