def test_deid_permission(self): self.assertFalse(user_can_view_deid_exports(self.domain, self.web_user)) self.permissions = Permissions(view_report_list=[DEID_EXPORT_PERMISSION]) self.assertTrue( self.permissions.has(get_permission_name(Permissions.view_report), data=DEID_EXPORT_PERMISSION)) self.assertTrue( self.web_user.has_permission( self.domain, get_permission_name(Permissions.view_report), data=DEID_EXPORT_PERMISSION) ) self.assertTrue(user_can_view_deid_exports(self.domain, self.web_user))
def default_data_view_url(request, domain): from corehq.apps.export.views.list import ( CaseExportListView, FormExportListView, DeIdFormExportListView, ) from corehq.apps.export.views.utils import (DataFileDownloadList, user_can_view_deid_exports, can_view_form_exports, can_view_case_exports) from corehq.apps.data_interfaces.interfaces import CaseReassignmentInterface if can_view_form_exports(request.couch_user, domain): return reverse(FormExportListView.urlname, args=[domain]) elif can_view_case_exports(request.couch_user, domain): return reverse(CaseExportListView.urlname, args=[domain]) if user_can_view_deid_exports(domain, request.couch_user): return reverse(DeIdFormExportListView.urlname, args=[domain]) if can_download_data_files(domain, request.couch_user): return reverse(DataFileDownloadList.urlname, args=[domain]) if request.couch_user.can_edit_data: return CaseReassignmentInterface.get_url(domain) raise Http404()
def raise_odata_permissions_issues(user, domain, config): if config.is_deidentified: return not (user_can_view_deid_exports(domain, user) and user_can_view_odata_feed(domain, user)) return not (has_permission_to_view_report( user, domain, FORM_EXPORT_PERMISSION if config.type == FORM_EXPORT else CASE_EXPORT_PERMISSION) and user_can_view_odata_feed(domain, user))
def allowed_doc_type(self): if self.has_case_export_permissions and self.has_form_export_permissions: return None # get_brief_deid_exports / get_brief_exports interprets this as both if self.has_form_export_permissions: return FORM_EXPORT if self.has_case_export_permissions: return CASE_EXPORT if user_can_view_deid_exports(self.domain, self.request.couch_user): return 'deid' return 'neither'
def can_download_daily_saved_export(export, domain, couch_user): if (export.is_deidentified and user_can_view_deid_exports(domain, couch_user)): return True elif export.type == FORM_EXPORT and has_permission_to_view_report( couch_user, domain, FORM_EXPORT_PERMISSION): return True elif export.type == CASE_EXPORT and has_permission_to_view_report( couch_user, domain, CASE_EXPORT_PERMISSION): return True return False
def can_download_daily_saved_export(export, domain, couch_user): if (export.is_deidentified and user_can_view_deid_exports(domain, couch_user) ): return True elif export.type == FORM_EXPORT and has_permission_to_view_report( couch_user, domain, FORM_EXPORT_PERMISSION): return True elif export.type == CASE_EXPORT and has_permission_to_view_report( couch_user, domain, CASE_EXPORT_PERMISSION): return True return False
def default_data_view_url(request, domain): from corehq.apps.export.views.list import ( CaseExportListView, FormExportListView, DeIdFormExportListView, ) from corehq.apps.export.views.utils import DataFileDownloadList, user_can_view_deid_exports if can_view_form_exports(request.couch_user, domain): return reverse(FormExportListView.urlname, args=[domain]) elif can_view_case_exports(request.couch_user, domain): return reverse(CaseExportListView.urlname, args=[domain]) if user_can_view_deid_exports(domain, request.couch_user): return reverse(DeIdFormExportListView.urlname, args=[domain]) if can_download_data_files(domain, request.couch_user): return reverse(DataFileDownloadList.urlname, args=[domain]) raise Http404()