def _inner(request, domain, *args, **kwargs):
if toggles.DISABLE_WEB_APPS.enabled_for_request(request):
apps_in_domain = get_apps_in_domain(domain)
if (len(apps_in_domain) == 1):
app_or_domain_name = apps_in_domain[0].name
else:
app_or_domain_name = domain
context = {
"app_or_domain_name":
app_or_domain_name,
"is_superuser":
hasattr(request, "couch_user")
and request.couch_user.is_superuser
}
return render(request, "cloudcare/web_apps_disabled.html",
context)
if hasattr(request, "couch_user"):
if request.couch_user.is_web_user():
return require_permission(
Permissions.access_web_apps)(view_func)(request,
domain, *args,
**kwargs)
else:
assert request.couch_user.is_commcare_user(), \
"user was neither a web user or a commcare user!"
return login_and_domain_required(view_func)(request,
domain, *args,
**kwargs)
return login_and_domain_required(view_func)(request, domain, *args,
**kwargs)
class DataSetMapCreateView(BaseCreateView, BaseProjectSettingsView):
urlname = 'dataset_map_create_view'
page_title = _('DataSet Map')
template_name = 'dhis2/dataset_map_create.html'
model = SQLDataSetMap
form_class = DataSetMapForm
@method_decorator(require_permission(Permissions.edit_motech))
@method_decorator(toggles.DHIS2_INTEGRATION.required_decorator())
@use_jquery_ui # for datepicker
def dispatch(self, request, *args, **kwargs):
return super().dispatch(request, *args, **kwargs)
def get_queryset(self):
return super().get_queryset().filter(domain=self.domain)
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
kwargs['domain'] = self.domain
return kwargs
def get_success_url(self):
return reverse(
DataSetMapListView.urlname,
kwargs={'domain': self.domain},
)
class DomainForwardingOptionsView(BaseAdminProjectSettingsView):
urlname = 'domain_forwarding'
page_title = ugettext_lazy("Data Forwarding")
template_name = 'repeaters/repeaters.html'
@method_decorator(require_permission(Permissions.edit_motech))
def dispatch(self, request, *args, **kwargs):
return super(BaseProjectSettingsView,
self).dispatch(request, *args, **kwargs)
@property
def repeater_types_info(self):
return [
RepeaterTypeInfo(r.__name__, r.friendly_name, r._has_config,
r.by_domain(self.domain))
for r in get_all_repeater_types().values()
if r.available_for_domain(self.domain)
]
@property
def page_context(self):
return {
'repeater_types_info':
self.repeater_types_info,
'pending_record_count':
RepeatRecord.count(self.domain),
'user_can_configure':
(self.request.couch_user.is_superuser
or self.request.couch_user.can_edit_motech() or
toggles.IS_CONTRACTOR.enabled(self.request.couch_user.username))
}
class BiometricIntegrationView(BaseAdminProjectSettingsView):
urlname = 'biometric_integration'
page_title = ugettext_lazy("Biometric Integration")
template_name = 'integration/biometric.html'
@method_decorator(require_permission(Permissions.edit_motech))
@method_decorator(toggles.BIOMETRIC_INTEGRATION.required_decorator())
def dispatch(self, request, *args, **kwargs):
return super(BiometricIntegrationView,
self).dispatch(request, *args, **kwargs)
@property
@memoized
def simprints_form(self):
data = self.request.POST if self.request.method == 'POST' else None
return SimprintsIntegrationForm(data, domain=self.domain)
@property
def page_context(self):
return {'simprints_form': self.simprints_form}
def post(self, request, *args, **kwargs):
if self.simprints_form.is_valid():
self.simprints_form.save()
messages.success(
request,
_("Biometric Integration settings have been updated."))
else:
messages.error(
request, _("Could not update Biometric Integration settings."))
return self.get(request, *args, **kwargs)
class DomainForwardingOptionsView(BaseAdminProjectSettingsView):
urlname = 'domain_forwarding'
page_title = ugettext_lazy("Data Forwarding")
template_name = 'repeaters/repeaters.html'
@method_decorator(require_permission(Permissions.edit_motech))
def dispatch(self, request, *args, **kwargs):
return super(BaseProjectSettingsView,
self).dispatch(request, *args, **kwargs)
@property
def repeaters(self):
return [(r.__name__, r.by_domain(self.domain), r.friendly_name,
r.get_custom_url(self.domain))
for r in get_all_repeater_types().values()
if r.available_for_domain(self.domain)]
@property
def page_context(self):
return {
'repeaters':
self.repeaters,
'pending_record_count':
RepeatRecord.count(self.domain),
'gefingerpoken': (
# Set gefingerpoken_ to whether the user should be allowed to change MOTECH configuration.
# .. _gefingerpoken: https://en.wikipedia.org/wiki/Blinkenlights
self.request.couch_user.is_superuser
or self.request.couch_user.can_edit_motech()
or toggles.IS_CONTRACTOR.enabled(
self.request.couch_user.username))
}
class BaseMultimediaView(ApplicationViewMixin, BaseSectionPageView):
@method_decorator(
require_permission(Permissions.edit_apps,
login_decorator=login_and_domain_required))
def dispatch(self, request, *args, **kwargs):
return super(BaseMultimediaView,
self).dispatch(request, *args, **kwargs)
class DomainForwardingOptionsView(BaseAdminProjectSettingsView):
urlname = 'domain_forwarding'
page_title = ugettext_lazy("Data Forwarding")
template_name = 'repeaters/repeaters.html'
@method_decorator(require_permission(Permissions.edit_motech))
def dispatch(self, request, *args, **kwargs):
return super(BaseProjectSettingsView,
self).dispatch(request, *args, **kwargs)
@property
def repeaters(self):
return [(r.__name__, r.by_domain(self.domain), r.friendly_name,
r.get_custom_url(self.domain))
for r in get_all_repeater_types().values()
if r.available_for_domain(self.domain)]
@property
def page_context(self):
return {
'repeaters':
self.repeaters,
'pending_record_count':
RepeatRecord.count(self.domain),
'gefingerpoken':
self.request.couch_user.is_superuser
or toggles.IS_DEVELOPER.enabled(self.request.couch_user.username)
}
def _inner(request, domain, *args, **kwargs):
if toggles.DISABLE_WEB_APPS.enabled_for_request(request):
message = 'Service Temporarily Unavailable'
is_superuser = hasattr(
request, "couch_user") and request.couch_user.is_superuser
if is_superuser or toggles.SUPPORT.enabled_for_request(
request):
message += " (due to 'disable_web_apps' feature flag)"
return HttpResponse(message,
content_type='text/plain',
status=503)
if hasattr(request, "couch_user"):
if request.couch_user.is_web_user():
return require_permission(
Permissions.access_web_apps)(view_func)(request,
domain, *args,
**kwargs)
else:
assert request.couch_user.is_commcare_user(), \
"user was neither a web user or a commcare user!"
return login_and_domain_required(view_func)(request,
domain, *args,
**kwargs)
return login_and_domain_required(view_func)(request, domain, *args,
**kwargs)
class BaseMultimediaView(ApplicationViewMixin, View):
@method_decorator(
require_permission(Permissions.edit_apps,
login_decorator=login_with_permission_from_post()))
def dispatch(self, request, *args, **kwargs):
return super(BaseMultimediaView,
self).dispatch(request, *args, **kwargs)
def require_can_edit_or_view_locations(view_fn):
"""Decorator verifying that the user has permission to edit and view
individual locations."""
return locations_access_required(
require_permission('edit_locations',
view_only_permission='view_locations')(view_fn)
)
def is_authenticated(self, request, **kwargs):
wrappers = [
require_permission(
self.permission,
login_decorator=self._get_auth_decorator(request)),
api_auth,
]
return self._auth_test(request, wrappers=wrappers, **kwargs)
def _inner(request, domain, *args, **kwargs):
if hasattr(request, "couch_user"):
if request.couch_user.is_web_user():
return require_permission(Permissions.edit_data)(view_func)(request, domain, *args, **kwargs)
else:
assert request.couch_user.is_commcare_user(), \
"user was neither a web user or a commcare user!"
return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
return login_and_domain_required(view_func)(request, domain, *args, **kwargs)
def is_authenticated(self, request, **kwargs):
return self._auth_test(
request,
wrappers=[
self._get_auth_decorator(request),
api_auth,
require_permission(
'access_api',
login_decorator=self._get_auth_decorator(request)),
],
**kwargs)
def _inner(request, domain, *args, **kwargs):
if toggles.RESTRICT_MOBILE_ACCESS.enabled(domain):
origin_token = request.META.get(ORIGIN_TOKEN_HEADER, None)
if origin_token:
if _test_token_valid(origin_token):
return fn(request, domain, *args, **kwargs)
else:
return HttpResponseForbidden()
return require_permission(Permissions.access_mobile_endpoints)(fn)(
request, domain, *args, **kwargs)
return fn(request, domain, *args, **kwargs)
class DeprecatedODataFormMetadataView(View):
urlname = 'odata_form_meta'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain, app_id):
xmlns_to_properties = get_xmlns_to_properties(domain, app_id)
metadata = render_to_string('api/odata_form_metadata.xml', {
'xmlns_to_properties': xmlns_to_properties,
})
return add_odata_headers(
HttpResponse(metadata, content_type='application/xml'))
class ODataFormMetadataView(View):
urlname = 'odata_form_metadata_from_export_instance'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain, config_id):
config = get_document_or_404(FormExportInstance, domain, config_id)
metadata = render_to_string(
'api/form_odata_metadata.xml', {
'fields': get_case_odata_fields_from_config(config),
})
return add_odata_headers(
HttpResponse(metadata, content_type='application/xml'))
def _inner(request, domain, *args, **kwargs):
if Domain.get_by_name(domain).restrict_mobile_access:
origin_token = request.META.get(ORIGIN_TOKEN_HEADER, None)
if origin_token:
if _test_token_valid(origin_token):
return fn(request, domain, *args, **kwargs)
else:
auth_logger.info(
"Request rejected domain=%s reason=%s request=%s",
domain, "flag:mobile_access_restricted", request.path)
return HttpResponseForbidden()
return require_permission(Permissions.access_mobile_endpoints)(fn)(
request, domain, *args, **kwargs)
return fn(request, domain, *args, **kwargs)
def _inner(request, domain, *args, **kwargs):
if DISABLE_WEB_APPS.enabled_for_request(request):
return HttpResponse('Service Temporarily Unavailable',
content_type='text/plain',
status=503)
if hasattr(request, "couch_user"):
if request.couch_user.is_web_user():
return require_permission(
Permissions.access_web_apps)(view_func)(request,
domain, *args,
**kwargs)
else:
assert request.couch_user.is_commcare_user(), \
"user was neither a web user or a commcare user!"
return login_and_domain_required(view_func)(request,
domain, *args,
**kwargs)
return login_and_domain_required(view_func)(request, domain, *args,
**kwargs)
class ConnectionSettingsDetailView(BaseProjectSettingsView, ModelFormMixin,
ProcessFormView):
urlname = 'connection_settings_detail_view'
page_title = _('Connection Settings')
template_name = 'motech/connection_settings_detail.html'
model = ConnectionSettings
form_class = ConnectionSettingsForm
@method_decorator(require_permission(Permissions.edit_motech))
def dispatch(self, request, *args, **kwargs):
if (toggles.INCREMENTAL_EXPORTS.enabled_for_request(request)
or has_privilege(request, privileges.DATA_FORWARDING)):
return super().dispatch(request, *args, **kwargs)
raise Http404()
def get_queryset(self):
return super().get_queryset().filter(domain=self.domain)
def get(self, request, *args, **kwargs):
# Allow us to update if 'pk' is given in the URL, otherwise create
self.object = self.get_object(
) if self.pk_url_kwarg in self.kwargs else None
return super().get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
self.object = self.get_object(
) if self.pk_url_kwarg in self.kwargs else None
return super().post(request, *args, **kwargs)
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
kwargs['domain'] = self.domain
return kwargs
def get_success_url(self):
return reverse(
ConnectionSettingsListView.urlname,
kwargs={'domain': self.domain},
)
def form_valid(self, form):
form.save()
return super().form_valid(form)
class ODataFormServiceView(View):
urlname = 'odata_form_service_from_export_instance'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain):
service_document_content = {
'@odata.context':
absolute_reverse(ODataFormMetadataView.urlname, args=[domain]),
'value': [{
'name': config.get_id,
'kind': 'EntitySet',
'url': config.get_id,
} for config in get_odata_form_configs_by_domain(domain)]
}
return add_odata_headers(JsonResponse(service_document_content))
class ODataFormMetadataView(View):
urlname = 'odata_form_metadata_from_export_instance'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain):
configs = get_odata_form_configs_by_domain(domain)
config_ids_to_properties = OrderedDict()
for config in configs:
config_ids_to_properties[
config.get_id] = get_form_odata_fields_from_config(config)
metadata = render_to_string(
'api/form_odata_metadata.xml', {
'config_ids_to_properties': config_ids_to_properties,
})
return add_odata_headers(
HttpResponse(metadata, content_type='application/xml'))
class DeprecatedODataCaseServiceView(View):
urlname = 'odata_case_service'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain):
data = {
'@odata.context':
absolute_reverse(DeprecatedODataCaseMetadataView.urlname,
args=[domain]),
'value': [{
'name': case_type,
'kind': 'EntitySet',
'url': case_type,
} for case_type in get_case_types_for_domain_es(domain)]
}
return add_odata_headers(JsonResponse(data))
class ReportBuilderView(BaseDomainView):
@method_decorator(require_permission(Permissions.edit_data))
@cls_to_view_login_and_domain
@use_select2
@use_daterangepicker
@use_datatables
def dispatch(self, request, *args, **kwargs):
if has_report_builder_access(request):
return super(ReportBuilderView,
self).dispatch(request, *args, **kwargs)
else:
raise Http404
@property
def section_name(self):
return _("Report Builder")
@property
def section_url(self):
return reverse(ReportBuilderTypeSelect.urlname, args=[self.domain])
class DeprecatedODataFormServiceView(View):
urlname = 'odata_form_service'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain, app_id):
data = {
'@odata.context':
absolute_reverse(DeprecatedODataFormMetadataView.urlname,
args=[domain, app_id]),
'value': [{
'name': xmlns,
'kind': 'EntitySet',
'url': xmlns,
} for xmlns in get_xmlns_by_app(domain, app_id)]
}
return add_odata_headers(JsonResponse(data))
class DomainForwardingOptionsView(BaseAdminProjectSettingsView):
urlname = 'domain_forwarding'
page_title = ugettext_lazy("Data Forwarding")
template_name = 'repeaters/repeaters.html'
@method_decorator(require_permission(Permissions.edit_motech))
@method_decorator(
requires_privilege_with_fallback(privileges.DATA_FORWARDING))
def dispatch(self, request, *args, **kwargs):
return super().dispatch(request, *args, **kwargs)
@property
def repeater_types_info(self):
return [
RepeaterTypeInfo(
class_name=r.__name__,
friendly_name=r.friendly_name,
has_config=r._has_config,
instances=r.by_domain(self.domain),
) for r in get_all_repeater_types().values()
if r.available_for_domain(self.domain)
]
@property
def page_context(self):
if are_repeat_records_migrated(self.domain):
report = 'repeat_record_report'
else:
report = 'couch_repeat_record_report'
return {
'report':
report,
'repeater_types_info':
self.repeater_types_info,
'pending_record_count':
RepeatRecord.count(self.domain),
'user_can_configure':
(self.request.couch_user.is_superuser
or self.request.couch_user.can_edit_motech() or
toggles.IS_CONTRACTOR.enabled(self.request.couch_user.username))
}
class DeprecatedODataCaseMetadataView(View):
urlname = 'odata_case_meta'
@method_decorator(basic_auth_or_try_api_key_auth)
@method_decorator(
require_permission(Permissions.edit_data, login_decorator=None))
@method_decorator(toggles.ODATA.required_decorator())
def get(self, request, domain):
case_type_to_properties = get_case_type_to_properties(domain)
for case_type in case_type_to_properties:
case_type_to_properties[case_type] = sorted(
{
'case_name', 'case_type', 'date_opened', 'owner_id',
'backend_id'
}
| set(case_type_to_properties[case_type]))
metadata = render_to_string(
'api/odata_metadata.xml', {
'case_type_to_properties': case_type_to_properties,
})
return add_odata_headers(
HttpResponse(metadata, content_type='application/xml'))
from fields import FilterUsersField
from util import get_all_users_by_domain
from corehq.apps.hqsofabed.models import HQFormData
from StringIO import StringIO
from corehq.apps.app_manager.util import get_app_id
from corehq.apps.groups.models import Group
DATE_FORMAT = "%Y-%m-%d"
datespan_default = datespan_in_request(
from_param="startdate",
to_param="enddate",
default_days=7,
)
require_form_export_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.export.ExcelExportReport', login_decorator=None)
require_case_export_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.export.CaseExportReport', login_decorator=None)
require_can_view_all_reports = require_permission(Permissions.view_reports)
@login_and_domain_required
def default(request, domain, template="reports/base_template.html"):
return render_to_response(request, template, dict(
domain=domain,
report=dict(
title="Select a Report to View",
show=request.couch_user.can_view_reports() or request.couch_user.get_viewable_reports(),
slug=None,
is_async=True
)
))
from corehq.apps.reports.dbaccessors import touch_exports
from corehq.apps.reports.display import xmlns_to_name
from corehq.apps.reports.standard.export import CaseExportReport, ExcelExportReport
from corehq.apps.settings.views import BaseProjectDataView
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import Permissions
from couchexport.models import SavedExportSchema, ExportSchema
from couchexport.schema import build_latest_schema
from dimagi.utils.decorators.memoized import memoized
from django.utils.translation import ugettext as _, ugettext_noop, ugettext_lazy
from dimagi.utils.logging import notify_exception
from dimagi.utils.parsing import json_format_date
from dimagi.utils.web import json_response
require_form_export_permission = require_permission(
Permissions.view_report, "corehq.apps.reports.standard.export.ExcelExportReport", login_decorator=None
)
class BaseExportView(BaseProjectDataView):
template_name = "export/customize_export.html"
export_type = None
is_async = True
@property
def parent_pages(self):
return [{"title": self.report_class.name, "url": self.export_home_url}]
@method_decorator(require_form_export_permission)
def dispatch(self, request, *args, **kwargs):
return super(BaseExportView, self).dispatch(request, *args, **kwargs)
import json
from django.contrib import messages
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect, HttpResponseForbidden
from django.views.decorators.http import require_POST
from django.utils.translation import ugettext as _
from corehq.apps.users.forms import MultipleSelectionForm
from corehq.apps.users.models import Permissions, CommCareUser
from corehq.apps.groups.models import Group, DeleteGroupRecord
from corehq.apps.users.decorators import require_permission
require_can_edit_groups = require_permission(Permissions.edit_commcare_users)
@require_POST
@require_can_edit_groups
def add_group(request, domain):
group_name = request.POST['group_name']
if not group_name:
messages.error(request, _(
"We could not create the group; "
"please give it a name first"
))
return HttpResponseRedirect(request.META['HTTP_REFERER'])
group = Group.by_name(domain, group_name, one=False).first()
if group:
messages.warning(request, _(
"A group with this name already exists: instead of making "
"a new one, we've brought you to the existing one."
try:
request.app = get_app(domain, app_id, latest=latest, target=target)
return f(request, *args, **kwargs)
except (AppEditingError, CaseError, ValueError), e:
logging.exception(e)
messages.error(request, "Problem downloading file: %s" % e)
return HttpResponseRedirect(
reverse("view_app", args=[domain, app_id]))
return _safe_download
def no_conflict_require_POST(f):
"""
Catches resource conflicts on save and returns a 409 error.
Also includes require_POST decorator
"""
@require_POST
@wraps(f)
def _no_conflict(*args, **kwargs):
try:
return f(*args, **kwargs)
except ResourceConflict:
return HttpResponse(status=409)
return _no_conflict
require_can_edit_apps = require_permission(Permissions.edit_apps)
require_deploy_apps = login_and_domain_required # todo: can fix this when it is better supported
def is_authenticated(self, request, **kwargs):
wrappers = [
require_permission(self.permission, login_decorator=self._get_auth_decorator(request)),
api_auth,
]
return self._auth_test(request, wrappers=wrappers, **kwargs)
from corehq.apps.groups.models import Group
from corehq.apps.users.bulkupload import GroupMemoizer
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import CommCareUser, Permissions
from corehq.apps.users.util import normalize_username
from couchexport.export import UnsupportedExportFormat, export_raw
from couchexport.models import Format
from couchexport.shortcuts import export_response
from dimagi.utils.couch.bulk import CouchTransaction
from dimagi.utils.excel import WorkbookJSONReader, WorksheetNotFound
from dimagi.utils.logging import notify_exception
from dimagi.utils.web import json_response
from dimagi.utils.decorators.view import get_file
require_can_edit_fixtures = require_permission(Permissions.edit_data)
def strip_json(obj, disallow_basic=None, disallow=None):
disallow = disallow or []
if disallow_basic is None:
disallow_basic = ['_rev', 'domain', 'doc_type']
disallow += disallow_basic
ret = {}
try:
obj = obj.to_json()
except Exception:
pass
for key in obj:
if key not in disallow:
ret[key] = obj[key]
from corehq.apps.case_importer import util as importer_util
from corehq.apps.case_importer.exceptions import ImporterError
from django.views.decorators.http import require_POST
from corehq.apps.case_importer.suggested_fields import get_suggested_case_fields
from corehq.apps.case_importer.tracking.case_upload_tracker import CaseUpload
from corehq.apps.case_importer.util import get_importer_error_message
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import Permissions
from corehq.form_processor.interfaces.dbaccessors import CaseAccessors
from django.contrib import messages
from django.shortcuts import render
from django.utils.translation import ugettext as _
require_can_edit_data = require_permission(Permissions.edit_data)
EXCEL_SESSION_ID = "excel_id"
def render_error(request, domain, message):
""" Load error message and reload page for excel file load errors """
messages.error(request, _(message))
return HttpResponseRedirect(base.ImportCases.get_url(domain=domain))
@require_can_edit_data
def excel_config(request, domain):
"""
Step one of three.
message = 'User attempted to install deleted application: {}'.format(app_id)
except (AppEditingError, CaseError, ValueError) as e:
message = e
logging.exception(message)
messages.error(request, "Problem downloading file: %s" % message)
return HttpResponseRedirect(reverse("view_app", args=[domain, app_id]))
return _safe_cached_download
def no_conflict_require_POST(fn):
"""
Catches resource conflicts on save and returns a 409 error.
Also includes require_POST decorator
"""
return require_POST(no_conflict(fn))
def no_conflict(fn):
@wraps(fn)
def _no_conflict(*args, **kwargs):
try:
return fn(*args, **kwargs)
except ResourceConflict:
return HttpResponse(status=409)
return _no_conflict
require_can_edit_apps = require_permission(Permissions.edit_apps)
require_deploy_apps = login_and_domain_required # todo: can fix this when it is better supported
from dimagi.utils.decorators.memoized import memoized
from dimagi.utils.make_uuid import random_hex
from dimagi.utils.couch.database import get_db
from dimagi.utils.web import json_request, json_response
from casexml.apps.case.models import CommCareCase
from corehq.apps.domain.decorators import require_superuser
from corehq.apps.groups.models import Group
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import CommCareUser, Permissions
from corehq.apps.receiverwrapper.util import get_submit_url
from couchforms.models import XFormInstance
require_can_cleanup = require_permission(Permissions.edit_data)
# -----------submissions-------------
@require_can_cleanup
def submissions(request, domain, template="cleanup/submissions.html"):
return render(request, template, {'domain': domain})
@require_can_cleanup
def submissions_json(request, domain):
def query(limit=100, userID=None, group=False, username__exclude=["demo_user", "admin"], **kwargs):
if group:
if userID is None:
key = [domain]
else:
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import CommCareUser, Permissions
from corehq.apps.users.util import normalize_username
from couchexport.export import UnsupportedExportFormat, export_raw
from couchexport.models import Format
from couchexport.shortcuts import export_response
from dimagi.utils.couch.bulk import CouchTransaction
from dimagi.utils.excel import WorkbookJSONReader, WorksheetNotFound
from dimagi.utils.logging import notify_exception
from dimagi.utils.web import json_response
from dimagi.utils.decorators.view import get_file
require_can_edit_fixtures = lambda *args, **kwargs: (
require_permission(Permissions.edit_data)(
requires_privilege_with_fallback(privileges.LOOKUP_TABLES)(*args, **kwargs)
)
)
def strip_json(obj, disallow_basic=None, disallow=None):
disallow = disallow or []
if disallow_basic is None:
disallow_basic = ['_rev', 'domain', 'doc_type']
disallow += disallow_basic
ret = {}
try:
obj = obj.to_json()
except Exception:
pass
for key in obj:
from corehq.apps.domain.decorators import cls_to_view
from corehq.apps.reports.dispatcher import ReportDispatcher
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import Permissions
# this is the permissions setting that makes the most sense now,
# but perhaps there should be a specific edit_indicators permission?
require_edit_indicators = require_permission(Permissions.edit_data)
cls_require_edit_indicators = cls_to_view(additional_decorator=require_edit_indicators)
class IndicatorAdminInterfaceDispatcher(ReportDispatcher):
prefix = "indicator_admin_interface"
map_name = "INDICATOR_ADMIN_INTERFACES"
@cls_require_edit_indicators
def dispatch(self, request, *args, **kwargs):
return super(IndicatorAdminInterfaceDispatcher, self).dispatch(request, *args, **kwargs)
import json
from django.contrib import messages
from django.urls import reverse
from django.http import HttpResponseRedirect, HttpResponseForbidden
from django.views.decorators.http import require_POST
from django.utils.translation import ugettext as _
from corehq.apps.users.models import Permissions, CommCareUser
from corehq.apps.groups.models import Group, DeleteGroupRecord
from corehq.apps.users.decorators import require_permission
from dimagi.utils.couch import CriticalSection
from dimagi.utils.couch.undo import DELETED_SUFFIX
require_can_edit_groups = require_permission(Permissions.edit_groups)
@require_POST
@require_can_edit_groups
def add_group(request, domain):
group_name = request.POST['group_name']
if not group_name:
messages.error(request, _(
"We could not create the group; "
"please give it a name first"
))
return HttpResponseRedirect(request.META['HTTP_REFERER'])
group = Group.by_name(domain, group_name)
if group:
messages.warning(request, _(
import json
from django.contrib import messages
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect, HttpResponseForbidden
from django.views.decorators.http import require_POST
from django.utils.translation import ugettext as _
from corehq.apps.users.forms import MultipleSelectionForm
from corehq.apps.users.models import Permissions, CommCareUser
from corehq.apps.groups.models import Group, DeleteGroupRecord
from corehq.apps.users.decorators import require_permission
require_can_edit_groups = require_permission(Permissions.edit_commcare_users)
@require_POST
@require_can_edit_groups
def add_group(request, domain):
group_name = request.POST["group_name"]
if not group_name:
messages.error(request, _("We could not create the group; " "please give it a name first"))
return HttpResponseRedirect(request.META["HTTP_REFERER"])
group = Group.by_name(domain, group_name, one=False).first()
if group:
messages.warning(
request,
_(
"A group with this name already exists: instead of making "
"a new one, we've brought you to the existing one."
assert repeater.domain == domain
assert record.domain == domain
assert record.repeater_id == repeater.get_id
attempt = repeater.fire_for_record(record)
return JsonResponse(attempt.to_json())
@login_and_domain_required
@require_http_methods(['POST'])
def openmrs_import_now(request, domain):
import_patients_to_domain(request.domain, force=True)
return JsonResponse({'status': 'Accepted'}, status=202)
@method_decorator(require_permission(Permissions.edit_motech), name='dispatch')
@method_decorator(toggles.OPENMRS_INTEGRATION.required_decorator(),
name='dispatch')
class OpenmrsImporterView(BaseProjectSettingsView):
urlname = 'openmrs_importer_view'
page_title = ugettext_lazy("OpenMRS Importers")
template_name = 'openmrs/importers.html'
def _update_importer(self, importer, data):
for key, value in data.items():
if key == 'password':
if value == PASSWORD_PLACEHOLDER:
continue # Skip updating the password if it hasn't been changed.
else:
value = b64_aes_encrypt(value)
elif key == 'report_params':
from corehq.apps.registration.forms import AdminInvitesUserForm
from corehq.apps.prescriptions.models import Prescription
from corehq.apps.domain.models import Domain
from corehq.apps.hqwebapp.utils import InvitationView
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.forms import WebUserForm, UserForm, ProjectSettingsForm, CommtrackUserForm
from corehq.apps.users.models import CouchUser, CommCareUser, WebUser, \
DomainRemovalRecord, UserRole, AdminUserRole, DomainInvitation, PublicUser
from corehq.apps.domain.decorators import login_and_domain_required, require_superuser, domain_admin_required, domain_specific_login_redirect
from corehq.apps.orgs.models import Team
from corehq.apps.reports.util import get_possible_reports
from corehq.apps.sms import verify as smsverify
from django.utils.translation import ugettext as _, ugettext_noop
require_can_edit_web_users = require_permission('edit_web_users')
require_can_edit_commcare_users = require_permission('edit_commcare_users')
def require_permission_to_edit_user(view_func):
@wraps(view_func)
def _inner(request, domain, couch_user_id, *args, **kwargs):
go_ahead = False
if hasattr(request, "couch_user"):
user = request.couch_user
if user.is_superuser or user.user_id == couch_user_id or (hasattr(user, "is_domain_admin") and user.is_domain_admin()):
go_ahead = True
else:
couch_user = CouchUser.get_by_user_id(couch_user_id)
if not couch_user:
raise Http404()
if couch_user.is_commcare_user() and request.couch_user.can_edit_commcare_users():
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import Permissions
from dimagi.utils.decorators.memoized import memoized
from .models import UI_SIMPLE_FIXED, UI_COMPLEX
from .util import can_use_survey_reminders, get_form_list, get_form_name, get_recipient_name
from corehq.apps.domain.models import Domain
from corehq.util.timezones.utils import get_timezone_for_user
from custom.ewsghana.forms import EWSBroadcastForm
ACTION_ACTIVATE = 'activate'
ACTION_DEACTIVATE = 'deactivate'
ACTION_DELETE = 'delete'
reminders_framework_permission = lambda *args, **kwargs: (
require_permission(Permissions.edit_data)(
requires_privilege_with_fallback(privileges.REMINDERS_FRAMEWORK)(*args, **kwargs)
)
)
survey_reminders_permission = lambda *args, **kwargs: (
require_permission(Permissions.edit_data)(
requires_privilege_with_fallback(privileges.INBOUND_SMS)(*args, **kwargs)
)
)
def get_project_time_info(domain):
timezone = get_timezone_for_user(None, domain)
now = pytz.utc.localize(datetime.utcnow())
timezone_now = now.astimezone(timezone)
return (timezone, now, timezone_now)
from corehq.apps.api.odata.utils import (
get_case_odata_fields_from_config,
get_form_odata_fields_from_config,
)
from corehq.apps.domain.decorators import basic_auth_or_try_api_key_auth
from corehq.apps.export.models import CaseExportInstance, FormExportInstance
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import Permissions
from corehq.feature_previews import BI_INTEGRATION_PREVIEW
from corehq.util import get_document_or_404
from corehq.util.view_utils import absolute_reverse
odata_auth = method_decorator([
basic_auth_or_try_api_key_auth,
require_permission(Permissions.edit_data, login_decorator=None),
BI_INTEGRATION_PREVIEW.required_decorator(),
],
name='dispatch')
@odata_auth
class ODataCaseServiceView(View):
urlname = 'odata_case_service_from_export_instance'
table_urlname = 'odata_case_service_from_export_instance_table'
def get(self, request, domain, config_id, **kwargs):
table_id = int(kwargs.get('table_id', 0))
urlname = ODataCaseMetadataView.urlname
url_args = [domain, config_id]
from corehq.apps.users.models import Permissions
from corehq.motech.dhis2.dhis2_config import Dhis2FormConfig
from corehq.motech.requests import Requests
from corehq.motech.dhis2.dbaccessors import get_dhis2_connection, get_dataset_maps
from corehq.motech.dhis2.forms import Dhis2ConnectionForm, Dhis2ConfigForm
from corehq.motech.dhis2.models import DataValueMap, DataSetMap
from corehq.motech.dhis2.repeaters import Dhis2Repeater
from corehq.motech.dhis2.tasks import send_datasets
from corehq.apps.domain.views.settings import BaseProjectSettingsView
from memoized import memoized
from dimagi.utils.web import json_response
from six.moves import range
from six.moves import map
@method_decorator(require_permission(Permissions.edit_motech), name='dispatch')
@method_decorator(toggles.DHIS2_INTEGRATION.required_decorator(), name='dispatch')
class Dhis2ConnectionView(BaseProjectSettingsView):
urlname = 'dhis2_connection_view'
page_title = ugettext_lazy("DHIS2 Connection Settings")
template_name = 'dhis2/connection_settings.html'
def post(self, request, *args, **kwargs):
form = self.dhis2_connection_form
if form.is_valid():
form.save(self.domain)
get_dhis2_connection.clear(request.domain)
return HttpResponseRedirect(self.page_url)
context = self.get_context_data(**kwargs)
return self.render_to_response(context)
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.export import export_users
from corehq.apps.users.models import CommCareUser
from corehq.apps.users.models import Permissions
from corehq.apps.domain.decorators import login_and_domain_required
DATE_FORMAT = "%Y-%m-%d"
datespan_default = datespan_in_request(
from_param="startdate",
to_param="enddate",
default_days=7,
)
require_form_export_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.export.ExcelExportReport', login_decorator=None)
require_case_export_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.export.CaseExportReport', login_decorator=None)
require_form_view_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.inspect.SubmitHistory', login_decorator=None)
require_case_view_permission = require_permission(Permissions.view_report, 'corehq.apps.reports.standard.cases.basic.CaseListReport', login_decorator=None)
require_can_view_all_reports = require_permission(Permissions.view_reports)
@login_and_domain_required
def default(request, domain):
return HttpResponseRedirect(reverse(saved_reports, args=[domain]))
@login_and_domain_required
def old_saved_reports(request, domain):
return default(request, domain)
from corehq.apps.reminders.forms import CaseReminderForm, ComplexCaseReminderForm, SurveyForm, SurveySampleForm, EditContactForm
from corehq.apps.reminders.models import CaseReminderHandler, CaseReminderEvent, REPEAT_SCHEDULE_INDEFINITELY, EVENT_AS_OFFSET, EVENT_AS_SCHEDULE, SurveyKeyword, Survey, SurveySample, SURVEY_METHOD_LIST, SurveyWave, ON_DATETIME, RECIPIENT_SURVEY_SAMPLE, QUESTION_RETRY_CHOICES
from corehq.apps.users.decorators import require_permission
from corehq.apps.users.models import CouchUser, CommCareUser, Permissions
from .models import UI_SIMPLE_FIXED, UI_COMPLEX
from .util import get_form_list, get_sample_list
from corehq.apps.sms.mixin import VerifiedNumber
from corehq.apps.sms.util import register_sms_contact, update_contact
from corehq.apps.domain.models import DomainCounter
from casexml.apps.case.models import CommCareCase
from dateutil.parser import parse
from corehq.apps.sms.util import close_task
from corehq.apps.groups.models import Group
reminders_permission = require_permission(Permissions.edit_data)
@reminders_permission
def default(request, domain):
return HttpResponseRedirect(reverse('list_reminders', args=[domain]))
@reminders_permission
def list_reminders(request, domain, template="reminders/partial/list_reminders.html"):
handlers = CaseReminderHandler.get_handlers(domain=domain).all()
return render(request, template, {
'domain': domain,
'reminder_handlers': handlers
})
@reminders_permission
def add_reminder(request, domain, handler_id=None, template="reminders/partial/add_reminder.html"):
class BaseProcessUploadedView(BaseMultimediaView):
@property
def username(self):
return self.request.couch_user.username if self.request.couch_user else None
@property
def share_media(self):
return self.request.POST.get('shared') == 't'
@property
def license_used(self):
return self.request.POST.get('license', '')
@property
def author(self):
return self.request.POST.get('author', '')
@property
def attribution_notes(self):
return self.request.POST.get('attribution-notes', '')
@property
@memoized
def uploaded_file(self):
return self.request.FILES.get('Filedata')
@property
@memoized
def mime_type(self):
try:
data = self.uploaded_file.file.read()
return CommCareMultimedia.get_mime_type(data, filename=self.uploaded_file.name)
except Exception as e:
raise BadMediaFileException("There was an error fetching the MIME type of your file. Error: %s" % e)
@method_decorator(require_permission(Permissions.edit_apps, login_decorator=login_with_permission_from_post()))
# YUI js uploader library doesn't support csrf
@csrf_exempt
def dispatch(self, request, *args, **kwargs):
return super(BaseMultimediaView, self).dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
return HttpResponseBadRequest("You may only post to this URL.")
def post(self, request, *args, **kwargs):
self.errors = []
response = {}
try:
self.validate_file()
response.update(self.process_upload())
except BadMediaFileException as e:
self.errors.append(e.message)
response.update({
'errors': self.errors,
})
return HttpResponse(json.dumps(response))
def validate_file(self, replace_diff_ext=False):
raise NotImplementedError("You must validate your uploaded file!")
def process_upload(self):
raise NotImplementedError("You definitely need to implement this guy.")
from corehq.apps.domain.decorators import require_superuser
from ctable.util import get_test_extractor, get_backend, backends
from dimagi.utils.web import json_response
from django.utils.translation import ugettext_noop as _
from django.core.urlresolvers import reverse
from django.http import Http404
from corehq.apps.users.models import Permissions
from corehq.apps.users.decorators import require_permission
from ctable.models import SqlExtractMapping
from django.shortcuts import render, redirect
from ctable.tasks import process_extract
from ctable.util import get_extractor
require_can_edit_sql_mappings = require_permission(Permissions.edit_data)
def _to_kwargs(req):
# unicode can mix this up so have a little utility to do it
# was seeing this only locally, not sure if python / django
# version dependent
return dict((str(k), v) for k, v in json.load(req).items())
@require_superuser
def view(request, domain=None, template='ctable/list_mappings.html'):
if domain:
mappings = SqlExtractMapping.by_domain(domain)
else:
mappings = SqlExtractMapping.all()
