def feed_entries(request, form_code):
user = request.user
try:
if not settings.FEEDS_ENABLED:
return HttpResponse(404)
if invalid_date(request.GET.get('start_date')):
return convert_to_json_response(
{"ERROR_CODE": 102, "ERROR_MESSAGE": 'Invalid Start Date provided'}, 400)
if invalid_date(request.GET.get('end_date')):
return convert_to_json_response(
{"ERROR_CODE": 102, "ERROR_MESSAGE": 'Invalid End Date provided'}, 400)
if lesser_end_date(request.GET.get('end_date'), request.GET.get('start_date')):
return convert_to_json_response(
{"ERROR_CODE": 103, "ERROR_MESSAGE": 'End Date provided is less than Start Date'}, 400)
if _invalid_form_code(request, form_code):
return convert_to_json_response({"ERROR_CODE": 101, "ERROR_MESSAGE": 'Invalid form code provided'}, 400)
dbm = get_database_manager(user)
form_model = get_form_model_by_code(dbm, form_code)
questionnaire_id = form_model.id
if user.is_ngo_admin() or user.is_extended_user() or \
(user.is_project_manager() and has_permission(dbm, user.id, questionnaire_id)):
feed_dbm = get_feeds_database(request.user)
start_date = _parse_date(request.GET['start_date'])
end_date = _parse_date(request.GET['end_date'])
return HttpResponse(stream_feeds(feed_dbm, startkey=[form_code, start_date], endkey=[form_code, end_date]),
content_type='application/json; charset=utf-8')
return convert_to_json_response({"ERROR_CODE": 104, "ERROR_MESSAGE": "You don't have access to this feed"}, 403)
except Exception as e:
logger = logging.getLogger('datawinners')
logger.exception(e)
return HttpResponse(content='Internal Server Error', status=500)
def get_unique_ids_for_form_code(request, form_code):
if request.method == 'GET':
user = request.user
dbm = get_database_manager(user)
response_limit = request.GET.get('limit', 15000)
try:
questionnaire_id = get_form_model_by_code(dbm, form_code).id
except FormModelDoesNotExistsException:
return HttpResponse(status=404)
if user.is_ngo_admin() or user.is_extended_user() or \
(user.is_project_manager() and has_permission(dbm, user.id, questionnaire_id)):
unique_ids, questionnaire_dict = _get_response(
dbm, form_code, user, response_limit)
if unique_ids is None:
return HttpResponse(status=404)
return HttpResponse(json.dumps({
'unique-ids': unique_ids,
'questionnaire': questionnaire_dict
}),
content_type='application/json; charset=UTF-8')
return HttpResponse(
content="Error: You don't have access to the information",
status=403)
def test_should_check_user_has_permission(self):
form_model_id = self._create_sample_questionnaire()
user_permission = UserPermission(self.manager, 1, [form_model_id])
user_permission.save()
self.assertTrue(has_permission(self.manager, 1, form_model_id))
self.assertFalse(has_permission(self.manager, 1, 'some_other_project'))
def wrapper(request, project_id, *args, **kw):
user = request.user
if (user.is_project_manager() or user.is_no_delete_pm()) and not has_permission(get_database_manager(user), user.id, project_id):
return HttpResponseRedirect(django_settings.ACCESS_DENIED_PAGE)
return f(request, project_id, *args, **kw)