def zip_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) dd = DataDictionary.objects.get(id_string=id_string, user=owner) if request.GET.get('raw'): id_string = None # create zip_file tmp = NamedTemporaryFile() z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED) photos = image_urls_for_form(xform) for photo in photos: f = NamedTemporaryFile() req = urllib2.Request(photo) f.write(urllib2.urlopen(req).read()) f.seek(0) z.write(f.name, urlparse(photo).path[1:]) f.close() z.close() if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('zip', id_string, file_path=tmp.name, use_local_filesystem=True) return response
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u"Not shared.")) query = request.GET.get("query") force_xlsx = request.GET.get("xlsx") == "true" xls_df_builder = XLSDataFrameBuilder(username, id_string, query) excel_defs = { "xls": {"suffix": ".xls", "mime_type": "vnd.ms-excel"}, "xlsx": {"suffix": ".xlsx", "mime_type": "vnd.openxmlformats"}, # TODO: check xlsx mime type } ext = "xls" if not force_xlsx else "xlsx" if xls_df_builder.exceeds_xls_limits: ext = "xlsx" try: temp_file = NamedTemporaryFile(suffix=excel_defs[ext]["suffix"]) xls_df_builder.export_to(temp_file.name) if request.GET.get("raw"): id_string = None response = response_with_mimetype_and_name(excel_defs[ext]["mime_type"], id_string, extension=ext) response.write(temp_file.read()) temp_file.seek(0, os.SEEK_END) response["Content-Length"] = temp_file.tell() temp_file.close() return response except NoRecordsFoundError: return HttpResponse(_("No records found to export"))
def download_xlsform(request, username, id_string): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) owner = User.objects.get(username=username) helper_auth_helper(request) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden('Not shared.') file_path = xform.xls.name default_storage = get_storage_class()() if default_storage.exists(file_path): audit = { "xform": xform.id_string } audit_log( Actions.FORM_XLS_DOWNLOADED, request.user, xform.user, _("Downloaded XLS file for form '%(id_string)s'.") % { "id_string": xform.id_string }, audit, request) split_path = file_path.split(os.extsep) extension = 'xls' if len(split_path) > 1: extension = split_path[len(split_path) - 1] response = response_with_mimetype_and_name( 'vnd.ms-excel', id_string, show_date=False, extension=extension, file_path=file_path) return response else: messages.add_message(request, messages.WARNING, _(u'No XLS file for your form ' u'<strong>%(id)s</strong>') % {'id': id_string}) return HttpResponseRedirect("/%s" % username)
def download_xform(request, username, id_string): xform = XForm.objects.get(user__username=username, id_string=id_string) # TODO: protect for users who have settings to use auth response = response_with_mimetype_and_name('xml', id_string, show_date=False) response.content = xform.xml return response
def zip_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden('Not shared.') dd = DataDictionary.objects.get(id_string=id_string, user=owner) if request.GET.get('raw'): id_string = None # create zip_file tmp = NamedTemporaryFile() z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED) photos = image_urls_for_form(xform) for photo in photos: f = NamedTemporaryFile() req = urllib2.Request(photo) f.write(urllib2.urlopen(req).read()) f.seek(0) z.write(f.name, urlparse(photo).path[1:]) f.close() z.close() if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('zip', id_string, file_path=tmp.name, use_local_filesystem=True) return response
def download_metadata(request, username, id_string, data_id): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) owner = xform.user if username == request.user.username or xform.shared: data = get_object_or_404(MetaData, pk=data_id) file_path = data.data_file.name filename, extension = os.path.splitext(file_path.split('/')[-1]) extension = extension.strip('.') dfs = get_storage_class()() if dfs.exists(file_path): audit = { 'xform': xform.id_string } audit_log( Actions.FORM_UPDATED, request.user, owner, _("Document '%(filename)s' for '%(id_string)s' downloaded.") % { 'id_string': xform.id_string, 'filename': "%s.%s" % (filename, extension) }, audit, request) response = response_with_mimetype_and_name( data.data_file_type, filename, extension=extension, show_date=False, file_path=file_path) return response else: return HttpResponseNotFound() return HttpResponseForbidden(_(u'Permission denied.'))
def download_xlsform(request, username, id_string): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) owner = User.objects.get(username=username) helper_auth_helper(request) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden('Not shared.') file_path = xform.xls.name default_storage = get_storage_class()() if default_storage.exists(file_path): audit = {"xform": xform.id_string} audit_log( Actions.FORM_XLS_DOWNLOADED, request.user, xform.user, _("Downloaded XLS file for form '%(id_string)s'.") % {"id_string": xform.id_string}, audit, request) split_path = file_path.split(os.extsep) extension = 'xls' if len(split_path) > 1: extension = split_path[len(split_path) - 1] response = response_with_mimetype_and_name('vnd.ms-excel', id_string, show_date=False, extension=extension, file_path=file_path) return response else: messages.add_message( request, messages.WARNING, _(u'No XLS file for your form ' u'<strong>%(id)s</strong>') % {'id': id_string}) return HttpResponseRedirect("/%s" % username)
def zip_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) if request.GET.get('raw'): id_string = None attachments = Attachment.objects.filter(instance__xform=xform) zip_file = create_attachments_zipfile(attachments) audit = {"xform": xform.id_string, "export_type": Export.ZIP_EXPORT} audit_log( Actions.EXPORT_CREATED, request.user, owner, _("Created ZIP export on '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) # log download as well audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded ZIP export on '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('zip', id_string, file_path=zip_file, use_local_filesystem=True) return response
def export_download(request, username, id_string, export_type, filename): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) # find the export entry in the db export = get_object_or_404(Export, xform=xform, filename=filename) if export_type == Export.GDOC_EXPORT and export.export_url is not None: return HttpResponseRedirect(export.export_url) ext, mime_type = export_def_from_filename(export.filename) audit = { "xform": xform.id_string, "export_type": export.export_type } audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded %(export_type)s export '%(filename)s' on '%(id_string)s'.") %\ { 'export_type': export.export_type.upper(), 'filename': export.filename, 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None basename = os.path.splitext(export.filename)[0] response = response_with_mimetype_and_name( mime_type, name=basename, extension=ext, file_path=export.filepath, show_date=False) return response
def zip_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) if request.GET.get('raw'): id_string = None attachments = Attachment.objects.filter(instance__xform=xform) zip_file = create_attachments_zipfile(attachments) audit = { "xform": xform.id_string, "export_type": Export.ZIP_EXPORT } audit_log( Actions.EXPORT_CREATED, request.user, owner, _("Created ZIP export on '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) # log download as well audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded ZIP export on '%(id_string)s'.") % { 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('zip', id_string, file_path=zip_file, use_local_filesystem=True) return response
def data_export(request, username, id_string, export_type): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") extension = export_type # check if we should force xlsx force_xlsx = request.GET.get('xls') != 'true' if export_type == Export.XLS_EXPORT and force_xlsx: extension = 'xlsx' audit = { "xform": xform.id_string, "export_type": export_type } # check if we need to re-generate, # we always re-generate if a filter is specified if should_create_new_export(xform, export_type) or query: try: export = generate_export( export_type, extension, username, id_string, None, query) audit_log( Actions.EXPORT_CREATED, request.user, owner, _("Created %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) except NoRecordsFoundError: return HttpResponseNotFound(_("No records found to export")) else: export = newset_export_for(xform, export_type) # log download as well audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) if not export.filename: # tends to happen when using newset_export_for. return HttpResponseNotFound("File does not exist!") # get extension from file_path, exporter could modify to # xlsx if it exceeds limits path, ext = os.path.splitext(export.filename) ext = ext[1:] if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
def download_jsonform(request, username, id_string): owner = User.objects.get(username=username) xform = XForm.objects.get(user__username=username, id_string=id_string) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden('Not shared.') response = response_with_mimetype_and_name('json', id_string, show_date=False) response.content = xform.json return response
def download_xform(request, username, id_string): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) # TODO: protect for users who have settings to use auth response = response_with_mimetype_and_name('xml', id_string, show_date=False) response.content = xform.xml return response
def download_metadata(request, username, id_string, data_id): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if username == request.user.username or xform.shared: data = MetaData.objects.get(pk=data_id) return response_with_mimetype_and_name( data.data_file_type, data.data_value, '', None, False, data.data_file.name) return HttpResponseForbidden('Permission denied.')
def download_jsonform(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden("Not shared.") response = response_with_mimetype_and_name("json", id_string, show_date=False) if "callback" in request.GET and request.GET.get("callback") != "": callback = request.GET.get("callback") response.content = "%s(%s)" % (callback, xform.json) else: response.content = xform.json return response
def download_media_data(request, username, id_string, data_id): xform = get_object_or_404( XForm, user__username=username, id_string=id_string) owner = xform.user data = get_object_or_404(MetaData, id=data_id) dfs = get_storage_class()() if request.GET.get('del', False): if username == request.user.username: try: dfs.delete(data.data_file.name) data.delete() audit = { 'xform': xform.id_string } audit_log( Actions.FORM_UPDATED, request.user, owner, _("Media download '%(filename)s' deleted from " "'%(id_string)s'.") % { 'id_string': xform.id_string, 'filename': os.path.basename(data.data_file.name) }, audit, request) return HttpResponseRedirect(reverse(show, kwargs={ 'username': username, 'id_string': id_string })) except Exception: return HttpResponseServerError() else: if username: # == request.user.username or xform.shared: file_path = data.data_file.name filename, extension = os.path.splitext(file_path.split('/')[-1]) extension = extension.strip('.') if dfs.exists(file_path): audit = { 'xform': xform.id_string } audit_log( Actions.FORM_UPDATED, request.user, owner, _("Media '%(filename)s' downloaded from " "'%(id_string)s'.") % { 'id_string': xform.id_string, 'filename': os.path.basename(file_path) }, audit, request) response = response_with_mimetype_and_name( data.data_file_type, filename, extension=extension, show_date=False, file_path=file_path) return response else: return HttpResponseNotFound() return HttpResponseForbidden(_(u'Permission denied.'))
def download_xlsform(request, username, id_string): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) owner = User.objects.get(username=username) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden("Not shared.") file_path = xform.xls.name default_storage = get_storage_class()() if default_storage.exists(file_path): response = response_with_mimetype_and_name( "vnd.ms-excel", id_string, show_date=False, extension="xls", file_path=file_path ) return response else: messages.add_message(request, messages.WARNING, "No XLS file for your form <strong>%s</strong>" % id_string) return HttpResponseRedirect("/%s" % username)
def download_jsonform(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user__username=username, id_string=id_string) helper_auth_helper(request) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden(_(u'Not shared.')) response = response_with_mimetype_and_name('json', id_string, show_date=False) if 'callback' in request.GET and request.GET.get('callback') != '': callback = request.GET.get('callback') response.content = "%s(%s)" % (callback, xform.json) else: response.content = xform.json return response
def download_jsonform(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden('Not shared.') response = response_with_mimetype_and_name('json', id_string, show_date=False) if 'callback' in request.GET and request.GET.get('callback') != '': callback = request.GET.get('callback') response.content = "%s(%s)" % (callback, xform.json) else: response.content = xform.json return response
def download_metadata(request, username, id_string, data_id): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if username == request.user.username or xform.shared: data = get_object_or_404(MetaData, pk=data_id) file_path = data.data_file.name filename, extension = os.path.splitext(file_path.split("/")[-1]) extension = extension.strip(".") default_storage = get_storage_class()() if default_storage.exists(file_path): response = response_with_mimetype_and_name( data.data_file_type, filename, extension=extension, show_date=False, file_path=file_path ) return response else: return HttpResponseNotFound() return HttpResponseForbidden(_(u"Permission denied."))
def export_download(request, username, id_string, export_type, filename): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) # find the export entry in the db export = get_object_or_404(Export, xform=xform, filename=filename) ext, mime_type = export_def_from_filename(export.filename) if request.GET.get('raw'): id_string = None basename = os.path.splitext(export.filename)[0] response = response_with_mimetype_and_name(mime_type, name=basename, extension=ext, file_path=export.filepath, show_date=False) return response
def csv_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden('Not shared.') valid, dd = dd_for_params(id_string, owner, request) if not valid: return dd writer = CsvWriter(dd, dd.get_data_for_excel(), dd.get_keys(),\ dd.get_variable_name) file_path = writer.get_default_file_path() writer.write_to_file(file_path) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('application/csv', id_string, extension='csv', file_path=file_path, use_local_filesystem=True) return response
def csv_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden("Not shared.") valid, dd = dd_for_params(id_string, owner, request) if not valid: return dd writer = CsvWriter(dd, dd.get_data_for_excel(), dd.get_keys(), dd.get_variable_name) file_path = writer.get_default_file_path() writer.write_to_file(file_path) if request.GET.get("raw"): id_string = None response = response_with_mimetype_and_name( "application/csv", id_string, extension="csv", file_path=file_path, use_local_filesystem=True ) return response
def zip_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) dd = DataDictionary.objects.get(id_string=id_string, user=owner) if request.GET.get('raw'): id_string = None # create zip_file tmp = NamedTemporaryFile() z = zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED) photos = image_urls_for_form(xform) for photo in photos: f = NamedTemporaryFile() req = urllib2.Request(photo) f.write(urllib2.urlopen(req).read()) f.seek(0) z.write(f.name, urlparse(photo).path[1:]) f.close() z.close() audit = { "xform": xform.id_string, "export_type": Export.ZIP_EXPORT } audit_log(Actions.EXPORT_CREATED, request.user, owner, _("Created ZIP export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) # log download as well audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded ZIP export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('zip', id_string, file_path=tmp.name, use_local_filesystem=True) return response
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden('Not shared.') valid, dd = dd_for_params(id_string, owner, request) if not valid: return dd ddw = XlsWriter() ddw.set_data_dictionary(dd) temp_file = ddw.save_workbook_to_file() if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('vnd.ms-excel', id_string, extension='xls') response.write(temp_file.getvalue()) temp_file.seek(0, os.SEEK_END) response['Content-Length'] = temp_file.tell() temp_file.close() return response
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden("Not shared.") valid, dd = dd_for_params(id_string, owner, request) if not valid: return dd ddw = XlsWriter() ddw.set_data_dictionary(dd) temp_file = ddw.save_workbook_to_file() if request.GET.get("raw"): id_string = None response = response_with_mimetype_and_name("vnd.ms-excel", id_string, extension="xls") response.write(temp_file.getvalue()) temp_file.seek(0, os.SEEK_END) response["Content-Length"] = temp_file.tell() temp_file.close() return response
def xls_export(request, username, id_string): owner = User.objects.get(username=username) xform = XForm.objects.get(id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden('Not shared.') valid, dd = dd_for_params(id_string, owner, request) if not valid: return dd ddw = XlsWriter() ddw.set_data_dictionary(dd) temp_file = ddw.save_workbook_to_file() if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name('vnd.ms-excel', id_string, extension='xls') response.write(temp_file.getvalue()) temp_file.seek(0, os.SEEK_END) response['Content-Length'] = temp_file.tell() temp_file.close() return response
def download_xform(request, username, id_string): user = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user=user, id_string=id_string) profile, created =\ UserProfile.objects.get_or_create(user=user) if profile.require_auth: authenticator = HttpDigestAuthenticator() if not authenticator.authenticate(request): return authenticator.build_challenge_response() audit = {"xform": xform.id_string} audit_log( Actions.FORM_XML_DOWNLOADED, request.user, xform.user, _("Downloaded XML for form '%(id_string)s'.") % {"id_string": xform.id_string}, audit, request) response = response_with_mimetype_and_name('xml', id_string, show_date=False) response.content = xform.xml return response
def csv_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") ext = Export.CSV_EXPORT try: export = generate_export(Export.CSV_EXPORT, ext, username, id_string, None, query) except NoRecordsFoundError: return HttpResponse(_("No records found to export")) else: if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
def download_xlsform(request, username, id_string): xform = get_object_or_404(XForm, user__username=username, id_string=id_string) owner = User.objects.get(username=username) if not has_permission(xform, owner, request, xform.shared): return HttpResponseForbidden('Not shared.') file_path = xform.xls.name default_storage = get_storage_class()() if default_storage.exists(file_path): response = response_with_mimetype_and_name('vnd.ms-excel', id_string, show_date=False, extension='xls', file_path=file_path) return response else: messages.add_message( request, messages.WARNING, 'No XLS file for your form <strong>%s</strong>' % id_string) return HttpResponseRedirect("/%s" % username)
def csv_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u"Not shared.")) query = request.GET.get("query") csv_dataframe_builder = CSVDataFrameBuilder(username, id_string, query) try: temp_file = NamedTemporaryFile(suffix=".csv") csv_dataframe_builder.export_to(temp_file) if request.GET.get("raw"): id_string = None response = response_with_mimetype_and_name("application/csv", id_string, extension="csv") temp_file.seek(0) response.write(temp_file.read()) temp_file.seek(0, os.SEEK_END) response["Content-Length"] = temp_file.tell() temp_file.close() return response except NoRecordsFoundError: return HttpResponse(_("No records found to export"))
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") force_xlsx = request.GET.get('xlsx') == 'true' ext = 'xls' if not force_xlsx else 'xlsx' try: export = generate_export( Export.XLS_EXPORT, ext, username, id_string, None, query) except NoRecordsFoundError: return HttpResponse(_("No records found to export")) else: audit = { "xform": xform.id_string, "export_type": Export.XLS_EXPORT } audit_log(Actions.EXPORT_CREATED, request.user, owner, _("Created XLS export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) # log download as well audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded XLS export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) # get extension from file_path, exporter could modify to # xlsx if it exceeds limits path, ext = os.path.splitext(export.filename) ext = ext[1:] if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
def export_download(request, username, id_string, export_type, filename): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) # find the export entry in the db export = get_object_or_404(Export, xform=xform, filename=filename) if export_type == Export.GDOC_EXPORT and export.export_url is not None: return HttpResponseRedirect(export.export_url) ext, mime_type = export_def_from_filename(export.filename) audit = { "xform": xform.id_string, "export_type": export.export_type } audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded %(export_type)s export '%(filename)s' " "on '%(id_string)s'.") % { 'export_type': export.export_type.upper(), 'filename': export.filename, 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None default_storage = get_storage_class()() if not isinstance(default_storage, FileSystemStorage): return HttpResponseRedirect(default_storage.url(export.filepath)) basename = os.path.splitext(export.filename)[0] response = response_with_mimetype_and_name( mime_type, name=basename, extension=ext, file_path=export.filepath, show_date=False) return response
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") force_xlsx = request.GET.get('xlsx') == 'true' ext = 'xls' if not force_xlsx else 'xlsx' try: export = generate_export(Export.XLS_EXPORT, ext, username, id_string, None, query) except NoRecordsFoundError: return HttpResponse(_("No records found to export")) else: # get extension from file_path, exporter could modify to xlsx if it exceeds limits path, ext = os.path.splitext(export.filename) ext = ext[1:] if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
def download_xform(request, username, id_string): user = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user=user, id_string=id_string) profile, created =\ UserProfile.objects.get_or_create(user=user) if profile.require_auth: response = helper_auth_helper(request) if response: return response audit = { "xform": xform.id_string } audit_log(Actions.FORM_XML_DOWNLOADED, request.user, xform.user, _("Downloaded XML for form '%(id_string)s'.") %\ { "id_string": xform.id_string }, audit, request) response = response_with_mimetype_and_name('xml', id_string, show_date=False) response.content = xform.xml return response
def csv_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") ext = Export.CSV_EXPORT try: export = generate_export( Export.CSV_EXPORT, ext, username, id_string, None, query) except NoRecordsFoundError: return HttpResponse(_("No records found to export")) else: audit = { "xform": xform.id_string, "export_type": Export.CSV_EXPORT } audit_log(Actions.EXPORT_CREATED, request.user, owner, _("Created CSV export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) # log download as well audit_log(Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded CSV export on '%(id_string)s'.") %\ { 'id_string': xform.id_string, }, audit, request) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
def download_xform(request, username, id_string): user = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, user=user, id_string=id_string) profile, created =\ UserProfile.objects.get_or_create(user=user) if profile.require_auth: authenticator = HttpDigestAuthenticator() if not authenticator.authenticate(request): return authenticator.build_challenge_response() audit = { "xform": xform.id_string } audit_log( Actions.FORM_XML_DOWNLOADED, request.user, xform.user, _("Downloaded XML for form '%(id_string)s'.") % { "id_string": xform.id_string }, audit, request) response = response_with_mimetype_and_name('xml', id_string, show_date=False) response.content = xform.xml return response
def xls_export(request, username, id_string): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") force_xlsx = request.GET.get('xlsx') == 'true' xls_df_builder = XLSDataFrameBuilder(username, id_string, query) excel_defs = { 'xls': { 'suffix': '.xls', 'mime_type': 'vnd.ms-excel' }, 'xlsx': { 'suffix': '.xlsx', 'mime_type': 'vnd.openxmlformats' # TODO: check xlsx mime type } } ext = 'xls' if not force_xlsx else 'xlsx' if xls_df_builder.exceeds_xls_limits: ext = 'xlsx' try: temp_file = NamedTemporaryFile(suffix=excel_defs[ext]['suffix']) xls_df_builder.export_to(temp_file.name) if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name(excel_defs[ext]['mime_type'], id_string, extension=ext) response.write(temp_file.read()) temp_file.seek(0, os.SEEK_END) response['Content-Length'] = temp_file.tell() temp_file.close() return response except NoRecordsFoundError: return HttpResponse(_("No records found to export"))
def data_export(request, username, id_string, export_type): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") extension = export_type # check if we should force xlsx force_xlsx = request.GET.get('xls') != 'true' if export_type == Export.XLS_EXPORT and force_xlsx: extension = 'xlsx' elif export_type == Export.CSV_ZIP_EXPORT: extension = 'zip' audit = { "xform": xform.id_string, "export_type": export_type } # check if we need to re-generate, # we always re-generate if a filter is specified if should_create_new_export(xform, export_type) or query or\ 'start' in request.GET or 'end' in request.GET: format_date_for_mongo = lambda x, datetime: datetime.strptime( x, '%y_%m_%d_%H_%M_%S').strftime('%Y-%m-%dT%H:%M:%S') # check for start and end params if 'start' in request.GET or 'end' in request.GET: if not query: query = '{}' query = json.loads(query) query[SUBMISSION_TIME] = {} try: if request.GET.get('start'): query[SUBMISSION_TIME]['$gte'] = format_date_for_mongo( request.GET['start'], datetime) if request.GET.get('end'): query[SUBMISSION_TIME]['$lte'] = format_date_for_mongo( request.GET['end'], datetime) except ValueError: return HttpResponseBadRequest( _("Dates must be in the format YY_MM_DD_hh_mm_ss")) else: query = json.dumps(query) try: export = generate_export( export_type, extension, username, id_string, None, query) audit_log( Actions.EXPORT_CREATED, request.user, owner, _("Created %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) except NoRecordsFoundError: return HttpResponseNotFound(_("No records found to export")) else: export = newset_export_for(xform, export_type) # log download as well audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) if not export.filename: # tends to happen when using newset_export_for. return HttpResponseNotFound("File does not exist!") # get extension from file_path, exporter could modify to # xlsx if it exceeds limits path, ext = os.path.splitext(export.filename) ext = ext[1:] if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name( Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response
data.delete() return HttpResponseRedirect(reverse(show, kwargs={ 'username': username, 'id_string': id_string })) xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if username == request.user.username or xform.shared: data = get_object_or_404(MetaData, pk=data_id) file_path = data.data_file.name filename, extension = os.path.splitext(file_path.split('/')[-1]) extension = extension.strip('.') default_storage = get_storage_class()() if default_storage.exists(file_path): response = response_with_mimetype_and_name( data.data_file_type, filename, extension=extension, show_date=False, file_path=file_path) return response else: return HttpResponseNotFound() return HttpResponseForbidden(_(u'Permission denied.')) def download_media_data(request, username, id_string, data_id): data = get_object_or_404(MetaData, id=data_id) default_storage = get_storage_class()() if request.GET.get('del', False) and username == request.user.username: try: default_storage.delete(data.data_file.name) data.delete() return HttpResponseRedirect(reverse(show, kwargs={
return HttpResponseServerError() elif request.GET.get('map_name_del', False) and \ username == request.user.username: data.delete() return HttpResponseRedirect(reverse(show, kwargs={ 'username': username, 'id_string': id_string })) xform = get_object_or_404(XForm, user__username=username, id_string=id_string) if username == request.user.username or xform.shared: data = get_object_or_404(MetaData, pk=data_id) file_path = data.data_file.name default_storage = get_storage_class()() if default_storage.exists(file_path): response = response_with_mimetype_and_name(data.data_file_type, data.data_value, show_date=False, file_path=file_path) return response else: return HttpResponseNotFound() return HttpResponseForbidden('Permission denied.') def download_media_data(request, username, id_string, data_id): data = get_object_or_404(MetaData, id=data_id) default_storage = get_storage_class()() if request.GET.get('del', False) and username == request.user.username: try: default_storage.delete(data.data_file.name) data.delete() return HttpResponseRedirect(reverse(show, kwargs={ 'username': username, 'id_string': id_string
def data_export(request, username, id_string, export_type): owner = get_object_or_404(User, username=username) xform = get_object_or_404(XForm, id_string=id_string, user=owner) helper_auth_helper(request) if not has_permission(xform, owner, request): return HttpResponseForbidden(_(u'Not shared.')) query = request.GET.get("query") extension = export_type # check if we should force xlsx force_xlsx = request.GET.get('xls') != 'true' if export_type == Export.XLS_EXPORT and force_xlsx: extension = 'xlsx' elif export_type == Export.CSV_ZIP_EXPORT: extension = 'zip' audit = {"xform": xform.id_string, "export_type": export_type} # check if we need to re-generate, # we always re-generate if a filter is specified if should_create_new_export(xform, export_type) or query or\ 'start' in request.GET or 'end' in request.GET: format_date_for_mongo = lambda x, datetime: datetime.strptime( x, '%y_%m_%d_%H_%M_%S').strftime('%Y-%m-%dT%H:%M:%S') # check for start and end params if 'start' in request.GET or 'end' in request.GET: if not query: query = '{}' query = json.loads(query) query[SUBMISSION_TIME] = {} try: if request.GET.get('start'): query[SUBMISSION_TIME]['$gte'] = format_date_for_mongo( request.GET['start'], datetime) if request.GET.get('end'): query[SUBMISSION_TIME]['$lte'] = format_date_for_mongo( request.GET['end'], datetime) except ValueError: return HttpResponseBadRequest( _("Dates must be in the format YY_MM_DD_hh_mm_ss")) else: query = json.dumps(query) try: export = generate_export(export_type, extension, username, id_string, None, query) audit_log( Actions.EXPORT_CREATED, request.user, owner, _("Created %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) except NoRecordsFoundError: return HttpResponseNotFound(_("No records found to export")) else: export = newset_export_for(xform, export_type) # log download as well audit_log( Actions.EXPORT_DOWNLOADED, request.user, owner, _("Downloaded %(export_type)s export on '%(id_string)s'.") % { 'id_string': xform.id_string, 'export_type': export_type.upper() }, audit, request) if not export.filename: # tends to happen when using newset_export_for. return HttpResponseNotFound("File does not exist!") # get extension from file_path, exporter could modify to # xlsx if it exceeds limits path, ext = os.path.splitext(export.filename) ext = ext[1:] if request.GET.get('raw'): id_string = None response = response_with_mimetype_and_name(Export.EXPORT_MIMES[ext], id_string, extension=ext, file_path=export.filepath) return response