0001-add-anonymise-parameter-to-JSON-exports-of-formdata-.patch
wcs/backoffice/management.py | ||
---|---|---|
1423 | 1423 |
return exporter.output.getvalue() |
1424 | 1424 | |
1425 | 1425 |
def json(self): |
1426 |
anonymise = 'anonymise' in get_request().form |
|
1426 | 1427 |
self.check_access() |
1427 | 1428 |
get_response().set_content_type('application/json') |
1428 |
user = get_user_from_api_query_string() or get_request().user |
|
1429 |
user = get_user_from_api_query_string() or get_request().user if not anonymise else None
|
|
1429 | 1430 |
selected_filter = self.get_filter_from_query(default='all') |
1430 | 1431 |
criterias = self.get_criterias_from_query() |
1431 | 1432 |
order_by = get_request().form.get('order_by', None) |
1432 |
query = get_request().form.get('q') |
|
1433 |
query = get_request().form.get('q') if not anonymise else None
|
|
1433 | 1434 |
items, total_count = FormDefUI(self.formdef).get_listing_items( |
1434 | 1435 |
selected_filter, user=user, query=query, criterias=criterias, |
1435 |
order_by=order_by) |
|
1436 |
order_by=order_by, anonymise=anonymise)
|
|
1436 | 1437 |
if get_request().form.get('full') == 'on': |
1437 |
output = [filled.get_json_export_dict(include_files=False) for filled in items] |
|
1438 |
output = [filled.get_json_export_dict(include_files=False, anonymise=anonymise) |
|
1439 |
for filled in items] |
|
1438 | 1440 |
else: |
1439 | 1441 |
output = [{'id': filled.id, |
1440 | 1442 |
'url': filled.get_url(), |
wcs/formdata.py | ||
---|---|---|
97 | 97 |
del d[k] |
98 | 98 | |
99 | 99 | |
100 |
def get_json_dict(fields, data, include_files=True): |
|
100 |
def get_json_dict(fields, data, include_files=True, anonymise=False):
|
|
101 | 101 |
new_data = {} |
102 | 102 |
for field in fields: |
103 |
if anonymise and field.anonymise: |
|
104 |
continue |
|
103 | 105 |
if not field.varname: # exports only named fields |
104 | 106 |
continue |
105 | 107 |
if not include_files and isinstance(field, FileField): |
... | ... | |
674 | 676 |
evo.parts = None |
675 | 677 |
self.store() |
676 | 678 | |
677 |
def get_json_export_dict(self, include_files=True): |
|
679 |
def get_json_export_dict(self, include_files=True, anonymise=False):
|
|
678 | 680 |
data = {} |
679 | 681 |
data['id'] = '%s/%s' % (self.formdef.url_name, self.id) |
680 | 682 |
data['display_id'] = self.get_display_id() |
... | ... | |
686 | 688 |
data['criticality_level'] = self.criticality_level |
687 | 689 |
data['url'] = self.get_url() |
688 | 690 | |
689 |
try: |
|
690 |
user = get_publisher().user_class.get(self.user_id) |
|
691 |
except KeyError: |
|
692 |
user = None |
|
693 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
694 |
# is done through the VoteAnonymity field, this is very specific but |
|
695 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
696 |
# clear at the moment what could be useful. |
|
697 |
for f in self.formdef.fields: |
|
698 |
if f.key == 'vote-anonymity': |
|
691 |
if not anonymise: |
|
692 |
try: |
|
693 |
user = get_publisher().user_class.get(self.user_id) |
|
694 |
except KeyError: |
|
699 | 695 |
user = None |
700 |
break |
|
701 |
if user: |
|
702 |
data['user'] = {'id': user.id, 'name': user.display_name} |
|
703 |
if user.email: |
|
704 |
data['user']['email'] = user.email |
|
705 |
if user.name_identifiers: |
|
706 |
data['user']['NameID'] = user.name_identifiers |
|
696 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
697 |
# is done through the VoteAnonymity field, this is very specific but |
|
698 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
699 |
# clear at the moment what could be useful. |
|
700 |
for f in self.formdef.fields: |
|
701 |
if f.key == 'vote-anonymity': |
|
702 |
user = None |
|
703 |
break |
|
704 |
if user: |
|
705 |
data['user'] = {'id': user.id, 'name': user.display_name} |
|
706 |
if user.email: |
|
707 |
data['user']['email'] = user.email |
|
708 |
if user.name_identifiers: |
|
709 |
data['user']['NameID'] = user.name_identifiers |
|
707 | 710 | |
708 | 711 |
data['fields'] = get_json_dict(self.formdef.fields, self.data, |
709 |
include_files=include_files) |
|
712 |
include_files=include_files, anonymise=anonymise)
|
|
710 | 713 | |
711 | 714 |
data['workflow'] = {} |
712 | 715 |
wf_status = self.get_visible_status() |
713 | 716 |
if wf_status: |
714 | 717 |
data['workflow']['status'] = {'id': wf_status.id, 'name': wf_status.name} |
715 |
if self.workflow_data: |
|
718 |
# Workflow data have unknown purpose, do not store them in anonymised export |
|
719 |
if self.workflow_data and not anonymise: |
|
716 | 720 |
data['workflow']['data'] = self.workflow_data |
717 | 721 | |
718 | 722 |
# add a roles dictionary, with workflow functions and two special |
... | ... | |
744 | 748 | |
745 | 749 |
return data |
746 | 750 | |
747 |
def export_to_json(self, include_files=True): |
|
748 |
data = self.get_json_export_dict(include_files=include_files) |
|
751 |
def export_to_json(self, include_files=True, anonymise=False):
|
|
752 |
data = self.get_json_export_dict(include_files=include_files, anonymise=anonymise)
|
|
749 | 753 |
return json.dumps(data, |
750 | 754 |
cls=qommon.misc.JSONEncoder, |
751 | 755 |
encoding=get_publisher().site_charset) |
wcs/forms/backoffice.py | ||
---|---|---|
143 | 143 |
return r.getvalue() |
144 | 144 | |
145 | 145 |
def get_listing_items(self, selected_filter='all', offset=None, |
146 |
limit=None, query=None, order_by=None, user=None, criterias=None): |
|
146 |
limit=None, query=None, order_by=None, user=None, criterias=None, anonymise=False):
|
|
147 | 147 |
formdata_class = self.formdef.data_class() |
148 | 148 |
if selected_filter == 'all': |
149 | 149 |
item_ids = formdata_class.keys() |
... | ... | |
172 | 172 |
select_ids = [x.id for x in formdata_class.select(clause=criterias)] |
173 | 173 |
item_ids = list(set(item_ids).intersection(select_ids)) |
174 | 174 | |
175 |
if item_ids: |
|
175 |
if item_ids and not anonymise:
|
|
176 | 176 |
# as we are in the backoffice, we don't have to care about the |
177 | 177 |
# situation where the user is the submitter, and we limit ourselves |
178 | 178 |
# to consider treating roles. |
... | ... | |
185 | 185 |
'concerned_roles', str(role))) |
186 | 186 |
item_ids = list(set(item_ids).intersection(concerned_ids)) |
187 | 187 | |
188 |
if order_by: |
|
188 |
if order_by and not anonymise:
|
|
189 | 189 |
ordered_ids = formdata_class.get_sorted_ids(order_by) |
190 | 190 |
new_item_ids = [] |
191 | 191 |
for item_id in ordered_ids: |
wcs/forms/common.py | ||
---|---|---|
21 | 21 |
from quixote.directory import Directory |
22 | 22 |
from quixote.html import TemplateIO, htmltext |
23 | 23 | |
24 |
from wcs.api_utils import get_user_from_api_query_string |
|
24 |
from wcs.api_utils import get_user_from_api_query_string, is_url_signed
|
|
25 | 25 |
from wcs.fields import WidgetField, FileField |
26 | 26 |
from wcs import file_validation |
27 | 27 |
from wcs.workflows import EditableWorkflowStatusItem |
... | ... | |
135 | 135 |
session = get_session() |
136 | 136 |
mine = False |
137 | 137 |
if api_call: |
138 |
user = get_user_from_api_query_string() or get_request().user |
|
138 |
if 'anonymise' in get_request().form: |
|
139 |
if is_url_signed() or (get_request().user and get_request().user.is_admin): |
|
140 |
return None |
|
141 |
else: |
|
142 |
raise errors.AccessUnauthorizedError() |
|
143 |
else: |
|
144 |
user = get_user_from_api_query_string() or get_request().user |
|
139 | 145 |
else: |
140 | 146 |
user = get_request().user |
141 | 147 |
if user and not user.anonymous: |
142 | 148 |
if self.filled.is_submitter(user): |
143 | 149 |
mine = True |
144 | 150 |
else: |
145 |
if get_session() and get_session().is_anonymous_submitter(self.filled):
|
|
151 |
if session and session.is_anonymous_submitter(self.filled):
|
|
146 | 152 |
mine = True |
147 | 153 | |
148 | 154 |
self.check_receiver() |
... | ... | |
150 | 156 | |
151 | 157 |
def json(self): |
152 | 158 |
self.check_auth(api_call=True) |
153 |
return self.export_to_json() |
|
159 |
anonymise = 'anonymise' in get_request().form |
|
160 |
return self.export_to_json(anonymise=anonymise) |
|
154 | 161 | |
155 | 162 |
def workflow_messages(self): |
156 | 163 |
if self.formdef.workflow: |
... | ... | |
250 | 257 |
r += self.form_status_buttons() |
251 | 258 |
return r.getvalue() |
252 | 259 | |
253 |
def export_to_json(self): |
|
260 |
def export_to_json(self, anonymise=False):
|
|
254 | 261 |
get_response().set_content_type('application/json') |
255 |
return self.filled.export_to_json() |
|
262 |
return self.filled.export_to_json(anonymise=anonymise)
|
|
256 | 263 | |
257 | 264 |
def form_status_buttons(self): |
258 | 265 |
if not get_response().iframe_mode: |
259 |
- |