53 |
53 |
UnknownNameIdAccessForbiddenError,
|
54 |
54 |
)
|
55 |
55 |
from .qommon.form import ComputedExpressionWidget
|
56 |
|
from .qommon.storage import Contains, Equal, Intersects, Or, StrictNotEqual
|
|
56 |
from .qommon.storage import Contains, Equal, Intersects, NotContains, Or, StrictNotEqual
|
57 |
57 |
from .qommon.template import Template, TemplateError
|
58 |
58 |
|
59 |
59 |
|
... | ... | |
907 |
907 |
user_info['user_roles'] = [x.get_json_export_dict() for x in user_roles if x]
|
908 |
908 |
return json.dumps(user_info, cls=misc.JSONEncoder)
|
909 |
909 |
|
910 |
|
def get_user_forms(self, user):
|
|
910 |
def get_user_forms(self, user, include_drafts=False, include_non_drafts=True):
|
911 |
911 |
if not (FormDef.exists()):
|
912 |
912 |
# early return, this avoids running a query against a missing SQL view.
|
913 |
913 |
return []
|
... | ... | |
948 |
948 |
else:
|
949 |
949 |
return HttpResponseBadRequest('invalid status parameter value')
|
950 |
950 |
|
|
951 |
if include_drafts:
|
|
952 |
disabled_formdef_ids = [formdef.id for formdef in FormDef.select() if formdef.is_disabled()]
|
|
953 |
if disabled_formdef_ids:
|
|
954 |
criterias.append(
|
|
955 |
Or(
|
|
956 |
[
|
|
957 |
StrictNotEqual('status', 'draft'),
|
|
958 |
NotContains('formdef_id', disabled_formdef_ids),
|
|
959 |
]
|
|
960 |
)
|
|
961 |
)
|
|
962 |
else:
|
|
963 |
criterias.append(StrictNotEqual('status', 'draft'))
|
|
964 |
|
|
965 |
if not include_non_drafts:
|
|
966 |
criterias.append(Equal('status', 'draft'))
|
|
967 |
|
951 |
968 |
user_forms = sql.AnyFormData.select(
|
952 |
969 |
criterias,
|
953 |
970 |
limit=misc.get_int_or_400(get_request().form.get('limit')),
|
... | ... | |
1004 |
1021 |
return self.forms(include_drafts=True, include_non_drafts=False)
|
1005 |
1022 |
|
1006 |
1023 |
def forms(self, include_drafts=False, include_non_drafts=True):
|
|
1024 |
include_drafts = include_drafts or get_query_flag('include-drafts')
|
|
1025 |
|
1007 |
1026 |
get_response().set_content_type('application/json')
|
1008 |
1027 |
try:
|
1009 |
1028 |
user = self.user or get_user_from_api_query_string() or get_request().user
|
... | ... | |
1018 |
1037 |
if query_user and query_user.is_api_user and query_user.api_access.restrict_to_anonymised_data:
|
1019 |
1038 |
raise AccessForbiddenError('restricted API access')
|
1020 |
1039 |
|
1021 |
|
forms = self.get_user_forms(user)
|
|
1040 |
forms = self.get_user_forms(
|
|
1041 |
user, include_drafts=include_drafts, include_non_drafts=include_non_drafts
|
|
1042 |
)
|
1022 |
1043 |
|
1023 |
1044 |
if self.user:
|
1024 |
1045 |
# call to /api/users/<id>/forms, this returns the forms of the
|
... | ... | |
1042 |
1063 |
# ignore confidential forms
|
1043 |
1064 |
forms = [x for x in forms if x.readable or not x.formdef.skip_from_360_view]
|
1044 |
1065 |
|
1045 |
|
include_drafts = include_drafts or get_query_flag('include-drafts')
|
1046 |
1066 |
result = []
|
1047 |
1067 |
for form in forms:
|
1048 |
1068 |
if form.is_draft():
|
1049 |
|
-
|