53 |
53 |
UnknownNameIdAccessForbiddenError,
|
54 |
54 |
)
|
55 |
55 |
from .qommon.form import ComputedExpressionWidget
|
56 |
|
from .qommon.storage import Contains, Equal, Intersects, Or, StrictNotEqual
|
|
56 |
from .qommon.storage import Contains, Equal, Intersects, NotContains, Or, StrictNotEqual
|
57 |
57 |
from .qommon.template import Template, TemplateError
|
58 |
58 |
|
59 |
59 |
|
... | ... | |
913 |
913 |
user_info['user_roles'] = [x.get_json_export_dict() for x in user_roles if x]
|
914 |
914 |
return json.dumps(user_info, cls=misc.JSONEncoder)
|
915 |
915 |
|
916 |
|
def get_user_forms(self, user):
|
|
916 |
def get_user_forms(self, user, include_drafts=False, include_non_drafts=True):
|
917 |
917 |
if not (FormDef.exists()):
|
918 |
918 |
# early return, this avoids running a query against a missing SQL view.
|
919 |
919 |
return []
|
... | ... | |
954 |
954 |
else:
|
955 |
955 |
return HttpResponseBadRequest('invalid status parameter value')
|
956 |
956 |
|
|
957 |
if include_drafts:
|
|
958 |
disabled_formdef_ids = [formdef.id for formdef in FormDef.select() if formdef.is_disabled()]
|
|
959 |
if disabled_formdef_ids:
|
|
960 |
criterias.append(
|
|
961 |
Or(
|
|
962 |
[
|
|
963 |
StrictNotEqual('status', 'draft'),
|
|
964 |
NotContains('formdef_id', disabled_formdef_ids),
|
|
965 |
]
|
|
966 |
)
|
|
967 |
)
|
|
968 |
else:
|
|
969 |
criterias.append(StrictNotEqual('status', 'draft'))
|
|
970 |
|
|
971 |
if not include_non_drafts:
|
|
972 |
criterias.append(Equal('status', 'draft'))
|
|
973 |
|
957 |
974 |
user_forms = sql.AnyFormData.select(
|
958 |
975 |
criterias,
|
959 |
976 |
limit=misc.get_int_or_400(get_request().form.get('limit')),
|
... | ... | |
1010 |
1027 |
return self.forms(include_drafts=True, include_non_drafts=False)
|
1011 |
1028 |
|
1012 |
1029 |
def forms(self, include_drafts=False, include_non_drafts=True):
|
|
1030 |
include_drafts = include_drafts or get_query_flag('include-drafts')
|
|
1031 |
|
1013 |
1032 |
get_response().set_content_type('application/json')
|
1014 |
1033 |
try:
|
1015 |
1034 |
user = self.user or get_user_from_api_query_string() or get_request().user
|
... | ... | |
1024 |
1043 |
if query_user and query_user.is_api_user and query_user.api_access.restrict_to_anonymised_data:
|
1025 |
1044 |
raise AccessForbiddenError('restricted API access')
|
1026 |
1045 |
|
1027 |
|
forms = self.get_user_forms(user)
|
|
1046 |
forms = self.get_user_forms(
|
|
1047 |
user, include_drafts=include_drafts, include_non_drafts=include_non_drafts
|
|
1048 |
)
|
1028 |
1049 |
|
1029 |
1050 |
if self.user:
|
1030 |
1051 |
# call to /api/users/<id>/forms, this returns the forms of the
|
... | ... | |
1048 |
1069 |
# ignore confidential forms
|
1049 |
1070 |
forms = [x for x in forms if x.readable or not x.formdef.skip_from_360_view]
|
1050 |
1071 |
|
1051 |
|
include_drafts = include_drafts or get_query_flag('include-drafts')
|
1052 |
1072 |
result = []
|
1053 |
1073 |
for form in forms:
|
1054 |
1074 |
if form.is_draft():
|
1055 |
|
-
|