0001-add-anonymise-parameter-to-JSON-exports-of-formdata-.patch
| wcs/backoffice/management.py | ||
|---|---|---|
| 1331 | 1331 |
return exporter.output.getvalue() |
| 1332 | 1332 | |
| 1333 | 1333 |
def json(self): |
| 1334 |
anonymise = 'anonymise' in get_request().form |
|
| 1334 | 1335 |
self.check_access() |
| 1335 | 1336 |
get_response().set_content_type('application/json')
|
| 1336 | 1337 |
from wcs.api import get_user_from_api_query_string |
| 1337 |
user = get_user_from_api_query_string() or get_request().user |
|
| 1338 |
user = get_user_from_api_query_string() or get_request().user if not anonymise else None
|
|
| 1338 | 1339 |
selected_filter = self.get_filter_from_query(default='all') |
| 1339 | 1340 |
criterias = self.get_criterias_from_query() |
| 1340 | 1341 |
order_by = get_request().form.get('order_by', None)
|
| 1341 |
query = get_request().form.get('q')
|
|
| 1342 |
query = get_request().form.get('q') if not anonymise else None
|
|
| 1342 | 1343 |
items, total_count = FormDefUI(self.formdef).get_listing_items( |
| 1343 | 1344 |
selected_filter, user=user, query=query, criterias=criterias, |
| 1344 |
order_by=order_by) |
|
| 1345 |
order_by=order_by, anonymise=anonymise)
|
|
| 1345 | 1346 |
if get_request().form.get('full') == 'on':
|
| 1346 |
output = [filled.get_json_export_dict(include_files=False) for filled in items] |
|
| 1347 |
output = [filled.get_json_export_dict(include_files=False, anonymise=anonymise) |
|
| 1348 |
for filled in items] |
|
| 1347 | 1349 |
else: |
| 1348 | 1350 |
output = [{'id': filled.id,
|
| 1349 | 1351 |
'url': filled.get_url(), |
| wcs/formdata.py | ||
|---|---|---|
| 97 | 97 |
del d[k] |
| 98 | 98 | |
| 99 | 99 | |
| 100 |
def get_json_dict(fields, data, include_files=True): |
|
| 100 |
def get_json_dict(fields, data, include_files=True, anonymise=False):
|
|
| 101 | 101 |
new_data = {}
|
| 102 | 102 |
for field in fields: |
| 103 |
if anonymise and field.anonymise: |
|
| 104 |
continue |
|
| 103 | 105 |
if not field.varname: # exports only named fields |
| 104 | 106 |
continue |
| 105 | 107 |
if not include_files and isinstance(field, FileField): |
| ... | ... | |
| 624 | 626 |
evo.parts = None |
| 625 | 627 |
self.store() |
| 626 | 628 | |
| 627 |
def get_json_export_dict(self, include_files=True): |
|
| 629 |
def get_json_export_dict(self, include_files=True, anonymise=False):
|
|
| 628 | 630 |
data = {}
|
| 629 | 631 |
data['id'] = '%s/%s' % (self.formdef.url_name, self.id) |
| 630 | 632 |
data['display_id'] = self.get_display_id() |
| ... | ... | |
| 635 | 637 |
data['last_update_time'] = self.last_update_time |
| 636 | 638 |
data['url'] = self.get_url() |
| 637 | 639 | |
| 638 |
try: |
|
| 639 |
user = get_publisher().user_class.get(self.user_id) |
|
| 640 |
except KeyError: |
|
| 641 |
user = None |
|
| 642 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
| 643 |
# is done through the VoteAnonymity field, this is very specific but |
|
| 644 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
| 645 |
# clear at the moment what could be useful. |
|
| 646 |
for f in self.formdef.fields: |
|
| 647 |
if f.key == 'vote-anonymity': |
|
| 640 |
if not anonymise: |
|
| 641 |
try: |
|
| 642 |
user = get_publisher().user_class.get(self.user_id) |
|
| 643 |
except KeyError: |
|
| 648 | 644 |
user = None |
| 649 |
break |
|
| 650 |
if user: |
|
| 651 |
data['user'] = {'id': user.id, 'name': user.display_name}
|
|
| 645 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
| 646 |
# is done through the VoteAnonymity field, this is very specific but |
|
| 647 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
| 648 |
# clear at the moment what could be useful. |
|
| 649 |
for f in self.formdef.fields: |
|
| 650 |
if f.key == 'vote-anonymity': |
|
| 651 |
user = None |
|
| 652 |
break |
|
| 653 |
if user: |
|
| 654 |
data['user'] = {'id': user.id, 'name': user.display_name}
|
|
| 652 | 655 | |
| 653 | 656 |
data['fields'] = get_json_dict(self.formdef.fields, self.data, |
| 654 |
include_files=include_files) |
|
| 657 |
include_files=include_files, anonymise=anonymise)
|
|
| 655 | 658 | |
| 656 | 659 |
data['workflow'] = {}
|
| 657 | 660 |
wf_status = self.get_visible_status() |
| 658 | 661 |
if wf_status: |
| 659 | 662 |
data['workflow']['status'] = {'id': wf_status.id, 'name': wf_status.name}
|
| 660 |
if self.workflow_data: |
|
| 663 |
# Workflow data have unknown purpose, do not store then in anonymised export |
|
| 664 |
if self.workflow_data and not anonymise: |
|
| 661 | 665 |
data['workflow']['data'] = self.workflow_data |
| 662 | 666 | |
| 663 | 667 |
# add a roles dictionary, with workflow functions and two special |
| ... | ... | |
| 689 | 693 | |
| 690 | 694 |
return data |
| 691 | 695 | |
| 692 |
def export_to_json(self, include_files=True): |
|
| 693 |
data = self.get_json_export_dict(include_files=include_files) |
|
| 696 |
def export_to_json(self, include_files=True, anonymise=False):
|
|
| 697 |
data = self.get_json_export_dict(include_files=include_files, anonymise=anonymise)
|
|
| 694 | 698 |
return json.dumps(data, |
| 695 | 699 |
cls=qommon.misc.JSONEncoder, |
| 696 | 700 |
encoding=get_publisher().site_charset) |
| wcs/forms/backoffice.py | ||
|---|---|---|
| 131 | 131 |
return r.getvalue() |
| 132 | 132 | |
| 133 | 133 |
def get_listing_items(self, selected_filter='all', offset=None, |
| 134 |
limit=None, query=None, order_by=None, user=None, criterias=None): |
|
| 134 |
limit=None, query=None, order_by=None, user=None, criterias=None, anonymise=False):
|
|
| 135 | 135 |
formdata_class = self.formdef.data_class() |
| 136 | 136 |
if selected_filter == 'all': |
| 137 | 137 |
item_ids = formdata_class.keys() |
| ... | ... | |
| 160 | 160 |
select_ids = [x.id for x in formdata_class.select(clause=criterias)] |
| 161 | 161 |
item_ids = list(set(item_ids).intersection(select_ids)) |
| 162 | 162 | |
| 163 |
if item_ids: |
|
| 163 |
if item_ids and not anonymise:
|
|
| 164 | 164 |
# as we are in the backoffice, we don't have to care about the |
| 165 | 165 |
# situation where the user is the submitter, and we limit ourselves |
| 166 | 166 |
# to consider treating roles. |
| ... | ... | |
| 173 | 173 |
'concerned_roles', str(role))) |
| 174 | 174 |
item_ids = list(set(item_ids).intersection(concerned_ids)) |
| 175 | 175 | |
| 176 |
if order_by: |
|
| 176 |
if order_by and not anonymise:
|
|
| 177 | 177 |
ordered_ids = formdata_class.get_sorted_ids(order_by) |
| 178 | 178 |
new_item_ids = [] |
| 179 | 179 |
for item_id in ordered_ids: |
| wcs/forms/common.py | ||
|---|---|---|
| 114 | 114 |
session = get_session() |
| 115 | 115 |
mine = False |
| 116 | 116 |
if api_call: |
| 117 |
from wcs.api import get_user_from_api_query_string |
|
| 118 |
user = get_user_from_api_query_string() or get_request().user |
|
| 117 |
from wcs.api import get_user_from_api_query_string, is_url_signed |
|
| 118 |
if 'anonymise' in get_request().form: |
|
| 119 |
if is_url_signed() or (get_request().user and get_request().user.is_admin): |
|
| 120 |
return None |
|
| 121 |
else: |
|
| 122 |
raise errors.AccessUnauthorizedError() |
|
| 123 |
else: |
|
| 124 |
user = get_user_from_api_query_string() or get_request().user |
|
| 119 | 125 |
else: |
| 120 | 126 |
user = get_request().user |
| 121 | 127 |
if user and not user.anonymous: |
| ... | ... | |
| 130 | 136 | |
| 131 | 137 |
def json(self): |
| 132 | 138 |
self.check_auth(api_call=True) |
| 133 |
return self.export_to_json() |
|
| 139 |
anonymise = 'anonymise' in get_request().form |
|
| 140 |
return self.export_to_json(anonymise=anonymise) |
|
| 134 | 141 | |
| 135 | 142 |
def workflow_messages(self): |
| 136 | 143 |
if self.formdef.workflow: |
| ... | ... | |
| 230 | 237 |
r += self.form_status_buttons() |
| 231 | 238 |
return r.getvalue() |
| 232 | 239 | |
| 233 |
def export_to_json(self): |
|
| 240 |
def export_to_json(self, anonymise=False):
|
|
| 234 | 241 |
get_response().set_content_type('application/json')
|
| 235 |
return self.filled.export_to_json() |
|
| 242 |
return self.filled.export_to_json(anonymise=anonymise)
|
|
| 236 | 243 | |
| 237 | 244 |
def form_status_buttons(self): |
| 238 | 245 |
if not get_response().iframe_mode: |
| 239 |
- |
|