0001-add-anonymise-parameter-to-JSON-exports-of-formdata-.patch
wcs/backoffice/management.py | ||
---|---|---|
1331 | 1331 |
return exporter.output.getvalue() |
1332 | 1332 | |
1333 | 1333 |
def json(self): |
1334 |
anonymise = 'anonymise' in get_request().form |
|
1334 | 1335 |
self.check_access() |
1335 | 1336 |
get_response().set_content_type('application/json') |
1336 | 1337 |
from wcs.api import get_user_from_api_query_string |
1337 |
user = get_user_from_api_query_string() or get_request().user |
|
1338 |
user = get_user_from_api_query_string() or get_request().user if not anonymise else None
|
|
1338 | 1339 |
selected_filter = self.get_filter_from_query(default='all') |
1339 | 1340 |
criterias = self.get_criterias_from_query() |
1340 | 1341 |
order_by = get_request().form.get('order_by', None) |
1341 |
query = get_request().form.get('q') |
|
1342 |
query = get_request().form.get('q') if not anonymise else None
|
|
1342 | 1343 |
items, total_count = FormDefUI(self.formdef).get_listing_items( |
1343 | 1344 |
selected_filter, user=user, query=query, criterias=criterias, |
1344 |
order_by=order_by) |
|
1345 |
order_by=order_by, anonymise=anonymise)
|
|
1345 | 1346 |
if get_request().form.get('full') == 'on': |
1346 |
output = [filled.get_json_export_dict(include_files=False) for filled in items] |
|
1347 |
output = [filled.get_json_export_dict(include_files=False, anonymise=anonymise) |
|
1348 |
for filled in items] |
|
1347 | 1349 |
else: |
1348 | 1350 |
output = [{'id': filled.id, |
1349 | 1351 |
'url': filled.get_url(), |
wcs/formdata.py | ||
---|---|---|
97 | 97 |
del d[k] |
98 | 98 | |
99 | 99 | |
100 |
def get_json_dict(fields, data, include_files=True): |
|
100 |
def get_json_dict(fields, data, include_files=True, anonymise=False):
|
|
101 | 101 |
new_data = {} |
102 | 102 |
for field in fields: |
103 |
if anonymise and field.anonymise: |
|
104 |
continue |
|
103 | 105 |
if not field.varname: # exports only named fields |
104 | 106 |
continue |
105 | 107 |
if not include_files and isinstance(field, FileField): |
... | ... | |
624 | 626 |
evo.parts = None |
625 | 627 |
self.store() |
626 | 628 | |
627 |
def get_json_export_dict(self, include_files=True): |
|
629 |
def get_json_export_dict(self, include_files=True, anonymise=False):
|
|
628 | 630 |
data = {} |
629 | 631 |
data['id'] = '%s/%s' % (self.formdef.url_name, self.id) |
630 | 632 |
data['display_id'] = self.get_display_id() |
... | ... | |
635 | 637 |
data['last_update_time'] = self.last_update_time |
636 | 638 |
data['url'] = self.get_url() |
637 | 639 | |
638 |
try: |
|
639 |
user = get_publisher().user_class.get(self.user_id) |
|
640 |
except KeyError: |
|
641 |
user = None |
|
642 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
643 |
# is done through the VoteAnonymity field, this is very specific but |
|
644 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
645 |
# clear at the moment what could be useful. |
|
646 |
for f in self.formdef.fields: |
|
647 |
if f.key == 'vote-anonymity': |
|
640 |
if not anonymise: |
|
641 |
try: |
|
642 |
user = get_publisher().user_class.get(self.user_id) |
|
643 |
except KeyError: |
|
648 | 644 |
user = None |
649 |
break |
|
650 |
if user: |
|
651 |
data['user'] = {'id': user.id, 'name': user.display_name} |
|
645 |
# this is custom code so it is possible to mark forms as anonyms, this |
|
646 |
# is done through the VoteAnonymity field, this is very specific but |
|
647 |
# isn't generalised yet into an useful extension mechanism, as it's not |
|
648 |
# clear at the moment what could be useful. |
|
649 |
for f in self.formdef.fields: |
|
650 |
if f.key == 'vote-anonymity': |
|
651 |
user = None |
|
652 |
break |
|
653 |
if user: |
|
654 |
data['user'] = {'id': user.id, 'name': user.display_name} |
|
652 | 655 | |
653 | 656 |
data['fields'] = get_json_dict(self.formdef.fields, self.data, |
654 |
include_files=include_files) |
|
657 |
include_files=include_files, anonymise=anonymise)
|
|
655 | 658 | |
656 | 659 |
data['workflow'] = {} |
657 | 660 |
wf_status = self.get_visible_status() |
658 | 661 |
if wf_status: |
659 | 662 |
data['workflow']['status'] = {'id': wf_status.id, 'name': wf_status.name} |
660 |
if self.workflow_data: |
|
663 |
# Workflow data have unknown purpose, do not store then in anonymised export |
|
664 |
if self.workflow_data and not anonymise: |
|
661 | 665 |
data['workflow']['data'] = self.workflow_data |
662 | 666 | |
663 | 667 |
# add a roles dictionary, with workflow functions and two special |
... | ... | |
689 | 693 | |
690 | 694 |
return data |
691 | 695 | |
692 |
def export_to_json(self, include_files=True): |
|
693 |
data = self.get_json_export_dict(include_files=include_files) |
|
696 |
def export_to_json(self, include_files=True, anonymise=False):
|
|
697 |
data = self.get_json_export_dict(include_files=include_files, anonymise=anonymise)
|
|
694 | 698 |
return json.dumps(data, |
695 | 699 |
cls=qommon.misc.JSONEncoder, |
696 | 700 |
encoding=get_publisher().site_charset) |
wcs/forms/backoffice.py | ||
---|---|---|
131 | 131 |
return r.getvalue() |
132 | 132 | |
133 | 133 |
def get_listing_items(self, selected_filter='all', offset=None, |
134 |
limit=None, query=None, order_by=None, user=None, criterias=None): |
|
134 |
limit=None, query=None, order_by=None, user=None, criterias=None, anonymise=False):
|
|
135 | 135 |
formdata_class = self.formdef.data_class() |
136 | 136 |
if selected_filter == 'all': |
137 | 137 |
item_ids = formdata_class.keys() |
... | ... | |
160 | 160 |
select_ids = [x.id for x in formdata_class.select(clause=criterias)] |
161 | 161 |
item_ids = list(set(item_ids).intersection(select_ids)) |
162 | 162 | |
163 |
if item_ids: |
|
163 |
if item_ids and not anonymise:
|
|
164 | 164 |
# as we are in the backoffice, we don't have to care about the |
165 | 165 |
# situation where the user is the submitter, and we limit ourselves |
166 | 166 |
# to consider treating roles. |
... | ... | |
173 | 173 |
'concerned_roles', str(role))) |
174 | 174 |
item_ids = list(set(item_ids).intersection(concerned_ids)) |
175 | 175 | |
176 |
if order_by: |
|
176 |
if order_by and not anonymise:
|
|
177 | 177 |
ordered_ids = formdata_class.get_sorted_ids(order_by) |
178 | 178 |
new_item_ids = [] |
179 | 179 |
for item_id in ordered_ids: |
wcs/forms/common.py | ||
---|---|---|
114 | 114 |
session = get_session() |
115 | 115 |
mine = False |
116 | 116 |
if api_call: |
117 |
from wcs.api import get_user_from_api_query_string |
|
118 |
user = get_user_from_api_query_string() or get_request().user |
|
117 |
from wcs.api import get_user_from_api_query_string, is_url_signed |
|
118 |
if 'anonymise' in get_request().form: |
|
119 |
if is_url_signed() or (get_request().user and get_request().user.is_admin): |
|
120 |
return None |
|
121 |
else: |
|
122 |
raise errors.AccessUnauthorizedError() |
|
123 |
else: |
|
124 |
user = get_user_from_api_query_string() or get_request().user |
|
119 | 125 |
else: |
120 | 126 |
user = get_request().user |
121 | 127 |
if user and not user.anonymous: |
... | ... | |
130 | 136 | |
131 | 137 |
def json(self): |
132 | 138 |
self.check_auth(api_call=True) |
133 |
return self.export_to_json() |
|
139 |
anonymise = 'anonymise' in get_request().form |
|
140 |
return self.export_to_json(anonymise=anonymise) |
|
134 | 141 | |
135 | 142 |
def workflow_messages(self): |
136 | 143 |
if self.formdef.workflow: |
... | ... | |
230 | 237 |
r += self.form_status_buttons() |
231 | 238 |
return r.getvalue() |
232 | 239 | |
233 |
def export_to_json(self): |
|
240 |
def export_to_json(self, anonymise=False):
|
|
234 | 241 |
get_response().set_content_type('application/json') |
235 |
return self.filled.export_to_json() |
|
242 |
return self.filled.export_to_json(anonymise=anonymise)
|
|
236 | 243 | |
237 | 244 |
def form_status_buttons(self): |
238 | 245 |
if not get_response().iframe_mode: |
239 |
- |