Compare commits
21 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 mpeltriaux
|
6f2b6c44d9 | ||
|
mpeltriaux
|
494e80a4ac | ||
|
mpeltriaux
|
1f6c81874b | ||
|
mpeltriaux
|
9ee016a8bb | ||
|
mpeltriaux
|
93d29982a6 | ||
|
mpeltriaux
|
59a1bdfb1c | ||
|
mpeltriaux
|
056a92b068 | ||
|
mpeltriaux
|
c795d22e68 | ||
|
mpeltriaux
|
591527b048 | ||
|
mpeltriaux
|
3de6a905e1 | ||
|
mpeltriaux
|
9632e59456 | ||
|
mpeltriaux
|
d65f60c07c | ||
|
mpeltriaux
|
3ae0dc0cc1 | ||
|
mpeltriaux
|
b721e9c51c | ||
|
mpeltriaux
|
d26e363f8b | ||
|
mpeltriaux
|
2df178f4e1 | ||
|
mpeltriaux
|
25471b6de7 | ||
|
mpeltriaux
|
9863807ad6 | ||
|
mpeltriaux
|
62e02d745f | ||
|
mpeltriaux
|
1a9de7f874 | ||
|
mpeltriaux
|
46b66eb95d |
@@ -0,0 +1,23 @@
|
||||
# Generated by Django 6.0.5 on 2026-05-10 07:18
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('api', '0003_oauthtoken'),
|
||||
('user', '0010_user_sso_identifier'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='ExternalIdentifier',
|
||||
fields=[
|
||||
('external_id', models.CharField(db_comment='Identifier from a source system', max_length=255, primary_key=True, serialize=False)),
|
||||
('internal_id', models.UUIDField(db_comment='Identifier in konova')),
|
||||
('created', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='+', to='user.useractionlogentry')),
|
||||
],
|
||||
),
|
||||
]
|
||||
@@ -5,4 +5,5 @@ Contact: michel.peltriaux@sgdnord.rlp.de
|
||||
Created on: 21.01.22
|
||||
|
||||
"""
|
||||
from .token import *
|
||||
from .token import *
|
||||
from .external_identifier import *
|
||||
@@ -0,0 +1,51 @@
|
||||
"""
|
||||
Author: Michel Peltriaux
|
||||
Created on: 10.05.26
|
||||
|
||||
"""
|
||||
from django.db import models
|
||||
|
||||
|
||||
class ExternalIdentifier(models.Model):
|
||||
""" Holds a lookup to match a given external identifier against the internal identifier in konova.
|
||||
|
||||
Relevant in cases of API transmitted entries, which are updates using external identifiers instead of
|
||||
the internal ones directly.
|
||||
|
||||
"""
|
||||
external_id = models.CharField(
|
||||
max_length=255,
|
||||
primary_key=True,
|
||||
db_comment="Identifier from a source system"
|
||||
)
|
||||
internal_id = models.UUIDField(
|
||||
db_comment="Identifier in konova"
|
||||
)
|
||||
created = models.ForeignKey(
|
||||
"user.UserActionLogEntry",
|
||||
on_delete=models.SET_NULL,
|
||||
null=True,
|
||||
blank=True,
|
||||
related_name='+'
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return f"{self.external_id} -> {self.internal_id}"
|
||||
|
||||
@staticmethod
|
||||
def resolve_external_identifier(external_identifier: str):
|
||||
""" Returns a ExternalIdentifier object, if the given parameter could be resolved as an external identifier.
|
||||
|
||||
Args:
|
||||
external_identifier (str): An external identifier.
|
||||
|
||||
Returns:
|
||||
ExternalIdentifier | None
|
||||
"""
|
||||
if external_identifier:
|
||||
try:
|
||||
obj = ExternalIdentifier.objects.get(external_id=external_identifier)
|
||||
return obj
|
||||
except ExternalIdentifier.DoesNotExist:
|
||||
pass
|
||||
return None
|
||||
@@ -8,6 +8,7 @@
|
||||
"is_coherence_keeping": false,
|
||||
"is_pik": false,
|
||||
"intervention": "MUST_BE_SET_IN_TEST",
|
||||
"external_identifier": "LOREMIPSUM-123",
|
||||
"before_states": [
|
||||
],
|
||||
"after_states": [
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "Test_ecoaccount",
|
||||
"external_identifier": "LOREMIPSUM-1234",
|
||||
"deductable_surface": 10000.0,
|
||||
"is_pik": false,
|
||||
"responsible": {
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "Test_ema",
|
||||
"external_identifier": "LOREMIPSUM-1235",
|
||||
"is_pik": false,
|
||||
"responsible": {
|
||||
"conservation_office": null,
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "Test_intervention",
|
||||
"external_identifier": "LOREMIPSUM-1236",
|
||||
"responsible": {
|
||||
"registration_office": null,
|
||||
"registration_file_number": null,
|
||||
|
||||
@@ -9,6 +9,7 @@ import json
|
||||
|
||||
from django.urls import reverse
|
||||
|
||||
from api.models import ExternalIdentifier
|
||||
from api.tests.v1.share.test_api_sharing import BaseAPIV1TestCase
|
||||
|
||||
|
||||
@@ -42,7 +43,22 @@ class APIV1CreateTestCase(BaseAPIV1TestCase):
|
||||
response = self._run_create_request(url, post_body)
|
||||
self.assertEqual(response.status_code, 200, msg=response.content)
|
||||
content = json.loads(response.content)
|
||||
self.assertIsNotNone(content.get("id", None), msg=response.content)
|
||||
_id = content.get("id", None)
|
||||
self.assertIsNotNone(_id, msg=response.content)
|
||||
return _id
|
||||
|
||||
def _test_external_identifier_created(self, internal_id, external_id):
|
||||
""" Tests whether an external identifier has been created
|
||||
|
||||
Args:
|
||||
internal_id ():
|
||||
external_id ():
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
external_identifier = ExternalIdentifier.objects.get(internal_id=internal_id)
|
||||
self.assertEqual(external_identifier.external_id, external_id)
|
||||
|
||||
def test_create_intervention(self):
|
||||
""" Tests api creation
|
||||
@@ -54,7 +70,8 @@ class APIV1CreateTestCase(BaseAPIV1TestCase):
|
||||
json_file_path = "api/tests/v1/create/intervention_create_post_body.json"
|
||||
with open(json_file_path) as json_file:
|
||||
post_body = json.load(fp=json_file)
|
||||
self._test_create_object(url, post_body)
|
||||
internal_id = self._test_create_object(url, post_body)
|
||||
self._test_external_identifier_created(internal_id, post_body["properties"]["external_identifier"])
|
||||
|
||||
def test_create_compensation(self):
|
||||
""" Tests api creation
|
||||
@@ -77,7 +94,8 @@ class APIV1CreateTestCase(BaseAPIV1TestCase):
|
||||
|
||||
# Add the user to the shared users of the intervention and try again! Now everything should work as expected.
|
||||
self.intervention.users.add(self.superuser)
|
||||
self._test_create_object(url, post_body)
|
||||
internal_id = self._test_create_object(url, post_body)
|
||||
self._test_external_identifier_created(internal_id, post_body["properties"]["external_identifier"])
|
||||
|
||||
def test_create_eco_account(self):
|
||||
""" Tests api creation
|
||||
@@ -89,7 +107,8 @@ class APIV1CreateTestCase(BaseAPIV1TestCase):
|
||||
json_file_path = "api/tests/v1/create/ecoaccount_create_post_body.json"
|
||||
with open(json_file_path) as json_file:
|
||||
post_body = json.load(fp=json_file)
|
||||
self._test_create_object(url, post_body)
|
||||
internal_id = self._test_create_object(url, post_body)
|
||||
self._test_external_identifier_created(internal_id, post_body["properties"]["external_identifier"])
|
||||
|
||||
def test_create_ema(self):
|
||||
""" Tests api creation
|
||||
@@ -101,7 +120,8 @@ class APIV1CreateTestCase(BaseAPIV1TestCase):
|
||||
json_file_path = "api/tests/v1/create/ema_create_post_body.json"
|
||||
with open(json_file_path) as json_file:
|
||||
post_body = json.load(fp=json_file)
|
||||
self._test_create_object(url, post_body)
|
||||
internal_id = self._test_create_object(url, post_body)
|
||||
self._test_external_identifier_created(internal_id, post_body["properties"]["external_identifier"])
|
||||
|
||||
def test_create_deduction(self):
|
||||
""" Tests api creation
|
||||
|
||||
@@ -31,9 +31,10 @@ class APIV1SharingTestCase(BaseAPIV1TestCase):
|
||||
def setUpTestData(cls):
|
||||
super().setUpTestData()
|
||||
|
||||
def _run_share_request(self, url, user_list: list):
|
||||
def _run_share_request(self, url, user_list: list, team_list: list):
|
||||
data = {
|
||||
"users": user_list
|
||||
"users": user_list,
|
||||
"teams": team_list
|
||||
}
|
||||
data = json.dumps(data)
|
||||
response = self.client.put(
|
||||
@@ -58,16 +59,22 @@ class APIV1SharingTestCase(BaseAPIV1TestCase):
|
||||
self.superuser.username,
|
||||
self.user.username,
|
||||
]
|
||||
team_list = [
|
||||
str(self.team.id),
|
||||
]
|
||||
|
||||
response = self._run_share_request(url, user_list)
|
||||
response = self._run_share_request(url, user_list, team_list)
|
||||
|
||||
# Must fail, since performing user has no access on requested object
|
||||
self.assertEqual(response.status_code, 500)
|
||||
self.assertTrue(len(json.loads(response.content.decode("utf-8")).get("errors", [])) > 0)
|
||||
|
||||
# Add performing user to shared access users and rerun the request
|
||||
# Add performing user to shared access users, switch from team id to team name and rerun the request
|
||||
obj.users.add(self.superuser)
|
||||
response = self._run_share_request(url, user_list)
|
||||
team_list = [
|
||||
self.team.name
|
||||
]
|
||||
response = self._run_share_request(url, user_list, team_list)
|
||||
|
||||
shared_users = obj.shared_users
|
||||
self.assertEqual(response.status_code, 200)
|
||||
@@ -84,14 +91,14 @@ class APIV1SharingTestCase(BaseAPIV1TestCase):
|
||||
share_url = reverse("api:v1:intervention-share", args=(self.intervention.id,))
|
||||
# Expect the first request to work properly
|
||||
self.intervention.users.add(self.superuser)
|
||||
response = self._run_share_request(share_url, [self.superuser.username])
|
||||
response = self._run_share_request(share_url, [self.superuser.username], [str(self.team.id)])
|
||||
self.assertEqual(response.status_code, 200)
|
||||
|
||||
# Change the token
|
||||
self.header_data["HTTP_ksptoken"] = f"{self.superuser.api_token.token}__X"
|
||||
|
||||
# Expect the request to fail now
|
||||
response = self._run_share_request(share_url, [self.superuser.username])
|
||||
response = self._run_share_request(share_url, [self.superuser.username], [])
|
||||
self.assertEqual(response.status_code, 403)
|
||||
|
||||
def test_api_intervention_sharing(self):
|
||||
@@ -144,11 +151,11 @@ class APIV1SharingTestCase(BaseAPIV1TestCase):
|
||||
self.assertEqual(self.intervention.users.count(), 1)
|
||||
|
||||
# Try to add another user via API -> must work!
|
||||
response = self._run_share_request(share_url, [self.superuser.username, self.user.username])
|
||||
response = self._run_share_request(share_url, [self.superuser.username, self.user.username], [])
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(self.intervention.users.count(), 2)
|
||||
|
||||
# Now try to remove the user again -> expect no changes at all to the shared user list
|
||||
response = self._run_share_request(share_url, [self.superuser.username])
|
||||
response = self._run_share_request(share_url, [self.superuser.username], [])
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertEqual(self.intervention.users.count(), 2)
|
||||
|
||||
@@ -44,6 +44,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "TEST_compensation_CHANGED",
|
||||
"external_identifier": "LOREMIPSUM-123_CHANGED",
|
||||
"is_cef": true,
|
||||
"is_coherence_keeping": true,
|
||||
"is_pik": true,
|
||||
|
||||
@@ -44,6 +44,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "TEST_account_CHANGED",
|
||||
"external_identifier": "LOREMIPSUM-1234_CHANGED",
|
||||
"deductable_surface": "100000.0",
|
||||
"is_pik": true,
|
||||
"responsible": {
|
||||
|
||||
@@ -44,6 +44,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "TEST_EMA_CHANGED",
|
||||
"external_identifier": "LOREMIPSUM-1235_CHANGED",
|
||||
"responsible": {
|
||||
"conservation_office": null,
|
||||
"conservation_file_number": "TEST_CHANGED",
|
||||
|
||||
@@ -44,6 +44,7 @@
|
||||
],
|
||||
"properties": {
|
||||
"title": "Test_intervention_CHANGED",
|
||||
"external_identifier": "LOREMIPSUM-1236_CHANGED",
|
||||
"responsible": {
|
||||
"registration_office": null,
|
||||
"registration_file_number": "CHANGED",
|
||||
|
||||
@@ -10,9 +10,11 @@ from abc import abstractmethod
|
||||
|
||||
from django.contrib.gis import geos
|
||||
from django.contrib.gis.geos import GEOSGeometry
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.core.paginator import Paginator
|
||||
from django.db.models import Q
|
||||
|
||||
from api.models import ExternalIdentifier
|
||||
from konova.models import Geometry
|
||||
from konova.utils.message_templates import DATA_UNSHARED
|
||||
|
||||
@@ -76,6 +78,14 @@ class AbstractModelAPISerializer:
|
||||
del self.lookup["id"]
|
||||
else:
|
||||
# Return certain object
|
||||
## But first check, whether this is an external identifier ...
|
||||
try:
|
||||
## If we can find this _id on our ExternalIdentifier model, we need to map it on the internal id
|
||||
ext_id = ExternalIdentifier.objects.get(external_id=_id)
|
||||
_id = ext_id.internal_id
|
||||
except ObjectDoesNotExist:
|
||||
# If we did not find it, we assume that this is already an internal id. (Or it does not exist at all)
|
||||
pass
|
||||
self.lookup["id"] = _id
|
||||
|
||||
self.shared_lookup = Q(
|
||||
@@ -161,6 +171,14 @@ class AbstractModelAPISerializer:
|
||||
Returns:
|
||||
|
||||
"""
|
||||
# First if there is an external identifier linked to an internal one, so we can continue with the internal
|
||||
try:
|
||||
ext_id = ExternalIdentifier.objects.get(external_id=id)
|
||||
id = ext_id.internal_id
|
||||
except ObjectDoesNotExist:
|
||||
# No external id found - let's hope the given id exists internally
|
||||
pass
|
||||
|
||||
obj = self.model.objects.get(
|
||||
id=id,
|
||||
deleted__isnull=True,
|
||||
|
||||
@@ -88,6 +88,11 @@ class CompensationAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensa
|
||||
# Nothing to do here
|
||||
return obj
|
||||
|
||||
# Transform a potential external identifier into an internal one
|
||||
intervention_ext_id = self._get_external_identifier(intervention_id)
|
||||
if intervention_ext_id:
|
||||
intervention_id = intervention_ext_id.internal_id
|
||||
|
||||
intervention = Intervention.objects.get(
|
||||
id=intervention_id,
|
||||
)
|
||||
@@ -114,6 +119,10 @@ class CompensationAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensa
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
|
||||
external_identifier = properties.get("external_identifier", None)
|
||||
self._check_external_identifier_on_entry_creation(external_identifier)
|
||||
|
||||
obj.identifier = obj.generate_new_identifier()
|
||||
obj.title = properties["title"]
|
||||
obj.is_cef = properties["is_cef"]
|
||||
@@ -129,6 +138,7 @@ class CompensationAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensa
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, properties.get("external_identifier", None), obj.created)
|
||||
obj.log.add(obj.created)
|
||||
|
||||
celery_update_parcels.delay(obj.geometry.id)
|
||||
@@ -170,6 +180,7 @@ class CompensationAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensa
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, properties.get("external_identifier", None), update_action)
|
||||
obj.log.add(update_action)
|
||||
|
||||
celery_update_parcels.delay(obj.geometry.id)
|
||||
|
||||
@@ -62,6 +62,14 @@ class DeductionAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
if surface <= 0:
|
||||
raise ValueError("Surface must be > 0 m²")
|
||||
|
||||
# Check if external identifiers need to be mapped onto internal ones
|
||||
acc_ext_id = self._get_external_identifier(acc_id)
|
||||
intervention_ext_id = self._get_external_identifier(intervention_id)
|
||||
if acc_ext_id:
|
||||
acc_id = acc_ext_id.internal_id
|
||||
if intervention_ext_id:
|
||||
intervention_id = intervention_ext_id.internal_id
|
||||
|
||||
acc = EcoAccount.objects.get(
|
||||
id=acc_id,
|
||||
deleted__isnull=True,
|
||||
|
||||
@@ -121,7 +121,9 @@ class EcoAccountAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
obj = self._initialize_objects(json_model, user)
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
properties = json_model.get("properties", None)
|
||||
if not properties:
|
||||
raise AssertionError("No 'properties' found in payload!")
|
||||
obj.identifier = obj.generate_new_identifier()
|
||||
obj.title = properties["title"]
|
||||
obj.is_pik = properties.get("is_pik", False)
|
||||
@@ -147,6 +149,7 @@ class EcoAccountAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, properties.get("external_identifier", None), obj.created)
|
||||
obj.log.add(obj.created)
|
||||
obj.users.add(user)
|
||||
|
||||
@@ -172,6 +175,10 @@ class EcoAccountAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
|
||||
external_identifier = properties.get("external_identifier", None)
|
||||
self._check_external_identifier_on_entry_creation(external_identifier)
|
||||
|
||||
obj.title = properties["title"]
|
||||
obj.is_pik = properties.get("is_pik", False)
|
||||
obj.deductable_surface = float(properties["deductable_surface"])
|
||||
@@ -192,6 +199,7 @@ class EcoAccountAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, external_identifier, update_action)
|
||||
obj.log.add(update_action)
|
||||
|
||||
celery_update_parcels.delay(obj.geometry.id)
|
||||
|
||||
@@ -104,6 +104,10 @@ class EmaAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensationAPISe
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
|
||||
external_identifier = properties.get("external_identifier", None)
|
||||
self._check_external_identifier_on_entry_creation(external_identifier)
|
||||
|
||||
obj.identifier = obj.generate_new_identifier()
|
||||
obj.title = properties["title"]
|
||||
obj.is_pik = properties.get("is_pik", False)
|
||||
@@ -119,6 +123,7 @@ class EmaAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensationAPISe
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, external_identifier, obj.created)
|
||||
obj.log.add(obj.created)
|
||||
obj.users.add(user)
|
||||
|
||||
@@ -161,6 +166,7 @@ class EmaAPISerializerV1(AbstractModelAPISerializerV1, AbstractCompensationAPISe
|
||||
obj = self._set_compensation_states(obj, properties["after_states"], obj.after_states)
|
||||
obj = self._set_deadlines(obj, properties["deadlines"])
|
||||
|
||||
self._set_external_identifier(obj.id, properties.get("external_identifier", None), update_action)
|
||||
obj.log.add(update_action)
|
||||
|
||||
celery_update_parcels.delay(obj.geometry.id)
|
||||
|
||||
@@ -150,10 +150,14 @@ class InterventionAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
|
||||
external_identifier = properties.get("external_identifier", None)
|
||||
self._check_external_identifier_on_entry_creation(external_identifier)
|
||||
|
||||
obj.identifier = obj.generate_new_identifier()
|
||||
obj.title = properties["title"]
|
||||
self._set_responsibility(obj, properties["responsible"])
|
||||
self._set_legal(obj, properties["legal"])
|
||||
obj.title = properties.get("title", None)
|
||||
self._set_responsibility(obj, properties.get("responsible", None))
|
||||
self._set_legal(obj, properties.get("legal", None))
|
||||
|
||||
obj.responsible.handler.save()
|
||||
obj.responsible.save()
|
||||
@@ -161,6 +165,7 @@ class InterventionAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
obj.legal.save()
|
||||
obj.save()
|
||||
|
||||
self._set_external_identifier(obj.id, external_identifier, obj.created)
|
||||
obj.users.add(user)
|
||||
obj.log.add(obj.created)
|
||||
|
||||
@@ -186,7 +191,7 @@ class InterventionAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
|
||||
# Fill in data to objects
|
||||
properties = json_model["properties"]
|
||||
obj.title = properties["title"]
|
||||
obj.title = properties.get("title")
|
||||
self._set_responsibility(obj, properties.get("responsible", None))
|
||||
self._set_legal(obj, properties.get("legal", None))
|
||||
self._set_payments(obj, properties.get("payments", None))
|
||||
@@ -200,6 +205,7 @@ class InterventionAPISerializerV1(AbstractModelAPISerializerV1,
|
||||
obj.save()
|
||||
|
||||
obj.mark_as_edited(user, edit_comment="API update")
|
||||
self._set_external_identifier(obj.id, properties.get("external_identifier", None), update_action)
|
||||
obj.send_data_to_egon()
|
||||
|
||||
celery_update_parcels.delay(obj.geometry.id)
|
||||
|
||||
@@ -12,6 +12,7 @@ from django.contrib.gis.geos import MultiPolygon
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.db.models import QuerySet
|
||||
|
||||
from api.models import ExternalIdentifier
|
||||
from api.utils.serializer.serializer import AbstractModelAPISerializer
|
||||
from codelist.models import KonovaCode
|
||||
from codelist.settings import CODELIST_COMPENSATION_ACTION_ID, CODELIST_BIOTOPES_ID, CODELIST_PROCESS_TYPE_ID, \
|
||||
@@ -39,12 +40,20 @@ class AbstractModelAPISerializerV1(AbstractModelAPISerializer):
|
||||
else:
|
||||
geom = MultiPolygon().geojson
|
||||
geo_json = json.loads(geom)
|
||||
ext_ids = list(
|
||||
ExternalIdentifier.objects.filter(
|
||||
internal_id=entry.id
|
||||
).values_list(
|
||||
"external_id", flat=True
|
||||
)
|
||||
)
|
||||
self.properties_data = {
|
||||
"id": entry.id,
|
||||
"identifier": entry.identifier,
|
||||
"title": entry.title,
|
||||
"created_on": self._created_on_to_json(entry),
|
||||
"modified_on": self._modified_on_to_json(entry),
|
||||
"external_identifiers": ext_ids,
|
||||
}
|
||||
self._extend_properties_data(entry)
|
||||
geo_json["properties"] = self.properties_data
|
||||
@@ -137,6 +146,57 @@ class AbstractModelAPISerializerV1(AbstractModelAPISerializer):
|
||||
success = entry.deleted is not None
|
||||
return success
|
||||
|
||||
def _set_external_identifier(self, internal_identifier, external_identifier, log_entry):
|
||||
""" If an external identifier was provided in the payload, we set it
|
||||
in the database
|
||||
|
||||
Args:
|
||||
internal_identifier (BaseObject): The already processed konova object (EIV, KOM, ...)
|
||||
external_identifier (any): The external identifier taken from the payload
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
if external_identifier is None:
|
||||
return None
|
||||
|
||||
ext_id_obj = ExternalIdentifier.objects.get_or_create(
|
||||
internal_id=internal_identifier,
|
||||
external_id=external_identifier
|
||||
)[0]
|
||||
if not ext_id_obj.created:
|
||||
ext_id_obj.created = log_entry
|
||||
ext_id_obj.save()
|
||||
|
||||
return ext_id_obj
|
||||
|
||||
def _get_external_identifier(self, external_identifier):
|
||||
""" Checks whether a linkage based on an external identifier already exists and returns it if so.
|
||||
|
||||
Args:
|
||||
external_identifier (any): The external identifier according to payload
|
||||
|
||||
Returns:
|
||||
ExternalIdentifier | None
|
||||
"""
|
||||
return ExternalIdentifier.resolve_external_identifier(external_identifier)
|
||||
|
||||
def _check_external_identifier_on_entry_creation(self, external_identifier):
|
||||
""" Special check for POST processing:
|
||||
Checks whether an external identifier already exists on the database. This hints that
|
||||
the entry already has been created in the past. Instead of POST, the PUT method shall be used
|
||||
to avoid creating duplicates.
|
||||
|
||||
Args:
|
||||
external_identifier (any): The external identifier according to payload
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
persisted_external_identifier = self._get_external_identifier(external_identifier)
|
||||
if persisted_external_identifier:
|
||||
raise AssertionError(f"{external_identifier} has already been initially created! Use PUT for updates!")
|
||||
|
||||
|
||||
class DeductableAPISerializerV1Mixin:
|
||||
class Meta:
|
||||
|
||||
+68
-19
@@ -6,13 +6,14 @@ Created on: 21.01.22
|
||||
|
||||
"""
|
||||
import json
|
||||
import uuid
|
||||
|
||||
from django.db.models import QuerySet
|
||||
from django.db.models import QuerySet, Q
|
||||
from django.http import JsonResponse, HttpRequest
|
||||
from django.views import View
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
|
||||
from api.models import APIUserToken
|
||||
from api.models import APIUserToken, ExternalIdentifier
|
||||
from api.settings import KSP_TOKEN_HEADER_IDENTIFIER, KSP_USER_HEADER_IDENTIFIER
|
||||
from compensation.models import EcoAccount
|
||||
from ema.models import Ema
|
||||
@@ -205,6 +206,10 @@ class AbstractModelShareAPIView(AbstractAPIView):
|
||||
|
||||
"""
|
||||
try:
|
||||
external_identifier = ExternalIdentifier.resolve_external_identifier(id)
|
||||
if external_identifier:
|
||||
id = external_identifier.internal_id
|
||||
|
||||
users = self._get_shared_users_of_object(id)
|
||||
teams = self._get_shared_teams_of_object(id)
|
||||
except Exception as e:
|
||||
@@ -237,6 +242,9 @@ class AbstractModelShareAPIView(AbstractAPIView):
|
||||
"""
|
||||
|
||||
try:
|
||||
external_identifier = ExternalIdentifier.resolve_external_identifier(id)
|
||||
if external_identifier:
|
||||
id = external_identifier.internal_id
|
||||
success = self._process_put_body(request.body, id)
|
||||
except Exception as e:
|
||||
return self._return_error_response(e)
|
||||
@@ -309,22 +317,36 @@ class AbstractModelShareAPIView(AbstractAPIView):
|
||||
raise ValueError("Shared user list must not be empty!")
|
||||
new_teams = content.get("teams", [])
|
||||
|
||||
self.__process_user_sharing(new_users, obj)
|
||||
self.__process_team_sharing(new_teams, obj)
|
||||
|
||||
return True
|
||||
|
||||
def __process_user_sharing(self, user_list: list, obj):
|
||||
""" Processes API sharing for user payload
|
||||
|
||||
Args:
|
||||
user_list (list): A list of users to share the obj with
|
||||
obj (BaseObject): The shareable object
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
# Eliminate duplicates
|
||||
new_users = list(dict.fromkeys(new_users))
|
||||
new_teams = list(dict.fromkeys(new_teams))
|
||||
new_users = list(dict.fromkeys(user_list))
|
||||
|
||||
# Make sure each of these names exist as a user
|
||||
new_users_objs = []
|
||||
for user in new_users:
|
||||
new_users_objs.append(User.objects.get(username=user))
|
||||
|
||||
# Make sure each of these names exist as a user
|
||||
new_teams_objs = []
|
||||
for team_name in new_teams:
|
||||
new_teams_objs.append(Team.objects.get(name=team_name))
|
||||
try:
|
||||
user_obj = User.objects.get(username=user)
|
||||
except User.DoesNotExist:
|
||||
raise AssertionError(f"User with username {user} does not exist")
|
||||
new_users_objs.append(user_obj)
|
||||
|
||||
if self.user.is_default_group_only():
|
||||
# Default only users are not allowed to remove other users from having access. They can only add new ones!
|
||||
# So we need to keep the ones that already have access from being removed!
|
||||
new_users_to_be_added = User.objects.filter(
|
||||
username__in=new_users
|
||||
).exclude(
|
||||
@@ -332,17 +354,44 @@ class AbstractModelShareAPIView(AbstractAPIView):
|
||||
)
|
||||
new_users_objs = obj.shared_users.union(new_users_to_be_added)
|
||||
|
||||
new_teams_to_be_added = Team.objects.filter(
|
||||
name__in=new_teams
|
||||
).exclude(
|
||||
id__in=obj.shared_teams
|
||||
)
|
||||
new_teams_objs = obj.shared_teams.union(new_teams_to_be_added)
|
||||
|
||||
obj.share_with_user_list(new_users_objs)
|
||||
obj.share_with_team_list(new_teams_objs)
|
||||
return True
|
||||
|
||||
def __process_team_sharing(self, team_list: list, obj):
|
||||
""" Processes API sharing for team payload
|
||||
|
||||
Args:
|
||||
team_list (list): A list of teams to share the obj with
|
||||
obj (BaseObject): The shareable object
|
||||
|
||||
Returns:
|
||||
|
||||
"""
|
||||
# Eliminate duplicates
|
||||
new_teams = list(dict.fromkeys(team_list))
|
||||
|
||||
# Resolve team names or ids into objects
|
||||
new_team_ids = []
|
||||
for team in new_teams:
|
||||
try:
|
||||
uuid.UUID(team)
|
||||
try:
|
||||
new_team_ids.append(Team.objects.get(id=team).id)
|
||||
except Team.DoesNotExist:
|
||||
raise AssertionError(f"Team with id {team} does not exist!")
|
||||
except ValueError:
|
||||
# entry is a name and not a uuid -> try to resolve as name!
|
||||
try:
|
||||
new_team_ids.append(Team.objects.get(name=team).id)
|
||||
except Team.DoesNotExist:
|
||||
raise AssertionError(f"Team with name {team} does not exist!")
|
||||
|
||||
new_team_objs = Team.objects.filter(id__in=new_team_ids)
|
||||
if self.user.is_default_group_only():
|
||||
# Default only users are not allowed to remove other users from having access. They can only add new ones!
|
||||
# So we need to keep the ones that already have access from being removed!
|
||||
new_team_objs = obj.shared_teams.union(new_team_objs)
|
||||
|
||||
obj.share_with_team_list(new_team_objs)
|
||||
|
||||
class InterventionAPIShareView(AbstractModelShareAPIView):
|
||||
model = Intervention
|
||||
|
||||
@@ -124,7 +124,7 @@ class CompensationTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
html += self.render_previously_checked_star(
|
||||
tooltip=tooltip,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
def render_r(self, value, record: Compensation):
|
||||
""" Renders the registered column for a compensation
|
||||
@@ -146,5 +146,5 @@ class CompensationTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
tooltip=tooltip,
|
||||
icn_filled=recorded,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
|
||||
@@ -95,7 +95,7 @@ class EcoAccountTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
txt=value,
|
||||
new_tab=False,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
def render_av(self, value, record: EcoAccount):
|
||||
""" Renders the available column for an eco account
|
||||
@@ -113,7 +113,7 @@ class EcoAccountTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
value_relative = 0
|
||||
html = render_to_string("konova/widgets/progressbar.html", {"value": value_relative})
|
||||
html += f"{number_format(record.deductable_rest, decimal_pos=2)} m²"
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
def render_r(self, value, record: EcoAccount):
|
||||
""" Renders the recorded column for an eco account
|
||||
@@ -135,4 +135,4 @@ class EcoAccountTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
tooltip=tooltip,
|
||||
icn_filled=checked,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
+2
-2
@@ -88,7 +88,7 @@ class EmaTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
txt=value,
|
||||
new_tab=False,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
def render_r(self, value, record: Ema):
|
||||
""" Renders the registered column for a EMA
|
||||
@@ -110,4 +110,4 @@ class EmaTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
tooltip=tooltip,
|
||||
icn_filled=recorded,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
@@ -127,7 +127,7 @@ class InterventionTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
html += self.render_previously_checked_star(
|
||||
tooltip=tooltip,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
def render_r(self, value, record: Intervention):
|
||||
""" Renders the recorded column for an intervention
|
||||
@@ -149,5 +149,5 @@ class InterventionTable(BaseTable, TableRenderMixin, TableOrderMixin):
|
||||
tooltip=tooltip,
|
||||
icn_filled=checked,
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
|
||||
@@ -36,6 +36,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.run_check_url = reverse("intervention:check", args=(self.intervention.id,))
|
||||
self.record_url = reverse("intervention:record", args=(self.intervention.id,))
|
||||
self.report_url = reverse("intervention:report", args=(self.intervention.id,))
|
||||
self.compensation_remove_url = reverse("intervention:remove-compensation", args=(self.compensation.intervention.id, self.compensation.id))
|
||||
|
||||
self.deduction.intervention = self.intervention
|
||||
self.deduction.save()
|
||||
@@ -83,6 +84,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.revocation_new_url: f"{login_redirect_base}{self.revocation_new_url}",
|
||||
self.revocation_edit_url: f"{login_redirect_base}{self.revocation_edit_url}",
|
||||
self.revocation_remove_url: f"{login_redirect_base}{self.revocation_remove_url}",
|
||||
self.compensation_remove_url: f"{login_redirect_base}{self.compensation_remove_url}",
|
||||
}
|
||||
|
||||
self.assert_url_success(client, success_urls)
|
||||
@@ -124,6 +126,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
|
||||
self.assert_url_success(client, success_urls)
|
||||
@@ -162,6 +165,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
fail_urls = [
|
||||
self.run_check_url,
|
||||
@@ -212,6 +216,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
success_urls_redirect = {
|
||||
self.share_url: self.detail_url
|
||||
@@ -258,6 +263,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
success_urls_redirect = {
|
||||
self.share_url: self.detail_url
|
||||
@@ -304,6 +310,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
success_urls_redirect = {
|
||||
self.share_url: self.detail_url
|
||||
@@ -350,6 +357,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
success_urls_redirect = {
|
||||
self.share_url: self.detail_url
|
||||
@@ -396,6 +404,7 @@ class InterventionViewTestCase(BaseViewTestCase):
|
||||
self.deduction_new_url,
|
||||
self.deduction_edit_url,
|
||||
self.deduction_remove_url,
|
||||
self.compensation_remove_url,
|
||||
]
|
||||
# Define urls where a redirect to a specific location is the proper response
|
||||
success_urls_redirect = {
|
||||
|
||||
@@ -14,7 +14,7 @@ from django.utils.decorators import method_decorator
|
||||
from django.views import View
|
||||
|
||||
from intervention.models import Intervention
|
||||
from konova.decorators import shared_access_required
|
||||
from konova.decorators import shared_access_required, default_group_required
|
||||
from konova.forms.modals import RemoveModalForm
|
||||
from konova.utils.message_templates import COMPENSATION_REMOVED_TEMPLATE
|
||||
|
||||
@@ -45,10 +45,12 @@ class RemoveCompensationFromInterventionView(LoginRequiredMixin, View):
|
||||
redirect_url=reverse("intervention:detail", args=(id,)) + "#related_data",
|
||||
)
|
||||
|
||||
@method_decorator(default_group_required)
|
||||
@method_decorator(shared_access_required(Intervention, "id"))
|
||||
def get(self, request, id: str, comp_id: str, *args, **kwargs) -> HttpResponse:
|
||||
return self.__process_request(request, id, comp_id, *args, **kwargs)
|
||||
|
||||
@method_decorator(default_group_required)
|
||||
@method_decorator(shared_access_required(Intervention, "id"))
|
||||
def post(self, request, id: str, comp_id: str, *args, **kwargs) -> HttpResponse:
|
||||
return self.__process_request(request, id, comp_id, *args, **kwargs)
|
||||
@@ -5,22 +5,18 @@ Contact: michel.peltriaux@sgdnord.rlp.de
|
||||
Created on: 09.11.20
|
||||
|
||||
"""
|
||||
import random
|
||||
import secrets
|
||||
import string
|
||||
import qrcode
|
||||
import qrcode.image.svg
|
||||
|
||||
from io import BytesIO
|
||||
|
||||
|
||||
def generate_token() -> str:
|
||||
def generate_token(length: int = 64) -> str:
|
||||
""" Shortcut for default generating of e.g. API token
|
||||
|
||||
Returns:
|
||||
token (str)
|
||||
"""
|
||||
return generate_random_string(
|
||||
length=64,
|
||||
length=length,
|
||||
use_numbers=True,
|
||||
use_letters_lc=True
|
||||
)
|
||||
@@ -39,7 +35,7 @@ def generate_random_string(length: int, use_numbers: bool = False, use_letters_l
|
||||
elements.append(string.ascii_uppercase)
|
||||
|
||||
elements = "".join(elements)
|
||||
ret_val = "".join(random.choice(elements) for i in range(length))
|
||||
ret_val = "".join(secrets.choice(elements) for i in range(length))
|
||||
return ret_val
|
||||
|
||||
class IdentifierGenerator:
|
||||
|
||||
@@ -30,15 +30,17 @@ class QrCode:
|
||||
Returns:
|
||||
qrcode_svg (str): The qr code as svg
|
||||
"""
|
||||
img_factory = svg.SvgImage
|
||||
qrcode_img = qrcode.make(
|
||||
content,
|
||||
image_factory=img_factory,
|
||||
qr = qrcode.QRCode(
|
||||
image_factory=qrcode.image.svg.SvgPathImage,
|
||||
box_size=size
|
||||
)
|
||||
stream = BytesIO()
|
||||
qrcode_img.save(stream)
|
||||
return stream.getvalue().decode()
|
||||
qr.add_data(content)
|
||||
qr.make(
|
||||
fit=True
|
||||
)
|
||||
|
||||
img = qr.make_image()
|
||||
return img.to_string(encoding="unicode")
|
||||
|
||||
def get_img(self):
|
||||
return self._img
|
||||
|
||||
@@ -178,7 +178,9 @@ class TableRenderMixin:
|
||||
if len(value) > max_length:
|
||||
value = f"{value[:max_length]}..."
|
||||
value = format_html(
|
||||
f'<div title="{value_orig}">{value}</div>'
|
||||
'<div title="{}">{}</div>',
|
||||
value_orig,
|
||||
value
|
||||
)
|
||||
return value
|
||||
|
||||
@@ -222,7 +224,7 @@ class TableRenderMixin:
|
||||
tooltip=_("Full access granted") if is_entry_shared else _("Access not granted"),
|
||||
icn_class="fas fa-edit rlp-r-inv" if is_entry_shared else "far fa-edit",
|
||||
)
|
||||
return format_html(html)
|
||||
return format_html(html, None)
|
||||
|
||||
|
||||
class TableOrderMixin:
|
||||
|
||||
+52
-50
@@ -1,63 +1,65 @@
|
||||
amqp==5.3.1
|
||||
asgiref==3.8.1
|
||||
asgiref==3.11.1
|
||||
async-timeout==5.0.1
|
||||
beautifulsoup4==4.13.0b2
|
||||
billiard==4.2.1
|
||||
beautifulsoup4==4.14.3
|
||||
billiard==4.2.4
|
||||
cached-property==2.0.1
|
||||
celery==5.4.0
|
||||
certifi==2024.12.14
|
||||
cffi==1.17.1
|
||||
chardet==5.2.0
|
||||
charset-normalizer==3.4.0
|
||||
click==8.1.8
|
||||
celery==5.6.3
|
||||
certifi==2026.4.22
|
||||
cffi==2.0.0
|
||||
chardet==7.4.3
|
||||
charset-normalizer==3.4.7
|
||||
click==8.3.3
|
||||
click-didyoumean==0.3.1
|
||||
click-plugins==1.1.1
|
||||
click-plugins==1.1.1.2
|
||||
click-repl==0.3.0
|
||||
coverage==7.6.9
|
||||
cryptography==44.0.0
|
||||
Deprecated==1.2.15
|
||||
Django==5.1.4
|
||||
django-autocomplete-light==3.11.0
|
||||
coverage==7.13.5
|
||||
cryptography==48.0.0
|
||||
Deprecated==1.3.1
|
||||
Django==6.0.5
|
||||
django-autocomplete-light==4.0.0
|
||||
django-bootstrap-modal-forms==3.0.5
|
||||
django-bootstrap4==24.4
|
||||
django-environ==0.11.2
|
||||
django-filter==24.3
|
||||
django-bootstrap4==26.1
|
||||
django-environ==0.13.0
|
||||
django-filter==25.2
|
||||
django-fontawesome-5==1.0.18
|
||||
django-oauth-toolkit==3.0.1
|
||||
django-tables2==2.7.1
|
||||
django-oauth-toolkit==3.2.0
|
||||
django-tables2==3.0.0
|
||||
et_xmlfile==2.0.0
|
||||
gunicorn==23.0.0
|
||||
idna==3.10
|
||||
importlib_metadata==8.5.0
|
||||
jwcrypto==1.5.6
|
||||
kombu==5.4.0rc1
|
||||
oauthlib==3.2.2
|
||||
gunicorn==26.0.0
|
||||
idna==3.13
|
||||
importlib_metadata==9.0.0
|
||||
itsdangerous==2.2.0
|
||||
jwcrypto==1.5.7
|
||||
kombu==5.6.2
|
||||
oauthlib==3.3.1
|
||||
openpyxl==3.2.0b1
|
||||
packaging==24.2
|
||||
pika==1.3.2
|
||||
pillow==11.0.0
|
||||
prompt_toolkit==3.0.48
|
||||
psycopg==3.2.3
|
||||
psycopg-binary==3.2.3
|
||||
pycparser==2.22
|
||||
pyparsing==3.2.0
|
||||
packaging==26.2
|
||||
pika==1.4.0
|
||||
pillow==12.2.0
|
||||
prompt_toolkit==3.0.52
|
||||
psycopg==3.3.4
|
||||
psycopg-binary==3.3.4
|
||||
pycparser==3.0
|
||||
pyparsing==3.3.2
|
||||
pypng==0.20220715.0
|
||||
pyproj==3.7.0
|
||||
pyproj==3.7.2
|
||||
python-dateutil==2.9.0.post0
|
||||
pytz==2024.2
|
||||
PyYAML==6.0.2
|
||||
qrcode==7.3.1
|
||||
redis==5.1.0b6
|
||||
requests==2.32.3
|
||||
six==1.16.0
|
||||
soupsieve==2.5
|
||||
sqlparse==0.5.1
|
||||
typing_extensions==4.12.2
|
||||
tzdata==2024.2
|
||||
urllib3==2.3.0
|
||||
pytz==2026.2
|
||||
PyYAML==6.0.3
|
||||
qrcode==8.2
|
||||
redis==7.4.0
|
||||
requests==2.33.1
|
||||
six==1.17.0
|
||||
soupsieve==2.8.3
|
||||
sqlparse==0.5.5
|
||||
typing_extensions==4.15.0
|
||||
tzdata==2026.2
|
||||
tzlocal==5.3.1
|
||||
urllib3==2.7.0
|
||||
vine==5.1.0
|
||||
wcwidth==0.2.13
|
||||
wcwidth==0.7.0
|
||||
webservices==0.7
|
||||
wrapt==1.16.0
|
||||
xmltodict==0.14.2
|
||||
zipp==3.21.0
|
||||
wrapt==2.1.2
|
||||
xmltodict==1.0.4
|
||||
zipp==3.23.1
|
||||
|
||||
@@ -70,7 +70,7 @@
|
||||
</div>
|
||||
<div class="dropdown-menu dropdown-menu-right">
|
||||
{% for rpp_option in table.results_per_page_choices %}
|
||||
<a class="dropdown-item {% if table.results_per_page_chosen == rpp_option %}selected{% endif %}" href="{% querystring table.results_per_page_parameter=rpp_option %}">
|
||||
<a class="dropdown-item {% if table.results_per_page_chosen == rpp_option %}selected{% endif %}" href="{% querystring %}&{{ table.results_per_page_parameter}}={{rpp_option }}">
|
||||
{{ rpp_option }}
|
||||
</a>
|
||||
{% endfor %}
|
||||
|
||||
@@ -9615,212 +9615,212 @@ Copyright (c) 2012 Willow Systems Corporation, willow-systems.com
|
||||
};
|
||||
})(jsPDF.API);
|
||||
|
||||
/* Blob.js
|
||||
* A Blob implementation.
|
||||
* 2014-07-24
|
||||
*
|
||||
* By Eli Grey, http://eligrey.com
|
||||
* By Devin Samarin, https://github.com/dsamarin
|
||||
* License: X11/MIT
|
||||
* See https://github.com/eligrey/Blob.js/blob/master/LICENSE.md
|
||||
*/
|
||||
|
||||
/*global self, unescape */
|
||||
/*jslint bitwise: true, regexp: true, confusion: true, es5: true, vars: true, white: true,
|
||||
plusplus: true */
|
||||
|
||||
/*! @source http://purl.eligrey.com/github/Blob.js/blob/master/Blob.js */
|
||||
|
||||
(function (view) {
|
||||
"use strict";
|
||||
|
||||
view.URL = view.URL || view.webkitURL;
|
||||
|
||||
if (view.Blob && view.URL) {
|
||||
try {
|
||||
new Blob;
|
||||
return;
|
||||
} catch (e) {}
|
||||
}
|
||||
|
||||
// Internally we use a BlobBuilder implementation to base Blob off of
|
||||
// in order to support older browsers that only have BlobBuilder
|
||||
var BlobBuilder = view.BlobBuilder || view.WebKitBlobBuilder || view.MozBlobBuilder || (function(view) {
|
||||
var
|
||||
get_class = function(object) {
|
||||
return Object.prototype.toString.call(object).match(/^\[object\s(.*)\]$/)[1];
|
||||
}
|
||||
, FakeBlobBuilder = function BlobBuilder() {
|
||||
this.data = [];
|
||||
}
|
||||
, FakeBlob = function Blob(data, type, encoding) {
|
||||
this.data = data;
|
||||
this.size = data.length;
|
||||
this.type = type;
|
||||
this.encoding = encoding;
|
||||
}
|
||||
, FBB_proto = FakeBlobBuilder.prototype
|
||||
, FB_proto = FakeBlob.prototype
|
||||
, FileReaderSync = view.FileReaderSync
|
||||
, FileException = function(type) {
|
||||
this.code = this[this.name = type];
|
||||
}
|
||||
, file_ex_codes = (
|
||||
"NOT_FOUND_ERR SECURITY_ERR ABORT_ERR NOT_READABLE_ERR ENCODING_ERR "
|
||||
+ "NO_MODIFICATION_ALLOWED_ERR INVALID_STATE_ERR SYNTAX_ERR"
|
||||
).split(" ")
|
||||
, file_ex_code = file_ex_codes.length
|
||||
, real_URL = view.URL || view.webkitURL || view
|
||||
, real_create_object_URL = real_URL.createObjectURL
|
||||
, real_revoke_object_URL = real_URL.revokeObjectURL
|
||||
, URL = real_URL
|
||||
, btoa = view.btoa
|
||||
, atob = view.atob
|
||||
|
||||
, ArrayBuffer = view.ArrayBuffer
|
||||
, Uint8Array = view.Uint8Array
|
||||
|
||||
, origin = /^[\w-]+:\/*\[?[\w\.:-]+\]?(?::[0-9]+)?/;
|
||||
FakeBlob.fake = FB_proto.fake = true;
|
||||
while (file_ex_code--) {
|
||||
FileException.prototype[file_ex_codes[file_ex_code]] = file_ex_code + 1;
|
||||
}
|
||||
// Polyfill URL
|
||||
if (!real_URL.createObjectURL) {
|
||||
URL = view.URL = function(uri) {
|
||||
var
|
||||
uri_info = document.createElementNS("http://www.w3.org/1999/xhtml", "a")
|
||||
, uri_origin;
|
||||
uri_info.href = uri;
|
||||
if (!("origin" in uri_info)) {
|
||||
if (uri_info.protocol.toLowerCase() === "data:") {
|
||||
uri_info.origin = null;
|
||||
} else {
|
||||
uri_origin = uri.match(origin);
|
||||
uri_info.origin = uri_origin && uri_origin[1];
|
||||
}
|
||||
}
|
||||
return uri_info;
|
||||
};
|
||||
}
|
||||
URL.createObjectURL = function(blob) {
|
||||
var
|
||||
type = blob.type
|
||||
, data_URI_header;
|
||||
if (type === null) {
|
||||
type = "application/octet-stream";
|
||||
}
|
||||
if (blob instanceof FakeBlob) {
|
||||
data_URI_header = "data:" + type;
|
||||
if (blob.encoding === "base64") {
|
||||
return data_URI_header + ";base64," + blob.data;
|
||||
} else if (blob.encoding === "URI") {
|
||||
return data_URI_header + "," + decodeURIComponent(blob.data);
|
||||
} if (btoa) {
|
||||
return data_URI_header + ";base64," + btoa(blob.data);
|
||||
} else {
|
||||
return data_URI_header + "," + encodeURIComponent(blob.data);
|
||||
}
|
||||
} else if (real_create_object_URL) {
|
||||
return real_create_object_URL.call(real_URL, blob);
|
||||
}
|
||||
};
|
||||
URL.revokeObjectURL = function(object_URL) {
|
||||
if (object_URL.substring(0, 5) !== "data:" && real_revoke_object_URL) {
|
||||
real_revoke_object_URL.call(real_URL, object_URL);
|
||||
}
|
||||
};
|
||||
FBB_proto.append = function(data/*, endings*/) {
|
||||
var bb = this.data;
|
||||
// decode data to a binary string
|
||||
if (Uint8Array && (data instanceof ArrayBuffer || data instanceof Uint8Array)) {
|
||||
var
|
||||
str = ""
|
||||
, buf = new Uint8Array(data)
|
||||
, i = 0
|
||||
, buf_len = buf.length;
|
||||
for (; i < buf_len; i++) {
|
||||
str += String.fromCharCode(buf[i]);
|
||||
}
|
||||
bb.push(str);
|
||||
} else if (get_class(data) === "Blob" || get_class(data) === "File") {
|
||||
if (FileReaderSync) {
|
||||
var fr = new FileReaderSync;
|
||||
bb.push(fr.readAsBinaryString(data));
|
||||
} else {
|
||||
// async FileReader won't work as BlobBuilder is sync
|
||||
throw new FileException("NOT_READABLE_ERR");
|
||||
}
|
||||
} else if (data instanceof FakeBlob) {
|
||||
if (data.encoding === "base64" && atob) {
|
||||
bb.push(atob(data.data));
|
||||
} else if (data.encoding === "URI") {
|
||||
bb.push(decodeURIComponent(data.data));
|
||||
} else if (data.encoding === "raw") {
|
||||
bb.push(data.data);
|
||||
}
|
||||
} else {
|
||||
if (typeof data !== "string") {
|
||||
data += ""; // convert unsupported types to strings
|
||||
}
|
||||
// decode UTF-16 to binary string
|
||||
bb.push(unescape(encodeURIComponent(data)));
|
||||
}
|
||||
};
|
||||
FBB_proto.getBlob = function(type) {
|
||||
if (!arguments.length) {
|
||||
type = null;
|
||||
}
|
||||
return new FakeBlob(this.data.join(""), type, "raw");
|
||||
};
|
||||
FBB_proto.toString = function() {
|
||||
return "[object BlobBuilder]";
|
||||
};
|
||||
FB_proto.slice = function(start, end, type) {
|
||||
var args = arguments.length;
|
||||
if (args < 3) {
|
||||
type = null;
|
||||
}
|
||||
return new FakeBlob(
|
||||
this.data.slice(start, args > 1 ? end : this.data.length)
|
||||
, type
|
||||
, this.encoding
|
||||
);
|
||||
};
|
||||
FB_proto.toString = function() {
|
||||
return "[object Blob]";
|
||||
};
|
||||
FB_proto.close = function() {
|
||||
this.size = 0;
|
||||
delete this.data;
|
||||
};
|
||||
return FakeBlobBuilder;
|
||||
}(view));
|
||||
|
||||
view.Blob = function(blobParts, options) {
|
||||
var type = options ? (options.type || "") : "";
|
||||
var builder = new BlobBuilder();
|
||||
if (blobParts) {
|
||||
for (var i = 0, len = blobParts.length; i < len; i++) {
|
||||
if (Uint8Array && blobParts[i] instanceof Uint8Array) {
|
||||
builder.append(blobParts[i].buffer);
|
||||
}
|
||||
else {
|
||||
builder.append(blobParts[i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
var blob = builder.getBlob(type);
|
||||
if (!blob.slice && blob.webkitSlice) {
|
||||
blob.slice = blob.webkitSlice;
|
||||
}
|
||||
return blob;
|
||||
};
|
||||
|
||||
var getPrototypeOf = Object.getPrototypeOf || function(object) {
|
||||
return object.__proto__;
|
||||
};
|
||||
view.Blob.prototype = getPrototypeOf(new view.Blob());
|
||||
/* Blob.js
|
||||
* A Blob implementation.
|
||||
* 2014-07-24
|
||||
*
|
||||
* By Eli Grey, http://eligrey.com
|
||||
* By Devin Samarin, https://github.com/dsamarin
|
||||
* License: X11/MIT
|
||||
* See https://github.com/eligrey/Blob.js/blob/master/LICENSE.md
|
||||
*/
|
||||
|
||||
/*global self, unescape */
|
||||
/*jslint bitwise: true, regexp: true, confusion: true, es5: true, vars: true, white: true,
|
||||
plusplus: true */
|
||||
|
||||
/*! @source http://purl.eligrey.com/github/Blob.js/blob/master/Blob.js */
|
||||
|
||||
(function (view) {
|
||||
"use strict";
|
||||
|
||||
view.URL = view.URL || view.webkitURL;
|
||||
|
||||
if (view.Blob && view.URL) {
|
||||
try {
|
||||
new Blob;
|
||||
return;
|
||||
} catch (e) {}
|
||||
}
|
||||
|
||||
// Internally we use a BlobBuilder implementation to base Blob off of
|
||||
// in order to support older browsers that only have BlobBuilder
|
||||
var BlobBuilder = view.BlobBuilder || view.WebKitBlobBuilder || view.MozBlobBuilder || (function(view) {
|
||||
var
|
||||
get_class = function(object) {
|
||||
return Object.prototype.toString.call(object).match(/^\[object\s(.*)\]$/)[1];
|
||||
}
|
||||
, FakeBlobBuilder = function BlobBuilder() {
|
||||
this.data = [];
|
||||
}
|
||||
, FakeBlob = function Blob(data, type, encoding) {
|
||||
this.data = data;
|
||||
this.size = data.length;
|
||||
this.type = type;
|
||||
this.encoding = encoding;
|
||||
}
|
||||
, FBB_proto = FakeBlobBuilder.prototype
|
||||
, FB_proto = FakeBlob.prototype
|
||||
, FileReaderSync = view.FileReaderSync
|
||||
, FileException = function(type) {
|
||||
this.code = this[this.name = type];
|
||||
}
|
||||
, file_ex_codes = (
|
||||
"NOT_FOUND_ERR SECURITY_ERR ABORT_ERR NOT_READABLE_ERR ENCODING_ERR "
|
||||
+ "NO_MODIFICATION_ALLOWED_ERR INVALID_STATE_ERR SYNTAX_ERR"
|
||||
).split(" ")
|
||||
, file_ex_code = file_ex_codes.length
|
||||
, real_URL = view.URL || view.webkitURL || view
|
||||
, real_create_object_URL = real_URL.createObjectURL
|
||||
, real_revoke_object_URL = real_URL.revokeObjectURL
|
||||
, URL = real_URL
|
||||
, btoa = view.btoa
|
||||
, atob = view.atob
|
||||
|
||||
, ArrayBuffer = view.ArrayBuffer
|
||||
, Uint8Array = view.Uint8Array
|
||||
|
||||
, origin = /^[\w-]+:\/*\[?[\w\.:-]+\]?(?::[0-9]+)?/;
|
||||
FakeBlob.fake = FB_proto.fake = true;
|
||||
while (file_ex_code--) {
|
||||
FileException.prototype[file_ex_codes[file_ex_code]] = file_ex_code + 1;
|
||||
}
|
||||
// Polyfill URL
|
||||
if (!real_URL.createObjectURL) {
|
||||
URL = view.URL = function(uri) {
|
||||
var
|
||||
uri_info = document.createElementNS("http://www.w3.org/1999/xhtml", "a")
|
||||
, uri_origin;
|
||||
uri_info.href = uri;
|
||||
if (!("origin" in uri_info)) {
|
||||
if (uri_info.protocol.toLowerCase() === "data:") {
|
||||
uri_info.origin = null;
|
||||
} else {
|
||||
uri_origin = uri.match(origin);
|
||||
uri_info.origin = uri_origin && uri_origin[1];
|
||||
}
|
||||
}
|
||||
return uri_info;
|
||||
};
|
||||
}
|
||||
URL.createObjectURL = function(blob) {
|
||||
var
|
||||
type = blob.type
|
||||
, data_URI_header;
|
||||
if (type === null) {
|
||||
type = "application/octet-stream";
|
||||
}
|
||||
if (blob instanceof FakeBlob) {
|
||||
data_URI_header = "data:" + type;
|
||||
if (blob.encoding === "base64") {
|
||||
return data_URI_header + ";base64," + blob.data;
|
||||
} else if (blob.encoding === "URI") {
|
||||
return data_URI_header + "," + decodeURIComponent(blob.data);
|
||||
} if (btoa) {
|
||||
return data_URI_header + ";base64," + btoa(blob.data);
|
||||
} else {
|
||||
return data_URI_header + "," + encodeURIComponent(blob.data);
|
||||
}
|
||||
} else if (real_create_object_URL) {
|
||||
return real_create_object_URL.call(real_URL, blob);
|
||||
}
|
||||
};
|
||||
URL.revokeObjectURL = function(object_URL) {
|
||||
if (object_URL.substring(0, 5) !== "data:" && real_revoke_object_URL) {
|
||||
real_revoke_object_URL.call(real_URL, object_URL);
|
||||
}
|
||||
};
|
||||
FBB_proto.append = function(data/*, endings*/) {
|
||||
var bb = this.data;
|
||||
// decode data to a binary string
|
||||
if (Uint8Array && (data instanceof ArrayBuffer || data instanceof Uint8Array)) {
|
||||
var
|
||||
str = ""
|
||||
, buf = new Uint8Array(data)
|
||||
, i = 0
|
||||
, buf_len = buf.length;
|
||||
for (; i < buf_len; i++) {
|
||||
str += String.fromCharCode(buf[i]);
|
||||
}
|
||||
bb.push(str);
|
||||
} else if (get_class(data) === "Blob" || get_class(data) === "File") {
|
||||
if (FileReaderSync) {
|
||||
var fr = new FileReaderSync;
|
||||
bb.push(fr.readAsBinaryString(data));
|
||||
} else {
|
||||
// async FileReader won't work as BlobBuilder is sync
|
||||
throw new FileException("NOT_READABLE_ERR");
|
||||
}
|
||||
} else if (data instanceof FakeBlob) {
|
||||
if (data.encoding === "base64" && atob) {
|
||||
bb.push(atob(data.data));
|
||||
} else if (data.encoding === "URI") {
|
||||
bb.push(decodeURIComponent(data.data));
|
||||
} else if (data.encoding === "raw") {
|
||||
bb.push(data.data);
|
||||
}
|
||||
} else {
|
||||
if (typeof data !== "string") {
|
||||
data += ""; // convert unsupported types to strings
|
||||
}
|
||||
// decode UTF-16 to binary string
|
||||
bb.push(unescape(encodeURIComponent(data)));
|
||||
}
|
||||
};
|
||||
FBB_proto.getBlob = function(type) {
|
||||
if (!arguments.length) {
|
||||
type = null;
|
||||
}
|
||||
return new FakeBlob(this.data.join(""), type, "raw");
|
||||
};
|
||||
FBB_proto.toString = function() {
|
||||
return "[object BlobBuilder]";
|
||||
};
|
||||
FB_proto.slice = function(start, end, type) {
|
||||
var args = arguments.length;
|
||||
if (args < 3) {
|
||||
type = null;
|
||||
}
|
||||
return new FakeBlob(
|
||||
this.data.slice(start, args > 1 ? end : this.data.length)
|
||||
, type
|
||||
, this.encoding
|
||||
);
|
||||
};
|
||||
FB_proto.toString = function() {
|
||||
return "[object Blob]";
|
||||
};
|
||||
FB_proto.close = function() {
|
||||
this.size = 0;
|
||||
delete this.data;
|
||||
};
|
||||
return FakeBlobBuilder;
|
||||
}(view));
|
||||
|
||||
view.Blob = function(blobParts, options) {
|
||||
var type = options ? (options.type || "") : "";
|
||||
var builder = new BlobBuilder();
|
||||
if (blobParts) {
|
||||
for (var i = 0, len = blobParts.length; i < len; i++) {
|
||||
if (Uint8Array && blobParts[i] instanceof Uint8Array) {
|
||||
builder.append(blobParts[i].buffer);
|
||||
}
|
||||
else {
|
||||
builder.append(blobParts[i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
var blob = builder.getBlob(type);
|
||||
if (!blob.slice && blob.webkitSlice) {
|
||||
blob.slice = blob.webkitSlice;
|
||||
}
|
||||
return blob;
|
||||
};
|
||||
|
||||
var getPrototypeOf = Object.getPrototypeOf || function(object) {
|
||||
return object.__proto__;
|
||||
};
|
||||
view.Blob.prototype = getPrototypeOf(new view.Blob());
|
||||
}(typeof self !== "undefined" && self || typeof window !== "undefined" && window || undefined.content || undefined));
|
||||
|
||||
/* FileSaver.js
|
||||
|
||||
+59
-15
@@ -7,9 +7,10 @@ Created on: 10.05.24
|
||||
"""
|
||||
import base64
|
||||
import hashlib
|
||||
import http
|
||||
import json
|
||||
|
||||
from cryptography.fernet import Fernet
|
||||
from cryptography.fernet import Fernet, InvalidToken
|
||||
from django.core.exceptions import ObjectDoesNotExist
|
||||
from django.http import HttpRequest, JsonResponse
|
||||
from django.utils.decorators import method_decorator
|
||||
@@ -27,34 +28,77 @@ class PropagateUserView(View):
|
||||
proper rights management)
|
||||
|
||||
"""
|
||||
class PropagateStatus:
|
||||
UNPROCESSED = "unprocessed"
|
||||
UPDATED = "updated"
|
||||
CREATED = "created"
|
||||
|
||||
@method_decorator(csrf_exempt)
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
return super().dispatch(request, *args, **kwargs)
|
||||
|
||||
def post(self, request: HttpRequest, *args, **kwargs):
|
||||
response_data = {
|
||||
"success": None,
|
||||
"status": None
|
||||
}
|
||||
|
||||
# Decrypt
|
||||
encrypted_body = request.body
|
||||
_hash = hashlib.md5()
|
||||
_hash.update(PROPAGATION_SECRET.encode("utf-8"))
|
||||
key = base64.urlsafe_b64encode(_hash.hexdigest().encode("utf-8"))
|
||||
fernet = Fernet(key)
|
||||
body = fernet.decrypt(encrypted_body).decode("utf-8")
|
||||
body = json.loads(body)
|
||||
|
||||
try:
|
||||
status = "updated"
|
||||
user = User.resolve_user_using_propagation_data(body)
|
||||
user = user.update_user_using_propagation_data(body)
|
||||
except ObjectDoesNotExist:
|
||||
user = User(**body)
|
||||
status = "created"
|
||||
body = fernet.decrypt(encrypted_body).decode("utf-8")
|
||||
body = json.loads(body)
|
||||
except InvalidToken:
|
||||
response_data["error"] = "Invalid Token"
|
||||
response_data["success"] = False
|
||||
response_data["status"] = self.PropagateStatus.UNPROCESSED
|
||||
return JsonResponse(
|
||||
status=http.HTTPStatus.UNPROCESSABLE_CONTENT,
|
||||
data=response_data
|
||||
)
|
||||
except (json.JSONDecodeError) as e:
|
||||
response_data["error"] = str(e)
|
||||
response_data["success"] = False
|
||||
response_data["status"] = self.PropagateStatus.UNPROCESSED
|
||||
return JsonResponse(
|
||||
status=http.HTTPStatus.UNPROCESSABLE_CONTENT,
|
||||
data=response_data
|
||||
)
|
||||
|
||||
# Process decrypted user data
|
||||
processing_ret_vals = self.__process_user_data(body)
|
||||
response_data["success"] = processing_ret_vals[0]
|
||||
response_data["status"] = processing_ret_vals[1]
|
||||
user = processing_ret_vals[2]
|
||||
|
||||
user.set_unusable_password()
|
||||
user.save()
|
||||
|
||||
data = {
|
||||
"success": True,
|
||||
"status": status
|
||||
}
|
||||
return JsonResponse(
|
||||
status=http.HTTPStatus.OK,
|
||||
data=response_data
|
||||
)
|
||||
|
||||
return JsonResponse(data)
|
||||
def __process_user_data(self, body: dict) -> (bool, str, User):
|
||||
""" Process decrypted user data
|
||||
|
||||
Args:
|
||||
body:
|
||||
|
||||
Returns:
|
||||
success (bool): Whether the processing was successful
|
||||
status (str): In which way the data was used ('created' | 'updated')
|
||||
user (User): Processed user object
|
||||
"""
|
||||
try:
|
||||
user = User.resolve_user_using_propagation_data(body)
|
||||
user = user.update_user_using_propagation_data(body)
|
||||
status = self.PropagateStatus.UPDATED
|
||||
except ObjectDoesNotExist:
|
||||
user = User(**body)
|
||||
status = self.PropagateStatus.CREATED
|
||||
return True, status, user
|
||||
|
||||
Reference in New Issue
Block a user