onadata.apps.api package

Subpackages

Submodules

onadata.apps.api.admin module

API Django admin amendments.

class onadata.apps.api.admin.FilterSuperuserMixin

Bases: object

Filter by request user and give full access to superuser.

get_queryset(request)

Filter by request.user unless is_superuser.

class onadata.apps.api.admin.OrganizationProfileAdmin(model, admin_site)

Bases: FilterSuperuserMixin, ModelAdmin

Filter by request.user unless is_superuser.

property media
class onadata.apps.api.admin.TeamAdmin(model, admin_site)

Bases: FilterSuperuserMixin, ModelAdmin

Filter by request.user unless is_superuser.

property media
class onadata.apps.api.admin.TempTokenProfileAdmin(model, admin_site)

Bases: FilterSuperuserMixin, ModelAdmin

Filter by request.user unless is_superuser.

property media

onadata.apps.api.permissions module

API permissions module.

class onadata.apps.api.permissions.AbstractHasPermissionMixin

Bases: object

Checks that the requesting user has permissions to access each of the models in the model_classes instance variable.

has_permission(request, view)

Check request.user is authenticated and the user has permissions.

class onadata.apps.api.permissions.AlternateHasObjectPermissionMixin

Bases: object

AlternateHasObjectPermissionMixin - checks if user has read permissions.

class onadata.apps.api.permissions.AttachmentObjectPermissions

Bases: AlternateHasObjectPermissionMixin, DjangoObjectPermissions

Attachment ObjectPermissions - apply XForm model options.

authenticated_users_only = False
has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.ConnectViewsetPermissions

Bases: IsAuthenticated

ConnectViewsetPermissions - allows reset passwords to all users.

has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.DataViewViewsetPermissions

Bases: AlternateHasObjectPermissionMixin, ViewDjangoObjectPermissions, AbstractHasPermissionMixin, DjangoObjectPermissions

DataView ViewSetPermissions - applies projet permissions to a filtered dataset.

has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Check request.user is authenticated and the user has permissions.

model_classes = [<class 'onadata.apps.logger.models.project.Project'>]
class onadata.apps.api.permissions.DjangoObjectPermissionsAllowAnon

Bases: DjangoObjectPermissions

DjangoObjectPermissionsAllowAnon - allow anonymous access permission.

authenticated_users_only = False
class onadata.apps.api.permissions.DjangoObjectPermissionsIgnoreModelPerm

Bases: DjangoObjectPermissions

Similar to DjangoModelPermissions, except that model permissions are ignored.

has_permission(request, view)

Override has_permission method

class onadata.apps.api.permissions.ExportDjangoObjectPermission

Bases: AlternateHasObjectPermissionMixin, ViewDjangoObjectPermissions

Export DjangoObjectPermission - checks XForm permissions for export permissions.

authenticated_users_only = False
has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Return True if permission is granted, False otherwise.

perms_map = {'DELETE': ['logger.delete_xform'], 'GET': ['logger.view_xform'], 'HEAD': [], 'OPTIONS': [], 'PATCH': ['logger.change_xform'], 'POST': ['logger.add_xform'], 'PUT': ['logger.change_xform']}
class onadata.apps.api.permissions.HasMetadataPermissionMixin

Bases: AbstractHasPermissionMixin

Use the Project, XForm, or both model classes to check permissions based on the request data keys.

has_permission(request, view)

Check request.user is authenticated and the user has permissions.

class onadata.apps.api.permissions.IsAuthenticatedSubmission

Bases: BasePermission

IsAuthenticatedSubmission - checks if profile requires authentication during a submission request.

has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.MetaDataObjectPermissions

Bases: AlternateHasObjectPermissionMixin, HasMetadataPermissionMixin, DjangoObjectPermissions

MetaData ObjectPermissions - apply Xform permision for given response.

has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.OpenDataViewSetPermissions

Bases: IsAuthenticated, AlternateHasObjectPermissionMixin, DjangoObjectPermissionsAllowAnon

OpenDataViewSetPermissions - allow anonymous access to schema and data end-points of an open dataset.

has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.OrganizationProfilePermissions

Bases: DjangoObjectPermissionsAllowAnon

OrganizationProfilePermissions - allow authenticated users to delete an org

has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.ProjectPermissions

Bases: DjangoObjectPermissions

ProjectPermissions - allows anonymous to star a project.

authenticated_users_only = False
has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.RestServiceObjectPermissions

Bases: AlternateHasObjectPermissionMixin, HasMetadataPermissionMixin, DjangoObjectPermissions

RestService ObjectPermissions - apply XForm permisions for a RestService model.

has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.SubmissionReviewPermissions

Bases: XFormPermissions

Custom Permission Checks for SubmissionReviews

has_object_permission(request, view, obj)

Custom has_object_permission method

has_permission(request, view)

Custom has_permission method

perms_map = {'DELETE': ['logger.delete_xform'], 'GET': [], 'HEAD': [], 'OPTIONS': [], 'PATCH': ['logger.change_xform'], 'POST': ['logger.add_xform'], 'PUT': ['logger.change_xform']}
class onadata.apps.api.permissions.UserProfilePermissions

Bases: DjangoObjectPermissions

UserProfilePermissions - allows anonymous users to create a profile.

authenticated_users_only = False
has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.UserViewSetPermissions

Bases: DjangoModelPermissionsOrAnonReadOnly

User ViewSetPermissions - do not allow user search for anonymous users.

has_permission(request, view)

Return True if permission is granted, False otherwise.

class onadata.apps.api.permissions.ViewDjangoObjectPermissions

Bases: DjangoObjectPermissions

View DjangoObjectPermissions - applies view_<model_name> permissions for GET requests.

perms_map = {'DELETE': ['%(app_label)s.delete_%(model_name)s'], 'GET': ['%(app_label)s.view_%(model_name)s'], 'HEAD': [], 'OPTIONS': [], 'PATCH': ['%(app_label)s.change_%(model_name)s'], 'POST': ['%(app_label)s.add_%(model_name)s'], 'PUT': ['%(app_label)s.change_%(model_name)s']}
class onadata.apps.api.permissions.WidgetViewSetPermissions

Bases: AlternateHasObjectPermissionMixin, ViewDjangoObjectPermissions, AbstractHasPermissionMixin, DjangoObjectPermissions

Widget ViewSetPermissions - apply project permissions check.

authenticated_users_only = False
has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Check request.user is authenticated and the user has permissions.

model_classes = [<class 'onadata.apps.logger.models.project.Project'>]
class onadata.apps.api.permissions.XFormPermissions

Bases: DjangoObjectPermissions

XFormPermissions - custom permissions check on XForm viewset.

authenticated_users_only = False
has_object_permission(request, view, obj)

Return True if permission is granted, False otherwise.

has_permission(request, view)

Return True if permission is granted, False otherwise.

onadata.apps.api.storage module

Storage module for the api app

class onadata.apps.api.storage.ODKTokenAccountStorage

Bases: AccountStorage

Digest Account Backend class

In order to utilize this storage as the default account storage for Digest Authentication set the DIGEST_ACCOUNT_BACKEND variable in your local_settings to ‘onadata.apps.api.storage.ODKTokenAccountStorage’

GET_PARTIAL_DIGEST_QUERY = "\n    SELECT django_digest_partialdigest.login,\n     django_digest_partialdigest.partial_digest\n      FROM django_digest_partialdigest\n      INNER JOIN auth_user ON\n        auth_user.id = django_digest_partialdigest.user_id\n      INNER JOIN api_odktoken ON\n        api_odktoken.user_id = django_digest_partialdigest.user_id\n      WHERE django_digest_partialdigest.login = %s\n        AND django_digest_partialdigest.confirmed\n        AND auth_user.is_active\n        AND api_odktoken.status='1'\n    "
get_partial_digest(username)

Checks that the returned partial digest is associated with a Token that isn’t past it’s expire date.

Sets an ODK Token to Inactive if the associate token has passed its expiry date

onadata.apps.api.tasks module

Celery api.tasks module.

onadata.apps.api.tasks.get_async_status(job_uuid)

Gets progress status or result

onadata.apps.api.tasks.recreate_tmp_file(name, path, mime_type)

Creates a TemporaryUploadedFile from a file path with given name

onadata.apps.api.tools module

API utility functions.

onadata.apps.api.tools.add_tags_to_instance(request, instance)

Add tags to an instance.

onadata.apps.api.tools.add_team_to_project(team, project)

Adds a team to a project

Parameters:

  • team

  • project

Returns:

True if successful or project has already been added to the team

onadata.apps.api.tools.add_user_to_organization(organization, user, role=None)

Add a user to an organization

Add user to organization and all projects in the organization

Parameters:

  • organization – OrganizationProfile instance

  • user – User instance

  • role – Role name

Returns:

None

onadata.apps.api.tools.check_inherit_permission_from_project(xform_id, user)

Checks if a user has the same project permissions for the given xform_id, if there is a difference applies the project permissions to the user for the given xform_id.

onadata.apps.api.tools.create_organization(name, creator)

Organization created by a user - create a team, OwnerTeam with full permissions to the creator - Team(name=’Owners’, organization=organization).save()

onadata.apps.api.tools.create_organization_object(org_name, creator, attrs=None)

Creates an OrganizationProfile object without saving to the database

onadata.apps.api.tools.create_organization_project(organization, project_name, created_by)

Creates a project for a given organization :param organization: User organization :param project_name :param created_by: User with permissions to create projects within the organization

Returns:

a Project instance

onadata.apps.api.tools.do_publish_xlsform(user, post, files, owner, id_string=None, project=None)

Publishes XLSForm.

onadata.apps.api.tools.generate_tmp_path(uploaded_csv_file)

Write file to temporary folder if not already there :param uploaded_csv_file: :return: path to the tmp folder

onadata.apps.api.tools.get_accessible_forms(owner=None, shared_form=False, shared_data=False)

Returns XForm queryset of the forms based on the arguments owner, shared_form and shared_data.

Returns only public forms if owner is ‘public’ otherwise returns forms belonging to owner.

onadata.apps.api.tools.get_baseviewset_class()

Checks the setting if the default viewset is implementded otherwise loads the default in onadata :return: the default baseviewset

onadata.apps.api.tools.get_host_domain(request)

Get host from reques or check the Site model

onadata.apps.api.tools.get_instance_xform_or_none(instance_id)

Returns the XForm an Instance belongs to

onadata.apps.api.tools.get_media_file_response(metadata, request=None)

Returns a HTTP response for media files.

HttpResponse 200 if it represents a file on disk. HttpResponseRedirect 302 incase the metadata represents a url. HttpResponseNotFound 404 if the metadata file cannot be found.

onadata.apps.api.tools.get_org_profile_cache_key(user, organization)

Return cache key given user and organization profile

onadata.apps.api.tools.get_organization_members(organization)

Get members team user queryset

onadata.apps.api.tools.get_organization_owners(organization)

Get owners team user queryset

onadata.apps.api.tools.get_team_members(org_username)

Return members team if it exists else none.

Parameters:

org_username – organization name

Returns:

team

onadata.apps.api.tools.get_user_profile_or_none(username)

Returns a UserProfile instance if the user exists otherwise returns None.

onadata.apps.api.tools.get_xform(formid, request, username=None)

Returns XForm instance if request.user has permissions to it otherwise it raises PermissionDenied() exception.

onadata.apps.api.tools.get_xform_list_cache_key(user, xform_or_project)

Get the cache key for the XForm list by user’s role

Parameters:

  • user – User making request

  • xform_or_project – XForm or Project being accessed

Returns:

cache key based on role assigned to form/project

onadata.apps.api.tools.get_xform_users(xform)

Utility function that returns users and their roles in a form. :param xform: :return:

onadata.apps.api.tools.invalidate_organization_cache(org_username)

Set organization cache to none for all roles

onadata.apps.api.tools.invalidate_xform_list_cache(xform)

Invalidate the cache for the XForm list by user’s role

Parameters:

xform – XForm instance

Returns:

None

onadata.apps.api.tools.publish_project_xform(request, project)

Publish XLSForm to a project given a request.

onadata.apps.api.tools.publish_xlsform(request, owner, id_string=None, project=None)

Publishes XLSForm & creates an XFormVersion object given a request.

onadata.apps.api.tools.remove_user_from_organization(organization, user)

Remove a user from an organization

Remove user from organization and all projects in the organization

Parameters:

  • organization – OrganizationProfile instance

  • user – User instance

Returns:

None

onadata.apps.api.tools.remove_user_from_team(team, user)

Removes given user from the team and also removes team permissions from the user.

onadata.apps.api.tools.replace_attachment_name_with_url(data, request)

Replaces the attachment filename with a URL in data object.

onadata.apps.api.tools.set_enketo_signed_cookies(resp, username=None, json_web_token=None)

Set signed cookies for JWT token in the HTTPResponse resp object.

onadata.apps.api.tools.update_role_by_meta_xform_perms(xform)

Updates users role in a xform based on meta permissions set on the form.

Module contents