From df62e102881c0ee41ca275994e5ab04d4b61f6ad Mon Sep 17 00:00:00 2001
From: Thomas NOEL <tnoel@entrouvert.com>
Date: Thu, 20 Jul 2017 09:20:00 +0200
Subject: [PATCH] add 'carte famille' download endpoint (#17712)

---
 combo_plugin_nanterre/urls.py  | 11 +++++---
 combo_plugin_nanterre/views.py | 51 ++++++++++++++++++++++++++++++----
 2 files changed, 53 insertions(+), 9 deletions(-)

diff --git a/combo_plugin_nanterre/urls.py b/combo_plugin_nanterre/urls.py
index d1597de..2cc08e5 100644
--- a/combo_plugin_nanterre/urls.py
+++ b/combo_plugin_nanterre/urls.py
@@ -16,13 +16,16 @@
 
 from django.conf.urls import url
 
-from .views import saga_transaction, saga_retour_asynchrone, saga_retour_synchrone
+from .views import (saga_transaction, saga_retour_asynchrone,
+                    saga_retour_synchrone, qf_carte_famille)
 
 urlpatterns = [
     url('^_plugin/nanterre/saga-transaction/*$', saga_transaction,
-           name='nanterre-saga-transaction'),
+        name='nanterre-saga-transaction'),
     url('^_plugin/nanterre/saga-retour-asynchrone/*$', saga_retour_asynchrone,
-           name='nanterre-saga-retour-asynchrone'),
+        name='nanterre-saga-retour-asynchrone'),
     url('^_plugin/nanterre/saga-retour-synchrone/*$', saga_retour_synchrone,
-           name='nanterre-saga-retour-synchrone'),
+        name='nanterre-saga-retour-synchrone'),
+    url('^_plugin/nanterre/qf-carte-famille/(?P<qf_id>\w+)/$', qf_carte_famille,
+        name='nanterre-qf-carte-famille'),
 ]
diff --git a/combo_plugin_nanterre/views.py b/combo_plugin_nanterre/views.py
index e70c809..505f048 100644
--- a/combo_plugin_nanterre/views.py
+++ b/combo_plugin_nanterre/views.py
@@ -21,8 +21,9 @@ import logging
 from django.conf import settings
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
+from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
-from django.http import HttpResponse, HttpResponseRedirect
+from django.http import HttpResponse, HttpResponseRedirect, Http404
 from django.template import RequestContext
 from django.views.decorators.csrf import csrf_exempt
 
@@ -120,8 +121,8 @@ def saga_retour_synchrone(request):
         return HttpResponseRedirect(next_url)
 
     # add a result message and redirect
-    if (isinstance(saga, dict) and saga.get('err') == 0
-            and saga.get('data', {}).get('etat')):
+    if (isinstance(saga, dict) and saga.get('err') == 0 and
+            saga.get('data', {}).get('etat')):
         etat = saga['data']['etat']
         if etat in MESSAGE_BY_STATE:
             logger.info('[rsu/saga] retour-synchrone: idop=%s etat=%s',
@@ -150,8 +151,8 @@ def saga_retour_asynchrone(request):
         err = 1
         logger.error('[rsu/saga] retour-asynchrone: cannot post idop=%s', idop)
     else:
-        if (isinstance(saga, dict) and saga.get('err') == 0
-                and saga.get('data', {}).get('etat')):
+        if (isinstance(saga, dict) and saga.get('err') == 0 and
+                saga.get('data', {}).get('etat')):
             etat = saga['data']['etat']
             if etat in MESSAGE_BY_STATE:
                 logger.info('[rsu/saga] retour-asynchrone: idop=%s etat=%s',
@@ -167,3 +168,43 @@ def saga_retour_asynchrone(request):
     response = HttpResponse(content_type='application/json')
     response.write(json.dumps({'err': err}))
     return response
+
+
+@login_required
+def qf_carte_famille(request, qf_id):
+    logger = logging.getLogger('combo_plugin_nanterre.qf_carte_famille')
+    rsu_id = request.GET.get('rsu_id')
+    if rsu_id:
+        # rsu_id can be set only by NANTERRE_QF_READER_GROUP members
+        # (ie only for RSU agents in RSU backoffice)
+        qf_reader_group = getattr(settings, 'NANTERRE_QF_READER_GROUP', None)
+        if not qf_reader_group:
+            logger.warning('rsu_id present but settings.NANTERRE_QF_READER_GROUP is unset')
+            raise PermissionDenied
+        if not request.user.groups.filter(name=qf_reader_group).exists():
+            logger.warning('rsu_id present but request user is not in NANTERRE_QF_READER_GROUP')
+            raise PermissionDenied
+    else:
+        rsu_id = request.user.saml_identifiers.first().name_id
+    url = '[zoo_url]rsu/qf/[rsu_id]/editer-carte/[qf_id]/'
+    context = RequestContext(request, {'request': request,
+                                       'rsu_id': rsu_id,
+                                       'qf_id': qf_id})
+    url = get_templated_url(url, context=context)
+    carte = requests.get(url, timeout=40)
+    if carte.status_code != 200:
+        logger.warning('fail to get PDF on %s, got status %s', url, carte.status_code)
+        raise Http404
+    content_type = carte.headers.get('Content-Type')
+    if content_type == 'application/json':
+        logger.warning('fail to get PDF on %s, got JSON: %r', url, carte.content)
+        raise Http404
+    if content_type != 'application/pdf':
+        logger.warning('fail to get PDF on %s, got %s: %r', url, content_type,
+                       carte.content[200:])
+        raise Http404
+    filename = 'carte-famille-%s.pdf' % qf_id
+    logger.debug('return %s obtained from %s', filename, url)
+    response = HttpResponse(carte.content, content_type=content_type)
+    response['Content-Disposition'] = 'attachment; filename="%s"' % filename
+    return response