diff --git a/src/openapi.yaml b/src/openapi.yaml
index ac2561fa52..f88e9d2eb2 100644
--- a/src/openapi.yaml
+++ b/src/openapi.yaml
@@ -1336,6 +1336,8 @@ paths:
- `deactivateOn`
- `isDeleted`
- `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
- `askPrivacyConsent`
- `askStatementOfTruth`
- `submissionsRemovalOptions`
@@ -1407,6 +1409,8 @@ paths:
- `deactivateOn`
- `isDeleted`
- `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
- `askPrivacyConsent`
- `askStatementOfTruth`
- `submissionsRemovalOptions`
@@ -1922,6 +1926,8 @@ paths:
- `deactivateOn`
- `isDeleted`
- `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
- `askPrivacyConsent`
- `askStatementOfTruth`
- `submissionsRemovalOptions`
@@ -1999,6 +2005,8 @@ paths:
- `deactivateOn`
- `isDeleted`
- `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
- `askPrivacyConsent`
- `askStatementOfTruth`
- `submissionsRemovalOptions`
@@ -2080,6 +2088,8 @@ paths:
- `deactivateOn`
- `isDeleted`
- `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
- `askPrivacyConsent`
- `askStatementOfTruth`
- `submissionsRemovalOptions`
@@ -2497,6 +2507,88 @@ paths:
$ref: '#/components/headers/X-Is-Form-Designer'
Content-Language:
$ref: '#/components/headers/Content-Language'
+ /api/v2/forms/{uuid_or_slug}/reset_submission_counter:
+ patch:
+ operationId: forms_reset_submission_counter_partial_update
+ description: |-
+ Manage forms.
+
+ Forms are collections of form steps, where each form step points to a formio.js
+ form definition. Multiple definitions are combined in logical steps to build a
+ multi-step/page form for end-users to fill out. Form definitions can be (and are)
+ re-used among different forms.
+
+ **Warning: the response data depends on user permissions**
+
+ Non-staff users receive a subset of the documented fields which are used
+ for internal form configuration. These fields are:
+
+ - `internalName`
+ - `registrationBackends`
+ - `authenticationBackendOptions`
+ - `paymentBackend`
+ - `paymentBackendOptions`
+ - `priceVariableKey`
+ - `product`
+ - `category`
+ - `theme`
+ - `activateOn`
+ - `deactivateOn`
+ - `isDeleted`
+ - `submissionConfirmationTemplate`
+ - `submissionMaximumAllowed`
+ - `submissionCounter`
+ - `askPrivacyConsent`
+ - `askStatementOfTruth`
+ - `submissionsRemovalOptions`
+ - `confirmationEmailTemplate`
+ - `displayMainWebsiteLink`
+ - `includeConfirmationPageContentInPdf`
+ - `translations`
+ - `brpPersonenRequestOptions`
+ parameters:
+ - in: header
+ name: X-CSP-Nonce
+ schema:
+ type: string
+ description: The value of the CSP nonce generated by the page embedding the
+ SDK. If provided, fields containing rich text from WYSIWYG editors will
+ be post-processed to allow inline styles with the provided nonce. If the
+ embedding page emits a `style-src` policy containing `unsafe-inline`, then
+ you can omit this header without losing functionality. We recommend favouring
+ the nonce mechanism though.
+ - in: path
+ name: uuid_or_slug
+ schema:
+ type: integer
+ description: A unique integer value identifying this form.
+ required: true
+ tags:
+ - forms
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedForm'
+ security:
+ - tokenAuth: []
+ - cookieAuth: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Form'
+ description: ''
+ headers:
+ X-Session-Expires-In:
+ $ref: '#/components/headers/X-Session-Expires-In'
+ X-CSRFToken:
+ $ref: '#/components/headers/X-CSRFToken'
+ X-Is-Form-Designer:
+ $ref: '#/components/headers/X-Is-Form-Designer'
+ Content-Language:
+ $ref: '#/components/headers/Content-Language'
/api/v2/forms/{uuid_or_slug}/variables:
get:
operationId: forms_variables_list
@@ -7507,7 +7599,7 @@ components:
Note that this schema is used for both non-admin users filling out forms and
admin users designing forms. The fields that are only relevant for admin users are:
- `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
+ `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
properties:
uuid:
type: string
@@ -7653,6 +7745,16 @@ components:
* `yes` - Yes
* `no_with_overview` - No (with overview page)
* `no_without_overview` - No (without overview page)
+ submissionMaximumAllowed:
+ type: integer
+ nullable: true
+ submissionCounter:
+ type: integer
+ readOnly: true
+ nullable: true
+ submissionLimitReached:
+ type: boolean
+ readOnly: true
suspensionAllowed:
type: boolean
description: Whether the user is allowed to suspend this form or not.
@@ -7768,6 +7870,8 @@ components:
- resumeLinkLifetime
- slug
- steps
+ - submissionCounter
+ - submissionLimitReached
- submissionReportDownloadLinkTitle
- submissionStatementsConfiguration
- url
@@ -8014,7 +8118,7 @@ components:
Note that this schema is used for both non-admin users filling out forms and
admin users designing forms. The fields that are only relevant for admin users are:
- `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
+ `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
properties:
name:
type: string
@@ -8185,7 +8289,7 @@ components:
Note that this schema is used for both non-admin users filling out forms and
admin users designing forms. The fields that are only relevant for admin users are:
- `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
+ `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
properties:
name:
type: string
@@ -9112,7 +9216,7 @@ components:
Note that this schema is used for both non-admin users filling out forms and
admin users designing forms. The fields that are only relevant for admin users are:
- `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
+ `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`.
properties:
uuid:
type: string
@@ -9258,6 +9362,16 @@ components:
* `yes` - Yes
* `no_with_overview` - No (with overview page)
* `no_without_overview` - No (without overview page)
+ submissionMaximumAllowed:
+ type: integer
+ nullable: true
+ submissionCounter:
+ type: integer
+ readOnly: true
+ nullable: true
+ submissionLimitReached:
+ type: boolean
+ readOnly: true
suspensionAllowed:
type: boolean
description: Whether the user is allowed to suspend this form or not.
diff --git a/src/openforms/forms/admin/form.py b/src/openforms/forms/admin/form.py
index 3e4f5f815e..74bd24d5f4 100644
--- a/src/openforms/forms/admin/form.py
+++ b/src/openforms/forms/admin/form.py
@@ -1,6 +1,6 @@
from django.contrib import admin, messages
from django.contrib.admin.templatetags.admin_list import result_headers
-from django.db.models import Count
+from django.db.models import Count, F, Q
from django.http.response import HttpResponse, HttpResponseRedirect
from django.template.response import TemplateResponse
from django.urls import path, reverse
@@ -48,6 +48,21 @@ class FormStepInline(OrderedTabularInline):
extra = 1
+class FormReachedSubmissionLimitListFilter(admin.SimpleListFilter):
+ title = _("has reached submission limit")
+ parameter_name = "submission_limit"
+
+ def lookups(self, request, model_admin):
+ return [("unavailable", "Unavailable for submission")]
+
+ def queryset(self, request, queryset):
+ if self.value() == "unavailable":
+ return queryset.filter(
+ ~Q(submission_maximum_allowed=None)
+ & Q(submission_maximum_allowed=F("submission_counter"))
+ )
+
+
class FormDeletedListFilter(admin.ListFilter):
title = _("is deleted")
parameter_name = "deleted"
@@ -112,6 +127,7 @@ class FormAdmin(
"active",
"maintenance_mode",
"translation_enabled",
+ "submission_maximum_allowed",
"get_authentication_backends_display",
"get_payment_backend_display",
"get_registration_backend_display",
@@ -129,6 +145,7 @@ class FormAdmin(
"maintenance_mode",
"translation_enabled",
FormDeletedListFilter,
+ FormReachedSubmissionLimitListFilter,
)
search_fields = ("uuid", "name", "internal_name", "slug")
diff --git a/src/openforms/forms/api/serializers/form.py b/src/openforms/forms/api/serializers/form.py
index 71b6d69b45..768a24203b 100644
--- a/src/openforms/forms/api/serializers/form.py
+++ b/src/openforms/forms/api/serializers/form.py
@@ -212,6 +212,13 @@ class FormSerializer(PublicFieldsSerializerMixin, serializers.ModelSerializer):
"of type 'checkbox'."
),
)
+ submission_maximum_allowed = serializers.IntegerField(
+ allow_null=True, required=False
+ )
+ submission_counter = serializers.IntegerField(
+ allow_null=True, required=False, read_only=True
+ )
+ submission_limit_reached = serializers.SerializerMethodField()
brp_personen_request_options = BRPPersonenRequestOptionsSerializer(
required=False, allow_null=True
)
@@ -257,6 +264,9 @@ class Meta:
"introduction_page_content",
"explanation_template",
"submission_allowed",
+ "submission_maximum_allowed",
+ "submission_counter",
+ "submission_limit_reached",
"suspension_allowed",
"ask_privacy_consent",
"ask_statement_of_truth",
@@ -299,6 +309,7 @@ class Meta:
"active",
"required_fields_with_asterisk",
"submission_allowed",
+ "submission_limit_reached",
"suspension_allowed",
"send_confirmation_email",
"appointment_options",
@@ -448,6 +459,17 @@ def validate_auto_login_backend(self, attrs):
}
)
+ def validate_submission_maximum_allowed(self, value):
+ if form := self.instance:
+ if value and value <= form.submission_counter:
+ raise serializers.ValidationError(
+ _(
+ "The maximum amount of allowed submissions must be bigger than the existing amount of submissions."
+ "Consider resetting the submissions counter."
+ )
+ )
+ return value
+
def get_required_fields_with_asterisk(self, obj) -> bool:
config = GlobalConfiguration.get_solo()
return config.form_display_required_with_asterisk
@@ -513,6 +535,13 @@ def get_cosign_has_link_in_email(self, obj: Form) -> bool:
config = GlobalConfiguration.get_solo()
return config.cosign_request_template_has_link
+ @extend_schema_field(OpenApiTypes.BOOL)
+ def get_submission_limit_reached(self, obj: Form):
+ if obj and obj.submission_maximum_allowed:
+ if obj.submission_maximum_allowed == obj.submission_counter:
+ return True
+ return False
+
FormSerializer.__doc__ = FormSerializer.__doc__.format(
admin_fields=", ".join(
diff --git a/src/openforms/forms/api/viewsets.py b/src/openforms/forms/api/viewsets.py
index e0a81e87e2..9ea9d941ef 100644
--- a/src/openforms/forms/api/viewsets.py
+++ b/src/openforms/forms/api/viewsets.py
@@ -421,6 +421,18 @@ def perform_destroy(self, instance):
instance._is_deleted = True
instance.save()
+ @action(detail=True, methods=["patch"])
+ def reset_submission_counter(self, request, **kwargs):
+ instance = self.get_object()
+ instance.submission_counter = 0
+ instance.save()
+
+ updated_data = {
+ "uuid": instance.uuid,
+ "submission_counter": instance.submission_counter,
+ }
+ return Response(updated_data, status=status.HTTP_200_OK)
+
@extend_schema(
summary=_("Prepare form edit admin message"),
tags=["admin"],
diff --git a/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py b/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py
new file mode 100644
index 0000000000..cf9ec9f4e2
--- /dev/null
+++ b/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py
@@ -0,0 +1,32 @@
+# Generated by Django 4.2.16 on 2024-12-05 13:41
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ("forms", "0106_convert_price_logic_rules"),
+ ]
+
+ operations = [
+ migrations.AddField(
+ model_name="form",
+ name="submission_counter",
+ field=models.PositiveIntegerField(
+ default=0,
+ help_text="Counter to track how many submissions have been completed for the specific form. This works in combination with the maximum allowed submissions per form and can be reset via the frontend.",
+ verbose_name="submissions counter",
+ ),
+ ),
+ migrations.AddField(
+ model_name="form",
+ name="submission_maximum_allowed",
+ field=models.PositiveIntegerField(
+ blank=True,
+ help_text="Maximum number of allowed submissions per form. Leave this empty if no limit is needed.",
+ null=True,
+ verbose_name="maximum allowed submissions",
+ ),
+ ),
+ ]
diff --git a/src/openforms/forms/models/form.py b/src/openforms/forms/models/form.py
index f08dccb956..2f531c7e80 100644
--- a/src/openforms/forms/models/form.py
+++ b/src/openforms/forms/models/form.py
@@ -124,6 +124,23 @@ class Form(models.Model):
)
# submission
+ submission_maximum_allowed = models.PositiveIntegerField(
+ _("maximum allowed submissions"),
+ null=True,
+ blank=True,
+ help_text=_(
+ "Maximum number of allowed submissions per form. Leave this empty if no limit is needed."
+ ),
+ )
+ submission_counter = models.PositiveIntegerField(
+ _("submissions counter"),
+ default=0,
+ help_text=_(
+ "Counter to track how many submissions have been completed for the specific form. "
+ "This works in combination with the maximum allowed submissions per form and can be "
+ "reset via the frontend."
+ ),
+ )
submission_confirmation_template = HTMLField(
_("submission confirmation template"),
help_text=_(
@@ -380,12 +397,27 @@ def __str__(self):
@property
def is_available(self) -> bool:
"""
- Soft deleted, deactivated or forms in maintenance mode are not available.
+ Soft deleted, deactivated, forms in maintenance mode or forms which have reached the
+ submission limit are not available.
"""
- if any((self._is_deleted, not self.active, self.maintenance_mode)):
+ if any(
+ (
+ self._is_deleted,
+ not self.active,
+ self.maintenance_mode,
+ self.has_reached_submissions_limit(),
+ )
+ ):
return False
return True
+ def has_reached_submissions_limit(self) -> bool:
+ if (
+ limit := self.submission_maximum_allowed
+ ) and limit == self.submission_counter:
+ return True
+ return False
+
def get_absolute_url(self):
return reverse("forms:form-detail", kwargs={"slug": self.slug})
@@ -485,6 +517,7 @@ def copy(self):
)
copy.slug = _("{slug}-copy").format(slug=self.slug)
copy.product = self.product
+ copy.submission_counter = 0
# name translations
diff --git a/src/openforms/forms/tests/test_models.py b/src/openforms/forms/tests/test_models.py
index b112a7d2fe..73252f53e4 100644
--- a/src/openforms/forms/tests/test_models.py
+++ b/src/openforms/forms/tests/test_models.py
@@ -53,6 +53,18 @@ def test_registration_backend_display_multiple_backends(self):
form.get_registration_backend_display(), "Backend #1, Backend #2"
)
+ def test_form_is_unavailable_when_limit_reached(self):
+ form: Form = FormFactory.create(
+ submission_maximum_allowed=2, submission_counter=2
+ )
+ self.assertFalse(form.is_available)
+
+ def test_form_is_available_when_limit_not_reached(self):
+ form: Form = FormFactory.create(
+ submission_maximum_allowed=2, submission_counter=1
+ )
+ self.assertTrue(form.is_available)
+
@override_settings(LANGUAGE_CODE="en")
def test_registration_backend_display_marks_misconfigs(self):
form: Form = FormFactory.create()
diff --git a/src/openforms/forms/tests/test_serializers.py b/src/openforms/forms/tests/test_serializers.py
index d77f864a4b..85c9220e13 100644
--- a/src/openforms/forms/tests/test_serializers.py
+++ b/src/openforms/forms/tests/test_serializers.py
@@ -2,6 +2,7 @@
from django.contrib.auth.models import AnonymousUser
from django.test import RequestFactory, TestCase
+from django.utils.translation import gettext as _
from hypothesis import given
from hypothesis.extra.django import TestCase as HypothesisTestCase
@@ -333,3 +334,47 @@ def test_patching_registrations_with_a_booboo(self):
self.assertEqual(backend2.name, "#2")
self.assertEqual(backend2.backend, "email")
self.assertEqual(backend2.options["to_emails"], ["me@example.com"])
+
+ def test_form_with_submission_max_and_submission_counter(self):
+ context = {"request": None}
+
+ with self.subTest("submission_max_allowed equal to submission_counter"):
+ form = FormFactory.create(
+ submission_maximum_allowed=2, submission_counter=2
+ )
+ data = FormSerializer(context=context).to_representation(form)
+ serializer = FormSerializer(instance=form, data=data)
+
+ expected_error = _(
+ "The maximum amount of allowed submissions must be bigger than the existing amount of submissions.Consider resetting the submissions counter."
+ )
+
+ self.assertFalse(serializer.is_valid())
+ self.assertIn("submission_maximum_allowed", serializer.errors)
+ self.assertEqual(
+ serializer.errors["submission_maximum_allowed"][0], expected_error
+ )
+ with self.subTest("submission_max_allowed bigger than submission_counter"):
+ form = FormFactory.create(
+ submission_maximum_allowed=2, submission_counter=1
+ )
+ data = FormSerializer(context=context).to_representation(form)
+ serializer = FormSerializer(instance=form, data=data)
+
+ self.assertTrue(serializer.is_valid())
+ with self.subTest("submission_max_allowed smaller than submission_counter"):
+ form = FormFactory.create(
+ submission_maximum_allowed=1, submission_counter=2
+ )
+ data = FormSerializer(context=context).to_representation(form)
+ serializer = FormSerializer(instance=form, data=data)
+
+ expected_error = _(
+ "The maximum amount of allowed submissions must be bigger than the existing amount of submissions.Consider resetting the submissions counter."
+ )
+
+ self.assertFalse(serializer.is_valid())
+ self.assertIn("submission_maximum_allowed", serializer.errors)
+ self.assertEqual(
+ serializer.errors["submission_maximum_allowed"][0], expected_error
+ )
diff --git a/src/openforms/js/compiled-lang/en.json b/src/openforms/js/compiled-lang/en.json
index dd8f7fbfa0..a840602510 100644
--- a/src/openforms/js/compiled-lang/en.json
+++ b/src/openforms/js/compiled-lang/en.json
@@ -89,6 +89,12 @@
"value": "Default Value"
}
],
+ "/cUjWg": [
+ {
+ "type": 0,
+ "value": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed."
+ }
+ ],
"/fAEsY": [
{
"type": 0,
@@ -1963,6 +1969,12 @@
"value": "Use existing form definition"
}
],
+ "GJ8Ok2": [
+ {
+ "type": 0,
+ "value": "Reset submissions counter"
+ }
+ ],
"GO9yud": [
{
"type": 0,
@@ -2145,6 +2157,12 @@
"value": "Appointment enabled"
}
],
+ "HrSXGN": [
+ {
+ "type": 0,
+ "value": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?"
+ }
+ ],
"HuAm1K": [
{
"type": 0,
@@ -5547,6 +5565,12 @@
"value": "Suffix (e.g. m²)"
}
],
+ "oWOr9u": [
+ {
+ "type": 0,
+ "value": "Submission"
+ }
+ ],
"oXOxWz": [
{
"type": 0,
@@ -5947,6 +5971,12 @@
"value": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit."
}
],
+ "sQekFr": [
+ {
+ "type": 0,
+ "value": "Maximum allowed number of submissions"
+ }
+ ],
"sR9GVQ": [
{
"type": 0,
diff --git a/src/openforms/js/compiled-lang/nl.json b/src/openforms/js/compiled-lang/nl.json
index f80acfc0da..3c2baf40dc 100644
--- a/src/openforms/js/compiled-lang/nl.json
+++ b/src/openforms/js/compiled-lang/nl.json
@@ -89,6 +89,12 @@
"value": "Standaardwaarde"
}
],
+ "/cUjWg": [
+ {
+ "type": 0,
+ "value": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed."
+ }
+ ],
"/fAEsY": [
{
"type": 0,
@@ -1984,6 +1990,12 @@
"value": "Gebruik bestaande formulierdefinitie"
}
],
+ "GJ8Ok2": [
+ {
+ "type": 0,
+ "value": "Reset submissions counter"
+ }
+ ],
"GO9yud": [
{
"type": 0,
@@ -2166,6 +2178,12 @@
"value": "Is afspraakformulier?"
}
],
+ "HrSXGN": [
+ {
+ "type": 0,
+ "value": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?"
+ }
+ ],
"HuAm1K": [
{
"type": 0,
@@ -5569,6 +5587,12 @@
"value": "Suffix (bijv. m²)"
}
],
+ "oWOr9u": [
+ {
+ "type": 0,
+ "value": "Submission"
+ }
+ ],
"oXOxWz": [
{
"type": 0,
@@ -5969,6 +5993,12 @@
"value": "Vink aan om gebruikersbestanden als bijlage aan de registratiemail toe te voegen. Als een waarde gezet is, dan heeft deze hogere prioriteit dan de globale configuratie. Formulierbeheerders moeten ervoor zorgen dat de totale maximale bestandsgrootte onder de maximale e-mailbestandsgrootte blijft."
}
],
+ "sQekFr": [
+ {
+ "type": 0,
+ "value": "Maximum allowed number of submissions"
+ }
+ ],
"sR9GVQ": [
{
"type": 0,
diff --git a/src/openforms/js/components/admin/form_design/SubmissionFields.js b/src/openforms/js/components/admin/form_design/SubmissionFields.js
new file mode 100644
index 0000000000..787ad215b2
--- /dev/null
+++ b/src/openforms/js/components/admin/form_design/SubmissionFields.js
@@ -0,0 +1,112 @@
+import PropTypes from 'prop-types';
+import {useContext, useEffect, useState} from 'react';
+import {FormattedMessage, useIntl} from 'react-intl';
+
+import {APIContext} from 'components/admin/form_design/Context';
+import ActionButton from 'components/admin/forms/ActionButton';
+import Field from 'components/admin/forms/Field';
+import Fieldset from 'components/admin/forms/Fieldset';
+import FormRow from 'components/admin/forms/FormRow';
+import {NumberInput} from 'components/admin/forms/Inputs';
+import {FormException} from 'utils/exception';
+import {patch} from 'utils/fetch';
+
+import useConfirm from './useConfirm';
+
+export const SubmissionLimitFields = ({submissionMaximumAllowed, formUuid, onChange}) => {
+ const intl = useIntl();
+ const {csrftoken} = useContext(APIContext);
+ const {ConfirmationModal, confirmationModalProps, openConfirmationModal} = useConfirm();
+ const [confirmationResult, setConfirmationResult] = useState(null);
+
+ const handleChange = event => {
+ const {name, value: initialValue} = event.target;
+ // the backend must receive a value or null since it's a nullable integer field
+ const value = initialValue === '' ? null : initialValue;
+ const updatedEvent = {...event, target: {...event.target, name, value}};
+ onChange(updatedEvent);
+ };
+
+ const resetCounter = async () => {
+ try {
+ const resetResult = await patch(
+ `/api/v2/forms/${formUuid}/reset_submission_counter`,
+ csrftoken,
+ {},
+ true
+ );
+ if (!resetResult.ok) {
+ throw new FormException(
+ 'An error occurred while trying to reset the counter.',
+ resetResult.data
+ );
+ }
+ } catch (e) {
+ return null;
+ }
+ return resetResult.data;
+ };
+
+ useEffect(() => {
+ if (confirmationResult === true) {
+ resetCounter();
+ }
+ }, [confirmationResult]);
+
+ return (
+ <>
+
+
+
+ }
+ />
+
+ );
+};
+
+SubmissionLimitFields.propTypes = {
+ submissionMaximumAllowed: PropTypes.number.isRequired,
+ formUuid: PropTypes.string.isRequired,
+ onChange: PropTypes.func.isRequired,
+};
diff --git a/src/openforms/js/components/admin/form_design/form-creation-form.js b/src/openforms/js/components/admin/form_design/form-creation-form.js
index 3e23c72b93..bb52c405c0 100644
--- a/src/openforms/js/components/admin/form_design/form-creation-form.js
+++ b/src/openforms/js/components/admin/form_design/form-creation-form.js
@@ -34,6 +34,7 @@ import PaymentFields from './PaymentFields';
import PriceLogic from './PriceLogic';
import ProductFields from './ProductFields';
import RegistrationFields from './RegistrationFields';
+import {SubmissionLimitFields} from './SubmissionFields';
import Tab from './Tab';
import TextLiterals from './TextLiterals';
import {FormWarnings} from './Warnings';
@@ -100,6 +101,8 @@ const initialFormState = {
maintenanceMode: false,
translationEnabled: false,
submissionAllowed: 'yes',
+ submissionMaximumAllowed: null,
+ submission_counter: 0,
suspensionAllowed: true,
askPrivacyConsent: 'global_setting',
askStatementOfTruth: 'global_setting',
@@ -171,6 +174,7 @@ const FORM_FIELDS_TO_TAB_NAMES = {
confirmationEmailTemplate: 'submission-confirmation',
submissionAllowed: 'form',
registrationBackends: 'registration',
+ submissionMaximumAllowed: 'submission',
product: 'product-payment',
paymentBackend: 'product-payment',
paymentBackendOptions: 'product-payment',
@@ -1154,6 +1158,7 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr
const activeTab = new URLSearchParams(window.location.search).get('tab');
const {isAppointment = false} = state.form.appointmentOptions;
+ const {submissionMaximumAllowed = null} = state.form;
const numRulesWithProblems = state.logicRules.filter(
rule => detectLogicProblems(rule, intl).length > 0
@@ -1248,6 +1253,12 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr
/>
)}
+
+
+
@@ -1351,6 +1362,14 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr
)}
+
+
+
+
diff --git a/src/openforms/js/lang/en.json b/src/openforms/js/lang/en.json
index f1dbf3cc38..5bfc4eb38b 100644
--- a/src/openforms/js/lang/en.json
+++ b/src/openforms/js/lang/en.json
@@ -44,6 +44,11 @@
"description": "action type \"step-applicable\" label",
"originalDefault": "Mark the form step as applicable"
},
+ "/cUjWg": {
+ "defaultMessage": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed.",
+ "description": "Successful Submissions Removal Limit help text",
+ "originalDefault": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed."
+ },
"/fAEsY": {
"defaultMessage": "Submission report CSV informatieobjecttype",
"description": "Objects API registration options \"Submission report CSV informatieobjecttype\" label",
@@ -874,6 +879,11 @@
"description": "Form definition selection modal title",
"originalDefault": "Use existing form definition"
},
+ "GJ8Ok2": {
+ "defaultMessage": "Reset submissions counter",
+ "description": "Reset submissions counter",
+ "originalDefault": "Reset submissions counter"
+ },
"GO9yud": {
"defaultMessage": "When the form should be activated.",
"description": "Form activation field help text",
@@ -999,6 +1009,11 @@
"description": "Form appointment enabled field label",
"originalDefault": "Appointment enabled"
},
+ "HrSXGN": {
+ "defaultMessage": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?",
+ "description": "Reset the submissions counter confirmation message",
+ "originalDefault": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?"
+ },
"HuAm1K": {
"defaultMessage": "and the step \"{step}\" has been reached",
"description": "Additional 'trigger from step' condition",
@@ -2584,6 +2599,11 @@
"description": "Email registration options 'attachFilesToEmail' label",
"originalDefault": "Attach files to email"
},
+ "oWOr9u": {
+ "defaultMessage": "Submission",
+ "description": "Form submission options tab title",
+ "originalDefault": "Submission"
+ },
"oYmpN5": {
"defaultMessage": "Whether to include the content of the confirmation page in the PDF.",
"description": "Include confirmation page content in PDF",
@@ -2779,6 +2799,11 @@
"description": "Email registration options 'attachFilesToEmail' helpText",
"originalDefault": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit."
},
+ "sQekFr": {
+ "defaultMessage": "Maximum allowed number of submissions",
+ "description": "Form submissionMaximumAllowed field label",
+ "originalDefault": "Maximum allowed number of submissions"
+ },
"sptpzv": {
"defaultMessage": "Switching to the new registration options will remove the existing JSON templates. You will also not be able to save the form until the variables are correctly mapped. Are you sure you want to continue?",
"description": "Objects API registration backend: v2 switch warning message",
diff --git a/src/openforms/js/lang/nl.json b/src/openforms/js/lang/nl.json
index 26147f58ff..a44cbd389d 100644
--- a/src/openforms/js/lang/nl.json
+++ b/src/openforms/js/lang/nl.json
@@ -44,6 +44,11 @@
"description": "action type \"step-applicable\" label",
"originalDefault": "Mark the form step as applicable"
},
+ "/cUjWg": {
+ "defaultMessage": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed.",
+ "description": "Successful Submissions Removal Limit help text",
+ "originalDefault": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed."
+ },
"/fAEsY": {
"defaultMessage": "Informatieobjecttype CSV-document met inzendingsgegevens",
"description": "Objects API registration options \"Submission report CSV informatieobjecttype\" label",
@@ -883,6 +888,11 @@
"description": "Form definition selection modal title",
"originalDefault": "Use existing form definition"
},
+ "GJ8Ok2": {
+ "defaultMessage": "Reset submissions counter",
+ "description": "Reset submissions counter",
+ "originalDefault": "Reset submissions counter"
+ },
"GO9yud": {
"defaultMessage": "Datum en tijdstip waarop het formulier geactiveerd moet worden.",
"description": "Form activation field help text",
@@ -1008,6 +1018,11 @@
"description": "Form appointment enabled field label",
"originalDefault": "Appointment enabled"
},
+ "HrSXGN": {
+ "defaultMessage": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?",
+ "description": "Reset the submissions counter confirmation message",
+ "originalDefault": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?"
+ },
"HuAm1K": {
"defaultMessage": "en de stap \"{step}\" is bereikt",
"description": "Additional 'trigger from step' condition",
@@ -2605,6 +2620,11 @@
"description": "Email registration options 'attachFilesToEmail' label",
"originalDefault": "Attach files to email"
},
+ "oWOr9u": {
+ "defaultMessage": "Submission",
+ "description": "Form submission options tab title",
+ "originalDefault": "Submission"
+ },
"oYmpN5": {
"defaultMessage": "Vink aan om de inhoud toe te voegen aan de PDF die mensen op het eind kunnen downloaden.",
"description": "Include confirmation page content in PDF",
@@ -2800,6 +2820,11 @@
"description": "Email registration options 'attachFilesToEmail' helpText",
"originalDefault": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit."
},
+ "sQekFr": {
+ "defaultMessage": "Maximum allowed number of submissions",
+ "description": "Form submissionMaximumAllowed field label",
+ "originalDefault": "Maximum allowed number of submissions"
+ },
"sptpzv": {
"defaultMessage": "Let op! Migreren naar het nieuwe configuratieformaat maakt de bestaande JSON-sjablonen leeg. Daarnaast kan je het formulier pas opslaan als alle verplichte variabelen goed gekoppeld zijn. Ben je zeker dat je wil migreren?",
"description": "Objects API registration backend: v2 switch warning message",
diff --git a/src/openforms/js/utils/fetch.js b/src/openforms/js/utils/fetch.js
index e41a15db97..38f8d1fd46 100644
--- a/src/openforms/js/utils/fetch.js
+++ b/src/openforms/js/utils/fetch.js
@@ -113,6 +113,11 @@ const put = async (url, csrftoken, data = {}, throwOn400 = false) => {
return resp;
};
+const patch = async (url, csrftoken, data = {}, throwOn400 = false) => {
+ const resp = await _unsafe('PATCH', url, csrftoken, data, throwOn400);
+ return resp;
+};
+
const apiDelete = async (url, csrftoken) => {
const opts = {
method: 'DELETE',
@@ -127,4 +132,4 @@ const apiDelete = async (url, csrftoken) => {
};
export {ValidationErrors};
-export {get, post, put, apiDelete, apiCall};
+export {get, post, put, patch, apiDelete, apiCall};
diff --git a/src/openforms/submissions/exceptions.py b/src/openforms/submissions/exceptions.py
index 88eced144b..f7eba0a403 100644
--- a/src/openforms/submissions/exceptions.py
+++ b/src/openforms/submissions/exceptions.py
@@ -11,3 +11,10 @@ class FormDeactivated(UnprocessableEntity):
class FormMaintenance(ServiceUnavailable):
default_detail = _("The form is currently disabled for maintenance.")
default_code = "form-maintenance"
+
+
+class FormMaximumSubmissions(ServiceUnavailable):
+ default_detail = _(
+ "The form has currently reached the maximum amount of submissions."
+ )
+ default_code = "form-maximum-submissions"
diff --git a/src/openforms/submissions/signals.py b/src/openforms/submissions/signals.py
index e2547f4cee..99e5c44ccb 100644
--- a/src/openforms/submissions/signals.py
+++ b/src/openforms/submissions/signals.py
@@ -103,3 +103,12 @@ def increment_form_counter(sender, instance: Submission, **kwargs):
form_statistics.submission_count = F("submission_count") + 1
form_statistics.last_submission = timezone.now()
form_statistics.save()
+
+
+@receiver(
+ submission_complete, dispatch_uid="submission.increment_submissions_form_counter"
+)
+def increment_submissions_form_counter(sender, instance: Submission, **kwargs):
+ if instance.form.submission_maximum_allowed:
+ instance.form.submission_counter += 1
+ instance.form.save()
diff --git a/src/openforms/submissions/templates/submissions/resume_form_error.html b/src/openforms/submissions/templates/submissions/resume_form_error.html
index dcda69a120..42d825e0d9 100644
--- a/src/openforms/submissions/templates/submissions/resume_form_error.html
+++ b/src/openforms/submissions/templates/submissions/resume_form_error.html
@@ -23,6 +23,10 @@
{% blocktrans trimmed %}
This form is currently undergoing maintenance. Please try again later.
{% endblocktrans %}
+ {% elif error.detail.code == 'form-maximum-submissions' %}
+ {% blocktrans trimmed %}
+ Unfortunately, this form is no longer available for submissions.
+ {% endblocktrans %}
{% endif %}
diff --git a/src/openforms/submissions/tests/test_resume_form_view.py b/src/openforms/submissions/tests/test_resume_form_view.py
index f53aa2cda0..eea09357d9 100644
--- a/src/openforms/submissions/tests/test_resume_form_view.py
+++ b/src/openforms/submissions/tests/test_resume_form_view.py
@@ -13,6 +13,7 @@
from openforms.frontend.tests import FrontendRedirectMixin
from ..constants import SUBMISSIONS_SESSION_KEY
+from ..exceptions import FormMaximumSubmissions
from ..tokens import submission_resume_token_generator
from .factories import SubmissionFactory, SubmissionStepFactory
@@ -456,3 +457,46 @@ def test_redirects_to_auth_if_form_does_not_require_login_but_user_logged_in_the
response, expected_redirect_url.url, fetch_redirect_response=False
)
self.assertNotIn(SUBMISSIONS_SESSION_KEY, self.client.session)
+
+ def test_resume_with_form_max_submissions_limit_reached(self):
+ submission = SubmissionFactory.from_components(
+ completed=True,
+ components_list=[],
+ form_url="http://maykinmedia.nl/some-form/startpagina",
+ form__submission_maximum_allowed=1,
+ form__submission_counter=1,
+ )
+
+ endpoint = reverse(
+ "submissions:resume",
+ kwargs={
+ "token": submission_resume_token_generator.make_token(submission),
+ "submission_uuid": submission.uuid,
+ },
+ )
+
+ response = self.client.get(endpoint)
+
+ self.assertNotEqual(response.status_code, 302)
+ self.assertIsInstance(response.context_data["error"], FormMaximumSubmissions)
+
+ def test_resume_with_form_max_submissions_limit_not_reached(self):
+ submission = SubmissionFactory.from_components(
+ completed=True,
+ components_list=[],
+ form_url="http://maykinmedia.nl/some-form/startpagina",
+ form__submission_maximum_allowed=2,
+ form__submission_counter=1,
+ )
+
+ endpoint = reverse(
+ "submissions:resume",
+ kwargs={
+ "token": submission_resume_token_generator.make_token(submission),
+ "submission_uuid": submission.uuid,
+ },
+ )
+
+ response = self.client.get(endpoint)
+
+ self.assertEqual(response.status_code, 302)
diff --git a/src/openforms/submissions/tests/test_start_submission.py b/src/openforms/submissions/tests/test_start_submission.py
index ec46588ad2..cf2d61f0a1 100644
--- a/src/openforms/submissions/tests/test_start_submission.py
+++ b/src/openforms/submissions/tests/test_start_submission.py
@@ -247,3 +247,30 @@ def test_start_submission_with_initial_data_reference(self):
self.assertEqual(
submission.initial_data_reference, body["initialDataReference"]
)
+
+ def test_start_submission_with_form_max_submissions_limit_not_reached(self):
+ form = FormFactory.create(submission_maximum_allowed=1)
+ FormStepFactory.create(form=form)
+
+ form_url = reverse("api:form-detail", kwargs={"uuid_or_slug": form.uuid})
+ body = {
+ "form": f"http://testserver.com{form_url}",
+ "formUrl": "http://testserver.com/my-form",
+ }
+
+ response = self.client.post(self.endpoint, body)
+
+ self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+
+ def test_start_submission_with_form_max_submissions_limit_reached(self):
+ form = FormFactory.create(submission_maximum_allowed=1, submission_counter=1)
+ FormStepFactory.create(form=form)
+
+ form_url = reverse("api:form-detail", kwargs={"uuid_or_slug": form.uuid})
+ body = {
+ "form": f"http://testserver.com{form_url}",
+ "formUrl": "http://testserver.com/my-form",
+ }
+
+ response = self.client.post(self.endpoint, body)
+ self.assertEqual(response.status_code, status.HTTP_503_SERVICE_UNAVAILABLE)
diff --git a/src/openforms/submissions/utils.py b/src/openforms/submissions/utils.py
index 762b5f036a..268b3d9544 100644
--- a/src/openforms/submissions/utils.py
+++ b/src/openforms/submissions/utils.py
@@ -30,7 +30,7 @@
from openforms.variables.constants import FormVariableSources
from .constants import SUBMISSIONS_SESSION_KEY
-from .exceptions import FormDeactivated, FormMaintenance
+from .exceptions import FormDeactivated, FormMaintenance, FormMaximumSubmissions
from .form_logic import check_submission_logic
from .models import Submission, SubmissionReport, SubmissionValueVariable
from .tokens import submission_report_token_generator
@@ -281,6 +281,8 @@ def check_form_status(
:raises: :class:`FormDeactivated` if the form is deactivated
:raises: :class`FormMaintenance` if the form is in maintenance mode and the user
is not a staff user.
+ :raises: :class:`FormMaximumSubmissions` if the form has reached the maximum amount
+ of submissions.
"""
# live forms -> shortcut, this is okay, proceed as usual
if form.is_available:
@@ -298,6 +300,10 @@ def check_form_status(
if form.maintenance_mode and not request.user.is_staff:
raise FormMaintenance()
+ # do not proceed if the form has reached the maximum amount of submissions
+ if form.has_reached_submissions_limit():
+ raise FormMaximumSubmissions()
+
def get_report_download_url(request: Request, report: SubmissionReport) -> str:
token = submission_report_token_generator.make_token(report)
diff --git a/src/openforms/submissions/views.py b/src/openforms/submissions/views.py
index e507938fbc..2587eedcde 100644
--- a/src/openforms/submissions/views.py
+++ b/src/openforms/submissions/views.py
@@ -28,7 +28,7 @@
from openforms.tokens import BaseTokenGenerator
from .constants import RegistrationStatuses
-from .exceptions import FormDeactivated, FormMaintenance
+from .exceptions import FormDeactivated, FormMaintenance, FormMaximumSubmissions
from .forms import SearchSubmissionForCosignForm
from .models import Submission, SubmissionFileAttachment, SubmissionReport
from .signals import submission_resumed
@@ -46,10 +46,10 @@ class ResumeFormMixin(TemplateResponseMixin):
def dispatch(self, request: HttpRequest, *args, **kwargs):
try:
return super().dispatch(request, *args, **kwargs)
- except (FormDeactivated, FormMaintenance) as exc:
+ except (FormDeactivated, FormMaintenance, FormMaximumSubmissions) as exc:
return self.render_to_response(
context={"error": exc},
- status=exc.status_code if isinstance(exc, FormMaintenance) else 200,
+ status=(exc.status_code if isinstance(exc, FormMaintenance) else 200),
)
def validate_url_and_get_submission(