From e7e6d5a2a841f01f1a24c73d8d8f543ee68b26a4 Mon Sep 17 00:00:00 2001 From: vasileios Date: Wed, 11 Dec 2024 07:55:18 +0100 Subject: [PATCH] [#4321] Allow specific amount of submissions per form --- src/openapi.yaml | 122 +++++++++++++++++- src/openforms/forms/admin/form.py | 19 ++- src/openforms/forms/api/serializers/form.py | 29 +++++ src/openforms/forms/api/viewsets.py | 12 ++ .../0107_form_submission_counter_and_more.py | 32 +++++ src/openforms/forms/models/form.py | 37 +++++- src/openforms/forms/tests/test_models.py | 12 ++ src/openforms/forms/tests/test_serializers.py | 45 +++++++ src/openforms/js/compiled-lang/en.json | 30 +++++ src/openforms/js/compiled-lang/nl.json | 30 +++++ .../admin/form_design/SubmissionFields.js | 112 ++++++++++++++++ .../admin/form_design/form-creation-form.js | 19 +++ src/openforms/js/lang/en.json | 25 ++++ src/openforms/js/lang/nl.json | 25 ++++ src/openforms/js/utils/fetch.js | 7 +- src/openforms/submissions/exceptions.py | 7 + src/openforms/submissions/signals.py | 9 ++ .../submissions/resume_form_error.html | 4 + .../tests/test_resume_form_view.py | 44 +++++++ .../tests/test_start_submission.py | 27 ++++ src/openforms/submissions/utils.py | 8 +- src/openforms/submissions/views.py | 6 +- 22 files changed, 649 insertions(+), 12 deletions(-) create mode 100644 src/openforms/forms/migrations/0107_form_submission_counter_and_more.py create mode 100644 src/openforms/js/components/admin/form_design/SubmissionFields.js diff --git a/src/openapi.yaml b/src/openapi.yaml index ac2561fa52..f88e9d2eb2 100644 --- a/src/openapi.yaml +++ b/src/openapi.yaml @@ -1336,6 +1336,8 @@ paths: - `deactivateOn` - `isDeleted` - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` - `askPrivacyConsent` - `askStatementOfTruth` - `submissionsRemovalOptions` @@ -1407,6 +1409,8 @@ paths: - `deactivateOn` - `isDeleted` - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` - `askPrivacyConsent` - `askStatementOfTruth` - `submissionsRemovalOptions` @@ -1922,6 +1926,8 @@ paths: - `deactivateOn` - `isDeleted` - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` - `askPrivacyConsent` - `askStatementOfTruth` - `submissionsRemovalOptions` @@ -1999,6 +2005,8 @@ paths: - `deactivateOn` - `isDeleted` - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` - `askPrivacyConsent` - `askStatementOfTruth` - `submissionsRemovalOptions` @@ -2080,6 +2088,8 @@ paths: - `deactivateOn` - `isDeleted` - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` - `askPrivacyConsent` - `askStatementOfTruth` - `submissionsRemovalOptions` @@ -2497,6 +2507,88 @@ paths: $ref: '#/components/headers/X-Is-Form-Designer' Content-Language: $ref: '#/components/headers/Content-Language' + /api/v2/forms/{uuid_or_slug}/reset_submission_counter: + patch: + operationId: forms_reset_submission_counter_partial_update + description: |- + Manage forms. + + Forms are collections of form steps, where each form step points to a formio.js + form definition. Multiple definitions are combined in logical steps to build a + multi-step/page form for end-users to fill out. Form definitions can be (and are) + re-used among different forms. + + **Warning: the response data depends on user permissions** + + Non-staff users receive a subset of the documented fields which are used + for internal form configuration. These fields are: + + - `internalName` + - `registrationBackends` + - `authenticationBackendOptions` + - `paymentBackend` + - `paymentBackendOptions` + - `priceVariableKey` + - `product` + - `category` + - `theme` + - `activateOn` + - `deactivateOn` + - `isDeleted` + - `submissionConfirmationTemplate` + - `submissionMaximumAllowed` + - `submissionCounter` + - `askPrivacyConsent` + - `askStatementOfTruth` + - `submissionsRemovalOptions` + - `confirmationEmailTemplate` + - `displayMainWebsiteLink` + - `includeConfirmationPageContentInPdf` + - `translations` + - `brpPersonenRequestOptions` + parameters: + - in: header + name: X-CSP-Nonce + schema: + type: string + description: The value of the CSP nonce generated by the page embedding the + SDK. If provided, fields containing rich text from WYSIWYG editors will + be post-processed to allow inline styles with the provided nonce. If the + embedding page emits a `style-src` policy containing `unsafe-inline`, then + you can omit this header without losing functionality. We recommend favouring + the nonce mechanism though. + - in: path + name: uuid_or_slug + schema: + type: integer + description: A unique integer value identifying this form. + required: true + tags: + - forms + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedForm' + security: + - tokenAuth: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Form' + description: '' + headers: + X-Session-Expires-In: + $ref: '#/components/headers/X-Session-Expires-In' + X-CSRFToken: + $ref: '#/components/headers/X-CSRFToken' + X-Is-Form-Designer: + $ref: '#/components/headers/X-Is-Form-Designer' + Content-Language: + $ref: '#/components/headers/Content-Language' /api/v2/forms/{uuid_or_slug}/variables: get: operationId: forms_variables_list @@ -7507,7 +7599,7 @@ components: Note that this schema is used for both non-admin users filling out forms and admin users designing forms. The fields that are only relevant for admin users are: - `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. + `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. properties: uuid: type: string @@ -7653,6 +7745,16 @@ components: * `yes` - Yes * `no_with_overview` - No (with overview page) * `no_without_overview` - No (without overview page) + submissionMaximumAllowed: + type: integer + nullable: true + submissionCounter: + type: integer + readOnly: true + nullable: true + submissionLimitReached: + type: boolean + readOnly: true suspensionAllowed: type: boolean description: Whether the user is allowed to suspend this form or not. @@ -7768,6 +7870,8 @@ components: - resumeLinkLifetime - slug - steps + - submissionCounter + - submissionLimitReached - submissionReportDownloadLinkTitle - submissionStatementsConfiguration - url @@ -8014,7 +8118,7 @@ components: Note that this schema is used for both non-admin users filling out forms and admin users designing forms. The fields that are only relevant for admin users are: - `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. + `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. properties: name: type: string @@ -8185,7 +8289,7 @@ components: Note that this schema is used for both non-admin users filling out forms and admin users designing forms. The fields that are only relevant for admin users are: - `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. + `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. properties: name: type: string @@ -9112,7 +9216,7 @@ components: Note that this schema is used for both non-admin users filling out forms and admin users designing forms. The fields that are only relevant for admin users are: - `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. + `internalName`, `registrationBackends`, `authenticationBackendOptions`, `paymentBackend`, `paymentBackendOptions`, `priceVariableKey`, `product`, `category`, `theme`, `activateOn`, `deactivateOn`, `isDeleted`, `submissionConfirmationTemplate`, `submissionMaximumAllowed`, `submissionCounter`, `askPrivacyConsent`, `askStatementOfTruth`, `submissionsRemovalOptions`, `confirmationEmailTemplate`, `displayMainWebsiteLink`, `includeConfirmationPageContentInPdf`, `translations`, `brpPersonenRequestOptions`. properties: uuid: type: string @@ -9258,6 +9362,16 @@ components: * `yes` - Yes * `no_with_overview` - No (with overview page) * `no_without_overview` - No (without overview page) + submissionMaximumAllowed: + type: integer + nullable: true + submissionCounter: + type: integer + readOnly: true + nullable: true + submissionLimitReached: + type: boolean + readOnly: true suspensionAllowed: type: boolean description: Whether the user is allowed to suspend this form or not. diff --git a/src/openforms/forms/admin/form.py b/src/openforms/forms/admin/form.py index 3e4f5f815e..74bd24d5f4 100644 --- a/src/openforms/forms/admin/form.py +++ b/src/openforms/forms/admin/form.py @@ -1,6 +1,6 @@ from django.contrib import admin, messages from django.contrib.admin.templatetags.admin_list import result_headers -from django.db.models import Count +from django.db.models import Count, F, Q from django.http.response import HttpResponse, HttpResponseRedirect from django.template.response import TemplateResponse from django.urls import path, reverse @@ -48,6 +48,21 @@ class FormStepInline(OrderedTabularInline): extra = 1 +class FormReachedSubmissionLimitListFilter(admin.SimpleListFilter): + title = _("has reached submission limit") + parameter_name = "submission_limit" + + def lookups(self, request, model_admin): + return [("unavailable", "Unavailable for submission")] + + def queryset(self, request, queryset): + if self.value() == "unavailable": + return queryset.filter( + ~Q(submission_maximum_allowed=None) + & Q(submission_maximum_allowed=F("submission_counter")) + ) + + class FormDeletedListFilter(admin.ListFilter): title = _("is deleted") parameter_name = "deleted" @@ -112,6 +127,7 @@ class FormAdmin( "active", "maintenance_mode", "translation_enabled", + "submission_maximum_allowed", "get_authentication_backends_display", "get_payment_backend_display", "get_registration_backend_display", @@ -129,6 +145,7 @@ class FormAdmin( "maintenance_mode", "translation_enabled", FormDeletedListFilter, + FormReachedSubmissionLimitListFilter, ) search_fields = ("uuid", "name", "internal_name", "slug") diff --git a/src/openforms/forms/api/serializers/form.py b/src/openforms/forms/api/serializers/form.py index 71b6d69b45..768a24203b 100644 --- a/src/openforms/forms/api/serializers/form.py +++ b/src/openforms/forms/api/serializers/form.py @@ -212,6 +212,13 @@ class FormSerializer(PublicFieldsSerializerMixin, serializers.ModelSerializer): "of type 'checkbox'." ), ) + submission_maximum_allowed = serializers.IntegerField( + allow_null=True, required=False + ) + submission_counter = serializers.IntegerField( + allow_null=True, required=False, read_only=True + ) + submission_limit_reached = serializers.SerializerMethodField() brp_personen_request_options = BRPPersonenRequestOptionsSerializer( required=False, allow_null=True ) @@ -257,6 +264,9 @@ class Meta: "introduction_page_content", "explanation_template", "submission_allowed", + "submission_maximum_allowed", + "submission_counter", + "submission_limit_reached", "suspension_allowed", "ask_privacy_consent", "ask_statement_of_truth", @@ -299,6 +309,7 @@ class Meta: "active", "required_fields_with_asterisk", "submission_allowed", + "submission_limit_reached", "suspension_allowed", "send_confirmation_email", "appointment_options", @@ -448,6 +459,17 @@ def validate_auto_login_backend(self, attrs): } ) + def validate_submission_maximum_allowed(self, value): + if form := self.instance: + if value and value <= form.submission_counter: + raise serializers.ValidationError( + _( + "The maximum amount of allowed submissions must be bigger than the existing amount of submissions." + "Consider resetting the submissions counter." + ) + ) + return value + def get_required_fields_with_asterisk(self, obj) -> bool: config = GlobalConfiguration.get_solo() return config.form_display_required_with_asterisk @@ -513,6 +535,13 @@ def get_cosign_has_link_in_email(self, obj: Form) -> bool: config = GlobalConfiguration.get_solo() return config.cosign_request_template_has_link + @extend_schema_field(OpenApiTypes.BOOL) + def get_submission_limit_reached(self, obj: Form): + if obj and obj.submission_maximum_allowed: + if obj.submission_maximum_allowed == obj.submission_counter: + return True + return False + FormSerializer.__doc__ = FormSerializer.__doc__.format( admin_fields=", ".join( diff --git a/src/openforms/forms/api/viewsets.py b/src/openforms/forms/api/viewsets.py index e0a81e87e2..9ea9d941ef 100644 --- a/src/openforms/forms/api/viewsets.py +++ b/src/openforms/forms/api/viewsets.py @@ -421,6 +421,18 @@ def perform_destroy(self, instance): instance._is_deleted = True instance.save() + @action(detail=True, methods=["patch"]) + def reset_submission_counter(self, request, **kwargs): + instance = self.get_object() + instance.submission_counter = 0 + instance.save() + + updated_data = { + "uuid": instance.uuid, + "submission_counter": instance.submission_counter, + } + return Response(updated_data, status=status.HTTP_200_OK) + @extend_schema( summary=_("Prepare form edit admin message"), tags=["admin"], diff --git a/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py b/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py new file mode 100644 index 0000000000..cf9ec9f4e2 --- /dev/null +++ b/src/openforms/forms/migrations/0107_form_submission_counter_and_more.py @@ -0,0 +1,32 @@ +# Generated by Django 4.2.16 on 2024-12-05 13:41 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("forms", "0106_convert_price_logic_rules"), + ] + + operations = [ + migrations.AddField( + model_name="form", + name="submission_counter", + field=models.PositiveIntegerField( + default=0, + help_text="Counter to track how many submissions have been completed for the specific form. This works in combination with the maximum allowed submissions per form and can be reset via the frontend.", + verbose_name="submissions counter", + ), + ), + migrations.AddField( + model_name="form", + name="submission_maximum_allowed", + field=models.PositiveIntegerField( + blank=True, + help_text="Maximum number of allowed submissions per form. Leave this empty if no limit is needed.", + null=True, + verbose_name="maximum allowed submissions", + ), + ), + ] diff --git a/src/openforms/forms/models/form.py b/src/openforms/forms/models/form.py index f08dccb956..2f531c7e80 100644 --- a/src/openforms/forms/models/form.py +++ b/src/openforms/forms/models/form.py @@ -124,6 +124,23 @@ class Form(models.Model): ) # submission + submission_maximum_allowed = models.PositiveIntegerField( + _("maximum allowed submissions"), + null=True, + blank=True, + help_text=_( + "Maximum number of allowed submissions per form. Leave this empty if no limit is needed." + ), + ) + submission_counter = models.PositiveIntegerField( + _("submissions counter"), + default=0, + help_text=_( + "Counter to track how many submissions have been completed for the specific form. " + "This works in combination with the maximum allowed submissions per form and can be " + "reset via the frontend." + ), + ) submission_confirmation_template = HTMLField( _("submission confirmation template"), help_text=_( @@ -380,12 +397,27 @@ def __str__(self): @property def is_available(self) -> bool: """ - Soft deleted, deactivated or forms in maintenance mode are not available. + Soft deleted, deactivated, forms in maintenance mode or forms which have reached the + submission limit are not available. """ - if any((self._is_deleted, not self.active, self.maintenance_mode)): + if any( + ( + self._is_deleted, + not self.active, + self.maintenance_mode, + self.has_reached_submissions_limit(), + ) + ): return False return True + def has_reached_submissions_limit(self) -> bool: + if ( + limit := self.submission_maximum_allowed + ) and limit == self.submission_counter: + return True + return False + def get_absolute_url(self): return reverse("forms:form-detail", kwargs={"slug": self.slug}) @@ -485,6 +517,7 @@ def copy(self): ) copy.slug = _("{slug}-copy").format(slug=self.slug) copy.product = self.product + copy.submission_counter = 0 # name translations diff --git a/src/openforms/forms/tests/test_models.py b/src/openforms/forms/tests/test_models.py index b112a7d2fe..73252f53e4 100644 --- a/src/openforms/forms/tests/test_models.py +++ b/src/openforms/forms/tests/test_models.py @@ -53,6 +53,18 @@ def test_registration_backend_display_multiple_backends(self): form.get_registration_backend_display(), "Backend #1, Backend #2" ) + def test_form_is_unavailable_when_limit_reached(self): + form: Form = FormFactory.create( + submission_maximum_allowed=2, submission_counter=2 + ) + self.assertFalse(form.is_available) + + def test_form_is_available_when_limit_not_reached(self): + form: Form = FormFactory.create( + submission_maximum_allowed=2, submission_counter=1 + ) + self.assertTrue(form.is_available) + @override_settings(LANGUAGE_CODE="en") def test_registration_backend_display_marks_misconfigs(self): form: Form = FormFactory.create() diff --git a/src/openforms/forms/tests/test_serializers.py b/src/openforms/forms/tests/test_serializers.py index d77f864a4b..85c9220e13 100644 --- a/src/openforms/forms/tests/test_serializers.py +++ b/src/openforms/forms/tests/test_serializers.py @@ -2,6 +2,7 @@ from django.contrib.auth.models import AnonymousUser from django.test import RequestFactory, TestCase +from django.utils.translation import gettext as _ from hypothesis import given from hypothesis.extra.django import TestCase as HypothesisTestCase @@ -333,3 +334,47 @@ def test_patching_registrations_with_a_booboo(self): self.assertEqual(backend2.name, "#2") self.assertEqual(backend2.backend, "email") self.assertEqual(backend2.options["to_emails"], ["me@example.com"]) + + def test_form_with_submission_max_and_submission_counter(self): + context = {"request": None} + + with self.subTest("submission_max_allowed equal to submission_counter"): + form = FormFactory.create( + submission_maximum_allowed=2, submission_counter=2 + ) + data = FormSerializer(context=context).to_representation(form) + serializer = FormSerializer(instance=form, data=data) + + expected_error = _( + "The maximum amount of allowed submissions must be bigger than the existing amount of submissions.Consider resetting the submissions counter." + ) + + self.assertFalse(serializer.is_valid()) + self.assertIn("submission_maximum_allowed", serializer.errors) + self.assertEqual( + serializer.errors["submission_maximum_allowed"][0], expected_error + ) + with self.subTest("submission_max_allowed bigger than submission_counter"): + form = FormFactory.create( + submission_maximum_allowed=2, submission_counter=1 + ) + data = FormSerializer(context=context).to_representation(form) + serializer = FormSerializer(instance=form, data=data) + + self.assertTrue(serializer.is_valid()) + with self.subTest("submission_max_allowed smaller than submission_counter"): + form = FormFactory.create( + submission_maximum_allowed=1, submission_counter=2 + ) + data = FormSerializer(context=context).to_representation(form) + serializer = FormSerializer(instance=form, data=data) + + expected_error = _( + "The maximum amount of allowed submissions must be bigger than the existing amount of submissions.Consider resetting the submissions counter." + ) + + self.assertFalse(serializer.is_valid()) + self.assertIn("submission_maximum_allowed", serializer.errors) + self.assertEqual( + serializer.errors["submission_maximum_allowed"][0], expected_error + ) diff --git a/src/openforms/js/compiled-lang/en.json b/src/openforms/js/compiled-lang/en.json index 790c4a6d3e..bf90acb9f0 100644 --- a/src/openforms/js/compiled-lang/en.json +++ b/src/openforms/js/compiled-lang/en.json @@ -95,6 +95,12 @@ "value": "Locations Component" } ], + "/cUjWg": [ + { + "type": 0, + "value": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed." + } + ], "/fAEsY": [ { "type": 0, @@ -1993,6 +1999,12 @@ "value": "Use existing form definition" } ], + "GJ8Ok2": [ + { + "type": 0, + "value": "Reset submissions counter" + } + ], "GO9yud": [ { "type": 0, @@ -2175,6 +2187,12 @@ "value": "Appointment enabled" } ], + "HrSXGN": [ + { + "type": 0, + "value": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?" + } + ], "HuAm1K": [ { "type": 0, @@ -5607,6 +5625,12 @@ "value": "Suffix (e.g. m²)" } ], + "oWOr9u": [ + { + "type": 0, + "value": "Submission" + } + ], "oXOxWz": [ { "type": 0, @@ -6007,6 +6031,12 @@ "value": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit." } ], + "sQekFr": [ + { + "type": 0, + "value": "Maximum allowed number of submissions" + } + ], "sR9GVQ": [ { "type": 0, diff --git a/src/openforms/js/compiled-lang/nl.json b/src/openforms/js/compiled-lang/nl.json index e354b6c13e..f1bbb07ecc 100644 --- a/src/openforms/js/compiled-lang/nl.json +++ b/src/openforms/js/compiled-lang/nl.json @@ -95,6 +95,12 @@ "value": "Locatie veld" } ], + "/cUjWg": [ + { + "type": 0, + "value": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed." + } + ], "/fAEsY": [ { "type": 0, @@ -2014,6 +2020,12 @@ "value": "Gebruik bestaande formulierdefinitie" } ], + "GJ8Ok2": [ + { + "type": 0, + "value": "Reset submissions counter" + } + ], "GO9yud": [ { "type": 0, @@ -2196,6 +2208,12 @@ "value": "Is afspraakformulier?" } ], + "HrSXGN": [ + { + "type": 0, + "value": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?" + } + ], "HuAm1K": [ { "type": 0, @@ -5629,6 +5647,12 @@ "value": "Suffix (bijv. m²)" } ], + "oWOr9u": [ + { + "type": 0, + "value": "Submission" + } + ], "oXOxWz": [ { "type": 0, @@ -6029,6 +6053,12 @@ "value": "Vink aan om gebruikersbestanden als bijlage aan de registratiemail toe te voegen. Als een waarde gezet is, dan heeft deze hogere prioriteit dan de globale configuratie. Formulierbeheerders moeten ervoor zorgen dat de totale maximale bestandsgrootte onder de maximale e-mailbestandsgrootte blijft." } ], + "sQekFr": [ + { + "type": 0, + "value": "Maximum allowed number of submissions" + } + ], "sR9GVQ": [ { "type": 0, diff --git a/src/openforms/js/components/admin/form_design/SubmissionFields.js b/src/openforms/js/components/admin/form_design/SubmissionFields.js new file mode 100644 index 0000000000..787ad215b2 --- /dev/null +++ b/src/openforms/js/components/admin/form_design/SubmissionFields.js @@ -0,0 +1,112 @@ +import PropTypes from 'prop-types'; +import {useContext, useEffect, useState} from 'react'; +import {FormattedMessage, useIntl} from 'react-intl'; + +import {APIContext} from 'components/admin/form_design/Context'; +import ActionButton from 'components/admin/forms/ActionButton'; +import Field from 'components/admin/forms/Field'; +import Fieldset from 'components/admin/forms/Fieldset'; +import FormRow from 'components/admin/forms/FormRow'; +import {NumberInput} from 'components/admin/forms/Inputs'; +import {FormException} from 'utils/exception'; +import {patch} from 'utils/fetch'; + +import useConfirm from './useConfirm'; + +export const SubmissionLimitFields = ({submissionMaximumAllowed, formUuid, onChange}) => { + const intl = useIntl(); + const {csrftoken} = useContext(APIContext); + const {ConfirmationModal, confirmationModalProps, openConfirmationModal} = useConfirm(); + const [confirmationResult, setConfirmationResult] = useState(null); + + const handleChange = event => { + const {name, value: initialValue} = event.target; + // the backend must receive a value or null since it's a nullable integer field + const value = initialValue === '' ? null : initialValue; + const updatedEvent = {...event, target: {...event.target, name, value}}; + onChange(updatedEvent); + }; + + const resetCounter = async () => { + try { + const resetResult = await patch( + `/api/v2/forms/${formUuid}/reset_submission_counter`, + csrftoken, + {}, + true + ); + if (!resetResult.ok) { + throw new FormException( + 'An error occurred while trying to reset the counter.', + resetResult.data + ); + } + } catch (e) { + return null; + } + return resetResult.data; + }; + + useEffect(() => { + if (confirmationResult === true) { + resetCounter(); + } + }, [confirmationResult]); + + return ( + <> +
+ + + } + helpText={ + + } + > + + + + + { + event.preventDefault(); + const result = await openConfirmationModal(); + setConfirmationResult(result); + }} + /> + +
+ + + } + /> + + ); +}; + +SubmissionLimitFields.propTypes = { + submissionMaximumAllowed: PropTypes.number.isRequired, + formUuid: PropTypes.string.isRequired, + onChange: PropTypes.func.isRequired, +}; diff --git a/src/openforms/js/components/admin/form_design/form-creation-form.js b/src/openforms/js/components/admin/form_design/form-creation-form.js index 3fd8752430..808733ffe5 100644 --- a/src/openforms/js/components/admin/form_design/form-creation-form.js +++ b/src/openforms/js/components/admin/form_design/form-creation-form.js @@ -36,6 +36,7 @@ import PaymentFields from './PaymentFields'; import PriceLogic from './PriceLogic'; import ProductFields from './ProductFields'; import RegistrationFields from './RegistrationFields'; +import {SubmissionLimitFields} from './SubmissionFields'; import Tab from './Tab'; import TextLiterals from './TextLiterals'; import {FormWarnings} from './Warnings'; @@ -102,6 +103,8 @@ const initialFormState = { maintenanceMode: false, translationEnabled: false, submissionAllowed: 'yes', + submissionMaximumAllowed: null, + submission_counter: 0, suspensionAllowed: true, askPrivacyConsent: 'global_setting', askStatementOfTruth: 'global_setting', @@ -173,6 +176,7 @@ const FORM_FIELDS_TO_TAB_NAMES = { confirmationEmailTemplate: 'submission-confirmation', submissionAllowed: 'form', registrationBackends: 'registration', + submissionMaximumAllowed: 'submission', product: 'product-payment', paymentBackend: 'product-payment', paymentBackendOptions: 'product-payment', @@ -1226,6 +1230,7 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr const activeTab = new URLSearchParams(window.location.search).get('tab'); const {isAppointment = false} = state.form.appointmentOptions; + const {submissionMaximumAllowed = null} = state.form; const numRulesWithProblems = state.logicRules.filter( rule => detectLogicProblems(rule, intl).length > 0 @@ -1320,6 +1325,12 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr /> )} + + + @@ -1431,6 +1442,14 @@ const FormCreationForm = ({formUuid, formUrl, formHistoryUrl, outgoingRequestsUr )} + + + + diff --git a/src/openforms/js/lang/en.json b/src/openforms/js/lang/en.json index 9b023b43d0..cf8b63af7c 100644 --- a/src/openforms/js/lang/en.json +++ b/src/openforms/js/lang/en.json @@ -49,6 +49,11 @@ "description": "Locations Component field label", "originalDefault": "Locations Component" }, + "/cUjWg": { + "defaultMessage": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed.", + "description": "Successful Submissions Removal Limit help text", + "originalDefault": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed." + }, "/fAEsY": { "defaultMessage": "Submission report CSV informatieobjecttype", "description": "Objects API registration options \"Submission report CSV informatieobjecttype\" label", @@ -899,6 +904,11 @@ "description": "Form definition selection modal title", "originalDefault": "Use existing form definition" }, + "GJ8Ok2": { + "defaultMessage": "Reset submissions counter", + "description": "Reset submissions counter", + "originalDefault": "Reset submissions counter" + }, "GO9yud": { "defaultMessage": "When the form should be activated.", "description": "Form activation field help text", @@ -1024,6 +1034,11 @@ "description": "Form appointment enabled field label", "originalDefault": "Appointment enabled" }, + "HrSXGN": { + "defaultMessage": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?", + "description": "Reset the submissions counter confirmation message", + "originalDefault": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?" + }, "HuAm1K": { "defaultMessage": "and the step \"{step}\" has been reached", "description": "Additional 'trigger from step' condition", @@ -2634,6 +2649,11 @@ "description": "Email registration options 'attachFilesToEmail' label", "originalDefault": "Attach files to email" }, + "oWOr9u": { + "defaultMessage": "Submission", + "description": "Form submission options tab title", + "originalDefault": "Submission" + }, "oYmpN5": { "defaultMessage": "Whether to include the content of the confirmation page in the PDF.", "description": "Include confirmation page content in PDF", @@ -2829,6 +2849,11 @@ "description": "Email registration options 'attachFilesToEmail' helpText", "originalDefault": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit." }, + "sQekFr": { + "defaultMessage": "Maximum allowed number of submissions", + "description": "Form submissionMaximumAllowed field label", + "originalDefault": "Maximum allowed number of submissions" + }, "sptpzv": { "defaultMessage": "Switching to the new registration options will remove the existing JSON templates. You will also not be able to save the form until the variables are correctly mapped. Are you sure you want to continue?", "description": "Objects API registration backend: v2 switch warning message", diff --git a/src/openforms/js/lang/nl.json b/src/openforms/js/lang/nl.json index 14da689daa..c165a49945 100644 --- a/src/openforms/js/lang/nl.json +++ b/src/openforms/js/lang/nl.json @@ -49,6 +49,11 @@ "description": "Locations Component field label", "originalDefault": "Locations Component" }, + "/cUjWg": { + "defaultMessage": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed.", + "description": "Successful Submissions Removal Limit help text", + "originalDefault": "The maximum number of allowed submissions for this form. Leave this empty if no limit is needed." + }, "/fAEsY": { "defaultMessage": "Informatieobjecttype CSV-document met inzendingsgegevens", "description": "Objects API registration options \"Submission report CSV informatieobjecttype\" label", @@ -908,6 +913,11 @@ "description": "Form definition selection modal title", "originalDefault": "Use existing form definition" }, + "GJ8Ok2": { + "defaultMessage": "Reset submissions counter", + "description": "Reset submissions counter", + "originalDefault": "Reset submissions counter" + }, "GO9yud": { "defaultMessage": "Datum en tijdstip waarop het formulier geactiveerd moet worden.", "description": "Form activation field help text", @@ -1033,6 +1043,11 @@ "description": "Form appointment enabled field label", "originalDefault": "Appointment enabled" }, + "HrSXGN": { + "defaultMessage": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?", + "description": "Reset the submissions counter confirmation message", + "originalDefault": "You are about to reset the submissions counter and this action is irreversible. Are you sure that you want to do this?" + }, "HuAm1K": { "defaultMessage": "en de stap \"{step}\" is bereikt", "description": "Additional 'trigger from step' condition", @@ -2655,6 +2670,11 @@ "description": "Email registration options 'attachFilesToEmail' label", "originalDefault": "Attach files to email" }, + "oWOr9u": { + "defaultMessage": "Submission", + "description": "Form submission options tab title", + "originalDefault": "Submission" + }, "oYmpN5": { "defaultMessage": "Vink aan om de inhoud toe te voegen aan de PDF die mensen op het eind kunnen downloaden.", "description": "Include confirmation page content in PDF", @@ -2850,6 +2870,11 @@ "description": "Email registration options 'attachFilesToEmail' helpText", "originalDefault": "Enable to attach file uploads to the registration email. If set, this overrides the global default. Form designers should take special care to ensure that the total file upload sizes do not exceed the email size limit." }, + "sQekFr": { + "defaultMessage": "Maximum allowed number of submissions", + "description": "Form submissionMaximumAllowed field label", + "originalDefault": "Maximum allowed number of submissions" + }, "sptpzv": { "defaultMessage": "Let op! Migreren naar het nieuwe configuratieformaat maakt de bestaande JSON-sjablonen leeg. Daarnaast kan je het formulier pas opslaan als alle verplichte variabelen goed gekoppeld zijn. Ben je zeker dat je wil migreren?", "description": "Objects API registration backend: v2 switch warning message", diff --git a/src/openforms/js/utils/fetch.js b/src/openforms/js/utils/fetch.js index e41a15db97..38f8d1fd46 100644 --- a/src/openforms/js/utils/fetch.js +++ b/src/openforms/js/utils/fetch.js @@ -113,6 +113,11 @@ const put = async (url, csrftoken, data = {}, throwOn400 = false) => { return resp; }; +const patch = async (url, csrftoken, data = {}, throwOn400 = false) => { + const resp = await _unsafe('PATCH', url, csrftoken, data, throwOn400); + return resp; +}; + const apiDelete = async (url, csrftoken) => { const opts = { method: 'DELETE', @@ -127,4 +132,4 @@ const apiDelete = async (url, csrftoken) => { }; export {ValidationErrors}; -export {get, post, put, apiDelete, apiCall}; +export {get, post, put, patch, apiDelete, apiCall}; diff --git a/src/openforms/submissions/exceptions.py b/src/openforms/submissions/exceptions.py index 88eced144b..f7eba0a403 100644 --- a/src/openforms/submissions/exceptions.py +++ b/src/openforms/submissions/exceptions.py @@ -11,3 +11,10 @@ class FormDeactivated(UnprocessableEntity): class FormMaintenance(ServiceUnavailable): default_detail = _("The form is currently disabled for maintenance.") default_code = "form-maintenance" + + +class FormMaximumSubmissions(ServiceUnavailable): + default_detail = _( + "The form has currently reached the maximum amount of submissions." + ) + default_code = "form-maximum-submissions" diff --git a/src/openforms/submissions/signals.py b/src/openforms/submissions/signals.py index e2547f4cee..99e5c44ccb 100644 --- a/src/openforms/submissions/signals.py +++ b/src/openforms/submissions/signals.py @@ -103,3 +103,12 @@ def increment_form_counter(sender, instance: Submission, **kwargs): form_statistics.submission_count = F("submission_count") + 1 form_statistics.last_submission = timezone.now() form_statistics.save() + + +@receiver( + submission_complete, dispatch_uid="submission.increment_submissions_form_counter" +) +def increment_submissions_form_counter(sender, instance: Submission, **kwargs): + if instance.form.submission_maximum_allowed: + instance.form.submission_counter += 1 + instance.form.save() diff --git a/src/openforms/submissions/templates/submissions/resume_form_error.html b/src/openforms/submissions/templates/submissions/resume_form_error.html index dcda69a120..42d825e0d9 100644 --- a/src/openforms/submissions/templates/submissions/resume_form_error.html +++ b/src/openforms/submissions/templates/submissions/resume_form_error.html @@ -23,6 +23,10 @@

{% blocktrans trimmed %} This form is currently undergoing maintenance. Please try again later. {% endblocktrans %} + {% elif error.detail.code == 'form-maximum-submissions' %} + {% blocktrans trimmed %} + Unfortunately, this form is no longer available for submissions. + {% endblocktrans %} {% endif %} diff --git a/src/openforms/submissions/tests/test_resume_form_view.py b/src/openforms/submissions/tests/test_resume_form_view.py index f53aa2cda0..eea09357d9 100644 --- a/src/openforms/submissions/tests/test_resume_form_view.py +++ b/src/openforms/submissions/tests/test_resume_form_view.py @@ -13,6 +13,7 @@ from openforms.frontend.tests import FrontendRedirectMixin from ..constants import SUBMISSIONS_SESSION_KEY +from ..exceptions import FormMaximumSubmissions from ..tokens import submission_resume_token_generator from .factories import SubmissionFactory, SubmissionStepFactory @@ -456,3 +457,46 @@ def test_redirects_to_auth_if_form_does_not_require_login_but_user_logged_in_the response, expected_redirect_url.url, fetch_redirect_response=False ) self.assertNotIn(SUBMISSIONS_SESSION_KEY, self.client.session) + + def test_resume_with_form_max_submissions_limit_reached(self): + submission = SubmissionFactory.from_components( + completed=True, + components_list=[], + form_url="http://maykinmedia.nl/some-form/startpagina", + form__submission_maximum_allowed=1, + form__submission_counter=1, + ) + + endpoint = reverse( + "submissions:resume", + kwargs={ + "token": submission_resume_token_generator.make_token(submission), + "submission_uuid": submission.uuid, + }, + ) + + response = self.client.get(endpoint) + + self.assertNotEqual(response.status_code, 302) + self.assertIsInstance(response.context_data["error"], FormMaximumSubmissions) + + def test_resume_with_form_max_submissions_limit_not_reached(self): + submission = SubmissionFactory.from_components( + completed=True, + components_list=[], + form_url="http://maykinmedia.nl/some-form/startpagina", + form__submission_maximum_allowed=2, + form__submission_counter=1, + ) + + endpoint = reverse( + "submissions:resume", + kwargs={ + "token": submission_resume_token_generator.make_token(submission), + "submission_uuid": submission.uuid, + }, + ) + + response = self.client.get(endpoint) + + self.assertEqual(response.status_code, 302) diff --git a/src/openforms/submissions/tests/test_start_submission.py b/src/openforms/submissions/tests/test_start_submission.py index ec46588ad2..cf2d61f0a1 100644 --- a/src/openforms/submissions/tests/test_start_submission.py +++ b/src/openforms/submissions/tests/test_start_submission.py @@ -247,3 +247,30 @@ def test_start_submission_with_initial_data_reference(self): self.assertEqual( submission.initial_data_reference, body["initialDataReference"] ) + + def test_start_submission_with_form_max_submissions_limit_not_reached(self): + form = FormFactory.create(submission_maximum_allowed=1) + FormStepFactory.create(form=form) + + form_url = reverse("api:form-detail", kwargs={"uuid_or_slug": form.uuid}) + body = { + "form": f"http://testserver.com{form_url}", + "formUrl": "http://testserver.com/my-form", + } + + response = self.client.post(self.endpoint, body) + + self.assertEqual(response.status_code, status.HTTP_201_CREATED) + + def test_start_submission_with_form_max_submissions_limit_reached(self): + form = FormFactory.create(submission_maximum_allowed=1, submission_counter=1) + FormStepFactory.create(form=form) + + form_url = reverse("api:form-detail", kwargs={"uuid_or_slug": form.uuid}) + body = { + "form": f"http://testserver.com{form_url}", + "formUrl": "http://testserver.com/my-form", + } + + response = self.client.post(self.endpoint, body) + self.assertEqual(response.status_code, status.HTTP_503_SERVICE_UNAVAILABLE) diff --git a/src/openforms/submissions/utils.py b/src/openforms/submissions/utils.py index d2bf778f2e..de011beb61 100644 --- a/src/openforms/submissions/utils.py +++ b/src/openforms/submissions/utils.py @@ -31,7 +31,7 @@ from openforms.variables.constants import FormVariableSources from .constants import SUBMISSIONS_SESSION_KEY -from .exceptions import FormDeactivated, FormMaintenance +from .exceptions import FormDeactivated, FormMaintenance, FormMaximumSubmissions from .form_logic import check_submission_logic from .models import Submission, SubmissionReport, SubmissionValueVariable from .tokens import submission_report_token_generator @@ -285,6 +285,8 @@ def check_form_status( :raises: :class:`FormDeactivated` if the form is deactivated :raises: :class`FormMaintenance` if the form is in maintenance mode and the user is not a staff user. + :raises: :class:`FormMaximumSubmissions` if the form has reached the maximum amount + of submissions. """ # live forms -> shortcut, this is okay, proceed as usual if form.is_available: @@ -302,6 +304,10 @@ def check_form_status( if form.maintenance_mode and not request.user.is_staff: raise FormMaintenance() + # do not proceed if the form has reached the maximum amount of submissions + if form.has_reached_submissions_limit(): + raise FormMaximumSubmissions() + def get_report_download_url(request: Request, report: SubmissionReport) -> str: token = submission_report_token_generator.make_token(report) diff --git a/src/openforms/submissions/views.py b/src/openforms/submissions/views.py index e507938fbc..2587eedcde 100644 --- a/src/openforms/submissions/views.py +++ b/src/openforms/submissions/views.py @@ -28,7 +28,7 @@ from openforms.tokens import BaseTokenGenerator from .constants import RegistrationStatuses -from .exceptions import FormDeactivated, FormMaintenance +from .exceptions import FormDeactivated, FormMaintenance, FormMaximumSubmissions from .forms import SearchSubmissionForCosignForm from .models import Submission, SubmissionFileAttachment, SubmissionReport from .signals import submission_resumed @@ -46,10 +46,10 @@ class ResumeFormMixin(TemplateResponseMixin): def dispatch(self, request: HttpRequest, *args, **kwargs): try: return super().dispatch(request, *args, **kwargs) - except (FormDeactivated, FormMaintenance) as exc: + except (FormDeactivated, FormMaintenance, FormMaximumSubmissions) as exc: return self.render_to_response( context={"error": exc}, - status=exc.status_code if isinstance(exc, FormMaintenance) else 200, + status=(exc.status_code if isinstance(exc, FormMaintenance) else 200), ) def validate_url_and_get_submission(