Merge pull request #411 from DemocracyLab/linkedin_positions

Offering positions as an XML feed for LinkedIn's Limited Listings

Author: marlonkeating

civictechprojects/urls.py

@@ -61,6 +61,7 @@
     url(r'^api/projects/recent', views.recent_projects_list),
     url(r'^api/projects', views.projects_list),
     url(r'^api/events', views.events_list),
+    url(r'^api/limited_listings', views.limited_listings),
     url(r'^api/groups', views.groups_list),
     url(r'^api/my_projects', views.my_projects),
     url(r'^api/my_events', views.my_events),

civictechprojects/views.py

@@ -581,6 +581,45 @@ def recent_projects_list(request):
         return JsonResponse({'projects': hydrated_project_list})
 
 
+def limited_listings(request):
+    """Summarizes current positions in a format specified by the LinkedIn "Limited Listings" feature."""
+
+    def cdata(str):
+        # Using CDATA tags (and escaping the close sequence) protects us from XSS attacks when
+        # displaying user provided string values.
+        return f"<![CDATA[{str.replace(']]>', ']]]]><![CDATA[>')}]]>"
+    
+    def position_to_job(position):
+        project = position.position_project
+        roleTag = Tag.get_by_name(position.position_role.first().slug)
+
+        return f"""
+        <job>
+            <company>{cdata(project.project_name)}</company>
+            <title>{cdata(roleTag.display_name)}</title>
+            <description>{cdata(position.position_description)}</description>
+            <partnerJobId>{cdata(str(position.id))}</partnerJobId>
+            <location>{cdata(", ".join([project.project_city, project.project_state]) if (project.project_city and project.project_state) else "")}</location>
+            <city>{cdata(project.project_city)}</city>
+            <state>{cdata(project.project_state)}</state>
+            <country>{cdata(project.project_country)}</country>
+            <applyUrl>{cdata(position.description_url or project.project_url)}</applyUrl>
+            <industryCodes><industryCode>{cdata("4")}</industryCode></industryCodes>
+        </job>
+        """
+
+    approved_projects = ProjectPosition.objects.filter(position_project__is_searchable=True)
+    xml_response = f"""<?xml version="1.0" encoding="UTF-8"?>
+    <source>
+        <lastBuildDate>{timezone.now().strftime('%a, %d %b %Y %H:%M:%S %Z')}</lastBuildDate> 
+        <publisherUrl>https://www.democracylab.org</publisherUrl>
+        <publisher>DemocracyLab</publisher>
+        {"".join(map(position_to_job, approved_projects))}
+    </source>"""
+
+    return HttpResponse(xml_response, content_type="application/xml")
+
+
 def apply_tag_filters(project_list, query_params, param_name, tag_filter):
     if param_name in query_params:
         tag_dict = get_tag_dictionary()