From 6dcbc6746830708073c42385d3e23c7f97ea9638 Mon Sep 17 00:00:00 2001 From: Jarmil Date: Wed, 13 Nov 2019 17:00:14 +0100 Subject: [PATCH] A25 castecne: pridani moznosti odvolat souhlas se zpracovanim osobnich udaju --- src/nalodeni/forms.py | 2 +- .../migrations/0058_appuser_dc_undo_stamp.py | 18 +++++++++++++++ src/nalodeni/models.py | 4 ++++ src/nalodeni/templates/people/list.html | 7 +++++- src/nalodeni/templates/person/detail.html | 1 + src/nalodeni/templates/pirati_cz.html | 2 +- src/nalodeni/templates/profil.html | 11 +++++++++- src/nalodeni/views.py | 22 ++++++++++++------- 8 files changed, 55 insertions(+), 12 deletions(-) create mode 100644 src/nalodeni/migrations/0058_appuser_dc_undo_stamp.py diff --git a/src/nalodeni/forms.py b/src/nalodeni/forms.py index 24ef6c1..8dcd097 100644 --- a/src/nalodeni/forms.py +++ b/src/nalodeni/forms.py @@ -61,7 +61,7 @@ class AppUserSsoForm(ModelForm): class Meta: model = models.AppUser fields = ['city', 'postcode', 'district', 'kind', - 'email', 'email_contact', 'email_contact_active', 'dc_stamp'] + 'email', 'email_contact', 'email_contact_active', 'dc_stamp' ] def clean_postcode(self): data = self.cleaned_data['postcode'] diff --git a/src/nalodeni/migrations/0058_appuser_dc_undo_stamp.py b/src/nalodeni/migrations/0058_appuser_dc_undo_stamp.py new file mode 100644 index 0000000..6ec2726 --- /dev/null +++ b/src/nalodeni/migrations/0058_appuser_dc_undo_stamp.py @@ -0,0 +1,18 @@ +# Generated by Django 2.0.3 on 2019-11-13 16:33 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('nalodeni', '0057_auto_20191113_1114'), + ] + + operations = [ + migrations.AddField( + model_name='appuser', + name='dc_undo_stamp', + field=models.DateTimeField(blank=True, default=None, null=True, verbose_name='Datum odvolání souhlasu se zprac.os.údajů'), + ), + ] diff --git a/src/nalodeni/models.py b/src/nalodeni/models.py index d45963a..dc4d440 100644 --- a/src/nalodeni/models.py +++ b/src/nalodeni/models.py @@ -185,7 +185,11 @@ class AppUser(AbstractUser, DataAudited): ts_for_ldap_sync = DateTimeField(_('Timestamp pro LDAP synchronizaci'), default=datetime.datetime.now, blank=True, null=True) + # datum udeleni a odvolani souhlasu se zpracovanim osobnich udaju + # logika: je-li dc_stamp=Null, souhlas neni udelen. + # pole dc_undo_stamp ma pouze informacni vyznam, kdy k odvolani souhlasu doslo dc_stamp = DateTimeField(_('Data consent timestamp'), default=None, blank=True, null=True) + dc_undo_stamp = DateTimeField(_('Datum odvolání souhlasu se zprac.os.údajů'), default=None, blank=True, null=True) # dotaznik pro uzivatele userform = ForeignKey('UserForm', on_delete=CASCADE, verbose_name=_('dotazník'), diff --git a/src/nalodeni/templates/people/list.html b/src/nalodeni/templates/people/list.html index 53454b9..b87da2e 100644 --- a/src/nalodeni/templates/people/list.html +++ b/src/nalodeni/templates/people/list.html @@ -69,7 +69,12 @@ $(document).ready(function(){ - {{p.admin_note}} + + {% if p.dc_undo_stamp is not None %} + Souhlas se zpracováním osobních údajů odvolán {{p.dc_undo_stamp}}
+ {% endif %} + {{p.admin_note}} + {% endfor %} diff --git a/src/nalodeni/templates/person/detail.html b/src/nalodeni/templates/person/detail.html index 4ea54bc..f0b26e2 100644 --- a/src/nalodeni/templates/person/detail.html +++ b/src/nalodeni/templates/person/detail.html @@ -40,6 +40,7 @@   Datum registrace{{obj.createdStamp}} Datum souhlasu os. údajů{{obj.dc_stamp|default_if_none:'-'}} + Datum odvolání souhlasu oú{{obj.dc_undo_stamp|default_if_none:''}} Administrátorská poznámka{{obj.admin_note}} diff --git a/src/nalodeni/templates/pirati_cz.html b/src/nalodeni/templates/pirati_cz.html index e8cf18e..80820dd 100644 --- a/src/nalodeni/templates/pirati_cz.html +++ b/src/nalodeni/templates/pirati_cz.html @@ -375,7 +375,7 @@
  • Aplikaci spravuje
    -
    Martin Rejman
    +
    Technický odbor Pirátů
    • diff --git a/src/nalodeni/templates/profil.html b/src/nalodeni/templates/profil.html index 53227ff..0927d71 100644 --- a/src/nalodeni/templates/profil.html +++ b/src/nalodeni/templates/profil.html @@ -59,7 +59,16 @@ požadovaných funkcí a služeb. Detaily způsobu zpracování osobních údajů jsou k dispozici online. -
    Datum souhlasu se zpracováním os. údajů:
    {{form.dc_stamp}}
    +
    + Datum souhlasu se zpracováním os. údajů:
    + {{form.dc_stamp}} + {% if request.user.dc_stamp is not None %} + Odvolat souhlas se zpracováním osobních údajů + {% endif %} + {% if request.user.dc_undo_stamp is not None %} + (souhlas odvolán {{request.user.dc_undo_stamp}}) + {% endif %} +
    {%comment%}
    {{form.interestedIn.label}}
    {{form.interestedIn.errors}}{{form.interestedIn}}
    {%endcomment%} diff --git a/src/nalodeni/views.py b/src/nalodeni/views.py index 8a69aa5..9890dd5 100644 --- a/src/nalodeni/views.py +++ b/src/nalodeni/views.py @@ -488,18 +488,26 @@ def email_vizitka(request): @login_required(login_url="/prihlaseni") @transaction.atomic def profil(request): - if request.user.ssoUid: - _form = forms.AppUserSsoForm - else: - _form = forms.AppUserForm + + _form = forms.AppUserSsoForm if request.user.ssoUid else forms.AppUserForm + + def save_and_redirect(page): + request.user.save() + return HttpResponseRedirect(page) # TODO :: check and enforce DB transaction to prevent race-condition attacks if request.method == "GET": + + # udeleni souhlasu se zpracovanim osobnich udaju if request.GET.get('doConsent', None) is not None: request.user.dc_stamp = datetime.now() - request.user.save() + return save_and_redirect('/ja-pirat/profil/') - return HttpResponseRedirect('/ja-pirat/profil/') + # odvolani souhlasu se zpracovanim osobnich udaju + if request.GET.get('undoConsent', None) is not None: + request.user.dc_stamp = None + request.user.dc_undo_stamp = datetime.now() + return save_and_redirect('/ja-pirat/profil/') emailToken = request.GET.get('t', None) if emailToken: @@ -535,7 +543,6 @@ def profil(request): request.user.save() return redirect('nalodeni:profil') - # create edit form form = _form(instance=request.user) @@ -550,7 +557,6 @@ def profil(request): form.instance.email_contact_verified = False form.save() - if (form.instance.email_contact != None and not form.instance.email_contact_verified): try: