From 0a4a0d5dd13d7db8b174c460abb8d1d85ae70e47 Mon Sep 17 00:00:00 2001 From: Grizzly Date: Sun, 4 Nov 2018 16:26:04 +0000 Subject: [PATCH 1/3] =?UTF-8?q?Anonymisation=20des=20donn=C3=A9e=20de=20l'?= =?UTF-8?q?utilisateur?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- users/management/commands/anonymize.py | 51 ++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 users/management/commands/anonymize.py diff --git a/users/management/commands/anonymize.py b/users/management/commands/anonymize.py new file mode 100644 index 00000000..a442dbe1 --- /dev/null +++ b/users/management/commands/anonymize.py @@ -0,0 +1,51 @@ +from django.core.management.base import BaseCommand +from users.models import User, School, Adherent +from django.db.models import F, Value +from django.db.models.functions import Concat + +class Command(BaseCommand): + help="Anonymize the data in the database in order to use them on critical servers (dev, personnal...). Every information will be overwritten using non-personnal informations. This script must follow any modification of the database." + + def handle(self, *args, **kwargs): + + total = User.objects.count() + self.stdout.write("Starting anonymizing the {} users data.".format(total)) + + u = User.objects.all() + a = Adherent.objects.all() + + self.stdout.write('Supression de l\'école...') + # Create a fake School to put everyone in it. + ecole = School(name="Ecole des Ninja") + ecole.save() + u.update(school=ecole) + self.stdout.write(self.style.SUCCESS('done ...')) + + self.stdout.write('Supression des chambres...') + a.update(room=None) + self.stdout.write(self.style.SUCCESS('done ...')) + + self.stdout.write('Supression des mails...') + u.update(email='example@example.org', + local_email_redirect = False, + local_email_enabled=False) + self.stdout.write(self.style.SUCCESS('done ...')) + + self.stdout.write('Supression des noms, prenoms, pseudo, telephone, commentaire...') + a.update(name=Concat(Value('name of '), 'id')) + self.stdout.write(self.style.SUCCESS('done name')) + + a.update(surname=Concat(Value('surname of '), 'id')) + self.stdout.write(self.style.SUCCESS('done surname')) + + a.update(pseudo=F('id')) + self.stdout.write(self.style.SUCCESS('done pseudo')) + + a.update(telephone=Concat(Value('phone of '), 'id')) + self.stdout.write(self.style.SUCCESS('done phone')) + + a.update(comment=Concat(Value('commentaire of '), 'id')) + self.stdout.write(self.style.SUCCESS('done ...')) + + + self.stdout.write("Data anonymized!") From 5bd3a929df00da8c607a48cac5c982947a46d190 Mon Sep 17 00:00:00 2001 From: Grizzly Date: Sun, 4 Nov 2018 17:09:24 +0000 Subject: [PATCH 2/3] Unification du mot de passe --- users/management/commands/anonymize.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/users/management/commands/anonymize.py b/users/management/commands/anonymize.py index a442dbe1..00cbb007 100644 --- a/users/management/commands/anonymize.py +++ b/users/management/commands/anonymize.py @@ -3,6 +3,10 @@ from users.models import User, School, Adherent from django.db.models import F, Value from django.db.models.functions import Concat +from re2o.login import hashNT, makeSecret + +import os, random, string + class Command(BaseCommand): help="Anonymize the data in the database in order to use them on critical servers (dev, personnal...). Every information will be overwritten using non-personnal informations. This script must follow any modification of the database." @@ -46,6 +50,21 @@ class Command(BaseCommand): a.update(comment=Concat(Value('commentaire of '), 'id')) self.stdout.write(self.style.SUCCESS('done ...')) + + self.stdout.write('Unification du mot de passe...') + # Define the password + chars = string.ascii_letters + string.digits + '!@#$%^&*()' + taille = 20 + random.seed = (os.urandom(1024)) + password = "" + for i in range(taille): + password+=random.choice(chars) + + self.stdout.write(self.style.HTTP_NOT_MODIFIED('The password will be: {}'.format(password))) + + a.update(pwd_ntlm = hashNT(password)) + a.update(password = makeSecret(password)) + self.stdout.write(self.style.SUCCESS('done...')) self.stdout.write("Data anonymized!") From dd4143dbe266d3431401bb9f2090fa1c7fc75ac3 Mon Sep 17 00:00:00 2001 From: Grizzly Date: Mon, 5 Nov 2018 19:08:33 +0000 Subject: [PATCH 3/3] Anonymisation des clubs --- users/management/commands/anonymize.py | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/users/management/commands/anonymize.py b/users/management/commands/anonymize.py index 00cbb007..d2632576 100644 --- a/users/management/commands/anonymize.py +++ b/users/management/commands/anonymize.py @@ -1,5 +1,5 @@ from django.core.management.base import BaseCommand -from users.models import User, School, Adherent +from users.models import User, School, Adherent, Club from django.db.models import F, Value from django.db.models.functions import Concat @@ -12,11 +12,12 @@ class Command(BaseCommand): def handle(self, *args, **kwargs): - total = User.objects.count() + total = Adherent.objects.count() self.stdout.write("Starting anonymizing the {} users data.".format(total)) u = User.objects.all() a = Adherent.objects.all() + c = Club.objects.all() self.stdout.write('Supression de l\'école...') # Create a fake School to put everyone in it. @@ -27,6 +28,7 @@ class Command(BaseCommand): self.stdout.write('Supression des chambres...') a.update(room=None) + c.update(room=None) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Supression des mails...') @@ -42,7 +44,7 @@ class Command(BaseCommand): a.update(surname=Concat(Value('surname of '), 'id')) self.stdout.write(self.style.SUCCESS('done surname')) - a.update(pseudo=F('id')) + u.update(pseudo=F('id')) self.stdout.write(self.style.SUCCESS('done pseudo')) a.update(telephone=Concat(Value('phone of '), 'id')) @@ -62,9 +64,8 @@ class Command(BaseCommand): self.stdout.write(self.style.HTTP_NOT_MODIFIED('The password will be: {}'.format(password))) - a.update(pwd_ntlm = hashNT(password)) - a.update(password = makeSecret(password)) + u.update(pwd_ntlm = hashNT(password)) + u.update(password = makeSecret(password)) self.stdout.write(self.style.SUCCESS('done...')) - self.stdout.write("Data anonymized!")