diff --git a/users/management/commands/anonymize.py b/users/management/commands/anonymize.py index d2632576..a6bce971 100644 --- a/users/management/commands/anonymize.py +++ b/users/management/commands/anonymize.py @@ -1,71 +1,98 @@ from django.core.management.base import BaseCommand from users.models import User, School, Adherent, Club +from machines.models import Domain, Machine +from reversion.models import Revision from django.db.models import F, Value +from django.db.models import Q from django.db.models.functions import Concat from re2o.login import hashNT, makeSecret import os, random, string +from random import randint class Command(BaseCommand): - help="Anonymize the data in the database in order to use them on critical servers (dev, personnal...). Every information will be overwritten using non-personnal informations. This script must follow any modification of the database." + help="Anonymize the data in the database in order to use them on critical servers (dev, personnal...). Every information will be overwritten using non-personnal informations. This script must follow any modification of the database.\nOptionnal argument: {id|id|id|...} to exclude users from anonymisation" + + def add_arguments(self, parser): + parser.add_argument('user_id', nargs='+', type=int, help='User ID') def handle(self, *args, **kwargs): + users_ids = kwargs['user_id'] + for user_id in users_ids: + self.stdout.write("User: {} will not be anonymised".format(User.objects.filter(id=user_id).get().name)) + + self.stdout.write(self.style.WARNING('\nDISCLAIMER\nThis function will make your database unusable for production. Are you sure you want to run this ?(doit): ')) + if(input()=="doit"): - total = Adherent.objects.count() - self.stdout.write("Starting anonymizing the {} users data.".format(total)) - - u = User.objects.all() - a = Adherent.objects.all() - c = Club.objects.all() + total = Adherent.objects.count() + self.stdout.write("Starting anonymizing the {} users data.".format(total)) + + u = User.objects.filter(~Q(id__in=users_ids)) + a = Adherent.objects.filter(~Q(id__in=users_ids)) + c = Club.objects.filter(~Q(id__in=users_ids)) + d = Domain.objects.all() + m = Machine.objects.filter(~Q(user_id__in=users_ids)) - self.stdout.write('Supression de l\'école...') - # Create a fake School to put everyone in it. - ecole = School(name="Ecole des Ninja") - ecole.save() - u.update(school=ecole) - self.stdout.write(self.style.SUCCESS('done ...')) + self.stdout.write('Supression de l\'école...') + # Create a fake School to put everyone in it. + ecole = School(name="Ecole des Ninja") + ecole.save() + u.update(school=ecole) + self.stdout.write(self.style.SUCCESS('done ...')) - self.stdout.write('Supression des chambres...') - a.update(room=None) - c.update(room=None) - self.stdout.write(self.style.SUCCESS('done ...')) + self.stdout.write('Supression des chambres...') + a.update(room=None) + c.update(room=None) + self.stdout.write(self.style.SUCCESS('done ...')) - self.stdout.write('Supression des mails...') - u.update(email='example@example.org', - local_email_redirect = False, - local_email_enabled=False) - self.stdout.write(self.style.SUCCESS('done ...')) + self.stdout.write('Supression des mails...') + u.update(email='example@example.org', + local_email_redirect = False, + local_email_enabled=False) + self.stdout.write(self.style.SUCCESS('done ...')) - self.stdout.write('Supression des noms, prenoms, pseudo, telephone, commentaire...') - a.update(name=Concat(Value('name of '), 'id')) - self.stdout.write(self.style.SUCCESS('done name')) + self.stdout.write('Supression des noms, prenoms, pseudo, telephone, commentaire...') + a.update(name=Concat(Value('name of '), 'id')) + self.stdout.write(self.style.SUCCESS('done name')) - a.update(surname=Concat(Value('surname of '), 'id')) - self.stdout.write(self.style.SUCCESS('done surname')) + a.update(surname=Concat(Value('surname of '), 'id')) + self.stdout.write(self.style.SUCCESS('done surname')) - u.update(pseudo=F('id')) - self.stdout.write(self.style.SUCCESS('done pseudo')) + u.update(pseudo=F('id')) + self.stdout.write(self.style.SUCCESS('done pseudo')) - a.update(telephone=Concat(Value('phone of '), 'id')) - self.stdout.write(self.style.SUCCESS('done phone')) + a.update(telephone=Concat(Value('phone of '), 'id')) + self.stdout.write(self.style.SUCCESS('done phone')) - a.update(comment=Concat(Value('commentaire of '), 'id')) - self.stdout.write(self.style.SUCCESS('done ...')) + a.update(comment=Concat(Value('commentaire of '), 'id')) + self.stdout.write(self.style.SUCCESS('done ...')) + + self.stdout.write('Renommage des machines...') + m.update(name=Concat(Value('Machine '),F('id'),Value(' of '),F('user_id'))) + d.update(name=Concat(Value('Domaine id '),F('id'))) + self.stdout.write(self.style.SUCCESS('done ...')) - self.stdout.write('Unification du mot de passe...') - # Define the password - chars = string.ascii_letters + string.digits + '!@#$%^&*()' - taille = 20 - random.seed = (os.urandom(1024)) - password = "" - for i in range(taille): - password+=random.choice(chars) + self.stdout.write('Unification du mot de passe...') + # Define the password + chars = string.ascii_letters + string.digits + '!@#$%^&*()' + taille = 20 + random.seed = (os.urandom(1024)) + password = "" + for i in range(taille): + password+=random.choice(chars) - self.stdout.write(self.style.HTTP_NOT_MODIFIED('The password will be: {}'.format(password))) + self.stdout.write(self.style.HTTP_NOT_MODIFIED('The password will be: {}'.format(password))) - u.update(pwd_ntlm = hashNT(password)) - u.update(password = makeSecret(password)) - self.stdout.write(self.style.SUCCESS('done...')) + u.update(pwd_ntlm = hashNT(password)) + u.update(password = makeSecret(password)) + self.stdout.write(self.style.SUCCESS('done...')) - self.stdout.write("Data anonymized!") + self.stdout.write('Suppression de l\'historique (This may take some time)') + Revision.objects.all().delete() + self.stdout.write(self.style.SUCCESS('done...')) + + self.stdout.write("Data anonymized!") + + else: + self.stdout.write("Anonymisation aborted")