from django.core.management.base import BaseCommand from users.models import User, School, Adherent, Club from machines.models import Domain, Machine from reversion.models import Revision from django.db.models import F, Value from django.db.models import Q from django.db.models.functions import Concat from re2o.login import hashNT, makeSecret import os, random, string from random import randint class Command(BaseCommand): help="Anonymize the data in the database in order to use them on critical servers (dev, personnal...). Every information will be overwritten using non-personnal informations. This script must follow any modification of the database.\nOptionnal argument: {id|id|id|...} to exclude users from anonymisation" def add_arguments(self, parser): parser.add_argument('user_id', nargs='+', type=int, help='User ID') def handle(self, *args, **kwargs): users_ids = kwargs['user_id'] for user_id in users_ids: self.stdout.write("User: {} will not be anonymised".format(User.objects.filter(id=user_id).get().name)) self.stdout.write(self.style.WARNING('\nDISCLAIMER\nThis function will make your database unusable for production. Are you sure you want to run this ?(doit): ')) if(input()=="doit"): total = Adherent.objects.count() self.stdout.write("Starting anonymizing the {} users data.".format(total)) u = User.objects.filter(~Q(id__in=users_ids)) a = Adherent.objects.filter(~Q(id__in=users_ids)) c = Club.objects.filter(~Q(id__in=users_ids)) d = Domain.objects.all() m = Machine.objects.filter(~Q(user_id__in=users_ids)) self.stdout.write('Supression de l\'école...') # Create a fake School to put everyone in it. ecole = School(name="Ecole des Ninja") ecole.save() u.update(school=ecole) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Supression des chambres...') a.update(room=None) c.update(room=None) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Supression des mails...') u.update(email='example@example.org', local_email_redirect = False, local_email_enabled=False) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Supression des noms, prenoms, pseudo, telephone, commentaire...') a.update(name=Concat(Value('name of '), 'id')) self.stdout.write(self.style.SUCCESS('done name')) a.update(surname=Concat(Value('surname of '), 'id')) self.stdout.write(self.style.SUCCESS('done surname')) u.update(pseudo=F('id')) self.stdout.write(self.style.SUCCESS('done pseudo')) a.update(telephone=Concat(Value('phone of '), 'id')) self.stdout.write(self.style.SUCCESS('done phone')) a.update(comment=Concat(Value('commentaire of '), 'id')) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Renommage des machines...') m.update(name=Concat(Value('Machine '),F('id'),Value(' of '),F('user_id'))) d.update(name=Concat(Value('Domaine id '),F('id'))) self.stdout.write(self.style.SUCCESS('done ...')) self.stdout.write('Unification du mot de passe...') # Define the password chars = string.ascii_letters + string.digits + '!@#$%^&*()' taille = 20 random.seed = (os.urandom(1024)) password = "" for i in range(taille): password+=random.choice(chars) self.stdout.write(self.style.HTTP_NOT_MODIFIED('The password will be: {}'.format(password))) u.update(pwd_ntlm = hashNT(password)) u.update(password = makeSecret(password)) self.stdout.write(self.style.SUCCESS('done...')) self.stdout.write('Suppression de l\'historique (This may take some time)') Revision.objects.all().delete() self.stdout.write(self.style.SUCCESS('done...')) self.stdout.write("Data anonymized!") else: self.stdout.write("Anonymisation aborted")