1
0
forked from ScoDoc/ScoDoc

Fonction ano users

This commit is contained in:
Emmanuel Viennet 2023-02-09 12:29:46 +01:00
parent cd1e6aa73d
commit 19c82a27de

View File

@ -33,7 +33,6 @@ Runned as user "scodoc" with scodoc and postgresql up.
E. Viennet, Jan 2019 E. Viennet, Jan 2019
""" """
import os
import psycopg2 import psycopg2
import sys import sys
import traceback import traceback
@ -45,6 +44,13 @@ def log(msg):
sys.stderr.flush() sys.stderr.flush()
def usage():
sys.stdout.flush()
sys.stderr.flush()
print(f"Usage: {sys.argv[0]} [--users] dbname", file=sys.stderr)
sys.exit(1)
# --- Fonctions d'Anonymisation, en SQL # --- Fonctions d'Anonymisation, en SQL
anonymize_name = "random_text_md5(8)" anonymize_name = "random_text_md5(8)"
@ -52,15 +58,11 @@ anonymize_date = "'1970-01-01'"
anonymize_question_str = "'?'" anonymize_question_str = "'?'"
anonymize_null = "NULL" anonymize_null = "NULL"
# aggregate_length = lambda column, _: 'length({})'.format(column)
# --- Champs à anonymiser (cette configuration pourrait être placé dans # --- Champs à anonymiser (cette configuration pourrait être placé dans
# un fichier séparé et le code serait alors générique pour toute base # un fichier séparé et le code serait alors générique pour toute base
# posgresql. # posgresql.
# #
# On essaie de retirer les données personnelles des étudiants et des entreprises # On essaie de retirer les données personnelles des étudiants et des entreprises
# TODO: L'identité (login) des enseignants n'est pas modifiée
# #
# #
ANONYMIZED_FIELDS = { ANONYMIZED_FIELDS = {
@ -102,17 +104,23 @@ def anonymize_column(cursor, tablecolumn):
remplacé par nom_valeur_de_la_clé. remplacé par nom_valeur_de_la_clé.
""" """
table, column = tablecolumn.split(".") table, column = tablecolumn.split(".")
anonymization = ANONYMIZED_FIELDS[tablecolumn] anonymized = ANONYMIZED_FIELDS[tablecolumn]
log("processing {}".format(tablecolumn)) log(f"processing {tablecolumn}")
cursor.execute( cursor.execute(f"UPDATE {table} SET {column} = {anonymized};")
"UPDATE {table} SET {column} = {value};".format(
table=table,
column=column, def anonymize_users(cursor):
value=anonymization(column, key_name) """Anonymise la table utilisateurs"""
if callable(anonymization) log("processing user table")
else anonymization, cursor.execute("""UPDATE "user" SET email = 'x@y.fr';""")
) cursor.execute("""UPDATE "user" SET password_hash = '*';""")
) cursor.execute("""UPDATE "user" SET password_scodoc7 = NULL;""")
cursor.execute("""UPDATE "user" SET date_created = '2001-01-01';""")
cursor.execute("""UPDATE "user" SET date_expiration = '2201-12-31';""")
cursor.execute("""UPDATE "user" SET token = NULL;""")
cursor.execute("""UPDATE "user" SET token_expiration = NULL;""")
cursor.execute("""UPDATE "user" SET nom=CONCAT('nom_', id);""")
cursor.execute("""UPDATE "user" SET prenom=CONCAT('nom_', id);""")
def anonymize_db(cursor): def anonymize_db(cursor):
@ -121,21 +129,32 @@ def anonymize_db(cursor):
anonymize_column(cursor, tablecolumn) anonymize_column(cursor, tablecolumn)
process_users = False
if len(sys.argv) < 2 or len(sys.argv) > 3:
usage()
if len(sys.argv) > 2:
if sys.argv[1] != "--users":
usage()
dbname = sys.argv[2]
process_users = True
else:
dbname = sys.argv[1] dbname = sys.argv[1]
log("\nAnonymizing database %s" % dbname) log(f"\nAnonymizing database {dbname}")
cnx_string = "dbname=" + dbname cnx_string = "dbname=" + dbname
try: try:
cnx = psycopg2.connect(cnx_string) cnx = psycopg2.connect(cnx_string)
except: except Exception as e:
log("\n*** Error: can't connect to database %s ***\n" % dbname) log(f"\n*** Error: can't connect to database {dbname} ***\n")
log('connexion string was "%s"' % cnx_string) log(f"""connexion string was "{cnx_string}" """)
traceback.print_exc() traceback.print_exc()
cnx.set_session(autocommit=False) cnx.set_session(autocommit=False)
cursor = cnx.cursor() cursor = cnx.cursor()
anonymize_db(cursor) anonymize_db(cursor)
if process_users:
anonymize_users(cursor)
cnx.commit() cnx.commit()
cnx.close() cnx.close()