forked from ScoDoc/ScoDoc
Fonction ano users
This commit is contained in:
parent
cd1e6aa73d
commit
19c82a27de
@ -33,7 +33,6 @@ Runned as user "scodoc" with scodoc and postgresql up.
|
|||||||
E. Viennet, Jan 2019
|
E. Viennet, Jan 2019
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import os
|
|
||||||
import psycopg2
|
import psycopg2
|
||||||
import sys
|
import sys
|
||||||
import traceback
|
import traceback
|
||||||
@ -45,6 +44,13 @@ def log(msg):
|
|||||||
sys.stderr.flush()
|
sys.stderr.flush()
|
||||||
|
|
||||||
|
|
||||||
|
def usage():
|
||||||
|
sys.stdout.flush()
|
||||||
|
sys.stderr.flush()
|
||||||
|
print(f"Usage: {sys.argv[0]} [--users] dbname", file=sys.stderr)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
# --- Fonctions d'Anonymisation, en SQL
|
# --- Fonctions d'Anonymisation, en SQL
|
||||||
|
|
||||||
anonymize_name = "random_text_md5(8)"
|
anonymize_name = "random_text_md5(8)"
|
||||||
@ -52,15 +58,11 @@ anonymize_date = "'1970-01-01'"
|
|||||||
anonymize_question_str = "'?'"
|
anonymize_question_str = "'?'"
|
||||||
anonymize_null = "NULL"
|
anonymize_null = "NULL"
|
||||||
|
|
||||||
# aggregate_length = lambda column, _: 'length({})'.format(column)
|
|
||||||
|
|
||||||
|
|
||||||
# --- Champs à anonymiser (cette configuration pourrait être placé dans
|
# --- Champs à anonymiser (cette configuration pourrait être placé dans
|
||||||
# un fichier séparé et le code serait alors générique pour toute base
|
# un fichier séparé et le code serait alors générique pour toute base
|
||||||
# posgresql.
|
# posgresql.
|
||||||
#
|
#
|
||||||
# On essaie de retirer les données personnelles des étudiants et des entreprises
|
# On essaie de retirer les données personnelles des étudiants et des entreprises
|
||||||
# TODO: L'identité (login) des enseignants n'est pas modifiée
|
|
||||||
#
|
#
|
||||||
#
|
#
|
||||||
ANONYMIZED_FIELDS = {
|
ANONYMIZED_FIELDS = {
|
||||||
@ -102,17 +104,23 @@ def anonymize_column(cursor, tablecolumn):
|
|||||||
remplacé par nom_valeur_de_la_clé.
|
remplacé par nom_valeur_de_la_clé.
|
||||||
"""
|
"""
|
||||||
table, column = tablecolumn.split(".")
|
table, column = tablecolumn.split(".")
|
||||||
anonymization = ANONYMIZED_FIELDS[tablecolumn]
|
anonymized = ANONYMIZED_FIELDS[tablecolumn]
|
||||||
log("processing {}".format(tablecolumn))
|
log(f"processing {tablecolumn}")
|
||||||
cursor.execute(
|
cursor.execute(f"UPDATE {table} SET {column} = {anonymized};")
|
||||||
"UPDATE {table} SET {column} = {value};".format(
|
|
||||||
table=table,
|
|
||||||
column=column,
|
def anonymize_users(cursor):
|
||||||
value=anonymization(column, key_name)
|
"""Anonymise la table utilisateurs"""
|
||||||
if callable(anonymization)
|
log("processing user table")
|
||||||
else anonymization,
|
cursor.execute("""UPDATE "user" SET email = 'x@y.fr';""")
|
||||||
)
|
cursor.execute("""UPDATE "user" SET password_hash = '*';""")
|
||||||
)
|
cursor.execute("""UPDATE "user" SET password_scodoc7 = NULL;""")
|
||||||
|
cursor.execute("""UPDATE "user" SET date_created = '2001-01-01';""")
|
||||||
|
cursor.execute("""UPDATE "user" SET date_expiration = '2201-12-31';""")
|
||||||
|
cursor.execute("""UPDATE "user" SET token = NULL;""")
|
||||||
|
cursor.execute("""UPDATE "user" SET token_expiration = NULL;""")
|
||||||
|
cursor.execute("""UPDATE "user" SET nom=CONCAT('nom_', id);""")
|
||||||
|
cursor.execute("""UPDATE "user" SET prenom=CONCAT('nom_', id);""")
|
||||||
|
|
||||||
|
|
||||||
def anonymize_db(cursor):
|
def anonymize_db(cursor):
|
||||||
@ -121,21 +129,32 @@ def anonymize_db(cursor):
|
|||||||
anonymize_column(cursor, tablecolumn)
|
anonymize_column(cursor, tablecolumn)
|
||||||
|
|
||||||
|
|
||||||
dbname = sys.argv[1]
|
process_users = False
|
||||||
|
if len(sys.argv) < 2 or len(sys.argv) > 3:
|
||||||
|
usage()
|
||||||
|
if len(sys.argv) > 2:
|
||||||
|
if sys.argv[1] != "--users":
|
||||||
|
usage()
|
||||||
|
dbname = sys.argv[2]
|
||||||
|
process_users = True
|
||||||
|
else:
|
||||||
|
dbname = sys.argv[1]
|
||||||
|
|
||||||
log("\nAnonymizing database %s" % dbname)
|
log(f"\nAnonymizing database {dbname}")
|
||||||
cnx_string = "dbname=" + dbname
|
cnx_string = "dbname=" + dbname
|
||||||
try:
|
try:
|
||||||
cnx = psycopg2.connect(cnx_string)
|
cnx = psycopg2.connect(cnx_string)
|
||||||
except:
|
except Exception as e:
|
||||||
log("\n*** Error: can't connect to database %s ***\n" % dbname)
|
log(f"\n*** Error: can't connect to database {dbname} ***\n")
|
||||||
log('connexion string was "%s"' % cnx_string)
|
log(f"""connexion string was "{cnx_string}" """)
|
||||||
traceback.print_exc()
|
traceback.print_exc()
|
||||||
|
|
||||||
cnx.set_session(autocommit=False)
|
cnx.set_session(autocommit=False)
|
||||||
cursor = cnx.cursor()
|
cursor = cnx.cursor()
|
||||||
|
|
||||||
anonymize_db(cursor)
|
anonymize_db(cursor)
|
||||||
|
if process_users:
|
||||||
|
anonymize_users(cursor)
|
||||||
|
|
||||||
cnx.commit()
|
cnx.commit()
|
||||||
cnx.close()
|
cnx.close()
|
||||||
|
Loading…
Reference in New Issue
Block a user