gdpr_admin 1.3.0 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +40 -0
- data/app/models/gdpr_admin/request.rb +2 -8
- data/lib/gdpr_admin/application_data_policy.rb +61 -1
- data/lib/gdpr_admin/helpers/data_policy_helper.rb +15 -0
- data/lib/gdpr_admin/paper_trail/version_data_policy.rb +10 -7
- data/lib/gdpr_admin/skip_record_error.rb +5 -0
- data/lib/gdpr_admin/version.rb +1 -1
- data/lib/gdpr_admin.rb +2 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9b1d58ff60fa19dc3b0a1fb067ae2ed0dfc96e8798257989534a39e8600ef878
|
|
4
|
+
data.tar.gz: b199dc1a90a1fab64a6b98bcde51dc656a8943f12381dcdbc275e51147997c92
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b7813fc861f53e6d280369e403e9ece16484dfc433e2005b6c6eac739f91694d06169fcf0b60a3b1d1e32f65dcc45a44a8dee5446e89a35b90391070a42c0c96
|
|
7
|
+
data.tar.gz: 02a363b0a84f217aceeb3e19e2d0f53b09d7f5030e3dbf16abae8c92a8dc52cca9138c3fca55b6ce1014f639a915914e910c45e7538d5f24ecf79c005a3abb14
|
data/README.md
CHANGED
|
@@ -35,6 +35,11 @@ Or install it yourself as:
|
|
|
35
35
|
$ gem install gdpr_admin
|
|
36
36
|
```
|
|
37
37
|
|
|
38
|
+
Then install the migrations:
|
|
39
|
+
```bash
|
|
40
|
+
$ rails gdpr_admin:install:migrations
|
|
41
|
+
```
|
|
42
|
+
|
|
38
43
|
## Usage
|
|
39
44
|
|
|
40
45
|
Create your data policies file within `app/gdpr` _(configurable)_ and inherit from `GdprAdmin::ApplicationDataPolicy`.
|
|
@@ -138,6 +143,41 @@ same anonymized value. _(note: different values may also yield the same value)_
|
|
|
138
143
|
|
|
139
144
|
To use the built-in anonymizer functions, you need to install the gem `faker`.
|
|
140
145
|
|
|
146
|
+
## Data Policy Hooks
|
|
147
|
+
For advanced use cases, you may install hooks that are run at different stages of the data policy process.
|
|
148
|
+
|
|
149
|
+
### `before_process`
|
|
150
|
+
Will be run before the policy is executed. Calling `skip_data_policy!` will raise `GdprAdmin::SkipDataPolicyError` and
|
|
151
|
+
stop the execution of the data policy.
|
|
152
|
+
|
|
153
|
+
```ruby
|
|
154
|
+
class ContactDataPolicy < GdprAdmin::ApplicationDataPolicy
|
|
155
|
+
before_process :skip_internal_contacts!
|
|
156
|
+
|
|
157
|
+
private
|
|
158
|
+
|
|
159
|
+
def skip_internal_contacts!
|
|
160
|
+
skip_data_policy! if contact.email =~ /.*@company\.com/
|
|
161
|
+
end
|
|
162
|
+
end
|
|
163
|
+
```
|
|
164
|
+
|
|
165
|
+
### `before_process_record`
|
|
166
|
+
Called before processing a record (either erasing or exporting). Calling `skip_record!` will raise `GdprAdmin::SkipRecordError` and
|
|
167
|
+
skip processing that particular record.
|
|
168
|
+
|
|
169
|
+
```ruby
|
|
170
|
+
class UserDataPolicy < GdprAdmin::ApplicationDataPolicy
|
|
171
|
+
before_process :skip_super_admins!
|
|
172
|
+
|
|
173
|
+
private
|
|
174
|
+
|
|
175
|
+
def skip_super_admins!(user)
|
|
176
|
+
skip_record! if user.role == 'super_admin'
|
|
177
|
+
end
|
|
178
|
+
end
|
|
179
|
+
```
|
|
180
|
+
|
|
141
181
|
## GDPR Request
|
|
142
182
|
A GDPR Request (`GdprAdmin::Request`) represents a request to remove a subject's data, tenant's data, or export subject data.
|
|
143
183
|
|
|
@@ -35,7 +35,7 @@ module GdprAdmin
|
|
|
35
35
|
GdprAdmin.load_data_policies
|
|
36
36
|
with_lock { processing! }
|
|
37
37
|
with_lock do
|
|
38
|
-
|
|
38
|
+
process_policies
|
|
39
39
|
completed!
|
|
40
40
|
end
|
|
41
41
|
rescue StandardError
|
|
@@ -63,13 +63,7 @@ module GdprAdmin
|
|
|
63
63
|
|
|
64
64
|
def process_policies
|
|
65
65
|
ApplicationDataPolicy.descendants.each do |policy_class|
|
|
66
|
-
|
|
67
|
-
policy.scope.find_each do |record|
|
|
68
|
-
policy.export(record) if export?
|
|
69
|
-
policy.erase(record) if erase?
|
|
70
|
-
end
|
|
71
|
-
rescue SkipDataPolicyError
|
|
72
|
-
next
|
|
66
|
+
policy_class.process(self)
|
|
73
67
|
end
|
|
74
68
|
end
|
|
75
69
|
|
|
@@ -2,15 +2,34 @@
|
|
|
2
2
|
|
|
3
3
|
module GdprAdmin
|
|
4
4
|
class ApplicationDataPolicy
|
|
5
|
+
include Helpers::DataPolicyHelper
|
|
5
6
|
include Helpers::EraseHelper
|
|
6
7
|
include Helpers::ScopeHelper
|
|
7
8
|
|
|
9
|
+
class << self
|
|
10
|
+
attr_reader :before_process_hooks, :before_process_record_hooks
|
|
11
|
+
|
|
12
|
+
def before_process(method)
|
|
13
|
+
@before_process_hooks ||= []
|
|
14
|
+
@before_process_hooks << method
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def before_process_record(method)
|
|
18
|
+
@before_process_record_hooks ||= []
|
|
19
|
+
@before_process_record_hooks << method
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def process(request)
|
|
23
|
+
new(request).process
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
8
27
|
def initialize(request)
|
|
9
28
|
@request = request
|
|
10
29
|
end
|
|
11
30
|
|
|
12
31
|
def scope
|
|
13
|
-
|
|
32
|
+
skip_data_policy!
|
|
14
33
|
end
|
|
15
34
|
|
|
16
35
|
def export(_record)
|
|
@@ -21,8 +40,49 @@ module GdprAdmin
|
|
|
21
40
|
raise NotImplementedError
|
|
22
41
|
end
|
|
23
42
|
|
|
43
|
+
def process
|
|
44
|
+
GdprAdmin.config.tenant_adapter.with_tenant(request.tenant) do
|
|
45
|
+
run_preprocessors
|
|
46
|
+
scope.find_each do |record|
|
|
47
|
+
process_record(record)
|
|
48
|
+
end
|
|
49
|
+
rescue SkipDataPolicyError
|
|
50
|
+
nil
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
24
54
|
protected
|
|
25
55
|
|
|
26
56
|
attr_reader :request
|
|
57
|
+
|
|
58
|
+
def process_record(record)
|
|
59
|
+
run_record_preprocessors(record)
|
|
60
|
+
export(record) if request.export?
|
|
61
|
+
erase(record) if request.erase?
|
|
62
|
+
rescue SkipRecordError
|
|
63
|
+
nil
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def run_preprocessors
|
|
67
|
+
before_process_hooks = self.class.before_process_hooks || []
|
|
68
|
+
before_process_hooks.each do |hook|
|
|
69
|
+
call_hook(hook)
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def run_record_preprocessors(record)
|
|
74
|
+
before_process_record_hooks = self.class.before_process_record_hooks || []
|
|
75
|
+
before_process_record_hooks.each do |hook|
|
|
76
|
+
call_hook(hook, record)
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def call_hook(hook, value = nil)
|
|
81
|
+
hook = method(hook) unless hook.respond_to?(:call)
|
|
82
|
+
|
|
83
|
+
arity = hook.arity
|
|
84
|
+
args = [value].take(arity).reverse
|
|
85
|
+
instance_exec(*args, &hook)
|
|
86
|
+
end
|
|
27
87
|
end
|
|
28
88
|
end
|
|
@@ -9,13 +9,7 @@ module GdprAdmin
|
|
|
9
9
|
|
|
10
10
|
def erase(version, item_fields = nil)
|
|
11
11
|
item_fields ||= infer_item_fields(version)
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
base_changes = {
|
|
15
|
-
object: anonymize_version_object(version, item_fields),
|
|
16
|
-
object_changes: anonymize_version_object_changes(version, item_fields),
|
|
17
|
-
}.compact
|
|
18
|
-
erase_fields(version, fields, base_changes)
|
|
12
|
+
erase_fields(version, fields, base_changes(version, item_fields))
|
|
19
13
|
end
|
|
20
14
|
|
|
21
15
|
def fields
|
|
@@ -24,6 +18,15 @@ module GdprAdmin
|
|
|
24
18
|
|
|
25
19
|
private
|
|
26
20
|
|
|
21
|
+
def base_changes(version, item_fields)
|
|
22
|
+
return {} if item_fields.blank?
|
|
23
|
+
|
|
24
|
+
{
|
|
25
|
+
object: anonymize_version_object(version, item_fields),
|
|
26
|
+
object_changes: anonymize_version_object_changes(version, item_fields),
|
|
27
|
+
}.compact
|
|
28
|
+
end
|
|
29
|
+
|
|
27
30
|
def infer_item_fields(version)
|
|
28
31
|
infer_data_policy_class(version)&.new(request)&.try(:fields)
|
|
29
32
|
end
|
data/lib/gdpr_admin/version.rb
CHANGED
data/lib/gdpr_admin.rb
CHANGED
|
@@ -6,6 +6,8 @@ require 'gdpr_admin/configuration'
|
|
|
6
6
|
require 'gdpr_admin/error'
|
|
7
7
|
require 'gdpr_admin/invalid_status_error'
|
|
8
8
|
require 'gdpr_admin/skip_data_policy_error'
|
|
9
|
+
require 'gdpr_admin/skip_record_error'
|
|
10
|
+
require 'gdpr_admin/helpers/data_policy_helper'
|
|
9
11
|
require 'gdpr_admin/helpers/erase_helper'
|
|
10
12
|
require 'gdpr_admin/helpers/scope_helper'
|
|
11
13
|
require 'gdpr_admin/application_data_policy'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: gdpr_admin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Colex
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-03-
|
|
11
|
+
date: 2023-03-30 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -165,6 +165,7 @@ files:
|
|
|
165
165
|
- lib/gdpr_admin/configuration.rb
|
|
166
166
|
- lib/gdpr_admin/engine.rb
|
|
167
167
|
- lib/gdpr_admin/error.rb
|
|
168
|
+
- lib/gdpr_admin/helpers/data_policy_helper.rb
|
|
168
169
|
- lib/gdpr_admin/helpers/erase_helper.rb
|
|
169
170
|
- lib/gdpr_admin/helpers/field_anonymizer_helper.rb
|
|
170
171
|
- lib/gdpr_admin/helpers/paper_trail_helper.rb
|
|
@@ -172,6 +173,7 @@ files:
|
|
|
172
173
|
- lib/gdpr_admin/invalid_status_error.rb
|
|
173
174
|
- lib/gdpr_admin/paper_trail/version_data_policy.rb
|
|
174
175
|
- lib/gdpr_admin/skip_data_policy_error.rb
|
|
176
|
+
- lib/gdpr_admin/skip_record_error.rb
|
|
175
177
|
- lib/gdpr_admin/tenant_adapters/acts_as_tenant_adapter.rb
|
|
176
178
|
- lib/gdpr_admin/version.rb
|
|
177
179
|
- lib/tasks/gdpr_admin_tasks.rake
|