entrouvert/wcs
entrouvert
/
wcs
14
1
Fork 0
Code Issues Pull Requests 34 Releases Activity

general: remove "user hash" stuff (#13840)

This commit is contained in:
Frédéric Péters 2017-01-31 16:28:02 +01:00
parent 2702aca978
commit 12124f14ab
9 changed files with 14 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
help/fr/dev-sql.page
View File

@ -39,8 +39,6 @@ réservé aux usages internes.
<item><p><var>id</var> : identifiant interne</p></item>
<item><p><var>id_display</var> : identifiant externe, le cas échéant</p></item>
<item><p><var>user_id</var> : identifiant de l'utilisateur</p></item>
<item><p><var>user_hash</var> : <em>hash</em> de l'utilisateur, quand ce
mode est activé</p></item>
<item><p><var>receipt_time</var> : date et heure de réception</p></item>
<item><p><var>status</var> : statut courant</p></item>
<item><p><var>is_at_endpoint</var> : indicateur de fin de traitement</p></item>

13
wcs/admin/settings.py
View File

@ -18,7 +18,6 @@ import copy
import cStringIO
import hashlib
import mimetypes
import random
import os
import urllib2
try:
@ -77,23 +76,13 @@ class IdentificationDirectory(Directory):
inline=False,
required=True)
form.add(CheckboxWidget, 'use_user_hash', title=_('One-way association between user and forms'),
value=bool(identification_cfg.get('use_user_hash', False)),
required=False)
form.add_submit('submit', _('Submit'))
form.add_submit('cancel', _('Cancel'))
if form.get_widget('cancel').parse():
return redirect('..')
if form.is_submitted() and not form.has_errors():
cfg_submit(form, 'identification', ['methods', 'use_user_hash'])
if not identification_cfg.get('user_hash_secret_key') and form.get_widget('use_user_hash').parse():
identification_cfg = get_cfg('identification', {})
identification_cfg[str('user_hash_secret_key')] = \
str(random.SystemRandom().getrandbits(64))
get_publisher().cfg[str('identification')] = identification_cfg
get_publisher().write_cfg()
cfg_submit(form, 'identification', ['methods'])
if not form.has_errors():
return redirect('..')

5
wcs/api.py
View File

@ -438,11 +438,6 @@ class ApiUserDirectory(Directory):
for formdef in formdefs:
user_forms.extend(formdef.data_class().get_with_indexed_value(
'user_id', user.id))
try:
user_forms.extend(formdef.data_class().get_with_indexed_value(
'user_hash', user.hash))
except AttributeError:
pass
user_forms.sort(lambda x, y: cmp(x.receipt_time, y.receipt_time))
return user_forms

20
wcs/formdata.py
View File

@ -183,13 +183,12 @@ class Evolution(object):
class FormData(StorableObject):
_names = 'XX'
_hashed_indexes = ['user_id', 'user_hash', 'status', 'workflow_roles',
_hashed_indexes = ['user_id', 'status', 'workflow_roles',
'concerned_roles', 'actions_roles']
id_display = None
user_id = None
user_hash = None
receipt_time = None
status = None
anonymised = None
@ -256,15 +255,10 @@ class FormData(StorableObject):
return None
def set_user(self, user):
self.user_hash = None
try:
self.user_hash = user.hash
if user:
self.user_id = user.id
else:
self.user_id = None
except AttributeError:
if user:
self.user_id = user.id
else:
self.user_id = None
user = property(get_user, set_user)
def has_empty_data(self):
@ -648,11 +642,6 @@ class FormData(StorableObject):
def is_submitter(self, user):
if self.user_id and user and str(self.user_id) == str(user.id):
return True
try:
if self.user_hash and self.user_hash == user.hash:
return True
except AttributeError:
return False
if get_session() and get_session().is_anonymous_submitter(self):
return True
return False
@ -734,7 +723,6 @@ class FormData(StorableObject):
self.anonymised = datetime.datetime.now()
self.user_id = None
self.user_hash = None
self.editable_by = None
self.workflow_data = None
self.workflow_roles = None

3
wcs/formdef.py
View File

@ -1053,9 +1053,6 @@ class FormDef(StorableObject):
if evo.who == '_submitter':
if formdata.user_id:
evo_who = formdata.user_id
elif formdata.user_hash and get_request() and (
get_request().user and formdata.is_submitter(get_request().user)):
evo_who = get_request().user.id
else:
evo_who = evo.who
if evo_who:

11
wcs/forms/root.py
View File

@ -73,11 +73,7 @@ def get_user_forms(formdef):
user = session.get_user()
user_forms = []
if user and not user.anonymous:
user_forms.extend(formdef.data_class().get_with_indexed_value('user_id', user.id))
try:
user_forms.extend(formdef.data_class().get_with_indexed_value('user_hash', user.hash))
except AttributeError:
pass
user_forms = formdef.data_class().get_with_indexed_value('user_id', user.id)
return user_forms
from wcs.forms.common import FormStatusPage
@ -1010,10 +1006,7 @@ class FormPage(Directory):
filled.data = self.formdef.get_data(form)
session = get_session()
if session and session.user and not str(session.user).startswith('anonymous-'):
try:
filled.user_hash = get_request().user.hash
except AttributeError:
filled.user_id = get_request().user.id
filled.user_id = get_request().user.id
if get_request().get_path().startswith('/backoffice/'):
filled.user_id = None

12
wcs/sql.py
View File

@ -320,7 +320,6 @@ def do_formdef_tables(formdef, conn=None, cur=None, rebuild_views=False, rebuild
if cur.fetchone()[0] == 0:
cur.execute('''CREATE TABLE %s (id serial PRIMARY KEY,
user_id varchar,
user_hash varchar,
receipt_time timestamp,
anonymised timestamptz,
status varchar,
@ -340,7 +339,7 @@ def do_formdef_tables(formdef, conn=None, cur=None, rebuild_views=False, rebuild
WHERE table_name = %s''', (table_name,))
existing_fields = set([x[0] for x in cur.fetchall()])
needed_fields = set(['id', 'user_id', 'user_hash', 'receipt_time',
needed_fields = set(['id', 'user_id', 'receipt_time',
'status', 'workflow_data', 'id_display', 'fts', 'page_no',
'anonymised', 'workflow_roles', 'workflow_roles_array',
'concerned_roles_array', 'tracking_code',
@ -601,7 +600,7 @@ def get_view_fields(formdef):
view_fields = []
view_fields.append(("int '%s'" % (formdef.category_id or 0), 'category_id'))
view_fields.append(("int '%s'" % (formdef.id or 0), 'formdef_id'))
for field in ('id', 'user_id', 'user_hash', 'receipt_time', 'status',
for field in ('id', 'user_id', 'receipt_time', 'status',
'id_display', 'submission_channel', 'backoffice_submission',
'last_update_time'):
view_fields.append((field, field))
@ -1037,7 +1036,6 @@ class SqlFormData(SqlMixin, wcs.formdata.FormData):
_table_static_fields = [
('id', 'serial'),
('user_id', 'varchar'),
('user_hash', 'varchar'),
('receipt_time', 'timestamp'),
('status', 'varchar'),
('page_no', 'varchar'),
@ -1136,7 +1134,6 @@ class SqlFormData(SqlMixin, wcs.formdata.FormData):
def store(self):
sql_dict = {
'user_id': self.user_id,
'user_hash': self.user_hash,
'status': self.status,
'page_no': self.page_no,
'workflow_data': bytearray(cPickle.dumps(self.workflow_data)),
@ -1851,7 +1848,7 @@ def get_yearly_totals(period_start=None, period_end=None, criterias=None):
return result
SQL_LEVEL = 19
SQL_LEVEL = 20
def migrate_global_views(conn, cur):
cur.execute('''SELECT COUNT(*) FROM information_schema.tables
@ -1885,7 +1882,7 @@ def migrate():
raise RuntimeError()
if sql_level < 1: # 1: introduction of tracking_code table
do_tracking_code_table()
if sql_level < 19:
if sql_level < 20:
# 2: introduction of formdef_id in views
# 5: add concerned_roles_array, is_at_endpoint and fts to views
# 7: add backoffice_submission to tables
@ -1897,6 +1894,7 @@ def migrate():
# 14: add criticality_level to tables & views
# 15: add geolocation to formdata
# 19: add geolocation to views
# 20: remove user hash stuff
migrate_views(conn, cur)
if sql_level < 16:
# 3: introduction of _structured for user fields

15
wcs/users.py
View File

@ -14,9 +14,6 @@
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
import hashlib
import hmac
from qommon.storage import StorableObject
from qommon import get_cfg
import wcs.qommon.storage as st
@ -46,18 +43,6 @@ class User(StorableObject):
self.verified_fields = []
self.roles = []
def get_hash(self):
if not self.id:
raise AttributeError('No hash for anonymous user')
identification_cfg = get_cfg('identification', {})
if not identification_cfg.get('use_user_hash'):
raise AttributeError('User hash is not enabled')
secret_key = identification_cfg.get('user_hash_secret_key')
if not secret_key:
raise AttributeError('No user hash secret key defined')
return hmac.new(secret_key, str(self.id), hashlib.sha256).hexdigest()
hash = property(get_hash)
def migrate(self):
changed = False

4
wcs/wf/roles.py
View File

@ -67,7 +67,7 @@ class AddRoleWorkflowStatusItem(WorkflowStatusItem):
return
self.role_id = str(self.role_id)
if not formdata.user_id:
# we can't work on anonymous or user_hash'ed forms
# we can't work on anonymous forms
return
user = get_publisher().user_class.get(formdata.user_id)
self.perform_local(user, formdata)
@ -127,7 +127,7 @@ class RemoveRoleWorkflowStatusItem(WorkflowStatusItem):
return
self.role_id = str(self.role_id)
if not formdata.user_id:
# we can't work on anonymous or user_hash'ed forms
# we can't work on anonymous forms
return
user = get_publisher().user_class.get(formdata.user_id)
self.perform_local(user, formdata)