mirror of
https://github.com/pretix/pretix.git
synced 2026-05-07 15:34:02 +00:00
* Add data shredders for PII * First working shredder * Add more shredders * Add new shredders and download confirmation * tmp * PayPal, Stripe, banktransfer * Add icon to logs * Untested payment log shredders * Add waiting list shredder * First tests * Add tests for shredders * Improve templats, link to shredder * Test payment info shredders * More tests * Documentation * Fix enabled flag in payment provider overview * Fix minor issues
This commit is contained in:
Raphael Michel
@@ -51,12 +51,18 @@
|
||||
<p>
|
||||
{% trans "You can instead take your shop offline. This will hide it from everyone except from the organizer teams you configured to have access to the event." %}
|
||||
</p>
|
||||
<form action="" method="post">
|
||||
<form action="{% url "control:event.live" event=request.event.slug organizer=request.organizer.slug %}"
|
||||
method="post">
|
||||
{% csrf_token %}
|
||||
<input type="hidden" name="live" value="false">
|
||||
|
||||
<div class="form-group submit-group">
|
||||
<a href="{% url "control:event.shredder.start" event=request.event.slug organizer=request.organizer.slug %}" class="btn btn-danger btn-save">
|
||||
<span class="fa fa-eraser"></span>
|
||||
{% trans "Delete personal data" %}
|
||||
</a>
|
||||
<button type="submit" class="btn btn-primary btn-save">
|
||||
<span class="fa fa-power-off"></span>
|
||||
{% trans "Go offline" %}
|
||||
</button>
|
||||
</div>
|
||||
@@ -64,6 +70,12 @@
|
||||
{% else %}
|
||||
<p>
|
||||
{% trans "However, since your shop is offline, it is only visible to the organizing team according to the permissions you configured." %}
|
||||
<div class="form-group submit-group">
|
||||
<a href="{% url "control:event.shredder.start" event=request.event.slug organizer=request.organizer.slug %}" class="btn btn-danger btn-save">
|
||||
<span class="fa fa-eraser"></span>
|
||||
{% trans "Delete personal data" %}
|
||||
</a>
|
||||
</div>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
@@ -106,6 +106,12 @@
|
||||
<div class="row">
|
||||
<div class="col-lg-2 col-sm-6 col-xs-12">
|
||||
<span class="fa fa-clock-o"></span> {{ log.datetime|date:"SHORT_DATETIME_FORMAT" }}
|
||||
{% if log.shredded %}
|
||||
<span class="fa fa-eraser fa-danger fa-fw"
|
||||
data-toggle="tooltip"
|
||||
title="{% trans "Personal data was cleared from this log entry." %}">
|
||||
</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="col-lg-2 col-sm-6 col-xs-12">
|
||||
{% if log.user %}
|
||||
|
||||
@@ -31,6 +31,12 @@
|
||||
<div class="row">
|
||||
<div class="col-lg-2 col-sm-6 col-xs-12">
|
||||
<span class="fa fa-clock-o"></span> {{ log.datetime|date:"SHORT_DATETIME_FORMAT" }}
|
||||
{% if log.shredded %}
|
||||
<span class="fa fa-eraser fa-danger fa-fw"
|
||||
data-toggle="tooltip"
|
||||
title="{% trans "Personal data was cleared from this log entry." %}">
|
||||
</span>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="col-lg-2 col-sm-6 col-xs-12">
|
||||
{% if log.user %}
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
<strong>{{ provider.verbose_name }}</strong>
|
||||
</td>
|
||||
<td>
|
||||
{% if provider.is_enabled %}
|
||||
{% if provider.show_enabled %}
|
||||
<span class="text-success">
|
||||
<span class="fa fa-check"></span>
|
||||
{% trans "Enabled" %}
|
||||
|
||||
@@ -78,10 +78,18 @@
|
||||
<button type="submit" class="btn btn-primary btn-save">
|
||||
{% trans "Save" %}
|
||||
</button>
|
||||
<a href="{% url "control:event.delete" organizer=request.organizer.slug event=request.event.slug %}"
|
||||
class="btn {% if request.event.allow_delete %}{% endif %} btn-danger btn-lg pull-left">
|
||||
{% trans "Delete event" %}
|
||||
</a>
|
||||
<div class="pull-left">
|
||||
<a href="{% url "control:event.delete" organizer=request.organizer.slug event=request.event.slug %}"
|
||||
class="btn {% if request.event.allow_delete %}{% endif %} btn-danger btn-lg">
|
||||
<span class="fa fa-trash"></span>
|
||||
{% trans "Delete event" %}
|
||||
</a>
|
||||
<a href="{% url "control:event.shredder.start" organizer=request.organizer.slug event=request.event.slug %}"
|
||||
class="btn btn-danger btn-lg">
|
||||
<span class="fa fa-eraser"></span>
|
||||
{% trans "Delete personal data" %}
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
{% endblock %}
|
||||
|
||||
@@ -10,12 +10,19 @@
|
||||
<span class="fa fa-id-card fa-danger fa-fw"
|
||||
data-toggle="tooltip"
|
||||
title="{% trans "This change was performed by a pretix administrator." %}">
|
||||
</span>
|
||||
</span>
|
||||
{% else %}
|
||||
<span class="fa fa-user fa-fw"></span>
|
||||
{% endif %}
|
||||
{{ log.user.get_full_name }}
|
||||
{% endif %}
|
||||
{% if log.shredded %}
|
||||
<span class="fa fa-eraser fa-danger fa-fw"
|
||||
data-toggle="tooltip"
|
||||
title="{% trans "Personal data was cleared from this log entry." %}">
|
||||
|
||||
</span>
|
||||
{% endif %}
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
||||
@@ -24,6 +24,9 @@
|
||||
{% if log.display %}
|
||||
<br/><span class="fa fa-fw fa-comment-o"></span> {{ log.display }}
|
||||
{% endif %}
|
||||
{% if log.parsed_data.recipient %}
|
||||
<br/><span class="fa fa-fw fa-envelope-o"></span> {{ log.parsed_data.recipient }}
|
||||
{% endif %}
|
||||
</p>
|
||||
{% if log.parsed_data.subject.items %}
|
||||
<div class="alert alert-info">
|
||||
|
||||
@@ -0,0 +1,57 @@
|
||||
{% extends "pretixcontrol/event/base.html" %}
|
||||
{% load i18n %}
|
||||
{% load bootstrap3 %}
|
||||
{% load order_overview %}
|
||||
{% block title %}{% trans "Data shredder" %}{% endblock %}
|
||||
{% block content %}
|
||||
<h1>
|
||||
{% trans "Data shredder" %}
|
||||
</h1>
|
||||
<form action="{% url "control:event.shredder.shred" event=request.event.slug organizer=request.organizer.slug %}"
|
||||
method="post" class="form-horizontal" data-asynctask>
|
||||
{% csrf_token %}
|
||||
<fieldset>
|
||||
<legend>{% trans "Step 1: Download data" %}</legend>
|
||||
<p>
|
||||
{% blocktrans trimmed %}
|
||||
You are about to permamanently delete data from the server, even though you might be required to
|
||||
keep
|
||||
some of this data on file. You should therefore download the following file and store it in a safe
|
||||
place:
|
||||
{% endblocktrans %}
|
||||
</p>
|
||||
<p>
|
||||
<a href="{% url "cachedfile.download" id=file.pk %}" class="btn btn-primary btn-lg">
|
||||
{% trans "Download data" %}
|
||||
</a>
|
||||
</p>
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<legend>{% trans "Step 2: Confirm download" %}</legend>
|
||||
<p>
|
||||
{% blocktrans trimmed %}
|
||||
In the downloaded file, there is a text file named "CONFIRM_CODE.txt" with a six-character code.
|
||||
Please enter this code here to confirm that you successfully downloaded the file.
|
||||
{% endblocktrans %}
|
||||
</p>
|
||||
<input type="text" class="form-control" name="confirm_code" required placeholder="{% trans "Confirmation code" %}">
|
||||
<br>
|
||||
</fieldset>
|
||||
<fieldset>
|
||||
<legend>{% trans "Step 3: Confirm deletion" %}</legend>
|
||||
<p>
|
||||
{% blocktrans trimmed with event=request.event.name %}
|
||||
Please re-check that you are fully certain that you want to delete the selected categories of data from the event <strong>{{ event }}</strong>.
|
||||
In this case, please enter your user password here:
|
||||
{% endblocktrans %}
|
||||
</p>
|
||||
<input type="password" class="form-control" name="password" required placeholder="{% trans "Your password" %}">
|
||||
</fieldset>
|
||||
<input type="hidden" name="file" value="{{ file.pk }}">
|
||||
<div class="form-group submit-group">
|
||||
<button type="submit" class="btn btn-primary btn-save">
|
||||
{% trans "Continue" %}
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
{% endblock %}
|
||||
@@ -0,0 +1,73 @@
|
||||
{% extends "pretixcontrol/event/base.html" %}
|
||||
{% load i18n %}
|
||||
{% load bootstrap3 %}
|
||||
{% load order_overview %}
|
||||
{% block title %}{% trans "Data shredder" %}{% endblock %}
|
||||
{% block content %}
|
||||
<h1>
|
||||
{% trans "Data shredder" %}
|
||||
</h1>
|
||||
<p>
|
||||
{% blocktrans trimmed %}
|
||||
This feature allows you to remove personal data from this event. You will first select what kind of data
|
||||
you want to shred, then you are able to download the affected data and after you confirmed the download,
|
||||
the data will be removed from the server's database. The data might still exist in backups for a limited
|
||||
period of time.
|
||||
{% endblocktrans %}
|
||||
<strong>
|
||||
{% blocktrans trimmed %}
|
||||
Using this will not remove the orders for your event, it just scrubs them of data that can be linked
|
||||
to individual persons.
|
||||
{% endblocktrans %}
|
||||
</strong>
|
||||
</p>
|
||||
<div class="alert alert-legal">
|
||||
<strong>
|
||||
{% blocktrans trimmed %}
|
||||
It is within your own responsibility to check if you are allowed to delete the affected data in your
|
||||
legislation, e.g. for reasons of taxation.
|
||||
{% endblocktrans %}
|
||||
</strong>
|
||||
{% blocktrans trimmed %}
|
||||
For most categories of data, you will be able to partially download the data to store it offline. Some
|
||||
kinds of data (such as some payment information) as well as historical log data cannot be downloaded at
|
||||
the moment.
|
||||
{% endblocktrans %}
|
||||
<div class="clear"></div>
|
||||
</div>
|
||||
{% if constraints %}
|
||||
<div class="alert alert-danger">
|
||||
{{ constraints }}
|
||||
</div>
|
||||
{% else %}
|
||||
<form action="{% url "control:event.shredder.export" event=request.event.slug organizer=request.organizer.slug %}"
|
||||
method="post" class="form-horizontal" data-asynctask>
|
||||
<legend>{% trans "Data selection" %}</legend>
|
||||
{% csrf_token %}
|
||||
<div class="panel-group" id="payment_accordion">
|
||||
{% for ident, shredder in shredders.items %}
|
||||
<div class="panel panel-default">
|
||||
<label class="accordion-radio">
|
||||
<div class="panel-heading">
|
||||
<h4 class="panel-title">
|
||||
<input type="checkbox" name="shredder" value="{{ shredder.identifier }}">
|
||||
<strong>{{ shredder.verbose_name }}</strong>
|
||||
</h4>
|
||||
</div>
|
||||
</label>
|
||||
<div id="payment_{{ p.provider.identifier }}" class="panel-collapse in">
|
||||
<div class="panel-body">
|
||||
{{ shredder.description|safe }}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
<div class="form-group submit-group">
|
||||
<button type="submit" class="btn btn-primary btn-save">
|
||||
{% trans "Continue" %}
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
{% endif %}
|
||||
{% endblock %}
|
||||
Reference in New Issue
Block a user