mirror of
https://github.com/pretix/pretix.git
synced 2026-05-10 16:04:02 +00:00
Shredder: Only force download for tax-relevant data (#1801)
This commit is contained in:
Maico Timmerman
@@ -75,16 +75,19 @@ def shred(event: Event, fileid: str, confirm_code: str) -> None:
|
|||||||
indexdata = json.loads(zipfile.read('index.json').decode())
|
indexdata = json.loads(zipfile.read('index.json').decode())
|
||||||
if indexdata['organizer'] != event.organizer.slug or indexdata['event'] != event.slug:
|
if indexdata['organizer'] != event.organizer.slug or indexdata['event'] != event.slug:
|
||||||
raise ShredError(_("This file is from a different event."))
|
raise ShredError(_("This file is from a different event."))
|
||||||
if indexdata['confirm_code'] != confirm_code:
|
shredders = []
|
||||||
raise ShredError(_("The confirm code you entered was incorrect."))
|
|
||||||
if event.logentry_set.filter(datetime__gte=parse(indexdata['time'])):
|
|
||||||
raise ShredError(_("Something happened in your event after the export, please try again."))
|
|
||||||
|
|
||||||
for s in indexdata['shredders']:
|
for s in indexdata['shredders']:
|
||||||
shredder = known_shredders.get(s)
|
shredder = known_shredders.get(s)
|
||||||
if not shredder:
|
if not shredder:
|
||||||
continue
|
continue
|
||||||
|
shredders.append(shredder)
|
||||||
|
if any(shredder.require_download_confirmation for shredder in shredders):
|
||||||
|
if indexdata['confirm_code'] != confirm_code:
|
||||||
|
raise ShredError(_("The confirm code you entered was incorrect."))
|
||||||
|
if event.logentry_set.filter(datetime__gte=parse(indexdata['time'])):
|
||||||
|
raise ShredError(_("Something happened in your event after the export, please try again."))
|
||||||
|
|
||||||
|
for shredder in shredders:
|
||||||
shredder.shred_data()
|
shredder.shred_data()
|
||||||
|
|
||||||
cf.file.delete(save=False)
|
cf.file.delete(save=False)
|
||||||
|
|||||||
@@ -82,6 +82,14 @@ class BaseDataShredder:
|
|||||||
"""
|
"""
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
@property
|
||||||
|
def require_download_confirmation(self):
|
||||||
|
"""
|
||||||
|
Indicates whether the data of this shredder needs to be downloaded, before it is actually shredded. By default
|
||||||
|
this value is equal to the tax relevant flag.
|
||||||
|
"""
|
||||||
|
return self.tax_relevant
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def verbose_name(self) -> str:
|
def verbose_name(self) -> str:
|
||||||
"""
|
"""
|
||||||
|
|||||||
@@ -11,12 +11,16 @@
|
|||||||
method="post" class="form-horizontal" data-asynctask>
|
method="post" class="form-horizontal" data-asynctask>
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend>{% trans "Step 1: Download data" %}</legend>
|
{% if download_on_shred %}
|
||||||
|
<legend>{% trans "Step 1: Download data" %}</legend>
|
||||||
|
{% else %}
|
||||||
|
<legend>{% trans "(Optional) Step 1: Download data" %}</legend>
|
||||||
|
{% endif %}
|
||||||
<p>
|
<p>
|
||||||
{% blocktrans trimmed %}
|
{% blocktrans trimmed %}
|
||||||
You are about to permanently delete data from the server, even though you might be required to
|
You are about to permanently delete data from the server, even though you might be required to
|
||||||
keep
|
keep
|
||||||
some of this data on file. You should therefore download the following file and store it in a safe
|
some of this data on file. You can therefore download the following file and store it in a safe
|
||||||
place:
|
place:
|
||||||
{% endblocktrans %}
|
{% endblocktrans %}
|
||||||
</p>
|
</p>
|
||||||
@@ -27,18 +31,7 @@
|
|||||||
</p>
|
</p>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<legend>{% trans "Step 2: Confirm download" %}</legend>
|
<legend>{% trans "Step 2: Confirm deletion" %}</legend>
|
||||||
<p>
|
|
||||||
{% blocktrans trimmed %}
|
|
||||||
In the downloaded file, there is a text file named "CONFIRM_CODE.txt" with a six-character code.
|
|
||||||
Please enter this code here to confirm that you successfully downloaded the file.
|
|
||||||
{% endblocktrans %}
|
|
||||||
</p>
|
|
||||||
<input type="text" class="form-control" name="confirm_code" required placeholder="{% trans "Confirmation code" %}">
|
|
||||||
<br>
|
|
||||||
</fieldset>
|
|
||||||
<fieldset>
|
|
||||||
<legend>{% trans "Step 3: Confirm deletion" %}</legend>
|
|
||||||
<p>
|
<p>
|
||||||
{% blocktrans trimmed with event=request.event.name slug=request.event.slug %}
|
{% blocktrans trimmed with event=request.event.name slug=request.event.slug %}
|
||||||
Please re-check that you are fully certain that you want to delete the selected categories of data from the event <strong>{{ event }}</strong>.
|
Please re-check that you are fully certain that you want to delete the selected categories of data from the event <strong>{{ event }}</strong>.
|
||||||
@@ -46,7 +39,21 @@
|
|||||||
{% endblocktrans %}
|
{% endblocktrans %}
|
||||||
</p>
|
</p>
|
||||||
<input type="text" class="form-control" name="slug" required placeholder="{% trans "Event short name" %}">
|
<input type="text" class="form-control" name="slug" required placeholder="{% trans "Event short name" %}">
|
||||||
|
<br>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
|
{% if download_on_shred %}
|
||||||
|
<fieldset>
|
||||||
|
<legend>{% trans "Step 3: Confirm download" %}</legend>
|
||||||
|
<p>
|
||||||
|
{% blocktrans trimmed %}
|
||||||
|
In the downloaded file, there is a text file named "CONFIRM_CODE.txt" with a six-character code.
|
||||||
|
Please enter this code here to confirm that you successfully downloaded the file.
|
||||||
|
{% endblocktrans %}
|
||||||
|
</p>
|
||||||
|
<input type="text" class="form-control" name="confirm_code" required placeholder="{% trans "Confirmation code" %}">
|
||||||
|
<br>
|
||||||
|
</fieldset>
|
||||||
|
{% endif %}
|
||||||
<input type="hidden" name="file" value="{{ file.pk }}">
|
<input type="hidden" name="file" value="{{ file.pk }}">
|
||||||
<div class="form-group submit-group">
|
<div class="form-group submit-group">
|
||||||
<button type="submit" class="btn btn-primary btn-save">
|
<button type="submit" class="btn btn-primary btn-save">
|
||||||
|
|||||||
@@ -1,5 +1,7 @@
|
|||||||
|
import json
|
||||||
import logging
|
import logging
|
||||||
from collections import OrderedDict
|
from collections import OrderedDict
|
||||||
|
from zipfile import ZipFile
|
||||||
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from django.urls import reverse
|
from django.urls import reverse
|
||||||
@@ -43,8 +45,27 @@ class ShredDownloadView(RecentAuthenticationRequiredMixin, EventPermissionRequir
|
|||||||
template_name = 'pretixcontrol/shredder/download.html'
|
template_name = 'pretixcontrol/shredder/download.html'
|
||||||
|
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
|
try:
|
||||||
|
cf = CachedFile.objects.get(pk=kwargs['file'])
|
||||||
|
except CachedFile.DoesNotExist:
|
||||||
|
raise ShredError(_("The download file could no longer be found on the server, please try to start again."))
|
||||||
|
|
||||||
|
with ZipFile(cf.file.file, 'r') as zipfile:
|
||||||
|
indexdata = json.loads(zipfile.read('index.json').decode())
|
||||||
|
|
||||||
|
if indexdata['organizer'] != kwargs['organizer'] or indexdata['event'] != kwargs['event']:
|
||||||
|
raise ShredError(_("This file is from a different event."))
|
||||||
|
|
||||||
|
shredders = []
|
||||||
|
for s in indexdata['shredders']:
|
||||||
|
shredder = self.shredders.get(s)
|
||||||
|
if not shredder:
|
||||||
|
continue
|
||||||
|
shredders.append(shredder)
|
||||||
|
|
||||||
ctx = super().get_context_data(**kwargs)
|
ctx = super().get_context_data(**kwargs)
|
||||||
ctx['shredders'] = self.shredders
|
ctx['shredders'] = self.shredders
|
||||||
|
ctx['download_on_shred'] = any(shredder.require_download_confirmation for shredder in shredders)
|
||||||
ctx['file'] = get_object_or_404(CachedFile, pk=kwargs.get("file"))
|
ctx['file'] = get_object_or_404(CachedFile, pk=kwargs.get("file"))
|
||||||
return ctx
|
return ctx
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user