CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2025-12-09 00:42:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
df25ae3c7c53879747a1bdc1556ec5ee3043a37d
pretix_original/doc/development/api/quality.rst
Raphael Michel 7bccd62a4f Fix #678 -- Data shredders for personally identifiable information (#817) 
* Add data shredders for PII

* First working shredder

* Add more shredders

* Add new shredders and download confirmation

* tmp

* PayPal, Stripe, banktransfer

* Add icon to logs

* Untested payment log shredders

* Add waiting list shredder

* First tests

* Add tests for shredders

* Improve templats, link to shredder

* Test payment info shredders

* More tests

* Documentation

* Fix enabled flag in payment provider overview

* Fix minor issues
2018-05-02 15:59:59 +02:00

126 lines
4.6 KiB
ReStructuredText
Raw Blame History

.. highlight:: python
:linenothreshold: 5
.. _`pluginquality`:
Plugin quality checklist
========================
If you want to write a high-quality pretix plugin, this is a list of things you should check before
you publish it. This is also a list of things that we check, if we consider installing an externally
developed plugin on our hosted infrastructure.
A. Meta
-------
#. The plugin is clearly licensed under an appropriate license.
#. The plugin has an unambiguous name, description, and author metadata.
#. The plugin has a clear versioning scheme and the latest version of the plugin is kept compatible to the latest
stable version of pretix.
#. The plugin is properly packaged using standard Python packaging tools.
#. The plugin correctly declares its external dependencies.
#. A contact address is provided in case of security issues.
B. Isolation
------------
#. If any signal receivers use the `dispatch_uid`_ feature, the UIDs are prefixed by the plugin's name and do not
clash with other plugins.
#. If any templates or static files are shipped, they are located in subdirectories with the name of the plugin and do
not clash with other plugins or core files.
#. Any keys stored to the settings store are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any keys stored to the user session are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any registered URLs are unlikely to clash with other plugins or future core URLs.
C. Security
-----------
#. All important actions are logged to the :ref:`shared log storage <logging>` and a signal receiver is registered to
provide a human-readable representation of the log entry.
#. All views require appropriate permissions and use the ``event_urls`` mechanism if appropriate.
:ref:`Read more <customview>`
#. Any session data for customers is stored in the cart session system if appropriate.
#. If the plugin is a payment provider:
#. No credit card numbers may be stored within pretix.
#. A notification/webhook system is implemented to notify pretix of any refunds.
#. If such a webhook system is implemented, contents of incoming webhooks are either verified using a cryptographic
signature or are not being trusted and all data is fetched from an API instead.
D. Privacy
----------
#. No personal data is stored that is not required for the plugin's functionality.
#. For any personal data that is saved to the database, an appropriate :ref:`data shredder <shredder>` is provided
that offers the data for download and then removes it from the database (including log entries).
E. Internationalization
-----------------------
#. All user-facing strings in templates, Python code, and templates are wrapped in `gettext calls`_.
#. No languages, time zones, date formats, or time formats are hardcoded.
#. Installing the plugin automatically compiles ``.po`` files to ``.mo`` files. This is fulfilled automatically if
you use the ``setup.py`` file form our plugin cookiecutter.
F. Functionality
----------------
#. If the plugin adds any database models or relationships from the settings storage to database models, it registers
a receiver to the :py:attr:`pretix.base.signals.event_copy_data` or :py:attr:`pretix.base.signals.item_copy_data`
signals.
#. If the plugin is a payment provider:
#. A webhook-like system is implemented if payment confirmations are not sent instantly.
#. Refunds are implemented, if possible.
#. In case of overpayment or external refunds, a "required action" is created to notify the event organizer.
#. If the plugin adds steps to the checkout process, it has been tested in combination with the pretix widget.
G. Code quality
---------------
#. `isort`_ and `flake8`_ are used to ensure consistent code styling.
#. Unit tests are provided for important pieces of business logic.
#. Functional tests are provided for important interface parts.
#. Tests are provided to check that permission checks are working.
#. Continuous Integration is set up to check that tests are passing and styling is consistent.
H. Specific to pretix.eu
------------------------
#. pretix.eu integrates the data stored by this plugin with its data report features.
#. pretix.eu integrates this plugin in its generated privacy statements, if necessary.
.. _isort: https://www.google.de/search?q=isort&oq=isort&aqs=chrome..69i57j0j69i59j69i60l2j69i59.599j0j4&sourceid=chrome&ie=UTF-8
.. _flake8: http://flake8.pycqa.org/en/latest/
.. _gettext calls: https://docs.djangoproject.com/en/2.0/topics/i18n/translation/
.. _dispatch_uid: https://docs.djangoproject.com/en/2.0/topics/signals/#django.dispatch.Signal.connect
Reference in New Issue View Git Blame Copy Permalink