agree crate
This commit is contained in:
parent
300b971650
commit
37dde44830
@ -1 +1,3 @@
|
||||
__version__ = '0.1.31'
|
||||
__version__ = '0.1.33'
|
||||
|
||||
import django.contrib.auth.models
|
@ -4,3 +4,7 @@ from django import forms
|
||||
class RequestGDPRDelete(forms.Form):
|
||||
email = forms.EmailField(widget=forms.EmailInput)
|
||||
|
||||
|
||||
class GDPRAgreeCreate(forms.Form):
|
||||
data = forms.TextField(widget=forms.HiddenInput)
|
||||
|
||||
|
@ -69,6 +69,8 @@ AUTHENTICATION_BACKENDS = [
|
||||
|
||||
SAML_ROUTE = 'sso/saml/'
|
||||
SAML_REDIRECT = '/'
|
||||
SAML_REDIRECT_CREATED = '/gdpr-just-created/'
|
||||
|
||||
SAML_USERS_MAP = []
|
||||
|
||||
SAML_PROVIDERS = []
|
||||
|
@ -17,6 +17,19 @@
|
||||
<h1>GDPR</h1>
|
||||
<p>Privacyverklaring</p>
|
||||
<br/>
|
||||
{% if created %}
|
||||
<p>
|
||||
U logt voor de eerste keer in en we willen uw persoonsgegevens opslaan. Gaat u daarvoor toestemming?
|
||||
Als u geen toestemming wilt geven, kunt u deze pagina sluiten.
|
||||
</p>
|
||||
|
||||
<form action="{% url 'gdpr-create-agree' %}" method="post" accept-charset="utf-8" >
|
||||
{% csrf_token %}
|
||||
{% bootstrap_form form %}
|
||||
<button class="btn btn-default" type="submit">Toestemming geven</button>
|
||||
</form>
|
||||
<br/>
|
||||
{% endif %}
|
||||
<a href="{% url 'gdpr-request-delete' %}">Verzoek tot verwijderen persoonsgegevens</a>
|
||||
{% if show_agree_button %}
|
||||
<br/>
|
||||
|
@ -1,8 +1,11 @@
|
||||
import json
|
||||
import hashlib
|
||||
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.models import User
|
||||
from django.shortcuts import render
|
||||
|
||||
from rugwebsite.forms import RequestGDPRDelete
|
||||
from rugwebsite.forms import RequestGDPRDelete, GDPRAgreeCreate
|
||||
from rugwebsite.models import PendingGDPRAgree, GDPRAgreed, PendingGDPRDelete
|
||||
|
||||
from django.utils.crypto import get_random_string
|
||||
@ -30,6 +33,33 @@ def gdpr_ask_agreement(request):
|
||||
return render(request, 'rugwebsite/gdpr.html', {'show_agree_button': False, 'shownav': True})
|
||||
|
||||
|
||||
@login_required
|
||||
def gdpr_create_agree(request):
|
||||
if request.method == 'POST':
|
||||
form = GDPRAgreeCreate(request.POST)
|
||||
assert form.is_valid()
|
||||
data = form.cleaned_data['data']
|
||||
sha256 = hashlib.sha256()
|
||||
sha256.update(data.encode('utf-8'))
|
||||
assert request.user.username[64:] == sha256.hexdigest(), "Persoonsgegevens have been tinkered with"
|
||||
request.user.username, request.user.first_name, request.user.last_name, request.user.email = json.loads(data)
|
||||
|
||||
return render(request, 'rugwebsite/gdpr_agree_success.html', {'shownav': True})
|
||||
else:
|
||||
data = json.dumps([request.user.username, request.user.first_name, request.user.last_name, request.user.email])
|
||||
sha256 = hashlib.sha256()
|
||||
sha256.update(data.encode('utf-8'))
|
||||
request.user.username = get_random_string(length=64) + sha256.hexdigest()
|
||||
request.user.first_name = ''
|
||||
request.user.last_name = ''
|
||||
request.user.email = ''
|
||||
request.user.save()
|
||||
|
||||
form = GDPRAgreeCreate()
|
||||
return render(request, 'rugwebsite/gdpr.html', {'created': True, 'shownav': True, 'data': json.dumps(data),
|
||||
'form': form})
|
||||
|
||||
|
||||
def gdpr_request_delete(request):
|
||||
if request.method == 'POST':
|
||||
form = RequestGDPRDelete(request.POST)
|
||||
@ -77,4 +107,4 @@ def gdpr_agree(request, email, token):
|
||||
else:
|
||||
result['token_not_found'] = True
|
||||
|
||||
return render(request, 'rugwebsite/gdpr_agree_success.html', result, {'shownav': True})
|
||||
return render(request, 'rugwebsite/gdpr_agree_success.html', result)
|
||||
|
Loading…
Reference in New Issue
Block a user