[Rt-commit] rt branch, 4.4/remove-user-info, created. rt-4.4.2-247-gc4120b9f3
Craig Kaiser
craig at bestpractical.com
Thu Sep 6 11:52:49 EDT 2018
The branch, 4.4/remove-user-info has been created
at c4120b9f32fcf5ec2b72a9808a29fd65d4b48f16 (commit)
- Log -----------------------------------------------------------------
commit 8b6402eb048b1e00cc2d85eb3be40db09f5db723
Author: Craig Kaiser <craig at bestpractical.com>
Date: Fri Jun 15 08:54:46 2018 -0400
Add GenerateAnonymousName function for RT::User
The GenerateAnonymousName function will return a random valid (unique)
username with the format 'anon_1234abcd' where after 'anon_' is a random
string. Specify length of the random string by providing int value to
function.
diff --git a/lib/RT/User.pm b/lib/RT/User.pm
index ca47377cf..17e2d5b67 100644
--- a/lib/RT/User.pm
+++ b/lib/RT/User.pm
@@ -281,6 +281,31 @@ sub ValidateName {
}
}
+=head2 GenerateAnonymousName INT
+
+Generate a random username proceeded by 'anon_' and then a
+random string, Returns the AnonymousName string. The length of the
+random string can be set by providing an integer for character length.
+
+=cut
+
+sub GenerateAnonymousName {
+ my $self = shift;
+ my $length = shift;
+
+ my $invalid = 1;
+ my $name = '';
+
+ while ( $invalid ) {
+ my @Chars = ('a'..'z', 'A'..'Z', '1'..'9');
+ for (1..$length || 9) {
+ $name .= $Chars[int rand @Chars];
+ }
+ $invalid = !$self->ValidateName('anon_' . $name);
+ }
+ return 'anon_' . $name;
+}
+
=head2 ValidatePassword STRING
Returns either (0, "failure reason") or 1 depending on whether the given
commit 1a5f99e253e272b582e81c0ba7269ee27a216a91
Author: Craig Kaiser <craig at bestpractical.com>
Date: Fri Jun 15 08:56:22 2018 -0400
Create method AnonymizeUser in User.pm
Create method 'AnonymizeUser' that will remove the personal
identifying information from a user record, but keep the record alive.
diff --git a/lib/RT/User.pm b/lib/RT/User.pm
index 17e2d5b67..fc7287fe9 100644
--- a/lib/RT/User.pm
+++ b/lib/RT/User.pm
@@ -306,6 +306,62 @@ sub GenerateAnonymousName {
return 'anon_' . $name;
}
+=head2 AnonymizeUser { clear_customfields }
+
+Remove all personal identifying information on the user record, but keep
+the user record alive. Additonally replace the username with an anonymous name.
+Submit clear_customfields in a paramhash, if true all customfield values
+applied to the user record will be cleared.
+
+=cut
+
+sub AnonymizeUser {
+ my $self = shift;
+ my %args = (
+ clear_customfields => undef,
+ @_,
+ );
+
+ my @user_idenifying_info = qw (
+ Address1 Address2 City Comments Country EmailAddress
+ FreeformContactInfo Gecos HomePhone MobilePhone NickName Organization
+ PagerPhone RealName Signature SMIMECertificate State Timezone WorkPhone Zip
+ );
+
+ # Remove identifying user information from record
+ foreach my $attr (@user_idenifying_info) {
+ if ( length $self->$attr or !defined $self->$attr) {
+ my $method = 'Set' . $attr;
+ my ($ret, $msg) = $self->$method('');
+ return ($ret, $msg) unless $ret;
+ }
+ }
+
+ # Do not do anything if password is already unset
+ if ( $self->HasPassword ) {
+ my ($ret, $msg) = $self->SetPassword('*NO-PASSWORD*');
+ RT::Logger->error($msg) unless $ret;
+ }
+
+ # Generate the random anon username
+ my ($ret, $msg) = $self->SetName($self->GenerateAnonymousName);
+ RT::Logger->error($msg) unless $ret;
+
+ # Remove user customfield values
+ if ( $args{'clear_customfields'} ) {
+ my $customfields = RT::CustomFields->new(RT->SystemUser);
+ ($ret, $msg) = $customfields->LimitToLookupType('RT::User');
+ RT::Logger->error($msg) unless $ret;
+
+ while (my $customfield = $customfields->Next) {
+ ($ret, $msg) = $self->AddCustomFieldValue(Field => $customfield->Name, Value => '');
+ RT::Logger->error($msg) unless $ret;
+ }
+ }
+
+ return(1, 'User successfully anonymized');
+}
+
=head2 ValidatePassword STRING
Returns either (0, "failure reason") or 1 depending on whether the given
commit 0b50f1b1a9c004780ef2c66345145784c505c0b0
Author: Craig Kaiser <craig at bestpractical.com>
Date: Tue Sep 4 15:25:33 2018 -0400
Create modal mason component
diff --git a/share/html/Elements/Modal b/share/html/Elements/Modal
new file mode 100644
index 000000000..3040bfda9
--- /dev/null
+++ b/share/html/Elements/Modal
@@ -0,0 +1,71 @@
+%# BEGIN BPS TAGGED BLOCK {{{
+%#
+%# COPYRIGHT:
+%#
+%# This software is Copyright (c) 1996-2018 Best Practical Solutions, LLC
+%# <sales at bestpractical.com>
+%#
+%# (Except where explicitly superseded by other copyright notices)
+%#
+%#
+%# LICENSE:
+%#
+%# This work is made available to you under the terms of Version 2 of
+%# the GNU General Public License. A copy of that license should have
+%# been provided with this software, but in any event can be snarfed
+%# from www.gnu.org.
+%#
+%# This work is distributed in the hope that it will be useful, but
+%# WITHOUT ANY WARRANTY; without even the implied warranty of
+%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+%# General Public License for more details.
+%#
+%# You should have received a copy of the GNU General Public License
+%# along with this program; if not, write to the Free Software
+%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+%# 02110-1301 or visit their web page on the internet at
+%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+%#
+%#
+%# CONTRIBUTION SUBMISSION POLICY:
+%#
+%# (The following paragraph is not intended to limit the rights granted
+%# to you to modify and distribute this software under the terms of
+%# the GNU General Public License and is only of importance to you if
+%# you choose to contribute your changes and enhancements to the
+%# community by submitting them to Best Practical Solutions, LLC.)
+%#
+%# By intentionally submitting any modifications, corrections or
+%# derivatives to this work, or any other work intended for use with
+%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+%# you are the copyright holder for those contributions and you grant
+%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+%# royalty-free, perpetual, license to use, copy, create derivative
+%# works based on those contributions, and sublicense and distribute
+%# those contributions and any derivatives thereof.
+%#
+%# END BPS TAGGED BLOCK }}}
+<div class="<% $Class %>" align="center">
+ <form action="<% $Action %>" method="<% $Method %>" id="<% $ModalId %>" name="<% $Name %>" >
+% foreach my $field (@{$Fields}) {
+ <p><% $field->{'Label'} %>
+% if ( $field->{'Input'} ) {
+ <input type="<% $field->{'Input'} %>" class="<% $field->{'Class'} %>" name="<% $field->{'Name'} %>" value="<% $field->{'Value'} %>">
+% }
+ </p>
+% }
+ <a href="#" rel="modal:close" class="button"><&|/l&><% $Cancel %></&></a>
+ <button type="Submit" class="button"><&|/l&><% $Accept %></&></button>
+ </form>
+</div>
+
+<%ARGS>
+$Fields => undef
+$Name => undef
+$ModalId => undef
+$Class => 'modal'
+$Action => undef
+$Method => 'GET'
+$Accept => 'Ok'
+$Cancel => 'Cancel'
+</%ARGS>
commit efb95616142b6ea30077c3c782d457b9165497e3
Author: Craig Kaiser <craig at bestpractical.com>
Date: Tue Sep 4 17:24:23 2018 -0400
Add modal to modify page
diff --git a/share/html/Admin/Users/Modify.html b/share/html/Admin/Users/Modify.html
index 3b8bc42fc..1d2243a42 100644
--- a/share/html/Admin/Users/Modify.html
+++ b/share/html/Admin/Users/Modify.html
@@ -232,6 +232,20 @@
% }
</form>
+% if ( $UserObj->Id ) {
+ <& /Elements/Modal, ModalId => "user-info-modal", Method => 'POST', Action => RT->Config->Get('WebPath') . '/Admin/Users/Modify.html', Fields => [
+ { Label => "Are you sure you want to anonymize user: ". $UserObj->Name . "?" },
+ { Input => 'Hidden', Value => $UserObj->Id, Name => 'id' },
+ { Input => 'Hidden', Value => 1, Name => 'Anonymize' },
+ {
+ Label => "Check to clear user customfields:",
+ Input => 'checkbox',
+ Class => 'checkbox',
+ Name => 'clear_customfields',
+ },
+]
+&>
+% }
<%INIT>
my $UserObj = RT::User->new($session{'CurrentUser'});
commit fa4ffc8a87e1420e315b0c36a761920592b95a43
Author: Craig Kaiser <craig at bestpractical.com>
Date: Fri Jun 15 08:57:47 2018 -0400
Create portlet for removing user information
Mason template that has three buttons for removing user information. The
buttons are 'Anonymize user', 'Replace User' and 'Remove User'.
Anonymize user will call the 'AnonymizeUser' method to clear identifying
information from the user record. 'Replace User' and 'Remove User' will
link to the shredder page with a pre formatted search.
diff --git a/share/html/Elements/Modal b/share/html/Elements/Modal
index 3040bfda9..1e8e5798b 100644
--- a/share/html/Elements/Modal
+++ b/share/html/Elements/Modal
@@ -54,8 +54,8 @@
% }
</p>
% }
- <a href="#" rel="modal:close" class="button"><&|/l&><% $Cancel %></&></a>
- <button type="Submit" class="button"><&|/l&><% $Accept %></&></button>
+ <a href="#" rel="modal:close" class="button"><&|/l&>$Cancel</&></a>
+ <button type="Submit" class="button"><&|/l&>$Accept</&></button>
</form>
</div>
diff --git a/share/html/Elements/Modal b/share/html/Elements/UserRelatedInfo
similarity index 64%
copy from share/html/Elements/Modal
copy to share/html/Elements/UserRelatedInfo
index 3040bfda9..52fcf3519 100644
--- a/share/html/Elements/Modal
+++ b/share/html/Elements/UserRelatedInfo
@@ -45,27 +45,27 @@
%# those contributions and any derivatives thereof.
%#
%# END BPS TAGGED BLOCK }}}
-<div class="<% $Class %>" align="center">
- <form action="<% $Action %>" method="<% $Method %>" id="<% $ModalId %>" name="<% $Name %>" >
-% foreach my $field (@{$Fields}) {
- <p><% $field->{'Label'} %>
-% if ( $field->{'Input'} ) {
- <input type="<% $field->{'Input'} %>" class="<% $field->{'Class'} %>" name="<% $field->{'Name'} %>" value="<% $field->{'Value'} %>">
-% }
- </p>
-% }
- <a href="#" rel="modal:close" class="button"><&|/l&><% $Cancel %></&></a>
- <button type="Submit" class="button"><&|/l&><% $Accept %></&></button>
- </form>
-</div>
+% if ( $UserObj && $UserObj->Id ) {
+<&|/Widgets/TitleBox,
+ class => 'user-related-info',
+ title => loc("User related info"),
+&>
+
+<table>
+ <tr>
+ <td class="label"><&|/l&>Remove user information and add anonymous username</&>:</td>
+ <td class="value"><a href="#user-info-modal" rel="modal:open" class="button value" name="anonymize_user"><&|/l&>Anonymize</&></a></td>
+ </tr><tr>
+ <td class="label"><&|/l&>Replace user links in DB with "Nobody" user</&>:</td>
+ <td class="value"><a href="/Admin/Tools/Shredder/index.html?Plugin=Users&Users%3Astatus=enabled&Users%3Aname=<% $UserObj->Name %>&Users%3Areplace_relations=Nobody&Search=Search" name="replace-user" class="button value"><&|/l&>Replace</&></a></td>
+ </tr><tr>
+ <td class="label"><&|/l&>Remove all references to user and links to user</&>:</td>
+ <td class="value"><a href="/Admin/Tools/Shredder/index.html?Plugin=Users&Users%3Astatus=enabled&Users%3Aname=<% $UserObj->Name %>&Search=Search&remove_user" class="button value" name="remove-user"><&|/l&>Remove</&></a></td>
+ </tr>
+</table>
+</&>
+% }
<%ARGS>
-$Fields => undef
-$Name => undef
-$ModalId => undef
-$Class => 'modal'
-$Action => undef
-$Method => 'GET'
-$Accept => 'Ok'
-$Cancel => 'Cancel'
+$UserObj
</%ARGS>
commit 1f19bb76d6bba010f433c3d3d324de186b84ef19
Author: Craig Kaiser <craig at bestpractical.com>
Date: Fri Jun 15 09:00:42 2018 -0400
Add remove user info portlet to user modify page
diff --git a/share/html/Admin/Users/Modify.html b/share/html/Admin/Users/Modify.html
index 1d2243a42..9ebc81c5b 100644
--- a/share/html/Admin/Users/Modify.html
+++ b/share/html/Admin/Users/Modify.html
@@ -210,10 +210,16 @@
% $m->callback( %ARGS, CallbackName => 'RightColumnBottom', UserObj => $UserObj );
</td></tr>
<tr>
-<td colspan="2">
+<td>
<&| /Widgets/TitleBox, title => loc('Comments about this user'), class => 'user-info-comments' &>
<textarea class="comments" name="Comments" cols="80" rows="5" wrap="virtual"><%$UserObj->Comments//$ARGS{Comments}//''%></textarea>
</&>
+</td>
+<td>
+<& /Elements/UserRelatedInfo, UserObj => $UserObj &>
+</td></tr>
+
+<tr><td>
%if (!$Create && $UserObj->Privileged) {
<br />
<&| /Widgets/TitleBox, title => loc('Signature'), class => 'user-info-signature' &>
@@ -233,7 +239,7 @@
</form>
% if ( $UserObj->Id ) {
- <& /Elements/Modal, ModalId => "user-info-modal", Method => 'POST', Action => RT->Config->Get('WebPath') . '/Admin/Users/Modify.html', Fields => [
+ <& /Elements/Modal, Name => "user-info-modal", ModalId => "user-info-modal", Method => 'POST', Action => RT->Config->Get('WebPath') . '/Admin/Users/Modify.html', Fields => [
{ Label => "Are you sure you want to anonymize user: ". $UserObj->Name . "?" },
{ Input => 'Hidden', Value => $UserObj->Id, Name => 'id' },
{ Input => 'Hidden', Value => 1, Name => 'Anonymize' },
@@ -308,6 +314,13 @@ if ($Create) {
}
}
+if ( $ARGS{'Anonymize'} and $UserObj->Id ) {
+ my ($ret, $msg) = $UserObj->AnonymizeUser(clear_customfields => $ARGS{'clear_customfields'});
+ RT::Logger->error($msg) unless $ret;
+
+ $ARGS{'Anonymize'} = undef;
+}
+
if ( $UserObj->Id ) {
# Deal with Password field
my ($status, $msg) = $UserObj->SafeSetPassword(
commit c4120b9f32fcf5ec2b72a9808a29fd65d4b48f16
Author: Craig Kaiser <craig at bestpractical.com>
Date: Fri Jun 15 09:01:37 2018 -0400
Create test for remove user information
diff --git a/t/web/remove_user_info.t b/t/web/remove_user_info.t
new file mode 100644
index 000000000..c928a27b8
--- /dev/null
+++ b/t/web/remove_user_info.t
@@ -0,0 +1,149 @@
+use strict;
+use warnings;
+
+use RT::Test tests => undef;
+
+RT::Config->Set( 'ShredderStoragePath', RT::Test->temp_directory . '' );
+
+my ( $baseurl, $agent ) = RT::Test->started_ok;
+
+diag("Test server running at $baseurl");
+my $url = $agent->rt_base_url;
+
+# Login
+$agent->login( 'root' => 'password' );
+
+# Anonymize User
+{
+ my $root = RT::Test->load_or_create_user( Name => 'root' );
+ ok $root && $root->id;
+
+ my $user_id = $root->id;
+
+ $agent->get_ok( $url . "Admin/Users/Modify.html?id=" . $user_id );
+ $agent->follow_link_ok( { text => 'Anonymize' } );
+
+ $agent->submit_form_ok( { form_id => 'user-info-modal', },
+ "Anonymize user" );
+
+ is $root->ValidateEmail('root at example.com'), 1, 'User Email removed';
+
+# UserId is still the same, but all other records should be anonimyzed for TestUser
+ my ( $ret, $msg ) = $root->Load($user_id);
+ ok $ret;
+
+ is $root->Name =~ /anon_/, 1, 'Username replaced with anon name';
+
+ my @user_idenifying_info = qw (
+ Address1 Address2 City Comments Country EmailAddress
+ FreeformContactInfo Gecos HomePhone MobilePhone NickName Organization
+ PagerPhone RealName Signature SMIMECertificate State Timezone WorkPhone Zip
+ );
+
+ # Ensure that all other user fields are blank
+ foreach my $attr (@user_idenifying_info) {
+ is $root->$attr, '', 'Attribute ' . $attr . ' is blank';
+ }
+
+ # Test that customfield values are removed with anonymize user action
+ my $customfield = RT::CustomField->new( RT->SystemUser );
+ ( $ret, $msg ) = $customfield->Create(
+ Name => 'TestCustomfield',
+ LookupType => 'RT::User',
+ Type => 'FreeformSingle',
+ );
+ ok $ret, $msg;
+
+ ( $ret, $msg ) = $customfield->AddToObject($root);
+ ok( $ret, "Added CF to user object - " . $msg );
+
+ ( $ret, $msg ) = $root->AddCustomFieldValue(
+ Field => 'TestCustomfield',
+ Value => 'Testing'
+ );
+ ok $ret, $msg;
+
+ is $root->FirstCustomFieldValue('TestCustomfield'), 'Testing',
+ 'Customfield exists and has value for user.';
+
+ $agent->get_ok( $url . "Admin/Users/Modify.html?id=" . $root->id );
+ $agent->follow_link_ok( { text => 'Anonymize' } );
+
+ $agent->submit_form_ok(
+ { form_id => 'user-info-modal',
+ fields => { clear_customfields => 'On' },
+ },
+ "Anonymize user and customfields"
+ );
+
+ is $root->FirstCustomFieldValue('TestCustomfield'), undef,
+ 'Customfield value cleared';
+}
+
+# Test replace user
+{
+ my $root = RT::Test->load_or_create_user(
+ Name => 'root',
+ Password => 'password',
+ Privileged => 1
+ );
+ ok $root && $root->id;
+
+ ok( RT::Test->set_rights(
+ { Principal => $root, Right => [qw(SuperUser)] },
+ ),
+ 'set rights'
+ );
+
+ ok $agent->logout;
+ ok $agent->login( 'root' => 'password' );
+
+ $agent->get_ok( $url . "Admin/Users/Modify.html?id=" . $root->id );
+ $agent->follow_link_ok( { text => 'Replace' } );
+
+ $agent->submit_form_ok(
+ { form_id => 'shredder-search-form',
+ fields => { WipeoutObject => 'User:name' . $root->Name, },
+ button => 'Wipeout'
+ },
+ "Replace user"
+ );
+
+ is $root->ValidateName( $root->Name ), 1,
+ 'User successfully deleted with replace';
+}
+
+# Test Remove user
+{
+ my $root = RT::Test->load_or_create_user(
+ Name => 'root',
+ Password => 'password',
+ Privileged => 1
+ );
+ ok $root && $root->id;
+
+ ok( RT::Test->set_rights(
+ { Principal => $root, Right => [qw(SuperUser)] },
+ ),
+ 'set rights'
+ );
+
+ $agent->logout;
+ $agent->login( 'root' => 'password' );
+
+ $agent->get_ok( $url . "Admin/Users/Modify.html?id=" . $root->id );
+ $agent->follow_link_ok( { text => 'Remove' } );
+
+ $agent->submit_form_ok(
+ { form_id => 'shredder-search-form',
+ fields => { WipeoutObject => 'User:name-' . $root->Name, },
+ button => 'Wipeout'
+ },
+ "Remove user"
+ );
+
+ is $root->ValidateName( $root->Name ), 1,
+ 'User successfully deleted with remove';
+}
+
+done_testing();
-----------------------------------------------------------------------
More information about the rt-commit
mailing list