diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2023-12-26 15:58:33 +0100 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2024-04-16 16:38:33 +0200 |
| commit | abb32bc4d75c637c78c3506aa6640f66488ee641 (patch) | |
| tree | 7119ce42cb0fa2b5b5be0994dcd446728043240c /ishtar_common/models.py | |
| parent | 7c668d3b1e6dc519c78e4c10fded33136e37cf1b (diff) | |
| download | Ishtar-abb32bc4d75c637c78c3506aa6640f66488ee641.tar.bz2 Ishtar-abb32bc4d75c637c78c3506aa6640f66488ee641.zip | |
🗃️ GDPR: add routable_ip information - allow null ip and user - add django-ipware dependency to manage precisely request IP
Diffstat (limited to 'ishtar_common/models.py')
| -rw-r--r-- | ishtar_common/models.py | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py index 8cb59be3e..a7f715516 100644 --- a/ishtar_common/models.py +++ b/ishtar_common/models.py @@ -20,6 +20,7 @@ """ Models description """ +from ipware import get_client_ip import sys from bs4 import BeautifulSoup @@ -3230,9 +3231,11 @@ class GDPRPerson(models.Model): class GDPRLog(models.Model): - user = models.ForeignKey(User, verbose_name=_("User"), on_delete=models.PROTECT) + user = models.ForeignKey(User, verbose_name=_("User"), on_delete=models.PROTECT, blank=True, + null=True) date = models.DateTimeField(verbose_name=_("Date"), default=datetime.datetime.now) - ip = models.GenericIPAddressField(verbose_name=_("IP")) + ip = models.GenericIPAddressField(verbose_name=_("IP"), blank=True, null=True) + routable_ip = models.BooleanField(verbose_name=_("Routable IP"), default=False) activity = models.CharField(_("Activity"), max_length=2, choices=GDPR_ACTIVITY) persons = models.ManyToManyField(GDPRPerson, verbose_name=_("Persons"), blank=True) @@ -3260,8 +3263,18 @@ class GDPRLog(models.Model): return f"{self.user.username} - {self.date} - {self.activity_lbl}" @classmethod - def create_log(cls, user_id, ip, activity, person_query): - log = cls.objects.create(user_id=user_id, ip=ip, activity=activity) + def create_log(cls, request, activity, person_query): + if not request.user: + # log creation is for logged user should be a script, a bug or a hacker... + user_id = None + else: + user_id = request.user.id + client_ip, routable_ip = get_client_ip(request) + cls._create_log(user_id, client_ip, routable_ip, activity, person_query) + + @classmethod + def _create_log(cls, user_id, ip, routable_ip, activity, person_query): + log = cls.objects.create(user_id=user_id, ip=ip, routable_ip=routable_ip, activity=activity) person_query = person_query.exclude(raw_name__isnull=True).exclude(raw_name="") # create all missing GDPRPerson |