nk20-scripts/management/commands/anonymize_data.py

34 lines
1.4 KiB
Python
Raw Normal View History

2020-07-26 10:05:26 +00:00
# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay
# SPDX-License-Identifier: GPL-3.0-or-later
from django.core.management.base import BaseCommand
from django.db import connection
class Command(BaseCommand):
"""
Command to protect sensitive data during the beta phase, to prevent a right escalation.
Phone number, email address, postal address, first and last name are removed.
"""
def add_arguments(self, parser):
parser.add_argument('--force', '-f', action='store_true', help="Actually anonymize data.")
2020-07-26 10:05:26 +00:00
def handle(self, *args, **kwargs):
if not kwargs['force']:
self.stderr.write("CAUTION: This is a dangerous script. This will reset all personal data with "
"sample data. Don't use this in production! If you know what you are doing, "
"please add --force option.")
exit(1)
2020-07-26 10:05:26 +00:00
cur = connection.cursor()
cur.execute("UPDATE member_profile SET "
"phone_number = '0123456789', "
"address = '4 avenue des Sciences, 91190 GIF-SUR-YVETTE';")
cur.execute("UPDATE auth_user SET "
"first_name = 'Anne', "
2020-07-30 10:51:49 +00:00
"last_name = 'Onyme', "
2020-07-30 11:44:34 +00:00
"email = 'anonymous@example.com';")
2020-07-30 11:12:06 +00:00
cur.execute("UPDATE member_club SET "
2020-07-30 11:44:34 +00:00
"email = 'anonymous@example.com';")
2020-07-26 10:05:26 +00:00
cur.close()