From f8feff7c5542db0b2bd730c097a86dedb1d8e3ce Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 22 Apr 2021 15:40:10 +0200 Subject: [PATCH] Prevent data deletion in the anonymization script Signed-off-by: Yohann D'ANELLO --- management/commands/anonymize_data.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/management/commands/anonymize_data.py b/management/commands/anonymize_data.py index 89e13c8..957331f 100644 --- a/management/commands/anonymize_data.py +++ b/management/commands/anonymize_data.py @@ -10,7 +10,16 @@ class Command(BaseCommand): Command to protect sensitive data during the beta phase, to prevent a right escalation. Phone number, email address, postal address, first and last name are removed. """ + def add_arguments(self, parser): + parser.add_argument('--force', '-f', action='store_true', help="Actually anonymize data.") + def handle(self, *args, **kwargs): + if not kwargs['force']: + self.stderr.write("CAUTION: This is a dangerous script. This will reset all personal data with " + "sample data. Don't use this in production! If you know what you are doing, " + "please add --force option.") + exit(1) + cur = connection.cursor() cur.execute("UPDATE member_profile SET " "phone_number = '0123456789', "