# Copyright (C) 2018-2021 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later from django.core.management.base import BaseCommand from django.db import connection class Command(BaseCommand): """ Command to protect sensitive data during the beta phase, to prevent a right escalation. Phone number, email address, postal address, first and last name are removed. """ def add_arguments(self, parser): parser.add_argument('--force', '-f', action='store_true', help="Actually anonymize data.") def handle(self, *args, **kwargs): if not kwargs['force']: self.stderr.write("CAUTION: This is a dangerous script. This will reset all personal data with " "sample data. Don't use this in production! If you know what you are doing, " "please add --force option.") exit(1) cur = connection.cursor() cur.execute("UPDATE member_profile SET " "phone_number = '0123456789', " "address = '4 avenue des Sciences, 91190 GIF-SUR-YVETTE';") cur.execute("UPDATE auth_user SET " "first_name = 'Anne', " "last_name = 'Onyme', " "email = 'anonymous@example.com';") cur.execute("UPDATE member_club SET " "email = 'anonymous@example.com';") cur.close()