Setting to prevent logging details when anonymizing

2018-03-05 14:38:18 -05:00 · 2018-03-05 14:38:18 -05:00 · 0f66a99eb2
parent 003b03d939
commit 0f66a99eb2
4 changed files with 43 additions and 7 deletions
--- a/app/services/user_anonymizer.rb
+++ b/app/services/user_anonymizer.rb
@ -1,7 +1,11 @@
 class UserAnonymizer
+
+  attr_reader :user_history
+
  def initialize(user, actor = nil)
    @user = user
    @actor = actor
+    @user_history = nil
  end

  def self.make_anonymous(user, actor = nil)
@ -49,11 +53,18 @@ class UserAnonymizer
      @user.user_open_ids.find_each { |x| x.destroy }
      @user.api_key.try(:destroy)

-      UserHistory.create(action: UserHistory.actions[:anonymize_user],
-                         target_user_id: @user.id,
-                         acting_user_id: @actor ? @actor.id : @user.id,
-                         email: prev_email,
-                         details: "username: #{prev_username}")
+      history_details = {
+        action: UserHistory.actions[:anonymize_user],
+        target_user_id: @user.id,
+        acting_user_id: @actor ? @actor.id : @user.id,
+      }
+
+      if SiteSetting.log_anonymizer_details?
+        history_details[:email] = prev_email
+        history_details[:details] = "username: #{prev_username}"
+      end
+
+      @user_history = UserHistory.create(history_details)
    end
    @user
  end
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -1384,6 +1384,7 @@ en:
    faq_url: "If you have a FAQ hosted elsewhere that you want to use, provide the full URL here."
    tos_url: "If you have a Terms of Service document hosted elsewhere that you want to use, provide the full URL here."
    privacy_policy_url: "If you have a Privacy Policy document hosted elsewhere that you want to use, provide the full URL here."
+    log_anonymizer_details: "Whether to keep a user's details in the log after being anonymized. When complying to GDPR you'll need to turn this off."

    newuser_spam_host_threshold: "How many times a new user can post a link to the same host within their `newuser_spam_host_threshold` posts before being considered spam."

--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@ -1219,6 +1219,8 @@ legal:
  faq_url:
    client: true
    default: ''
+  log_anonymizer_details:
+    default: true

 backups:
  enable_backups:
--- a/spec/services/user_anonymizer_spec.rb
+++ b/spec/services/user_anonymizer_spec.rb
@ -101,8 +101,30 @@ describe UserAnonymizer do
      expect(user.uploaded_avatar_id).to eq(nil)
    end

-    it "logs the action" do
-      expect { make_anonymous }.to change { UserHistory.count }.by(1)
+    it "logs the action with the original details" do
+      SiteSetting.log_anonymizer_details = true
+      helper = UserAnonymizer.new(user, admin)
+      orig_email = user.email
+      orig_username = user.username
+      helper.make_anonymous
+
+      history = helper.user_history
+      expect(history).to be_present
+      expect(history.email).to eq(orig_email)
+      expect(history.details).to match(orig_username)
+    end
+
+    it "logs the action without the original details" do
+      SiteSetting.log_anonymizer_details = false
+      helper = UserAnonymizer.new(user, admin)
+      orig_email = user.email
+      orig_username = user.username
+      helper.make_anonymous
+
+      history = helper.user_history
+      expect(history).to be_present
+      expect(history.email).not_to eq(orig_email)
+      expect(history.details).not_to match(orig_username)
    end

    it "removes external auth assocations" do