FEATURE: Remove more PII during user anonymizing
Removes * invite if the user was invited * email tokens * incoming emails * email log entries * raw emails from posts
This commit is contained in:
parent
22c186a792
commit
cf038cf72a
|
@ -63,6 +63,16 @@ class UserAnonymizer
|
||||||
acting_user_id: @actor ? @actor.id : @user.id,
|
acting_user_id: @actor ? @actor.id : @user.id,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Invite.with_deleted.where(user_id: @user.id).destroy_all
|
||||||
|
EmailToken.where(user_id: @user.id).destroy_all
|
||||||
|
EmailLog.where(user_id: @user.id).delete_all
|
||||||
|
IncomingEmail.where("user_id = ? OR from_address = ?", @user.id, @prev_email).delete_all
|
||||||
|
|
||||||
|
Post.with_deleted
|
||||||
|
.where(user_id: @user.id)
|
||||||
|
.where.not(raw_email: nil)
|
||||||
|
.update_all(raw_email: nil)
|
||||||
|
|
||||||
if SiteSetting.log_anonymizer_details?
|
if SiteSetting.log_anonymizer_details?
|
||||||
history_details[:email] = @prev_email
|
history_details[:email] = @prev_email
|
||||||
history_details[:details] = "username: #{@prev_username}"
|
history_details[:details] = "username: #{@prev_username}"
|
||||||
|
|
|
@ -23,7 +23,9 @@ describe UserAnonymizer do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "make_anonymous" do
|
describe "make_anonymous" do
|
||||||
let(:user) { Fabricate(:user, username: "edward") }
|
let(:original_email) { "edward@example.net" }
|
||||||
|
let(:user) { Fabricate(:user, username: "edward", email: original_email) }
|
||||||
|
let(:another_user) { Fabricate(:evil_trout) }
|
||||||
subject(:make_anonymous) { described_class.make_anonymous(user, admin) }
|
subject(:make_anonymous) { described_class.make_anonymous(user, admin) }
|
||||||
|
|
||||||
it "changes username" do
|
it "changes username" do
|
||||||
|
@ -201,6 +203,49 @@ describe UserAnonymizer do
|
||||||
expect(user.api_key).to eq(nil)
|
expect(user.api_key).to eq(nil)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "removes invites" do
|
||||||
|
Fabricate(:invite, user: user)
|
||||||
|
Fabricate(:invite, user: another_user)
|
||||||
|
|
||||||
|
expect { make_anonymous }.to change { Invite.count }.by(-1)
|
||||||
|
expect(Invite.where(user_id: user.id).count).to eq(0)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "removes email tokens" do
|
||||||
|
Fabricate(:email_token, user: user)
|
||||||
|
Fabricate(:email_token, user: another_user)
|
||||||
|
|
||||||
|
expect { make_anonymous }.to change { EmailToken.count }.by(-1)
|
||||||
|
expect(EmailToken.where(user_id: user.id).count).to eq(0)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "removes email log entries" do
|
||||||
|
Fabricate(:email_log, user: user)
|
||||||
|
Fabricate(:email_log, user: another_user)
|
||||||
|
|
||||||
|
expect { make_anonymous }.to change { EmailLog.count }.by(-1)
|
||||||
|
expect(EmailLog.where(user_id: user.id).count).to eq(0)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "removes incoming emails" do
|
||||||
|
Fabricate(:incoming_email, user: user, from_address: user.email)
|
||||||
|
Fabricate(:incoming_email, from_address: user.email, error: "Some error")
|
||||||
|
Fabricate(:incoming_email, user: another_user, from_address: another_user.email)
|
||||||
|
|
||||||
|
expect { make_anonymous }.to change { IncomingEmail.count }.by(-2)
|
||||||
|
expect(IncomingEmail.where(user_id: user.id).count).to eq(0)
|
||||||
|
expect(IncomingEmail.where(from_address: original_email).count).to eq(0)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "removes raw email from posts" do
|
||||||
|
post1 = Fabricate(:post, user: user, via_email: true, raw_email: "raw email from user")
|
||||||
|
post2 = Fabricate(:post, user: another_user, via_email: true, raw_email: "raw email from another user")
|
||||||
|
|
||||||
|
make_anonymous
|
||||||
|
|
||||||
|
expect(post1.reload).to have_attributes(via_email: true, raw_email: nil)
|
||||||
|
expect(post2.reload).to have_attributes(via_email: true, raw_email: "raw email from another user")
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "anonymize_ip" do
|
describe "anonymize_ip" do
|
||||||
|
|
Loading…
Reference in New Issue