From d80e7d8f04f3a7e4f78c92c9bee001bbaa1ab59d Mon Sep 17 00:00:00 2001 From: Sander Roosendaal Date: Tue, 6 Mar 2018 20:20:42 +0100 Subject: [PATCH] gdpr user delete and user deactivate functions --- rowers/models.py | 13 +++++ rowers/templates/registration_form.html | 9 +++ rowers/templates/rower_form.html | 14 ++++- rowers/templates/userprofile_deactivate.html | 22 ++++++++ rowers/templates/userprofile_delete.html | 22 ++++++++ rowers/urls.py | 2 + rowers/views.py | 51 ++++++++++++++++- rowsandall_workouts_{first}_{last}.csv | 58 -------------------- 8 files changed, 130 insertions(+), 61 deletions(-) create mode 100644 rowers/templates/userprofile_deactivate.html create mode 100644 rowers/templates/userprofile_delete.html delete mode 100644 rowsandall_workouts_{first}_{last}.csv diff --git a/rowers/models.py b/rowers/models.py index 73600946..99117e5a 100644 --- a/rowers/models.py +++ b/rowers/models.py @@ -606,6 +606,19 @@ class Rower(models.Model): def clean_email(self): return self.user.email.lower() +class DeactivateUserForm(forms.ModelForm): + class Meta: + model = User + fields = ['is_active'] + +class DeleteUserForm(forms.ModelForm): + delete_user = forms.BooleanField(initial=False, + label='Remove my account and all data') + + class Meta: + model = User + fields = [] + @receiver(models.signals.post_save,sender=Rower) def auto_delete_teams_on_change(sender, instance, **kwargs): if instance.rowerplan != 'coach': diff --git a/rowers/templates/registration_form.html b/rowers/templates/registration_form.html index 82f51fce..0e337e78 100644 --- a/rowers/templates/registration_form.html +++ b/rowers/templates/registration_form.html @@ -31,6 +31,15 @@

To use rowsandall, you need to register and agree with the Terms of Service.

Registration is free.

+ +

Some of our advanced services only work if you give us your + (approximate) birth date, sex and weight category, with 72.5 kg the + bounday between heavies and lighties for men, and 59 kg for women. +

+ +

Also, we are restricting access to the site to 16 years and older + because of EU data protection regulations.

+
{% endblock content %} diff --git a/rowers/templates/rower_form.html b/rowers/templates/rower_form.html index d903392d..91a0637c 100644 --- a/rowers/templates/rower_form.html +++ b/rowers/templates/rower_form.html @@ -216,7 +216,19 @@

GDPR - Data Protection

- Download your data +

+ Download your data +

+
+
+

+ Deactivate Account +

+
+
+

+ Delete Account +

diff --git a/rowers/templates/userprofile_deactivate.html b/rowers/templates/userprofile_deactivate.html new file mode 100644 index 00000000..7f4b2c15 --- /dev/null +++ b/rowers/templates/userprofile_deactivate.html @@ -0,0 +1,22 @@ +{% extends "base.html" %} +{% load staticfiles %} +{% load rowerfilters %} + +{% block title %}Deactivate your account{% endblock %} + +{% block content %} +
+

Deactivate your account

+
+

Account deactivation is reversible. After you logout, you will not be + able to access your data any more, but the site admin can restore your + account.

+
{% csrf_token %} + {{ user_form.as_p}} + {% csrf_token %} + +
+ +
+ +{% endblock %} diff --git a/rowers/templates/userprofile_delete.html b/rowers/templates/userprofile_delete.html new file mode 100644 index 00000000..04331c3f --- /dev/null +++ b/rowers/templates/userprofile_delete.html @@ -0,0 +1,22 @@ +{% extends "base.html" %} +{% load staticfiles %} +{% load rowerfilters %} + +{% block title %}Delete your account{% endblock %} + +{% block content %} +
+

Delete your account

+
+

Warning: This will remove your account and all your data. + You will not be able to recover from this action. We cannot restore + your account

+
{% csrf_token %} + {{ user_form.as_p}} + {% csrf_token %} + +
+ +
+ +{% endblock %} diff --git a/rowers/urls.py b/rowers/urls.py index a7faa506..c642adc2 100644 --- a/rowers/urls.py +++ b/rowers/urls.py @@ -336,6 +336,8 @@ urlpatterns = [ url(r'^user-multiflex/$',views.multiflex_view), url(r'^user-multiflex$',views.multiflex_view), url(r'^user-multiflex-data$',views.multiflex_data), + url(r'^me/deactivate$',views.deactivate_user), + url(r'^me/delete$',views.remove_user), url(r'^me/teams/$',views.rower_teams_view), url(r'^me/calcdps/$',views.rower_calcdps_view), url(r'^me/exportsettings/$',views.rower_exportsettings_view), diff --git a/rowers/views.py b/rowers/views.py index 707a7e27..1857f2a0 100644 --- a/rowers/views.py +++ b/rowers/views.py @@ -12,6 +12,7 @@ import yaml from PIL import Image from numbers import Number from django.views.generic.base import TemplateView +from django.contrib.auth import views as auth_views from django.db.models import Q from django import template from django.db import IntegrityError, transaction @@ -54,7 +55,7 @@ from rowers.forms import ( ) from rowers.models import ( Workout, User, Rower, WorkoutForm,FavoriteChart, - PlannedSession + PlannedSession, DeactivateUserForm,DeleteUserForm ) from rowers.models import ( RowerPowerForm,RowerForm,GraphImage,AdvancedWorkoutForm, @@ -573,6 +574,48 @@ def get_thumbnails(request,id): return JSONResponse(charts) +@login_required() +def deactivate_user(request): + pk = request.user.id + user = User.objects.get(pk=pk) + user_form = DeactivateUserForm(instance=user) + if request.user.is_authenticated() and request.user.id == user.id: + if request.method == "POST": + user_form = DeactivateUserForm(request.POST, instance=user) + if user_form.is_valid(): + deactivate_user = user_form.save(commit=False) + user.is_active = False + deactivate_user.save() + url = reverse(auth_views.logout_then_login) + return HttpResponseRedirect(url) + return render(request, "userprofile_deactivate.html", { + "user_form": user_form, + }) + else: + raise PermissionDenied + +@login_required() +def remove_user(request): + pk = request.user.id + user = User.objects.get(pk=pk) + user_form = DeleteUserForm(instance=user) + if request.user.is_authenticated() and request.user.id == user.id: + if request.method == "POST": + user_form = DeleteUserForm(request.POST,instance=user) + if user_form.is_valid(): + cd = user_form.cleaned_data + print cd + if cd['delete_user']: + user.delete() + url = reverse(auth_views.logout_then_login) + return HttpResponseRedirect(url) + return render(request, "userprofile_delete.html", { + "user_form": user_form, + }) + else: + raise PermissionDenied + + @login_required() def get_testscript(request,id): row = get_workout_permitted(request.user,id) @@ -1715,7 +1758,11 @@ def workouts_summaries_email_view(request): if form.is_valid(): startdate = form.cleaned_data['startdate'] enddate = form.cleaned_data['enddate'] - filename = 'rowsandall_workouts_{first}_{last}.csv' + filename = 'rowsandall_workouts_{first}_{last}.csv'.format( + first=startdate, + last=enddate + ) + print filename df = dataprep.workout_summary_to_df(r,startdate=startdate,enddate=enddate) df.to_csv(filename,encoding='utf-8') res = myqueue(queuehigh,handle_sendemailsummary, diff --git a/rowsandall_workouts_{first}_{last}.csv b/rowsandall_workouts_{first}_{last}.csv deleted file mode 100644 index 09f39ee8..00000000 --- a/rowsandall_workouts_{first}_{last}.csv +++ /dev/null @@ -1,58 +0,0 @@ -,Stroke Data CSV,Stroke Data TCX,TRIMP Training Load,TSS Training Load,date,distance (m),duration ,name,notes,timezone,type,weight (kg),weight category -0,https://rowsandall.com/rowers/workout/2301/emailcsv,https://rowsandall.com/rowers/workout/2301/emailtcx,-3,0,2012-09-06 19:52:16+00:00,3851,00:30:00.400000,Imported data,,Europe/Prague,other,80.0,lwt -1,https://rowsandall.com/rowers/workout/2302/emailcsv,https://rowsandall.com/rowers/workout/2302/emailtcx,-8,0,2012-09-11 21:18:12+00:00,12017,01:15:29.300000,Imported data,,Europe/Prague,other,80.0,lwt -2,https://rowsandall.com/rowers/workout/2303/emailcsv,https://rowsandall.com/rowers/workout/2303/emailtcx,-8,0,2012-09-11 21:18:12+00:00,12017,01:15:29.300000,Imported data,,Europe/Prague,other,80.0,lwt -3,https://rowsandall.com/rowers/workout/2379/emailcsv,https://rowsandall.com/rowers/workout/2379/emailtcx,0,4,2017-10-27 16:14:42+00:00,742,00:02:25,Test Weba,,Europe/Prague,water,80.0,lwt -4,https://rowsandall.com/rowers/workout/2380/emailcsv,https://rowsandall.com/rowers/workout/2380/emailtcx,0,4,2017-10-27 16:14:42+00:00,742,00:02:25,Test Weba,,Europe/Belgrade,water,80.0,lwt -5,https://rowsandall.com/rowers/workout/2334/emailcsv,https://rowsandall.com/rowers/workout/2334/emailtcx,54,0,2018-01-17 06:12:54+00:00,0,00:57:00,Swim, ,Europe/Prague,other,80.0,lwt -6,https://rowsandall.com/rowers/workout/2333/emailcsv,https://rowsandall.com/rowers/workout/2333/emailtcx,11,10,2018-01-18 19:01:48+00:00,2007,00:08:23,WU & CD & rest, ,Europe/Prague,other,80.0,lwt -7,https://rowsandall.com/rowers/workout/2332/emailcsv,https://rowsandall.com/rowers/workout/2332/emailtcx,7,3,2018-01-18 19:40:43+00:00,1217,00:06:06,WU & CD & rest, ,Europe/Prague,other,80.0,lwt -8,https://rowsandall.com/rowers/workout/2331/emailcsv,https://rowsandall.com/rowers/workout/2331/emailtcx,12,6,2018-01-18 20:18:01+00:00,1997,00:09:06,WU & CD & rest, ,Europe/Prague,other,80.0,lwt -9,https://rowsandall.com/rowers/workout/2330/emailcsv,https://rowsandall.com/rowers/workout/2330/emailtcx,172,99,2018-01-20 13:22:33+00:00,19381,01:20:36,Zwift Ride/Row, ,Europe/Prague,other,80.0,lwt -10,https://rowsandall.com/rowers/workout/2329/emailcsv,https://rowsandall.com/rowers/workout/2329/emailtcx,36,0,2018-01-21 13:23:11+00:00,0,00:45:15,Afternoon Swim, ,Europe/Prague,other,80.0,lwt -11,https://rowsandall.com/rowers/workout/2328/emailcsv,https://rowsandall.com/rowers/workout/2328/emailtcx,0,0,2018-01-24 18:55:25+00:00,210,00:01:40,Steady state, ,Europe/Prague,other,80.0,lwt -12,https://rowsandall.com/rowers/workout/2327/emailcsv,https://rowsandall.com/rowers/workout/2327/emailtcx,11,11,2018-01-24 18:59:08+00:00,2110,00:08:39,Steady state, ,Europe/Prague,other,80.0,lwt -13,https://rowsandall.com/rowers/workout/2326/emailcsv,https://rowsandall.com/rowers/workout/2326/emailtcx,33,22,2018-01-24 19:08:06+00:00,6081,00:16:08,Steady state, ,Europe/Prague,other,80.0,lwt -14,https://rowsandall.com/rowers/workout/2325/emailcsv,https://rowsandall.com/rowers/workout/2325/emailtcx,85,44,2018-01-24 19:24:20+00:00,14426,00:35:00,Steady state, ,Europe/Prague,other,80.0,lwt -15,https://rowsandall.com/rowers/workout/2324/emailcsv,https://rowsandall.com/rowers/workout/2324/emailtcx,143,83,2018-01-27 13:23:28+00:00,14981,01:01:36,You’ve unlocked colored socks, ,Europe/Prague,other,80.0,lwt -16,https://rowsandall.com/rowers/workout/2323/emailcsv,https://rowsandall.com/rowers/workout/2323/emailtcx,85,207,2018-01-28 14:43:45+00:00,6519,00:47:35,Afternoon Run, ,Europe/Prague,other,80.0,lwt -17,https://rowsandall.com/rowers/workout/2322/emailcsv,https://rowsandall.com/rowers/workout/2322/emailtcx,121,712,2018-01-29 08:32:25+00:00,12622,02:11:55,Morning Run, ,Europe/Prague,other,80.0,lwt -18,https://rowsandall.com/rowers/workout/2321/emailcsv,https://rowsandall.com/rowers/workout/2321/emailtcx,99,216,2018-01-29 14:02:59+00:00,8801,01:20:06,Afternoon Run, ,Europe/Prague,other,80.0,lwt -19,https://rowsandall.com/rowers/workout/2320/emailcsv,https://rowsandall.com/rowers/workout/2320/emailtcx,224,663,2018-01-30 08:07:27+00:00,24640,04:24:41,Morning Run, ,Europe/Prague,other,80.0,lwt -20,https://rowsandall.com/rowers/workout/2319/emailcsv,https://rowsandall.com/rowers/workout/2319/emailtcx,142,862,2018-01-31 08:34:52+00:00,13659,01:35:37,Morning Run, ,Europe/Prague,other,80.0,lwt -21,https://rowsandall.com/rowers/workout/2318/emailcsv,https://rowsandall.com/rowers/workout/2318/emailtcx,101,244,2018-01-31 14:31:30+00:00,8948,01:11:07,Afternoon Run, ,Europe/Prague,other,80.0,lwt -22,https://rowsandall.com/rowers/workout/2317/emailcsv,https://rowsandall.com/rowers/workout/2317/emailtcx,160,216,2018-02-01 08:46:14+00:00,10501,01:32:54,Morning Run, ,Europe/Prague,other,80.0,lwt -23,https://rowsandall.com/rowers/workout/2295/emailcsv,https://rowsandall.com/rowers/workout/2295/emailtcx,88,75,2018-02-03 14:20:20+00:00,12181,00:51:43,Zwift in the rain, ,Europe/Prague,water,80.0,lwt -24,https://rowsandall.com/rowers/workout/2316/emailcsv,https://rowsandall.com/rowers/workout/2316/emailtcx,-5,396,2018-02-04 12:56:40+00:00,9082,00:51:50,Afternoon Run, ,Europe/Prague,other,80.0,lwt -25,https://rowsandall.com/rowers/workout/2315/emailcsv,https://rowsandall.com/rowers/workout/2315/emailtcx,60,40,2018-02-06 17:54:04+00:00,7210,00:31:05,Aborted 2x(1min+2min+3min+4min+3min+2min+1min)/4min 26/24/22/20/22/24/26spm, ,Europe/Prague,other,80.0,lwt -26,https://rowsandall.com/rowers/workout/2314/emailcsv,https://rowsandall.com/rowers/workout/2314/emailtcx,56,0,2018-02-08 06:08:23+00:00,0,00:51:58,Morning Activity, ,Europe/Prague,other,80.0,lwt -27,https://rowsandall.com/rowers/workout/2313/emailcsv,https://rowsandall.com/rowers/workout/2313/emailtcx,16,15,2018-02-10 09:10:16+00:00,3040,00:12:44,WU and cd, ,Europe/Prague,other,80.0,lwt -28,https://rowsandall.com/rowers/workout/2312/emailcsv,https://rowsandall.com/rowers/workout/2312/emailtcx,85,66,2018-02-10 09:23:53+00:00,9305,00:40:48,7x(1min+1min+1min)/3min @ 24/26/28spm, ,Europe/Prague,other,80.0,lwt -29,https://rowsandall.com/rowers/workout/2311/emailcsv,https://rowsandall.com/rowers/workout/2311/emailtcx,14,6,2018-02-10 10:06:03+00:00,2009,00:08:59,WU and cd, ,Europe/Prague,other,80.0,lwt -30,https://rowsandall.com/rowers/workout/2310/emailcsv,https://rowsandall.com/rowers/workout/2310/emailtcx,133,68,2018-02-11 16:57:33+00:00,14450,01:00:00,Steady State (fused),,Europe/Prague,other,80.0,lwt -31,https://rowsandall.com/rowers/workout/2335/emailcsv,https://rowsandall.com/rowers/workout/2335/emailtcx,24,20,2018-02-12 05:02:06+00:00,3872,00:27:12.200000,SpdCoach 1,,America/Los_Angeles,water,80.0,lwt -32,https://rowsandall.com/rowers/workout/2338/emailcsv,https://rowsandall.com/rowers/workout/2338/emailtcx,431,1524,2018-02-12 05:02:06+00:00,9336,09:58:35,Joined Workout,,America/Los_Angeles,water,80.0,lwt -33,https://rowsandall.com/rowers/workout/2339/emailcsv,https://rowsandall.com/rowers/workout/2339/emailtcx,403,1502,2018-02-12 05:02:06+00:00,7522,09:41:48.200000,Joined Workout,,America/Los_Angeles,water,80.0,lwt -34,https://rowsandall.com/rowers/workout/2341/emailcsv,https://rowsandall.com/rowers/workout/2341/emailtcx,431,1524,2018-02-12 05:02:06+00:00,9336,09:58:35,Joined Workout,,America/Los_Angeles,water,80.0,lwt -35,https://rowsandall.com/rowers/workout/2342/emailcsv,https://rowsandall.com/rowers/workout/2342/emailtcx,431,1524,2018-02-12 05:02:06+00:00,9336,09:58:35,Joined Workout,,America/Los_Angeles,water,80.0,lwt -36,https://rowsandall.com/rowers/workout/2343/emailcsv,https://rowsandall.com/rowers/workout/2343/emailtcx,431,1524,2018-02-12 05:02:06+00:00,9336,09:58:35,Joined Workout,,America/Los_Angeles,water,80.0,lwt -37,https://rowsandall.com/rowers/workout/2344/emailcsv,https://rowsandall.com/rowers/workout/2344/emailtcx,24,20,2018-02-12 14:02:06+00:00,3872,00:27:12.200000,SpdCoach Sessions,imported through email,America/Los_Angeles,water,80.0,lwt -38,https://rowsandall.com/rowers/workout/2347/emailcsv,https://rowsandall.com/rowers/workout/2347/emailtcx,89,73,2018-02-12 14:02:06+00:00,9336,00:58:35,Joined Workout,imported through email,America/Los_Angeles,water,80.0,lwt -39,https://rowsandall.com/rowers/workout/2336/emailcsv,https://rowsandall.com/rowers/workout/2336/emailtcx,37,32,2018-02-12 14:29:01+00:00,3650,00:14:53.200000,SpdCoach 2," -Summary for your location at 2018-02-12T14:55:00Z: Temperature 9.0C/48.2F. Wind: 2.5 m/s (5.0 kt). Wind Bearing: 280.0 degrees",America/Los_Angeles,water,80.0,lwt -40,https://rowsandall.com/rowers/workout/2340/emailcsv,https://rowsandall.com/rowers/workout/2340/emailtcx,65,49,2018-02-12 14:29:01+00:00,5464,00:31:40,Joined Workout,,America/Los_Angeles,water,80.0,lwt -41,https://rowsandall.com/rowers/workout/2345/emailcsv,https://rowsandall.com/rowers/workout/2345/emailtcx,37,32,2018-02-12 14:29:01+00:00,3650,00:14:53.200000,SpdCoach Sessions (2),imported through email,America/Los_Angeles,water,80.0,lwt -42,https://rowsandall.com/rowers/workout/2337/emailcsv,https://rowsandall.com/rowers/workout/2337/emailtcx,11,5,2018-02-12 14:49:02+00:00,1814,00:11:39,SpdCoach 3,,America/Los_Angeles,water,80.0,lwt -43,https://rowsandall.com/rowers/workout/2346/emailcsv,https://rowsandall.com/rowers/workout/2346/emailtcx,11,5,2018-02-12 14:49:02+00:00,1814,00:11:39,SpdCoach Sessions (3),imported through email,America/Los_Angeles,water,80.0,lwt -44,https://rowsandall.com/rowers/workout/2309/emailcsv,https://rowsandall.com/rowers/workout/2309/emailtcx,8,9,2018-02-12 18:39:45+00:00,2014,00:08:33,WU and CD, ,Europe/Prague,other,80.0,lwt -45,https://rowsandall.com/rowers/workout/2308/emailcsv,https://rowsandall.com/rowers/workout/2308/emailtcx,90,73,2018-02-12 18:49:04+00:00,10562,00:46:10,4x2km,,Europe/Prague,rower,80.0,lwt -46,https://rowsandall.com/rowers/workout/2307/emailcsv,https://rowsandall.com/rowers/workout/2307/emailtcx,9,5,2018-02-12 19:36:46+00:00,1998,00:09:35,WU and CD, ,Europe/Prague,other,80.0,lwt -47,https://rowsandall.com/rowers/workout/2306/emailcsv,https://rowsandall.com/rowers/workout/2306/emailtcx,48,0,2018-02-14 05:55:22+00:00,0,00:58:33,Morning Activity, ,Europe/Prague,other,80.0,lwt -48,https://rowsandall.com/rowers/workout/2378/emailcsv,https://rowsandall.com/rowers/workout/2378/emailtcx,40,6,2018-02-17 08:17:50+00:00,4386,00:27:08,Morning Run, ,Europe/Prague,other,80.0,lwt -49,https://rowsandall.com/rowers/workout/2381/emailcsv,https://rowsandall.com/rowers/workout/2381/emailtcx,79,48,2018-02-21 06:26:01+00:00,6119,00:27:20.200000,3x2km Racice,,Europe/Prague,water,80.0,lwt -50,https://rowsandall.com/rowers/workout/2384/emailcsv,https://rowsandall.com/rowers/workout/2384/emailtcx,107,66,2018-02-22 09:32:01+00:00,8000,00:35:08.500000,8k trial,,Europe/Prague,water,80.0,lwt -51,https://rowsandall.com/rowers/workout/2383/emailcsv,https://rowsandall.com/rowers/workout/2383/emailtcx,-2,50,2018-02-23 15:17:03+00:00,5918,00:25:10.700000,Horin,,Europe/Prague,water,80.0,lwt -52,https://rowsandall.com/rowers/workout/2385/emailcsv,https://rowsandall.com/rowers/workout/2385/emailtcx,169,0,2018-02-24 11:58:09+00:00,17045,01:35:59,Washington,,America/New_York,water,80.0,lwt -53,https://rowsandall.com/rowers/workout/2386/emailcsv,https://rowsandall.com/rowers/workout/2386/emailtcx,-2,59,2018-02-25 12:24:59+00:00,6182,00:26:24.400000,9x500m/70sec,,Europe/Prague,rower,80.0,lwt -54,https://rowsandall.com/rowers/workout/2387/emailcsv,https://rowsandall.com/rowers/workout/2387/emailtcx,11,7,2018-02-27 13:19:44+00:00,2206,00:10:00,StatsError,,Europe/Prague,rower,80.0,lwt -55,https://rowsandall.com/rowers/workout/2388/emailcsv,https://rowsandall.com/rowers/workout/2388/emailtcx,87,410,2018-03-04 12:16:34+00:00,17817,01:29:08,Afternoon Activity, ,Europe/Prague,other,80.0,lwt