gdpr user delete and user deactivate functions
This commit is contained in:
Sander Roosendaal
@@ -606,6 +606,19 @@ class Rower(models.Model):
|
||||
def clean_email(self):
|
||||
return self.user.email.lower()
|
||||
|
||||
class DeactivateUserForm(forms.ModelForm):
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['is_active']
|
||||
|
||||
class DeleteUserForm(forms.ModelForm):
|
||||
delete_user = forms.BooleanField(initial=False,
|
||||
label='Remove my account and all data')
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = []
|
||||
|
||||
@receiver(models.signals.post_save,sender=Rower)
|
||||
def auto_delete_teams_on_change(sender, instance, **kwargs):
|
||||
if instance.rowerplan != 'coach':
|
||||
|
||||
@@ -31,6 +31,15 @@
|
||||
<div class="grid_6 omega">
|
||||
<p> To use rowsandall, you need to register and agree with the Terms of Service. </p>
|
||||
<p> Registration is free. </p>
|
||||
|
||||
<p>Some of our advanced services only work if you give us your
|
||||
(approximate) birth date, sex and weight category, with 72.5 kg the
|
||||
bounday between heavies and lighties for men, and 59 kg for women.
|
||||
</p>
|
||||
|
||||
<p>Also, we are restricting access to the site to 16 years and older
|
||||
because of EU data protection regulations.</p>
|
||||
|
||||
</div>
|
||||
{% endblock content %}
|
||||
|
||||
|
||||
@@ -216,7 +216,19 @@
|
||||
<p>
|
||||
<h2>GDPR - Data Protection</h2>
|
||||
<div class="grid_2 suffix_4 alpha">
|
||||
<a class="button gray small" href="/rowers/exportallworkouts">Download your data</a>
|
||||
<p>
|
||||
<a class="button gray small" href="/rowers/exportallworkouts">Download your data</a>
|
||||
</p>
|
||||
</div>
|
||||
<div class="grid_2 suffix_4 alpha">
|
||||
<p>
|
||||
<a class="button gray small" href="/rowers/me/deactivate">Deactivate Account</a>
|
||||
</p>
|
||||
</div>
|
||||
<div class="grid_2 suffix_4 alpha">
|
||||
<p>
|
||||
<a class="button red small" href="/rowers/me/delete">Delete Account</a>
|
||||
</p>
|
||||
</div>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
22
rowers/templates/userprofile_deactivate.html
Normal file
22
rowers/templates/userprofile_deactivate.html
Normal file
@@ -0,0 +1,22 @@
|
||||
{% extends "base.html" %}
|
||||
{% load staticfiles %}
|
||||
{% load rowerfilters %}
|
||||
|
||||
{% block title %}Deactivate your account{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<div class="grid_12">
|
||||
<h2>Deactivate your account</h2>
|
||||
<hr>
|
||||
<p>Account deactivation is reversible. After you logout, you will not be
|
||||
able to access your data any more, but the site admin can restore your
|
||||
account.</p>
|
||||
<form method="POST" class="padding">{% csrf_token %}
|
||||
{{ user_form.as_p}}
|
||||
{% csrf_token %}
|
||||
<button class="btn btn-primary" type="submit" name="action">Confirm</button>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
22
rowers/templates/userprofile_delete.html
Normal file
22
rowers/templates/userprofile_delete.html
Normal file
@@ -0,0 +1,22 @@
|
||||
{% extends "base.html" %}
|
||||
{% load staticfiles %}
|
||||
{% load rowerfilters %}
|
||||
|
||||
{% block title %}Delete your account{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<div class="grid_12">
|
||||
<h2>Delete your account</h2>
|
||||
<hr>
|
||||
<p><b>Warning: This will remove your account and all your data.
|
||||
You will not be able to recover from this action. We cannot restore
|
||||
your account</b></p>
|
||||
<form method="POST" class="padding">{% csrf_token %}
|
||||
{{ user_form.as_p}}
|
||||
{% csrf_token %}
|
||||
<button class="btn btn-primary" type="submit" name="action">Confirm</button>
|
||||
</form>
|
||||
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
@@ -336,6 +336,8 @@ urlpatterns = [
|
||||
url(r'^user-multiflex/$',views.multiflex_view),
|
||||
url(r'^user-multiflex$',views.multiflex_view),
|
||||
url(r'^user-multiflex-data$',views.multiflex_data),
|
||||
url(r'^me/deactivate$',views.deactivate_user),
|
||||
url(r'^me/delete$',views.remove_user),
|
||||
url(r'^me/teams/$',views.rower_teams_view),
|
||||
url(r'^me/calcdps/$',views.rower_calcdps_view),
|
||||
url(r'^me/exportsettings/$',views.rower_exportsettings_view),
|
||||
|
||||
@@ -12,6 +12,7 @@ import yaml
|
||||
from PIL import Image
|
||||
from numbers import Number
|
||||
from django.views.generic.base import TemplateView
|
||||
from django.contrib.auth import views as auth_views
|
||||
from django.db.models import Q
|
||||
from django import template
|
||||
from django.db import IntegrityError, transaction
|
||||
@@ -54,7 +55,7 @@ from rowers.forms import (
|
||||
)
|
||||
from rowers.models import (
|
||||
Workout, User, Rower, WorkoutForm,FavoriteChart,
|
||||
PlannedSession
|
||||
PlannedSession, DeactivateUserForm,DeleteUserForm
|
||||
)
|
||||
from rowers.models import (
|
||||
RowerPowerForm,RowerForm,GraphImage,AdvancedWorkoutForm,
|
||||
@@ -573,6 +574,48 @@ def get_thumbnails(request,id):
|
||||
|
||||
return JSONResponse(charts)
|
||||
|
||||
@login_required()
|
||||
def deactivate_user(request):
|
||||
pk = request.user.id
|
||||
user = User.objects.get(pk=pk)
|
||||
user_form = DeactivateUserForm(instance=user)
|
||||
if request.user.is_authenticated() and request.user.id == user.id:
|
||||
if request.method == "POST":
|
||||
user_form = DeactivateUserForm(request.POST, instance=user)
|
||||
if user_form.is_valid():
|
||||
deactivate_user = user_form.save(commit=False)
|
||||
user.is_active = False
|
||||
deactivate_user.save()
|
||||
url = reverse(auth_views.logout_then_login)
|
||||
return HttpResponseRedirect(url)
|
||||
return render(request, "userprofile_deactivate.html", {
|
||||
"user_form": user_form,
|
||||
})
|
||||
else:
|
||||
raise PermissionDenied
|
||||
|
||||
@login_required()
|
||||
def remove_user(request):
|
||||
pk = request.user.id
|
||||
user = User.objects.get(pk=pk)
|
||||
user_form = DeleteUserForm(instance=user)
|
||||
if request.user.is_authenticated() and request.user.id == user.id:
|
||||
if request.method == "POST":
|
||||
user_form = DeleteUserForm(request.POST,instance=user)
|
||||
if user_form.is_valid():
|
||||
cd = user_form.cleaned_data
|
||||
print cd
|
||||
if cd['delete_user']:
|
||||
user.delete()
|
||||
url = reverse(auth_views.logout_then_login)
|
||||
return HttpResponseRedirect(url)
|
||||
return render(request, "userprofile_delete.html", {
|
||||
"user_form": user_form,
|
||||
})
|
||||
else:
|
||||
raise PermissionDenied
|
||||
|
||||
|
||||
@login_required()
|
||||
def get_testscript(request,id):
|
||||
row = get_workout_permitted(request.user,id)
|
||||
@@ -1715,7 +1758,11 @@ def workouts_summaries_email_view(request):
|
||||
if form.is_valid():
|
||||
startdate = form.cleaned_data['startdate']
|
||||
enddate = form.cleaned_data['enddate']
|
||||
filename = 'rowsandall_workouts_{first}_{last}.csv'
|
||||
filename = 'rowsandall_workouts_{first}_{last}.csv'.format(
|
||||
first=startdate,
|
||||
last=enddate
|
||||
)
|
||||
print filename
|
||||
df = dataprep.workout_summary_to_df(r,startdate=startdate,enddate=enddate)
|
||||
df.to_csv(filename,encoding='utf-8')
|
||||
res = myqueue(queuehigh,handle_sendemailsummary,
|
||||
|
||||
Reference in New Issue
Block a user