trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

events: add gdpr_compliance option 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#1551
This commit is contained in:
Jens Langhammer 2021-11-16 11:29:13 +01:00
parent 047030f901
commit f4db09cd59
4 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
authentik/events/signals.py
View File

@ -3,14 +3,14 @@ from threading import Thread
from typing import Any, Optional from typing import Any, Optional
from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed
from django.db.models.signals import post_save from django.db.models.signals import post_save, pre_delete
from django.dispatch import receiver from django.dispatch import receiver
from django.http import HttpRequest from django.http import HttpRequest
from authentik.core.models import User from authentik.core.models import User
from authentik.core.signals import password_changed from authentik.core.signals import password_changed
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.events.tasks import event_notification_handler from authentik.events.tasks import event_notification_handler, gdpr_cleanup
from authentik.flows.planner import PLAN_CONTEXT_SOURCE, FlowPlan from authentik.flows.planner import PLAN_CONTEXT_SOURCE, FlowPlan
from authentik.flows.views.executor import SESSION_KEY_PLAN from authentik.flows.views.executor import SESSION_KEY_PLAN
from authentik.stages.invitation.models import Invitation from authentik.stages.invitation.models import Invitation
@ -108,3 +108,10 @@ def on_password_changed(sender, user: User, password: str, **_):
def event_post_save_notification(sender, instance: Event, **_): def event_post_save_notification(sender, instance: Event, **_):
"""Start task to check if any policies trigger an notification on this event""" """Start task to check if any policies trigger an notification on this event"""
event_notification_handler.delay(instance.event_uuid.hex) event_notification_handler.delay(instance.event_uuid.hex)
@receiver(pre_delete, sender=User)
# pylint: disable=unused-argument
def event_user_pre_delete_cleanup(sender, instance: User, **_):
"""If gdpr_compliance is enabled, remove all the user's events"""
gdpr_cleanup.delay(instance.pk)

8
authentik/events/tasks.py
View File

@ -106,3 +106,11 @@ def notification_transport(self: MonitoredTask, notification_pk: int, transport_
except NotificationTransportError as exc: except NotificationTransportError as exc:
self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc)) self.set_status(TaskResult(TaskResultStatus.ERROR).with_error(exc))
raise exc raise exc
@CELERY_APP.task()
def gdpr_cleanup(user_pk: int):
"""cleanup events from gdpr_compliance"""
events = Event.objects.filter(user__pk=user_pk)
LOGGER.debug("GDPR cleanup, removing events from user", events=events.count())
events.delete()

2
authentik/lib/default.yml
View File

@ -80,3 +80,5 @@ footer_links:
default_user_change_email: true default_user_change_email: true
default_user_change_username: true default_user_change_username: true
gdpr_compliance: true

8
website/docs/installation/configuration.md
View File

@ -165,6 +165,14 @@ Requires authentik 2021.10.5
Enable the ability for users to change their Usernames, defaults to `true`. Enable the ability for users to change their Usernames, defaults to `true`.
### AUTHENTIK_GDPR_COMPLIANCE
:::info
Requires authentik 2021.10.5
:::
When enabled, all the events caused by a user will be deleted upon the user's deletion. Defaults to `true`.
### AUTHENTIK_FOOTER_LINKS ### AUTHENTIK_FOOTER_LINKS
:::info :::info