def on_user_updated(sender, instance, **kwargs): # pylint: disable=unused-argument
"""
Check for retired usernames.
"""
# Check only at User creation time and when not raw.
if not instance.id and not kwargs['raw']:
prefix_to_check = getattr(settings, 'RETIRED_USERNAME_PREFIX', None)
if prefix_to_check:
# Check for username that's too close to retired username format.
if instance.username.startswith(prefix_to_check):
raise AccountValidationError(
USERNAME_EXISTS_MSG_FMT.format(username=instance.username),
field="username")
# Check for a retired username.
if is_username_retired(instance.username):
raise AccountValidationError(
USERNAME_EXISTS_MSG_FMT.format(username=instance.username),
field="username")
# Check for a retired email.
if is_email_retired(instance.email):
raise AccountValidationError(
EMAIL_EXISTS_MSG_FMT.format(username=instance.email),
field="email")
def on_user_updated(sender, instance, **kwargs): # pylint: disable=unused-argument
"""
Check for retired usernames.
"""
# Check only at User creation time and when not raw.
if not instance.id and not kwargs['raw']:
prefix_to_check = getattr(settings, 'RETIRED_USERNAME_PREFIX', None)
if prefix_to_check:
# Check for username that's too close to retired username format.
if instance.username.startswith(prefix_to_check):
raise AccountValidationError(
USERNAME_EXISTS_MSG_FMT.format(username=instance.username),
field="username"
)
# Check for a retired username.
if is_username_retired(instance.username):
raise AccountValidationError(
USERNAME_EXISTS_MSG_FMT.format(username=instance.username),
field="username"
)
# Check for a retired email.
if is_email_retired(instance.email):
raise AccountValidationError(
EMAIL_EXISTS_MSG_FMT.format(username=instance.email),
field="email"
)
def post(self, request):
"""
POST /api/user/v1/accounts/retire/
{
'username': '******'
}
Retires the user with the given username. This includes
retiring this username, the associates email address, and
any other PII associated with this user.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement_status = UserRetirementStatus.get_retirement_for_retirement_action(username)
user = retirement_status.user
retired_username = retirement_status.retired_username or get_retired_username_by_username(username)
retired_email = retirement_status.retired_email or get_retired_email_by_email(user.email)
original_email = retirement_status.original_email
# Retire core user/profile information
self.clear_pii_from_userprofile(user)
self.delete_users_profile_images(user)
self.delete_users_country_cache(user)
# Retire data from Enterprise models
self.retire_users_data_sharing_consent(username, retired_username)
self.retire_sapsf_data_transmission(user)
self.retire_user_from_pending_enterprise_customer_user(user, retired_email)
self.retire_entitlement_support_detail(user)
# Retire misc. models that may contain PII of this user
SoftwareSecurePhotoVerification.retire_user(user.id)
PendingEmailChange.delete_by_user_value(user, field='user')
UserOrgTag.delete_by_user_value(user, field='user')
# Retire any objects linked to the user via their original email
CourseEnrollmentAllowed.delete_by_user_value(original_email, field='email')
UnregisteredLearnerCohortAssignments.delete_by_user_value(original_email, field='email')
# TODO: Password Reset links - https://openedx.atlassian.net/browse/PLAT-2104
# TODO: Delete OAuth2 records - https://openedx.atlassian.net/browse/EDUCATOR-2703
user.first_name = ''
user.last_name = ''
user.is_active = False
user.username = retired_username
user.save()
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def post(self, request):
"""
POST /api/user/v1/accounts/retire/
{
'username': '******'
}
Retires the user with the given username. This includes
retiring this username, the associates email address, and
any other PII associated with this user.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement_status = UserRetirementStatus.get_retirement_for_retirement_action(username)
user = retirement_status.user
retired_username = retirement_status.retired_username or get_retired_username_by_username(username)
retired_email = retirement_status.retired_email or get_retired_email_by_email(user.email)
original_email = retirement_status.original_email
# Retire core user/profile information
self.clear_pii_from_userprofile(user)
self.delete_users_profile_images(user)
self.delete_users_country_cache(user)
# Retire data from Enterprise models
self.retire_users_data_sharing_consent(username, retired_username)
self.retire_sapsf_data_transmission(user)
self.retire_user_from_pending_enterprise_customer_user(user, retired_email)
self.retire_entitlement_support_detail(user)
# Retire misc. models that may contain PII of this user
SoftwareSecurePhotoVerification.retire_user(user.id)
PendingEmailChange.delete_by_user_value(user, field='user')
UserOrgTag.delete_by_user_value(user, field='user')
# Retire any objects linked to the user via their original email
CourseEnrollmentAllowed.delete_by_user_value(original_email, field='email')
UnregisteredLearnerCohortAssignments.delete_by_user_value(original_email, field='email')
# TODO: Password Reset links - https://openedx.atlassian.net/browse/PLAT-2104
# TODO: Delete OAuth2 records - https://openedx.atlassian.net/browse/EDUCATOR-2703
user.first_name = ''
user.last_name = ''
user.is_active = False
user.username = retired_username
user.save()
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def test_is_username_retired_is_retired(retirement_user):
"""
Check functionality of is_username_retired when username is retired
"""
original_username = retirement_user.username
retired_username = get_retired_username_by_username(retirement_user.username)
# Fake username retirement.
retirement_user.username = retired_username
retirement_user.save()
assert is_username_retired(original_username)
def test_is_username_retired_is_retired(retirement_user):
"""
Check functionality of is_username_retired when username is retired
"""
original_username = retirement_user.username
retired_username = get_retired_username_by_username(retirement_user.username)
# Fake username retirement.
retirement_user.username = retired_username
retirement_user.save()
assert is_username_retired(original_username)
def test_is_username_retired_is_retired():
"""
Check functionality of is_username_retired when username is retired
"""
user = UserFactory()
original_username = user.username
retired_username = get_retired_username_by_username(user.username)
# Fake username retirement.
user.username = retired_username
user.save()
assert is_username_retired(original_username)
def test_is_username_retired_is_retired():
"""
Check functionality of is_username_retired when username is retired
"""
user = UserFactory()
original_username = user.username
retired_username = get_retired_username_by_username(user.username)
# Fake username retirement.
user.username = retired_username
user.save()
assert is_username_retired(original_username)
def post(self, request):
"""
POST /api/user/v1/accounts/retire/
{
'username': '******'
}
Retires the user with the given username. This includes
retiring this username, the associates email address, and
any other PII associated with this user.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement_status = UserRetirementStatus.get_retirement_for_retirement_action(
username)
user = retirement_status.user
retired_username = retirement_status.retired_username or get_retired_username_by_username(
username)
retired_email = retirement_status.retired_email or get_retired_email_by_email(
user.email)
self.clear_pii_from_userprofile(user)
self.delete_users_profile_images(user)
self.delete_users_country_cache(user)
self.retire_users_data_sharing_consent(username, retired_username)
self.retire_sapsf_data_transmission(user)
self.retire_user_from_pending_enterprise_customer_user(
user, retired_email)
self.retire_entitlement_support_detail(user)
# TODO: Password Reset links - https://openedx.atlassian.net/browse/PLAT-2104
# TODO: Delete OAuth2 records - https://openedx.atlassian.net/browse/EDUCATOR-2703
user.first_name = ''
user.last_name = ''
user.is_active = False
user.username = retired_username
user.save()
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(
username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user,
field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(
user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(
course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement.original_username,
retirement.retired_username)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement.user.username)
SurveyAnswer.retire_user(retirement.user.id)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def test_is_username_retired_not_retired():
"""
Check functionality of is_username_retired when username is not retired
"""
user = UserFactory()
assert not is_username_retired(user.username)
def test_is_username_retired_not_retired(retirement_user):
"""
Check functionality of is_username_retired when username is not retired
"""
assert not is_username_retired(retirement_user.username)
def test_is_username_retired_not_retired(retirement_user):
"""
Check functionality of is_username_retired when username is not retired
"""
assert not is_username_retired(retirement_user.username)
def test_is_username_retired_not_retired():
"""
Check functionality of is_username_retired when username is not retired
"""
user = UserFactory()
assert not is_username_retired(user.username)
