def anonymize(cls, r, table, record_ids):
"""
Handle POST (anonymize-request), i.e. anonymize the target record
@param r: the S3Request
@param table: the target Table
@param record_ids: the target record IDs
@returns: JSON message
"""
post_vars_get = r.post_vars.get
# Verify submitted action key against session (CSRF protection)
widget_id = "%s-anonymize" % table
session_s3 = current.session.s3
keys = session_s3.anonymize
if keys is None or \
widget_id not in keys or \
post_vars_get("action-key") != keys[widget_id]:
r.error(400, "Invalid action key (form reopened in another tab?)")
# Get the available rules from settings
rules = current.s3db.get_config(table, "anonymize")
if isinstance(rules, (tuple, list)):
names = set(rule.get("name") for rule in rules)
names.discard(None)
else:
# Single rule
rules["name"] = "default"
names = (rules["name"], )
rules = [rules]
# Get selected rules from form
selected = []
for rule in rules:
rule_name = rule.get("name")
if not rule_name:
continue
if post_vars_get(rule_name) == "on":
selected.append(rule)
# Merge selected rules
cleanup = {}
cascade = []
for rule in selected:
field_rules = rule.get("fields")
if field_rules:
cleanup.update(field_rules)
cascade_rules = rule.get("cascade")
if cascade_rules:
cascade.extend(cascade_rules)
# Apply selected rules
if cleanup or cascade:
rules = {
"fields": cleanup,
"cascade": cascade,
}
for record_id in record_ids:
# NB will raise (+roll back) if configuration is invalid
cls.cascade(table, (record_id, ), rules)
# Audit anonymize
prefix, name = original_tablename(table).split("_", 1)
current.audit(
"anonymize",
prefix,
name,
record=record_id,
representation="html",
)
output = current.xml.json_message(updated=record_ids)
else:
output = current.xml.json_message(msg="No applicable rules found")
return output
def anonymize(cls, r, table, record_id):
"""
Handle POST (anonymize-request), i.e. anonymize the target record
@param r: the S3Request
@param table: the target Table
@param record_id: the target record ID
@returns: JSON message
"""
# Read+parse body JSON
s = r.body
s.seek(0)
try:
options = json.load(s)
except JSONERRORS:
options = None
if not isinstance(options, dict):
r.error(400, "Invalid request options")
# Verify submitted action key against session (CSRF protection)
widget_id = "%s-%s-anonymize" % (table, record_id)
session_s3 = current.session.s3
keys = session_s3.anonymize
if keys is None or \
widget_id not in keys or \
options.get("key") != keys[widget_id]:
r.error(400, "Invalid action key (form reopened in another tab?)")
# Get the available rules from settings
rules = current.s3db.get_config(table, "anonymize")
if isinstance(rules, (tuple, list)):
names = set(rule.get("name") for rule in rules)
names.discard(None)
else:
# Single rule
rules["name"] = "default"
names = (rules["name"], )
rules = [rules]
# Get selected rules from options
selected = options.get("apply")
if not isinstance(selected, list):
r.error(400, "Invalid request options")
# Validate selected rules
for name in selected:
if name not in names:
r.error(400, "Invalid rule: %s" % name)
# Merge selected rules
cleanup = {}
cascade = []
for rule in rules:
name = rule.get("name")
if not name or name not in selected:
continue
field_rules = rule.get("fields")
if field_rules:
cleanup.update(field_rules)
cascade_rules = rule.get("cascade")
if cascade_rules:
cascade.extend(cascade_rules)
# Apply selected rules
if cleanup or cascade:
rules = {
"fields": cleanup,
"cascade": cascade,
}
# NB will raise (+roll back) if configuration is invalid
cls.cascade(table, (record_id, ), rules)
# Audit anonymize
prefix, name = original_tablename(table).split("_", 1)
current.audit(
"anonymize",
prefix,
name,
record=record_id,
representation="html",
)
output = current.xml.json_message(updated=record_id)
else:
output = current.xml.json_message(msg="No applicable rules found")
return output
def anonymize(cls, r, table, record_id):
"""
Handle POST (anonymize-request), i.e. anonymize the target record
@param r: the S3Request
@param table: the target Table
@param record_id: the target record ID
@returns: JSON message
"""
# Read+parse body JSON
s = r.body
s.seek(0)
try:
options = json.load(s)
except JSONERRORS:
options = None
if not isinstance(options, dict):
r.error(400, "Invalid request options")
# Verify submitted action key against session (CSRF protection)
widget_id = "%s-%s-anonymize" % (table, record_id)
session_s3 = current.session.s3
keys = session_s3.anonymize
if keys is None or \
widget_id not in keys or \
options.get("key") != keys[widget_id]:
r.error(400, "Invalid action key (form reopened in another tab?)")
# Get the available rules from settings
rules = current.s3db.get_config(table, "anonymize")
if isinstance(rules, (tuple, list)):
names = set(rule.get("name") for rule in rules)
names.discard(None)
else:
# Single rule
rules["name"] = "default"
names = (rules["name"],)
rules = [rules]
# Get selected rules from options
selected = options.get("apply")
if not isinstance(selected, list):
r.error(400, "Invalid request options")
# Validate selected rules
for name in selected:
if name not in names:
r.error(400, "Invalid rule: %s" % name)
# Merge selected rules
cleanup = {}
cascade = []
for rule in rules:
name = rule.get("name")
if not name or name not in selected:
continue
field_rules = rule.get("fields")
if field_rules:
cleanup.update(field_rules)
cascade_rules = rule.get("cascade")
if cascade_rules:
cascade.extend(cascade_rules)
# Apply selected rules
if cleanup or cascade:
rules = {"fields": cleanup, "cascade": cascade}
# NB will raise (+roll back) if configuration is invalid
cls.cascade(table, (record_id,), rules)
# Audit anonymize
prefix, name = original_tablename(table).split("_", 1)
current.audit("anonymize", prefix, name,
record = record_id,
representation = "html",
)
output = current.xml.json_message(updated=record_id)
else:
output = current.xml.json_message(msg="No applicable rules found")
return output