Exemplo n.º 1
0
def add_gdpr_consent_resources(context, content):
    if not valid_view(context):
        return

    request = context["request"]
    shop = get_shop(request)
    gdpr_settings = GDPRSettings.get_for_shop(shop)

    # GDPR not enabled, nothing to do
    if not gdpr_settings.enabled:
        return

    # always add styles
    add_resource(context, "head_end",
                 static("shuup_gdpr/shuup_gdpr_styles.css"))

    user = request.user
    if not user.is_anonymous() and should_reconsent_privacy_policy(shop, user):
        consent_page = get_privacy_policy_page(shop)
        render_context = {
            "request":
            request,
            "csrf_token":
            context["csrf_token"],
            "url":
            "/%s" % consent_page.url,
            "accept_url":
            reverse("shuup:gdpr_policy_consent",
                    kwargs=dict(page_id=consent_page.id))
        }
        update_resource = InlineMarkupResource(
            loader.render_to_string("shuup/gdpr/privacy_policy_update.jinja",
                                    context=render_context))
        add_resource(context, "body_end", update_resource)

    # consent already added
    if settings.SHUUP_GDPR_CONSENT_COOKIE_NAME in request.COOKIES:
        return

    gdpr_documents = []
    if has_installed("shuup.simple_cms"):
        gdpr_documents = get_active_consent_pages(shop)

    render_context = {
        "request": request,
        "csrf_token": context["csrf_token"],
        "gdpr_settings": gdpr_settings,
        "gdpr_documents": gdpr_documents,
        "gdpr_cookie_categories": GDPRCookieCategory.objects.filter(shop=shop)
    }
    html_resource = InlineMarkupResource(
        loader.render_to_string("shuup/gdpr/gdpr_consent.jinja",
                                context=render_context))
    add_resource(context, "body_end", html_resource)
    add_resource(context, "body_end", static("shuup_gdpr/shuup_gdpr.js"))
Exemplo n.º 2
0
def add_gdpr_consent_resources(context, content):
    if not valid_view(context):
        return

    request = context["request"]
    shop = get_shop(request)
    gdpr_settings = GDPRSettings.get_for_shop(shop)

    # GDPR not enabled, nothing to do
    if not gdpr_settings.enabled:
        return

    # always add styles
    add_resource(context, "head_end", static("shuup-gdpr.css"))

    user = request.user
    if not user.is_anonymous() and should_reconsent_privacy_policy(shop, user):
        consent_page = get_privacy_policy_page(shop)
        render_context = {
            "request": request,
            "csrf_token": context["csrf_token"],
            "url": "/%s" % consent_page.url,
            "accept_url": reverse("shuup:gdpr_policy_consent", kwargs=dict(page_id=consent_page.id))
        }
        update_resource = InlineMarkupResource(
            loader.render_to_string("shuup/gdpr/privacy_policy_update.jinja", context=render_context)
        )
        add_resource(context, "body_end", update_resource)

    # consent already added
    if settings.SHUUP_GDPR_CONSENT_COOKIE_NAME in request.COOKIES:
        return

    gdpr_documents = []
    if has_installed("shuup.simple_cms"):
        gdpr_documents = get_active_consent_pages(shop)

    render_context = {
        "request": request,
        "csrf_token": context["csrf_token"],
        "gdpr_settings": gdpr_settings,
        "gdpr_documents": gdpr_documents,
        "gdpr_cookie_categories": GDPRCookieCategory.objects.filter(shop=shop)
    }
    html_resource = InlineMarkupResource(
        loader.render_to_string("shuup/gdpr/gdpr_consent.jinja", context=render_context)
    )
    add_resource(context, "body_end", html_resource)
    add_resource(context, "body_end", static("shuup-gdpr.js"))
Exemplo n.º 3
0
def test_consent_required(rf):
    activate("en")
    shop = factories.get_default_shop()
    user = factories.create_random_user()
    page = ensure_gdpr_privacy_policy(shop)
    assert page

    gdpr_settings = GDPRSettings.get_for_shop(shop)
    assert not gdpr_settings.enabled
    assert gdpr_settings.privacy_policy_page == page

    assert not should_reconsent_privacy_policy(shop, user)
    assert is_documents_consent_in_sync(shop, user)  # settings not enabled

    assert page in get_possible_consent_pages(shop)

    # enable gpdr
    gdpr_settings.enabled = True
    gdpr_settings.save()
    assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop)
    assert not is_documents_consent_in_sync(shop, user)

    # create revisioned page
    hidden_page = Page.objects.create(shop=shop, available_from=None)
    assert hidden_page not in Page.objects.visible(shop=shop)
    assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop)
    assert hidden_page in get_possible_consent_pages(shop)

    with reversion.create_revision():
        page.save()

    create_user_consent_for_all_documents(shop, user)
    assert GDPRUserConsent.objects.filter(user=user, shop=shop).count() == 1

    consent = GDPRUserConsent.objects.get(user=user, shop=shop)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible

    with reversion.create_revision():
        page.save()

    # add a new (visible) page
    available_page = Page.objects.create(shop=shop, available_from=now())
    assert available_page in Page.objects.visible(shop=shop)

    create_user_consent_for_all_documents(shop, user)
    consent = GDPRUserConsent.objects.get(user=user, shop=shop)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible
    assert available_page not in pages  # not there due defined in settings
    assert available_page in get_possible_consent_pages(shop)
    assert available_page not in get_active_consent_pages(shop)

    gdpr_settings.consent_pages.add(available_page)
    gdpr_settings.refresh_from_db()
    assert gdpr_settings.privacy_policy_page
    assert gdpr_settings.consent_pages.count() == 1

    assert available_page in get_active_consent_pages(shop)

    assert consent.documents.count() == 1
    create_user_consent_for_all_documents(shop, user)
    consent = GDPRUserConsent.objects.get(user=user, shop=shop)
    assert consent.documents.count() == 2

    assert is_documents_consent_in_sync(shop, user)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible
    assert available_page in pages
Exemplo n.º 4
0
def test_consent_required(rf):
    activate("en")
    shop = factories.get_default_shop()
    user = factories.create_random_user()
    page = ensure_gdpr_privacy_policy(shop)
    assert page

    gdpr_settings = GDPRSettings.get_for_shop(shop)
    assert not gdpr_settings.enabled
    assert gdpr_settings.privacy_policy_page == page

    assert not should_reconsent_privacy_policy(shop, user)
    assert is_documents_consent_in_sync(shop, user)  # settings not enabled

    assert page in get_possible_consent_pages(shop)

    # enable gpdr
    gdpr_settings.enabled = True
    gdpr_settings.save()
    assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop)
    assert not is_documents_consent_in_sync(shop, user)

    # create revisioned page
    hidden_page = Page.objects.create(shop=shop, available_from=None)
    assert hidden_page not in Page.objects.visible(shop=shop)
    assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop)
    assert hidden_page in get_possible_consent_pages(shop)

    with reversion.create_revision():
        page.save()

    create_user_consent_for_all_documents(shop, user)
    assert GDPRUserConsent.objects.filter(user=user, shop=shop).count() == 1

    consent = GDPRUserConsent.objects.get(user=user, shop=shop)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible

    with reversion.create_revision():
        page.save()

    # add a new (visible) page
    available_page = Page.objects.create(shop=shop, available_from=now())
    assert available_page in Page.objects.visible(shop=shop)

    create_user_consent_for_all_documents(shop, user)
    consent = GDPRUserConsent.objects.get(user=user, shop=shop)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible
    assert available_page not in pages  # not there due defined in settings
    assert available_page in get_possible_consent_pages(shop)
    assert available_page not in get_active_consent_pages(shop)

    gdpr_settings.consent_pages.add(available_page)
    gdpr_settings.refresh_from_db()
    assert gdpr_settings.privacy_policy_page
    assert gdpr_settings.consent_pages.count() == 1

    assert available_page in get_active_consent_pages(shop)

    assert consent.documents.count() == 1
    create_user_consent_for_all_documents(shop, user)
    consent = GDPRUserConsent.objects.get(user=user, shop=shop)
    assert consent.documents.count() == 2

    assert is_documents_consent_in_sync(shop, user)

    pages = [c.page for c in consent.documents.all()]
    assert page in pages
    assert hidden_page not in pages  # not there due not visible
    assert available_page in pages