def get_fields(self, **kwargs): request = kwargs.get("request", None) gdpr_settings = get_gdpr_settings(request) if not gdpr_settings: return [] user_consent = None if request.user.is_authenticated(): user_consent = GDPRUserConsent.get_for_user( request.user, request.shop) fields = [] for page in get_active_consent_pages(request.shop): # user already has consented to this page, ignore it if user_consent and not user_consent.should_reconsent_to_page( page): continue key = "accept_{}".format(page.id) field = forms.BooleanField(label=mark_safe( ugettext( "I have read and accept the <a href='{}' target='_blank' class='gdpr_consent_doc_check'>{}</a>" ).format(reverse("shuup:cms_page", kwargs=dict(url=page.url)), page.title)), required=True, error_messages=dict( required=self.error_message)) definition = FormFieldDefinition(name=key, field=field) fields.append(definition) return fields
def post(self, request, *args, **kwargs): shop = request.shop cookie_categories = list( GDPRCookieCategory.objects.filter(shop=shop, always_active=True)) for field, value in request.POST.items(): field_match = re.match(COOKIE_CONSENT_RE, field) if field_match and value.lower() in ["on", "1"]: cookie_category = GDPRCookieCategory.objects.filter( shop=shop, id=field_match.groups()[0]).first() if cookie_category: cookie_categories.append(cookie_category) consent_documents = [] if has_installed("shuup.simple_cms"): consent_documents = get_active_consent_pages(shop) cookie_data = get_cookie_consent_data(cookie_categories, consent_documents) if request.META.get("HTTP_REFERER"): redirect_url = request.META["HTTP_REFERER"] else: redirect_url = force_text(reverse("shuup:index")) response = HttpResponseRedirect(redirect_url) add_consent_to_response_cookie(response, cookie_data) return response
def post(self, request, *args, **kwargs): shop = request.shop cookie_categories = list(GDPRCookieCategory.objects.filter(shop=shop, always_active=True)) for field, value in request.POST.items(): field_match = re.match(COOKIE_CONSENT_RE, field) if field_match and value.lower() in ["on", "1"]: cookie_category = GDPRCookieCategory.objects.filter(shop=shop, id=field_match.groups()[0]).first() if cookie_category: cookie_categories.append(cookie_category) consent_documents = [] if has_installed("shuup.simple_cms"): consent_documents = get_active_consent_pages(shop) cookie_data = get_cookie_consent_data(cookie_categories, consent_documents) if request.META.get("HTTP_REFERER"): redirect_url = request.META["HTTP_REFERER"] else: redirect_url = force_text(reverse("shuup:index")) response = HttpResponseRedirect(redirect_url) add_consent_to_response_cookie(response, cookie_data) return response
def get_fields(self, **kwargs): request = kwargs.get("request", None) if not has_installed("shuup.gdpr") or not request: return [] gdpr_settings = GDPRSettings.get_for_shop(request.shop) if not gdpr_settings.enabled: return [] fields = [] for page in get_active_consent_pages(request.shop): key = "accept_{}".format(page.id) field = forms.BooleanField( label=_("I have read and accept the {}").format(page.title), required=True, help_text=_("Read the <a href='{}' target='_blank'>{}</a>.").format( reverse("shuup:cms_page", kwargs=dict(url=page.url)), page.title ), error_messages=dict(required=self.error_message) ) definition = FormFieldDefinition(name=key, field=field) fields.append(definition) return fields
def add_gdpr_consent_resources(context, content): if not valid_view(context): return request = context["request"] shop = get_shop(request) gdpr_settings = GDPRSettings.get_for_shop(shop) # GDPR not enabled, nothing to do if not gdpr_settings.enabled: return # always add styles add_resource(context, "head_end", static("shuup_gdpr/shuup_gdpr_styles.css")) user = request.user if not user.is_anonymous() and should_reconsent_privacy_policy(shop, user): consent_page = get_privacy_policy_page(shop) render_context = { "request": request, "csrf_token": context["csrf_token"], "url": "/%s" % consent_page.url, "accept_url": reverse("shuup:gdpr_policy_consent", kwargs=dict(page_id=consent_page.id)) } update_resource = InlineMarkupResource( loader.render_to_string("shuup/gdpr/privacy_policy_update.jinja", context=render_context)) add_resource(context, "body_end", update_resource) # consent already added if settings.SHUUP_GDPR_CONSENT_COOKIE_NAME in request.COOKIES: return gdpr_documents = [] if has_installed("shuup.simple_cms"): gdpr_documents = get_active_consent_pages(shop) render_context = { "request": request, "csrf_token": context["csrf_token"], "gdpr_settings": gdpr_settings, "gdpr_documents": gdpr_documents, "gdpr_cookie_categories": GDPRCookieCategory.objects.filter(shop=shop) } html_resource = InlineMarkupResource( loader.render_to_string("shuup/gdpr/gdpr_consent.jinja", context=render_context)) add_resource(context, "body_end", html_resource) add_resource(context, "body_end", static("shuup_gdpr/shuup_gdpr.js"))
def should_reconsent(self, shop, user): consent_pages_ids = set([page.id for page in get_active_consent_pages(shop)]) page_ids = set([doc.page.id for doc in self.documents.all()]) if consent_pages_ids != page_ids: return True # all matches, check versions for consent_document in self.documents.all(): version = Version.objects.get_for_object(consent_document.page).first() if consent_document.version != version: return True return False
def add_gdpr_consent_resources(context, content): if not valid_view(context): return request = context["request"] shop = get_shop(request) gdpr_settings = GDPRSettings.get_for_shop(shop) # GDPR not enabled, nothing to do if not gdpr_settings.enabled: return # always add styles add_resource(context, "head_end", static("shuup-gdpr.css")) user = request.user if not user.is_anonymous() and should_reconsent_privacy_policy(shop, user): consent_page = get_privacy_policy_page(shop) render_context = { "request": request, "csrf_token": context["csrf_token"], "url": "/%s" % consent_page.url, "accept_url": reverse("shuup:gdpr_policy_consent", kwargs=dict(page_id=consent_page.id)) } update_resource = InlineMarkupResource( loader.render_to_string("shuup/gdpr/privacy_policy_update.jinja", context=render_context) ) add_resource(context, "body_end", update_resource) # consent already added if settings.SHUUP_GDPR_CONSENT_COOKIE_NAME in request.COOKIES: return gdpr_documents = [] if has_installed("shuup.simple_cms"): gdpr_documents = get_active_consent_pages(shop) render_context = { "request": request, "csrf_token": context["csrf_token"], "gdpr_settings": gdpr_settings, "gdpr_documents": gdpr_documents, "gdpr_cookie_categories": GDPRCookieCategory.objects.filter(shop=shop) } html_resource = InlineMarkupResource( loader.render_to_string("shuup/gdpr/gdpr_consent.jinja", context=render_context) ) add_resource(context, "body_end", html_resource) add_resource(context, "body_end", static("shuup-gdpr.js"))
def should_reconsent(self, shop, user): consent_pages_ids = set( [page.id for page in get_active_consent_pages(shop)]) page_ids = set([doc.page.id for doc in self.documents.all()]) if consent_pages_ids != page_ids: return True # all matches, check versions for consent_document in self.documents.all(): version = Version.objects.get_for_object( consent_document.page).first() if consent_document.version != version: return True return False
def get_fields(self, **kwargs): request = kwargs.get("request", None) gdpr_settings = get_gdpr_settings(request) if not gdpr_settings: return [] fields = [] for page in get_active_consent_pages(request.shop): key = "accept_{}".format(page.id) field = forms.BooleanField(label=mark_safe( ugettext( "I have read and accept the <a href='{}' target='_blank' class='gdpr_consent_doc_check'>{}</a>" ).format(reverse("shuup:cms_page", kwargs=dict(url=page.url)), page.title)), required=True, error_messages=dict( required=self.error_message)) definition = FormFieldDefinition(name=key, field=field) fields.append(definition) return fields
def get_fields(self, **kwargs): request = kwargs.get("request", None) if not has_installed("shuup.gdpr") or not request: return [] gdpr_settings = GDPRSettings.get_for_shop(request.shop) if not gdpr_settings.enabled: return [] fields = [] for page in get_active_consent_pages(request.shop): key = "accept_{}".format(page.id) field = forms.BooleanField( label=mark_safe(ugettext( "I have read and accept the <a href='{}' target='_blank' class='gdpr_consent_doc_check'>{}</a>" ).format(reverse("shuup:cms_page", kwargs=dict(url=page.url)), page.title)), required=True, error_messages=dict(required=self.error_message) ) definition = FormFieldDefinition(name=key, field=field) fields.append(definition) return fields
def get_documents(self, request, **kwargs): return get_active_consent_pages(request.shop)
def test_consent_required(rf): activate("en") shop = factories.get_default_shop() user = factories.create_random_user() page = ensure_gdpr_privacy_policy(shop) assert page gdpr_settings = GDPRSettings.get_for_shop(shop) assert not gdpr_settings.enabled assert gdpr_settings.privacy_policy_page == page assert not should_reconsent_privacy_policy(shop, user) assert is_documents_consent_in_sync(shop, user) # settings not enabled assert page in get_possible_consent_pages(shop) # enable gpdr gdpr_settings.enabled = True gdpr_settings.save() assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop) assert not is_documents_consent_in_sync(shop, user) # create revisioned page hidden_page = Page.objects.create(shop=shop, available_from=None) assert hidden_page not in Page.objects.visible(shop=shop) assert gdpr_settings.privacy_policy_page == get_privacy_policy_page(shop) assert hidden_page in get_possible_consent_pages(shop) with reversion.create_revision(): page.save() create_user_consent_for_all_documents(shop, user) assert GDPRUserConsent.objects.filter(user=user, shop=shop).count() == 1 consent = GDPRUserConsent.objects.get(user=user, shop=shop) pages = [c.page for c in consent.documents.all()] assert page in pages assert hidden_page not in pages # not there due not visible with reversion.create_revision(): page.save() # add a new (visible) page available_page = Page.objects.create(shop=shop, available_from=now()) assert available_page in Page.objects.visible(shop=shop) create_user_consent_for_all_documents(shop, user) consent = GDPRUserConsent.objects.get(user=user, shop=shop) pages = [c.page for c in consent.documents.all()] assert page in pages assert hidden_page not in pages # not there due not visible assert available_page not in pages # not there due defined in settings assert available_page in get_possible_consent_pages(shop) assert available_page not in get_active_consent_pages(shop) gdpr_settings.consent_pages.add(available_page) gdpr_settings.refresh_from_db() assert gdpr_settings.privacy_policy_page assert gdpr_settings.consent_pages.count() == 1 assert available_page in get_active_consent_pages(shop) assert consent.documents.count() == 1 create_user_consent_for_all_documents(shop, user) consent = GDPRUserConsent.objects.get(user=user, shop=shop) assert consent.documents.count() == 2 assert is_documents_consent_in_sync(shop, user) pages = [c.page for c in consent.documents.all()] assert page in pages assert hidden_page not in pages # not there due not visible assert available_page in pages