Skip to content

Commit

Permalink
GDPR request for erasure and recreate prevention (#2602)
Browse files Browse the repository at this point in the history
  • Loading branch information
@epipav
epipav authored Sep 5, 2024
1 parent 487407b commit 59ae729
Show file tree
Hide file tree
Showing 4 changed files with 83 additions and 0 deletions.
Empty file added backend/src/database/migrations/U1725465684__createRequestedForErasureMemberIdentities.sql
View file
Empty file.
12 changes: 12 additions & 0 deletions backend/src/database/migrations/V1725465684__createRequestedForErasureMemberIdentities.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
create table public."requestedForErasureMemberIdentities" (
"id" uuid,
platform text not null,
value text not null,
"createdAt" timestamp with time zone default now() not null,
"updatedAt" timestamp with time zone default now() not null,
type varchar(255) not null,
primary key ("id")
);
create index ix_requested_for_erasure_memberidentities_platform_value_type on public."requestedForErasureMemberIdentities" (platform, value, type);
create index idx_requested_for_erasure_memberidentities_lower_value on public."requestedForErasureMemberIdentities" (lower(value));
create index ix_requested_for_erasure_memberidentities_platform_lowervalue_type on public."requestedForErasureMemberIdentities" (platform, lower(value), type);
26 changes: 26 additions & 0 deletions services/apps/data_sink_worker/src/service/activity.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import GitlabReposRepository from '@crowd/data-access-layer/src/old/apps/data_si
import IntegrationRepository from '@crowd/data-access-layer/src/old/apps/data_sink_worker/repo/integration.repo'
import MemberRepository from '@crowd/data-access-layer/src/old/apps/data_sink_worker/repo/member.repo'
import SettingsRepository from '@crowd/data-access-layer/src/old/apps/data_sink_worker/repo/settings.repo'
import RequestedForErasureMemberIdentitiesRepository from '@crowd/data-access-layer/src/old/apps/data_sink_worker/repo/requestedForErasureMemberIdentities.repo'
import { Unleash } from '@crowd/feature-flags'
import { Logger, LoggerBase, getChildLogger } from '@crowd/logging'
import { RedisClient } from '@crowd/redis'
Expand Down Expand Up @@ -457,6 +458,31 @@ export default class ActivityService extends LoggerBase {
}
}

const repo = new RequestedForErasureMemberIdentitiesRepository(this.store, this.log)

// check if member or object member have identities that were requested to be erased by the user
if (member && member.identities.length > 0) {
const erased = await repo.someIdentitiesWereErasedByUserRequest(member.identities)
if (erased) {
this.log.warn(
{ memberIdentities: member.identities },
'Member has identities that were requested to be erased by the user! Skipping activity processing!',
)
return
}
}

if (objectMember && objectMember.identities.length > 0) {
const erased = await repo.someIdentitiesWereErasedByUserRequest(objectMember.identities)
if (erased) {
this.log.warn(
{ objectMemberIdentities: objectMember.identities },
'Object member has identities that were requested to be erased by the user! Skipping activity processing!',
)
return
}
}

let memberId: string
let objectMemberId: string | undefined
let activityId: string
Expand Down
45 changes: 45 additions & 0 deletions ...cess-layer/src/old/apps/data_sink_worker/repo/requestedForErasureMemberIdentities.repo.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
import { DbStore, RepositoryBase } from '@crowd/database'
import { Logger } from '@crowd/logging'
import { IMemberIdentity } from '@crowd/types'

export default class RequestedForErasureMemberIdentitiesRepository extends RepositoryBase<RequestedForErasureMemberIdentitiesRepository> {
constructor(store: DbStore, parentLog: Logger) {
super(store, parentLog)
}

public async someIdentitiesWereErasedByUserRequest(
identities: IMemberIdentity[],
): Promise<boolean | null> {
if (identities.length === 0) {
return false
}

for (const identity of identities) {
const wasRequested = await this.wasIdentityRequestedForErasure(identity)
if (wasRequested && wasRequested.id) {
return true
}
}

return false
}

private async wasIdentityRequestedForErasure(
identity: IMemberIdentity,
): Promise<{ id: string } | null> {
return await this.db().oneOrNone(
`select r.id from "requestedForErasureMemberIdentities" r
where
r.platform = $(platform) and
r.type = $(type) and
lower(r.value) = $(value)
limit 1
`,
{
platform: identity.platform,
type: identity.type,
value: identity.value.toLowerCase(),
},
)
}
}

0 comments on commit 59ae729

Please sign in to comment.