This is an automated email from the git hooks/post-receive script. New commit to branch feature/april in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git commit 471c39252e3d9a26ec2545047cd65eb6866818fb Author: jcouteau <couteau@codelutin.com> Date: Wed Sep 19 17:17:17 2018 +0200 fixes #210 - Prendre en compte la RGPD --- docs/config.md | 4 +++- .../chorem/pollen/persistence/entity/VoteTopiaDao.java | 7 +++++-- .../rest/api/PollenRestApiApplicationListener.java | 14 +++++++------- pollen-services/src/main/config/PollenServices.ini | 14 ++++++++++---- .../{RGPDPurgeJob.java => AnonymizeOlderVoteJob.java} | 6 +++--- .../org/chorem/pollen/services/service/VoteService.java | 7 +++++-- .../resources/i18n/pollen-services_en_GB.properties | 2 ++ .../resources/i18n/pollen-services_fr_FR.properties | 2 ++ .../src/main/web/tag/poll/EditVote.tag.html | 17 +---------------- .../src/main/web/tag/poll/EditVoteOrder.tag.html | 16 ++++++++++++++++ 10 files changed, 54 insertions(+), 35 deletions(-) diff --git a/docs/config.md b/docs/config.md index 460001b1..29b02eea 100644 --- a/docs/config.md +++ b/docs/config.md @@ -113,7 +113,9 @@ Si le mail reçu provient d’un retour d’une invitation à un sondage, il ser | pollen.default.maxVoters | Nombre maximum de votes pris en compte pour de sondage standard (0 : pas de limite) | Numérique | 0 | | pollen.default.userConnectedRequired | Seul les utilisateurs connectés peuvent accéder à l'application | Booléen | false | | pollen.default.usersCanCreatePoll | Quels utilisateurs peuvent créer des sondages | All_USERS, USERS_CONNECTED ou USERS_SELECTED | All_USERS | -| pollen.deleteObsoleteSessionTokensCronSchedule | Intervalle entre deux lancements de la suppression des tokens de session obsolètes | CRON | 0 0/5 * * * ? | +| pollen.deleteObsoleteSessionTokensCronSchedule | Intervalle entre deux lancements de la suppression des tokens de session obsolètes | CRON | 0 0/5 * * * ? | +| pollen.anonymizeOlderVotesCronSchedule | Intervalle entre deux lancements de l'anonymisation des anciens votes | CRON | 0 0 0 * * ? | + Site public ----------- diff --git a/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/VoteTopiaDao.java b/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/VoteTopiaDao.java index fe53c91f..bf627b6a 100644 --- a/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/VoteTopiaDao.java +++ b/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/VoteTopiaDao.java @@ -29,6 +29,8 @@ import java.util.List; public class VoteTopiaDao extends AbstractVoteTopiaDao<Vote> { + public static final String ANONYMOUS_NAME = "?"; + public List<Vote> findAll(Poll poll) { return forPollEquals(poll) @@ -57,16 +59,17 @@ public class VoteTopiaDao extends AbstractVoteTopiaDao<Vote> { Vote.PROPERTY_TOPIA_CREATE_DATE, since).findAll(); } - public List<Vote> findAllOldVotes() { + public List<Vote> findAllOldVotes(int age) { HqlAndParametersBuilder<Vote> builder = new HqlAndParametersBuilder<>(Vote.class); Calendar cal = Calendar.getInstance(); - cal.add(Calendar.YEAR, -2); + cal.add(Calendar.SECOND, -1*age); Date twoYearsAgo = cal.getTime(); builder.addLowerThan(Vote.PROPERTY_TOPIA_CREATE_DATE, twoYearsAgo); builder.addNotNull(Vote.PROPERTY_VOTER+"."+PollenPrincipal.PROPERTY_POLLEN_USER); + builder.addNotEquals(Vote.PROPERTY_VOTER+"."+PollenPrincipal.PROPERTY_POLLEN_USER, ANONYMOUS_NAME); List<Vote> oldVotes = findAll(builder.getHql(), builder.getHqlParameters()); return oldVotes; diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiApplicationListener.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiApplicationListener.java index 240198bc..e81186d7 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiApplicationListener.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiApplicationListener.java @@ -43,7 +43,7 @@ import org.chorem.pollen.services.config.PollenServicesConfig; import org.chorem.pollen.services.job.AbstractPollenJob; import org.chorem.pollen.services.job.CheckMailBoxJob; import org.chorem.pollen.services.job.DeleteObsoleteSessionTokensJob; -import org.chorem.pollen.services.job.RGPDPurgeJob; +import org.chorem.pollen.services.job.AnonymizeOlderVoteJob; import org.chorem.pollen.services.job.SendEmailInErrorsJob; import org.chorem.pollen.services.job.SendPollEndReminderJob; import org.quartz.CronScheduleBuilder; @@ -128,9 +128,9 @@ public class PollenRestApiApplicationListener implements ServletContextListener .withIdentity("checkMailBoxJob", "pollenJobs") .build(); - JobDetail rgpdPurgeJob = JobBuilder.newJob(RGPDPurgeJob.class) + JobDetail anonymizeOlderVotesJob = JobBuilder.newJob(AnonymizeOlderVoteJob.class) .usingJobData(data) - .withIdentity("rgpdPurgeJob", "pollenJobs") + .withIdentity("anonymizeOlderVotesJob", "pollenJobs") .build(); try { @@ -176,13 +176,13 @@ public class PollenRestApiApplicationListener implements ServletContextListener scheduler.scheduleJob(checkMailBoxJob, checkMailBoxTrigger); // schedule rgpd purge - Trigger rgpdPurgeTrigger = TriggerBuilder + Trigger anonymizeOlderVotesTrigger = TriggerBuilder .newTrigger() - .withIdentity("rgpdPurgeTrigger", "pollenTriggers") - .withSchedule(CronScheduleBuilder.cronSchedule(applicationConfig.getRgpdPurgeCronSchedule())) + .withIdentity("anonymizeOlderVotesTrigger", "pollenTriggers") + .withSchedule(CronScheduleBuilder.cronSchedule(applicationConfig.getAnonymizeOlderVotesCronSchedule())) .build(); - scheduler.scheduleJob(rgpdPurgeJob, rgpdPurgeTrigger); + scheduler.scheduleJob(anonymizeOlderVotesJob, anonymizeOlderVotesTrigger); scheduler.start(); diff --git a/pollen-services/src/main/config/PollenServices.ini b/pollen-services/src/main/config/PollenServices.ini index 585db685..6cdba5d4 100644 --- a/pollen-services/src/main/config/PollenServices.ini +++ b/pollen-services/src/main/config/PollenServices.ini @@ -218,8 +218,14 @@ key = pollen.deleteObsoleteSessionTokensCronSchedule type = string defaultValue = "0 0/5 * * * ?" -[option rgpdPurgeCronSchedule] -description = pollen.configuration.rpgdPurgeCronSchedule -key = pollen.rgpdPurgeCronSchedule +[option anonymizeOlderVotesCronSchedule] +description = pollen.configuration.anonymizeOlderVotesCronSchedule +key = pollen.anonymizeOlderVotesCronSchedule type = string -defaultValue = "0 0 0 * * ?" \ No newline at end of file +defaultValue = "0 0 0 * * ?" + +[option anonymizeOlderVotesAge] +description = pollen.configuration.anonymizeOlderVotesAge +key = pollen.anonymizeOlderVotesAge +type = int +defaultValue = 63072000 \ No newline at end of file diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/job/RGPDPurgeJob.java b/pollen-services/src/main/java/org/chorem/pollen/services/job/AnonymizeOlderVoteJob.java similarity index 68% rename from pollen-services/src/main/java/org/chorem/pollen/services/job/RGPDPurgeJob.java rename to pollen-services/src/main/java/org/chorem/pollen/services/job/AnonymizeOlderVoteJob.java index 41e95628..f2e3176b 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/job/RGPDPurgeJob.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/job/AnonymizeOlderVoteJob.java @@ -6,15 +6,15 @@ import org.chorem.pollen.services.service.VoteService; import org.quartz.DisallowConcurrentExecution; @DisallowConcurrentExecution -public class RGPDPurgeJob extends AbstractPollenJob { +public class AnonymizeOlderVoteJob extends AbstractPollenJob { - private static final Log log = LogFactory.getLog(CheckMailBoxJob.class); + private static final Log log = LogFactory.getLog(AnonymizeOlderVoteJob.class); @Override public void execute() { if (log.isDebugEnabled()) { - log.debug("Start job to anonymize old votes (RGPD)"); + log.debug("Start job to anonymize old votes"); } VoteService voteService = newService(VoteService.class); diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/VoteService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/VoteService.java index ed703bb5..0f780f74 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/VoteService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/VoteService.java @@ -43,6 +43,7 @@ import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.bean.ReportResumeBean; import org.chorem.pollen.services.bean.VoteBean; import org.chorem.pollen.services.bean.VoteToChoiceBean; +import org.chorem.pollen.services.config.PollenServicesConfig; import org.chorem.pollen.services.service.security.PollenPermissions; import org.chorem.pollen.votecounting.VoteCounting; import org.chorem.pollen.votecounting.model.VoteCountingConfig; @@ -546,8 +547,10 @@ public class VoteService extends PollenServiceSupport { PollenPrincipalTopiaDao principalDao = getPollenPrincipalDao(); VoteTopiaDao voteDao = getVoteDao(); + + PollenServicesConfig applicationConfig = getPollenServiceConfig(); - List<Vote> votesToAnon = voteDao.findAllOldVotes(); + List<Vote> votesToAnon = voteDao.findAllOldVotes(applicationConfig.getAnonymizeOlderVotesAge()); List<PollenPrincipal> principalsToSave = new ArrayList<>(); List<Vote> votesToSave = new ArrayList<>(); @@ -557,7 +560,7 @@ public class VoteService extends PollenServiceSupport { //Ceinture-bretelles, on vérifie bien que aucun user est lié, // même si ça devrait jamais être le cas if (principal.getPollenUser() != null) { - principal.setName("?"); + principal.setName(VoteTopiaDao.ANONYMOUS_NAME); principalsToSave.add(principal); vote.setAnonymous(true); votesToSave.add(vote); diff --git a/pollen-services/src/main/resources/i18n/pollen-services_en_GB.properties b/pollen-services/src/main/resources/i18n/pollen-services_en_GB.properties index 15abe9c9..49f01d06 100644 --- a/pollen-services/src/main/resources/i18n/pollen-services_en_GB.properties +++ b/pollen-services/src/main/resources/i18n/pollen-services_en_GB.properties @@ -1,4 +1,6 @@ PollenServicesConfig.description=Pollen Backend configuration +pollen.configuration.anonymizeOlderVotesAge=Minimum age of anonymized votes (in seconds). Older votes gets anonymized +pollen.configuration.anonymizeOlderVotesCronSchedule=Time between two vote anonymisation cron jobs pollen.configuration.data.directory=Directory where Pollen stores his data pollen.configuration.defaultCommentNotification=Default notification type for the comments of a poll pollen.configuration.defaultCommentVisibility=Default comment visibility diff --git a/pollen-services/src/main/resources/i18n/pollen-services_fr_FR.properties b/pollen-services/src/main/resources/i18n/pollen-services_fr_FR.properties index 11df2f24..b21fddcf 100644 --- a/pollen-services/src/main/resources/i18n/pollen-services_fr_FR.properties +++ b/pollen-services/src/main/resources/i18n/pollen-services_fr_FR.properties @@ -1,4 +1,6 @@ PollenServicesConfig.description=Configuration du backend de Pollen +pollen.configuration.anonymizeOlderVotesAge=Age minimum des votes anonymisés (en secondes). Les votes plus agés sont anonymisés +pollen.configuration.anonymizeOlderVotesCronSchedule=Intervalle entre deux lancements de l'anonymisation des anciens votes pollen.configuration.data.directory=Répertoire de données de l'application pollen.configuration.defaultCommentNotification=Type de notification par défaut pour les commentaires pollen.configuration.defaultCommentVisibility=Visibilité des commentaires par défaut diff --git a/pollen-ui-riot-js/src/main/web/tag/poll/EditVote.tag.html b/pollen-ui-riot-js/src/main/web/tag/poll/EditVote.tag.html index ca6c685a..a387c43f 100644 --- a/pollen-ui-riot-js/src/main/web/tag/poll/EditVote.tag.html +++ b/pollen-ui-riot-js/src/main/web/tag/poll/EditVote.tag.html @@ -122,8 +122,6 @@ <div class="o-form-element" if={!session.isConnected()}> <label class="c-field c-field--choice gtu-validation"> <input type="checkbox" - onchange="{onRgpdAccepted}" - ref="rgpdCheckbox" required> {_t.validation_before} <a class="c-link" @@ -141,7 +139,7 @@ type="submit" name="newVote" tabindex="{(poll.choices.length + 1) * 10}" - disabled={tooManyChoicesSelected || remainPoints || voting || (!rgpdAccepted && !session.isConnected())}> + disabled={tooManyChoicesSelected || remainPoints || voting}> <i class="fa fa-envelope"></i> {_t.toVote} </button> @@ -294,19 +292,6 @@ this.update(); }; - this.onRgpdAccepted = () => { - if (session.isConnected()) { - this.rgpdAccepted = true; - } else { - let input = this.refs.rgpdCheckbox; - if (!input) { - this.rgpdAccepted = false; - } else { - this.rgpdAccepted = input.checked; - } - } - }; - this.resetVoteForm = () => { if (this.poll.canVote) { this.refs.voterName.value = null; diff --git a/pollen-ui-riot-js/src/main/web/tag/poll/EditVoteOrder.tag.html b/pollen-ui-riot-js/src/main/web/tag/poll/EditVoteOrder.tag.html index bbdf5ccd..3d11cf8e 100644 --- a/pollen-ui-riot-js/src/main/web/tag/poll/EditVoteOrder.tag.html +++ b/pollen-ui-riot-js/src/main/web/tag/poll/EditVoteOrder.tag.html @@ -105,6 +105,21 @@ </div> </div> </Draggable> + + <div class="o-form-element" if={!session.isConnected()}> + <label class="c-field c-field--choice gtu-validation"> + <input type="checkbox" + required> + {_t.validation_before} + <a class="c-link" + href="{session.configuration.endPoint}/v1/gtu" + target="_blank"> + {_t.validation_link} + </a> + {_t.validation_after} + </label> + + </div> </form> </div> @@ -115,6 +130,7 @@ import poll from "../../js/Poll.js"; this.loaded = false; + this.session = session; this.moment = moment; this.installBundle(session, "poll_votes"); -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.