OCA
/
data-protection
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
54 Commits
10 Branches
0 Tags
1.3 MiB
Tree: 93634208bb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '93634208bb'
${ noResults }
data-protection/privacy_consent/models/privacy_consent.py

186 lines
5.9 KiB
Raw Normal View History

privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migration to 14.0
3 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migration to 14.0
3 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migration to 14.0
3 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Separate automated emails send process Before https://github.com/OCA/data-protection/pull/29 there was a race condition where an email could be sent while the same transaction that created the `privacy.consent` record still wasn't committed, producing a 404 error if the user clicked on "Accept" or "Reject" before all mails were sent. To avoid that, a raw `cr.commit()` was issued, but this produced another situation where the user had to wait until the full email queue is cleared to get his page loaded. It wasn't an error, but a long queue meant several minutes waiting, and it's ulikely that an average human is so patient. So, here's the final fix (I hope!). The main problem was that I was looking in the wrong place to send the email. It turns out that the `self.post_message_with_template()` method is absolutely helpless in the case at hand, where these criteria must be met: * E-mail must be enqueued, no matter if there are less or more than 50 consents to send. * The template must be processed per record. * In an ideal world, a `cr.commit()` must be issued after each sent mail. The metod that was being used: * Didn't allow to use `auto_commit` mode. * Only allowed to render the template per record if called with `composition_mode="mass_mail"`. * Only allowed to enqueue emails if called with `composition_mode="mass_post"`. Obviously, I cannot set 2 different values for `composition_mode`, so a different strategy had to be used. I discovered that the `mail.template` model has a helpful method called `send_mail()` that, by default: * Renders the template per record * Enqueues the email * The email queue is cleared in `auto_commit=True` mode. So, from now on, problems are gone: * The user click, or the cron run, will just generate the missing `privacy.consent` records and enqueue mails for them. * The mail queue manager will send them later, in `auto_commit` mode. * After sending the e-mail, this module will set the `privacy.consent` record as `sent`. * Thanks to *not* sending the email, the process the user faces when he hits the "generate" button is faster. * Instructions in the README and text in the "generate" button are updated to reflect this new behavior. * Thanks to the `auto_commit` feature, if Odoo is rebooted in the middle of a mail queue clearance, the records that were sent remain properly marked as sent, and the missing mails will be sent after the next boot. * No hardcoded commits. * No locked transactions. * BTW I discovered that 2 different emails were created when creating a new consent. I started using `mail_create_nolog=True` to avoid that problem and only log a single creation message. Note to self: never use again `post_message_with_template()`.
6 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migration to 14.0
3 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migrate to v12 - Partner's `opt_out` no longer exists. Using `mail.blacklist` now. - Tests updated to support that change. - Test workarounds removed. - Duplicated-field-name-in-model warning removed. - Use create multi where possible.
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
[MIG] privacy_consent: Migrate to v12 - Partner's `opt_out` no longer exists. Using `mail.blacklist` now. - Tests updated to support that change. - Test workarounds removed. - Duplicated-field-name-in-model warning removed. - Use create multi where possible.
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
!squash [MIG] privacy_consent: Migrate to v12 Co-Authored-By: Alexandre Díaz <alexandre.diaz@tecnativa.com>
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migration to 14.0
3 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[FIX] privacy_consent: make it work, basically Some little nasty details were overlooked in the v12 migration, which rendered the module basically useless: - The wizard used to ask for consent in manual activities did not fill the placeholders, resulting in an awkward UX. - The sent mails **did not have the token** to authenticate and actually allow accepting or rejecting. These buttons returned a 500 error. - Once the token is added, the form was ugly. - Sadly, some tests were testing the how and not the what. It is understandable due to the complexity of testing the what, even more without the `Form` utility, new on v12. These are fixed now too. @Tecnativa TT25868
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
  1. # Copyright 2018 Tecnativa - Jairo Llopis
  2. # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
  4. import hashlib
  5. import hmac
  7. from odoo import api, fields, models
  10. class PrivacyConsent(models.Model):
  11. _name = "privacy.consent"
  12. _description = "Consent of data processing"
  13. _inherit = "mail.thread"
  14. _rec_name = "partner_id"
  15. _sql_constraints = [
  16. (
  17. "unique_partner_activity",
  18. "UNIQUE(partner_id, activity_id)",
  19. "Duplicated partner in this data processing activity",
  20. ),
  21. ]
  23. active = fields.Boolean(
  24. default=True,
  25. index=True,
  26. )
  27. accepted = fields.Boolean(
  28. track_visibility="onchange",
  29. help="Indicates current acceptance status, which can come from "
  30. "subject's last answer, or from the default specified in the "
  31. "related data processing activity.",
  32. )
  33. last_metadata = fields.Text(
  34. readonly=True,
  35. track_visibility="onchange",
  36. help="Metadata from the last acceptance or rejection by the subject",
  37. )
  38. partner_id = fields.Many2one(
  39. "res.partner",
  40. "Subject",
  41. required=True,
  42. readonly=True,
  43. track_visibility="onchange",
  44. help="Subject asked for consent.",
  45. )
  46. activity_id = fields.Many2one(
  47. "privacy.activity",
  48. "Activity",
  49. readonly=True,
  50. required=True,
  51. track_visibility="onchange",
  52. )
  53. state = fields.Selection(
  54. selection=[
  55. ("draft", "Draft"),
  56. ("sent", "Awaiting response"),
  57. ("answered", "Answered"),
  58. ],
  59. default="draft",
  60. readonly=True,
  61. required=True,
  62. track_visibility="onchange",
  63. )
  65. def _creation_subtype(self):
  66. return self.env.ref("privacy_consent.mt_consent_consent_new")
  68. def _track_subtype(self, init_values):
  69. """Return specific subtypes."""
  70. if self.env.context.get("subject_answering"):
  71. return self.env.ref("privacy_consent.mt_consent_acceptance_changed")
  72. if "state" in init_values:
  73. return self.env.ref("privacy_consent.mt_consent_state_changed")
  74. return super(PrivacyConsent, self)._track_subtype(init_values)
  76. def _token(self):
  77. """Secret token to publicly authenticate this record."""
  78. secret = self.env["ir.config_parameter"].sudo().get_param("database.secret")
  79. params = "{}-{}-{}-{}".format(
  80. self.env.cr.dbname,
  81. self.id,
  82. self.partner_id.id,
  83. self.activity_id.id,
  84. )
  85. return hmac.new(
  86. secret.encode("utf-8"),
  87. params.encode("utf-8"),
  88. hashlib.sha512,
  89. ).hexdigest()
  91. def _url(self, accept):
  92. """Tokenized URL to let subject decide consent.
  94. :param bool accept:
  95. Indicates if you want the acceptance URL, or the rejection one.
  96. """
  97. return "/privacy/consent/{}/{}/{}?db={}".format(
  98. "accept" if accept else "reject",
  99. self.id,
  100. self._token(),
  101. self.env.cr.dbname,
  102. )
  104. def _send_consent_notification(self):
  105. """Send email notification to subject."""
  106. for one in self.with_context(
  107. tpl_force_default_to=True,
  108. mail_notify_user_signature=False,
  109. mail_auto_subscribe_no_notify=True,
  110. ):
  111. one.activity_id.consent_template_id.send_mail(one.id)
  113. def _run_action(self):
  114. """Execute server action defined in data processing activity."""
  115. for one in self:
  116. # Always skip draft consents
  117. if one.state == "draft":
  118. continue
  119. action = one.activity_id.server_action_id.with_context(
  120. active_id=one.id,
  121. active_ids=one.ids,
  122. active_model=one._name,
  123. )
  124. action.run()
  126. @api.model_create_multi
  127. def create(self, vals_list):
  128. """Run server action on create."""
  129. results = super().create(vals_list)
  130. # Sync the default acceptance status
  131. results._run_action()
  132. return results
  134. def write(self, vals):
  135. """Run server action on update."""
  136. result = super().write(vals)
  137. self._run_action()
  138. return result
  140. def message_get_suggested_recipients(self):
  141. result = super().message_get_suggested_recipients()
  142. reason = self._fields["partner_id"].string
  143. for one in self:
  144. one._message_add_suggested_recipient(
  145. result,
  146. partner=one.partner_id,
  147. reason=reason,
  148. )
  149. return result
  151. def action_manual_ask(self):
  152. """Let user manually ask for consent."""
  153. return {
  154. "context": {
  155. "default_composition_mode": "comment",
  156. "default_model": self._name,
  157. "default_res_id": self.id,
  158. "default_template_id": self.activity_id.consent_template_id.id,
  159. "default_use_template": True,
  160. "tpl_force_default_to": True,
  161. },
  162. "force_email": True,
  163. "res_model": "mail.compose.message",
  164. "target": "new",
  165. "type": "ir.actions.act_window",
  166. "view_mode": "form",
  167. }
  169. def action_auto_ask(self):
  170. """Automatically ask for consent."""
  171. templated = self.filtered("activity_id.consent_template_id")
  172. automated = templated.filtered(
  173. lambda one: one.activity_id.consent_required == "auto"
  174. )
  175. automated._send_consent_notification()
  177. def action_answer(self, answer, metadata=False):
  178. """Process answer.
  180. :param bool answer:
  181. Did the subject accept?
  183. :param str metadata:
  184. Metadata from last user acceptance or rejection request.
  185. """
  186. self.write({"state": "answered", "accepted": answer, "last_metadata": metadata})