OCA
/
data-protection
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 Commits
10 Branches
0 Tags
1.3 MiB
Tree: 98ca071129
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '98ca071129'
${ noResults }
data-protection/privacy_consent/models/privacy_consent.py

174 lines
5.7 KiB
Raw Normal View History

privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Separate automated emails send process Before https://github.com/OCA/data-protection/pull/29 there was a race condition where an email could be sent while the same transaction that created the `privacy.consent` record still wasn't committed, producing a 404 error if the user clicked on "Accept" or "Reject" before all mails were sent. To avoid that, a raw `cr.commit()` was issued, but this produced another situation where the user had to wait until the full email queue is cleared to get his page loaded. It wasn't an error, but a long queue meant several minutes waiting, and it's ulikely that an average human is so patient. So, here's the final fix (I hope!). The main problem was that I was looking in the wrong place to send the email. It turns out that the `self.post_message_with_template()` method is absolutely helpless in the case at hand, where these criteria must be met: * E-mail must be enqueued, no matter if there are less or more than 50 consents to send. * The template must be processed per record. * In an ideal world, a `cr.commit()` must be issued after each sent mail. The metod that was being used: * Didn't allow to use `auto_commit` mode. * Only allowed to render the template per record if called with `composition_mode="mass_mail"`. * Only allowed to enqueue emails if called with `composition_mode="mass_post"`. Obviously, I cannot set 2 different values for `composition_mode`, so a different strategy had to be used. I discovered that the `mail.template` model has a helpful method called `send_mail()` that, by default: * Renders the template per record * Enqueues the email * The email queue is cleared in `auto_commit=True` mode. So, from now on, problems are gone: * The user click, or the cron run, will just generate the missing `privacy.consent` records and enqueue mails for them. * The mail queue manager will send them later, in `auto_commit` mode. * After sending the e-mail, this module will set the `privacy.consent` record as `sent`. * Thanks to *not* sending the email, the process the user faces when he hits the "generate" button is faster. * Instructions in the README and text in the "generate" button are updated to reflect this new behavior. * Thanks to the `auto_commit` feature, if Odoo is rebooted in the middle of a mail queue clearance, the records that were sent remain properly marked as sent, and the missing mails will be sent after the next boot. * No hardcoded commits. * No locked transactions. * BTW I discovered that 2 different emails were created when creating a new consent. I started using `mail_create_nolog=True` to avoid that problem and only log a single creation message. Note to self: never use again `post_message_with_template()`.
6 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: Migrate to v12 - Partner's `opt_out` no longer exists. Using `mail.blacklist` now. - Tests updated to support that change. - Test workarounds removed. - Duplicated-field-name-in-model warning removed. - Use create multi where possible.
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[MIG] privacy_consent: version 13.0 - Remove prefetching optimizations; v13 ORM does it better. - Reset counters always in computed methods. - Remove workaround for skipping duplicate consent creation message. - Implement the new `_creation_subtype()` to let creation subscriptions keep on working. @Tecnativa TT25941
4 years ago
[MIG] privacy_consent: Migrate to v12 - Partner's `opt_out` no longer exists. Using `mail.blacklist` now. - Tests updated to support that change. - Test workarounds removed. - Duplicated-field-name-in-model warning removed. - Use create multi where possible.
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
!squash [MIG] privacy_consent: Migrate to v12 Co-Authored-By: Alexandre Díaz <alexandre.diaz@tecnativa.com>
5 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[FIX] privacy_consent: make it work, basically Some little nasty details were overlooked in the v12 migration, which rendered the module basically useless: - The wizard used to ask for consent in manual activities did not fill the placeholders, resulting in an awkward UX. - The sent mails **did not have the token** to authenticate and actually allow accepting or rejecting. These buttons returned a 500 error. - Once the token is added, the form was ugly. - Sadly, some tests were testing the how and not the what. It is understandable due to the complexity of testing the what, even more without the `Form` utility, new on v12. These are fixed now too. @Tecnativa TT25868
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
privacy_consent: Privacy explicit consent tracking tools (#11)
6 years ago
[IMP] pre-commit run
4 years ago
  1. # Copyright 2018 Tecnativa - Jairo Llopis
  2. # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
  4. import hashlib
  5. import hmac
  7. from odoo import api, fields, models
  10. class PrivacyConsent(models.Model):
  11. _name = "privacy.consent"
  12. _description = "Consent of data processing"
  13. _inherit = "mail.thread"
  14. _rec_name = "partner_id"
  15. _sql_constraints = [
  16. (
  17. "unique_partner_activity",
  18. "UNIQUE(partner_id, activity_id)",
  19. "Duplicated partner in this data processing activity",
  20. ),
  21. ]
  23. active = fields.Boolean(default=True, index=True,)
  24. accepted = fields.Boolean(
  25. track_visibility="onchange",
  26. help="Indicates current acceptance status, which can come from "
  27. "subject's last answer, or from the default specified in the "
  28. "related data processing activity.",
  29. )
  30. last_metadata = fields.Text(
  31. readonly=True,
  32. track_visibility="onchange",
  33. help="Metadata from the last acceptance or rejection by the subject",
  34. )
  35. partner_id = fields.Many2one(
  36. "res.partner",
  37. "Subject",
  38. required=True,
  39. readonly=True,
  40. track_visibility="onchange",
  41. help="Subject asked for consent.",
  42. )
  43. activity_id = fields.Many2one(
  44. "privacy.activity",
  45. "Activity",
  46. readonly=True,
  47. required=True,
  48. track_visibility="onchange",
  49. )
  50. state = fields.Selection(
  51. selection=[
  52. ("draft", "Draft"),
  53. ("sent", "Awaiting response"),
  54. ("answered", "Answered"),
  55. ],
  56. default="draft",
  57. readonly=True,
  58. required=True,
  59. track_visibility="onchange",
  60. )
  62. def _creation_subtype(self):
  63. return self.env.ref("privacy_consent.mt_consent_consent_new")
  65. def _track_subtype(self, init_values):
  66. """Return specific subtypes."""
  67. if self.env.context.get("subject_answering"):
  68. return self.env.ref("privacy_consent.mt_consent_acceptance_changed")
  69. if "state" in init_values:
  70. return self.env.ref("privacy_consent.mt_consent_state_changed")
  71. return super(PrivacyConsent, self)._track_subtype(init_values)
  73. def _token(self):
  74. """Secret token to publicly authenticate this record."""
  75. secret = self.env["ir.config_parameter"].sudo().get_param("database.secret")
  76. params = "{}-{}-{}-{}".format(
  77. self.env.cr.dbname, self.id, self.partner_id.id, self.activity_id.id,
  78. )
  79. return hmac.new(
  80. secret.encode("utf-8"), params.encode("utf-8"), hashlib.sha512,
  81. ).hexdigest()
  83. def _url(self, accept):
  84. """Tokenized URL to let subject decide consent.
  86. :param bool accept:
  87. Indicates if you want the acceptance URL, or the rejection one.
  88. """
  89. return "/privacy/consent/{}/{}/{}?db={}".format(
  90. "accept" if accept else "reject",
  91. self.id,
  92. self._token(),
  93. self.env.cr.dbname,
  94. )
  96. def _send_consent_notification(self):
  97. """Send email notification to subject."""
  98. for one in self.with_context(
  99. tpl_force_default_to=True,
  100. mail_notify_user_signature=False,
  101. mail_auto_subscribe_no_notify=True,
  102. ):
  103. one.activity_id.consent_template_id.send_mail(one.id)
  105. def _run_action(self):
  106. """Execute server action defined in data processing activity."""
  107. for one in self:
  108. # Always skip draft consents
  109. if one.state == "draft":
  110. continue
  111. action = one.activity_id.server_action_id.with_context(
  112. active_id=one.id, active_ids=one.ids, active_model=one._name,
  113. )
  114. action.run()
  116. @api.model_create_multi
  117. def create(self, vals_list):
  118. """Run server action on create."""
  119. results = super().create(vals_list)
  120. # Sync the default acceptance status
  121. results._run_action()
  122. return results
  124. def write(self, vals):
  125. """Run server action on update."""
  126. result = super().write(vals)
  127. self._run_action()
  128. return result
  130. def message_get_suggested_recipients(self):
  131. result = super().message_get_suggested_recipients()
  132. reason = self._fields["partner_id"].string
  133. for one in self:
  134. one._message_add_suggested_recipient(
  135. result, partner=one.partner_id, reason=reason,
  136. )
  137. return result
  139. def action_manual_ask(self):
  140. """Let user manually ask for consent."""
  141. return {
  142. "context": {
  143. "default_composition_mode": "comment",
  144. "default_model": self._name,
  145. "default_res_id": self.id,
  146. "default_template_id": self.activity_id.consent_template_id.id,
  147. "default_use_template": True,
  148. "tpl_force_default_to": True,
  149. },
  150. "force_email": True,
  151. "res_model": "mail.compose.message",
  152. "target": "new",
  153. "type": "ir.actions.act_window",
  154. "view_mode": "form",
  155. }
  157. def action_auto_ask(self):
  158. """Automatically ask for consent."""
  159. templated = self.filtered("activity_id.consent_template_id")
  160. automated = templated.filtered(
  161. lambda one: one.activity_id.consent_required == "auto"
  162. )
  163. automated._send_consent_notification()
  165. def action_answer(self, answer, metadata=False):
  166. """Process answer.
  168. :param bool answer:
  169. Did the subject accept?
  171. :param str metadata:
  172. Metadata from last user acceptance or rejection request.
  173. """
  174. self.write({"state": "answered", "accepted": answer, "last_metadata": metadata})