OCA
/
data-protection
5
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

GDPR Modules for OCA V11 

Code cleanup and removed use of commit()
pull/10/head
ITISAG-OCA 6 years ago
parent
3794efc725
commit
44f393746c
4 changed files with 188 additions and 104 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 40
      contact_search_form/models/contact_search.py
  2. 80
      website_contact_extend/controllers/myfilter.py
  3. 10
      website_contact_extend/models/res_partner.py
  4. 124
      website_contact_extend/views/contact_report.xml

40
contact_search_form/models/contact_search.py
View File

@ -1,6 +1,6 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from odoo import api, fields, models, tools, SUPERUSER_ID, _
from odoo import api, fields, models, _
from odoo.exceptions import UserError from odoo.exceptions import UserError
class SearchLine(models.Model): class SearchLine(models.Model):
@ -8,9 +8,9 @@ class SearchLine(models.Model):
name = fields.Char(string="Model Name") name = fields.Char(string="Model Name")
field_list = fields.Char(string="Fields Name") field_list = fields.Char(string="Fields Name")
model_id = fields.Many2one('ir.model',string="Found in Model")
model_id = fields.Many2one('ir.model', string="Found in Model")
record_id = fields.Integer(string="Record ID") record_id = fields.Integer(string="Record ID")
search_id = fields.Many2one("dpo.view",string="Search Terms")
search_id = fields.Many2one("dpo.view", string="Search Terms")
record_name = fields.Char(string="Record Name", compute="_compute_record_name") record_name = fields.Char(string="Record Name", compute="_compute_record_name")
@api.multi @api.multi
@ -35,23 +35,24 @@ class ItisDpoView(models.Model):
_name = "dpo.view" _name = "dpo.view"
name = fields.Char(string="Search Term") name = fields.Char(string="Search Term")
model_ids = fields.Many2many('ir.model','dpo_view_ir_model_rel',string="Search in Model")
model_ids = fields.Many2many('ir.model', 'dpo_view_ir_model_rel', string="Search in Model")
search_lines = fields.One2many('search.line', 'search_id', string='Search Result') search_lines = fields.One2many('search.line', 'search_id', string='Search Result')
@api.multi @api.multi
def search_string(self): def search_string(self):
search_line_ids = self.env['search.line'].search([('search_id', '=', self.id)]) search_line_ids = self.env['search.line'].search([('search_id', '=', self.id)])
search_line_ids.unlink() search_line_ids.unlink()
self._cr.commit()
found = False found = False
for model in self.model_ids: for model in self.model_ids:
table_name = model.model.replace(".","_")
query = '''select * from '''+table_name+''' where '''
field_list = self.env['ir.model.fields'].search([('model_id.id', '=', model.id),('ttype', 'in', ['char','html','text']),('store', '=', True)])
table_name = model.model.replace(".", "_")
query = '''select * from ''' + table_name + ''' where '''
field_list = self.env['ir.model.fields'].search([('model_id.id', '=', model.id),
('ttype', 'in', ['char', 'html', 'text']),
('store', '=', True)])
for field in field_list: for field in field_list:
query = query +table_name+'''."'''+ field.name +'''" like '%'''+self.name+'''%' or '''
query = query + table_name + '''."''' + field.name + '''" like '%''' + self.name + '''%' or '''
query = query[:-3] query = query[:-3]
query = query+''';'''
query += ''';'''
self._cr.execute(query) self._cr.execute(query)
colnames = [desc[0] for desc in self._cr.description] colnames = [desc[0] for desc in self._cr.description]
@ -68,19 +69,16 @@ class ItisDpoView(models.Model):
if str(row).find(self.name) >= 0: if str(row).find(self.name) >= 0:
founded_col.append(colnames[ind]) founded_col.append(colnames[ind])
found = True found = True
ind = ind + 1
fields_data = self.env['ir.model.fields'].search([('name', 'in', founded_col),('model_id', '=', model.id)])
ind += 1
fields_data = self.env['ir.model.fields'].search([('name', 'in', founded_col),
('model_id', '=', model.id)])
field_desc = [] field_desc = []
for field in fields_data: for field in fields_data:
field_desc.append(field.field_description) field_desc.append(field.field_description)
create_id = self.env['search.line'].create({"field_list":str(field_desc),"name":model.name,"model_id":int(model.id),"search_id":int(self.id),"record_id":int(rec_id)})
create_id = self.env['search.line'].create({"field_list": str(field_desc),
"name": model.name,
"model_id": int(model.id),
"search_id": int(self.id),
"record_id": int(rec_id)})
if not found: if not found:
raise UserError(_("No record found with "+self.name+".")) raise UserError(_("No record found with "+self.name+"."))
# def _search_tables(self):
# user_id = self.env['res.users'].browse('email', '=', self.email)
# # field user_info could be an array containg the fields we want to display...
# partner_id = self.env['res.partner'].browse('email', '=', self.email)
# crm_id = self.env['crm.lead'].browse('email', '=', self.email)
# mm_id = self.env['mail.mass_mailing'].browse('email', '=', self.email)

80
website_contact_extend/controllers/myfilter.py
View File

@ -1,12 +1,12 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from odoo import api, fields, models, tools, _
from odoo.addons.website_form.controllers import main as parent_controller from odoo.addons.website_form.controllers import main as parent_controller
from odoo import http from odoo import http
from odoo.http import request from odoo.http import request
import json
from odoo.exceptions import ValidationError from odoo.exceptions import ValidationError
from psycopg2 import IntegrityError from psycopg2 import IntegrityError
import base64 import base64
import json
class VerifyController(http.Controller): class VerifyController(http.Controller):
@ -20,14 +20,16 @@ class VerifyController(http.Controller):
phone_name = link_data[3] phone_name = link_data[3]
letter_name = link_data[4] letter_name = link_data[4]
link_date = link_data[5] link_date = link_data[5]
link_date = link_date.split(" ")[0].replace("-","")
link_date = link_date.split(" ")[0].replace("-", "")
import datetime import datetime
today = datetime.date.today() today = datetime.date.today()
link = datetime.datetime.strptime(link_date,"%Y%m%d").date()
link = datetime.datetime.strptime(link_date, "%Y%m%d").date()
diff = today - link diff = today - link
if diff.days > 5 or diff.days < 0: if diff.days > 5 or diff.days < 0:
return "<center style='color:red'>Not valid!<br/>The link you entered is either not valid or expired.<br/>Please request a new link.</center>"
partner = request.env['res.partner'].sudo().search([('email','=',email),('name','=',contact_name)])
return "<center style='color:red'>Not valid!<br/>" \
"The link you entered is either not valid or expired." \
"<br/>Please request a new link.</center>"
partner = request.env['res.partner'].sudo().search([('email', '=', email), ('name', '=', contact_name)])
if partner: if partner:
for part in partner: for part in partner:
part.is_verified = True part.is_verified = True
@ -47,18 +49,20 @@ class VerifyController(http.Controller):
template = request.env.ref('website_contact_extend.confirmation_email_template').sudo().send_mail(part.id) template = request.env.ref('website_contact_extend.confirmation_email_template').sudo().send_mail(part.id)
return "<center style='color:green'>Thank You! Your email address has been verified!</center>" return "<center style='color:green'>Thank You! Your email address has been verified!</center>"
else: else:
return "<center style='color:red'>Not valid!<br/>The link you entered is either not valid or expired.<br/>Please request a new link.</center>"
return "<center style='color:red'>Not valid!<br/>" \
"The link you entered is either not valid or expired." \
"<br/>Please request a new link.</center>"
class MyFilter(parent_controller.WebsiteForm): class MyFilter(parent_controller.WebsiteForm):
@http.route('/website_form/<string:model_name>', type='http', auth="public", methods=['POST'], website=True) @http.route('/website_form/<string:model_name>', type='http', auth="public", methods=['POST'], website=True)
def website_form(self, model_name, **kwargs): def website_form(self, model_name, **kwargs):
model_record = request.env['ir.model'].sudo().search([('model', '=', model_name), ('website_form_access', '=', True)])
model_record = request.env['ir.model'].sudo().search([('model', '=', model_name),
('website_form_access', '=', True)])
if not model_record: if not model_record:
return json.dumps(False) return json.dumps(False)
need_send_email = False
# need_send_email = False
try: try:
data = self.extract_data(model_record, request.params) data = self.extract_data(model_record, request.params)
contact_type=False contact_type=False
@ -68,46 +72,52 @@ class MyFilter(parent_controller.WebsiteForm):
send_mail = True send_mail = True
index = 0 index = 0
for field_name, field_value in request.params.items(): for field_name, field_value in request.params.items():
if field_name=="contact_type":
if field_name == "contact_type":
contact_type = field_value contact_type = field_value
if field_name=="send_mail" and field_value=="send_mail":
send_mail=True
if field_name=="phone_contact" and field_value=="phone_contact":
phone_contact=True
if field_name=="letter_contact" and field_value=="letter_contact":
letter_contact=True
if field_name=="email_contact" and field_value=="email_contact":
email_contact=True
if field_name == "send_mail" and field_value == "send_mail":
send_mail = True
if field_name == "phone_contact" and field_value == "phone_contact":
phone_contact = True
if field_name == "letter_contact" and field_value == "letter_contact":
letter_contact = True
if field_name == "email_contact" and field_value == "email_contact":
email_contact = True
index = index + 1
index += 1
contact_name = data.get("record").get("contact_name") contact_name = data.get("record").get("contact_name")
email_from = data.get("record").get("email_from") email_from = data.get("record").get("email_from")
#if data.get("record",False):
#partner_records = request.env['res.partner'].sudo().search([('name', '=', contact_name), ('email', '=', email_from)])
#for partner_record in partner_records:
#if partner_record:
#if partner_record.is_verified:
#partner_record.contact_type = contact_type
#partner_record.phone_contact = phone_contact
#partner_record.email_contact = email_contact
#partner_record.letter_contact = letter_contact
#if not partner_record.is_verified:
# if data.get("record",False):
# partner_records = request.env['res.partner'].sudo().search([('name', '=', contact_name),
# ('email', '=', email_from)])
# for partner_record in partner_records:
# if partner_record:
# if partner_record.is_verified:
# partner_record.contact_type = contact_type
# partner_record.phone_contact = phone_contact
# partner_record.email_contact = email_contact
# partner_record.letter_contact = letter_contact
# if not partner_record.is_verified:
# need_send_email = True # need_send_email = True
# If we encounter an issue while extracting data # If we encounter an issue while extracting data
except ValidationError as e: except ValidationError as e:
# I couldn't find a cleaner way to pass data to an exception # I couldn't find a cleaner way to pass data to an exception
return json.dumps({'error_fields' : e.args[0]})
return json.dumps({'error_fields': e.args[0]})
try: try:
id_record = self.insert_record(request, model_record, data['record'], data['custom'], data.get('meta')) id_record = self.insert_record(request, model_record, data['record'], data['custom'], data.get('meta'))
if id_record: if id_record:
self.insert_attachment(model_record, id_record, data['attachments']) self.insert_attachment(model_record, id_record, data['attachments'])
if id_record and send_mail and model_name=="crm.lead":
crm_lead_obj = request.env['crm.lead'].sudo().search([('id','=',id_record)])
email_data = crm_lead_obj.email_from +"####"+crm_lead_obj.contact_name+"####"+str(email_contact)+"####"+str(phone_contact)+"####"+str(letter_contact)+"####"+str(crm_lead_obj.create_date)
if id_record and send_mail and model_name == "crm.lead":
crm_lead_obj = request.env['crm.lead'].sudo().search([('id', '=', id_record)])
email_data = crm_lead_obj.email_from + "####" +\
crm_lead_obj.contact_name + "####" +\
str(email_contact) + "####" +\
str(phone_contact) + "####" +\
str(letter_contact)+"####" +\
str(crm_lead_obj.create_date)
ency_email = base64.b64encode(email_data.encode()).decode("utf-8") ency_email = base64.b64encode(email_data.encode()).decode("utf-8")
action_url = '%s/verify_email/?data=%s'%(
action_url = '%s/verify_email/?data=%s' % (
request.env['ir.config_parameter'].sudo().get_param('web.base.url'), request.env['ir.config_parameter'].sudo().get_param('web.base.url'),
ency_email, ency_email,
) )

10
website_contact_extend/models/res_partner.py
View File

@ -1,17 +1,17 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from odoo import api, fields, models, _
from odoo import fields, models
class ResContacts(models.Model): class ResContacts(models.Model):
_inherit = "res.partner" _inherit = "res.partner"
contact_type = fields.Selection(
[('no_contact', 'I do not want to be contacted.'),
contact_type = fields.Selection([
('no_contact', 'I do not want to be contacted.'),
('email_contact', 'I only want to be contacted by Email.'), ('email_contact', 'I only want to be contacted by Email.'),
('phone_contact', 'I only want to be contacted by Phone.'), ('phone_contact', 'I only want to be contacted by Phone.'),
('email_phone_contact', 'You can contact me by Email or Phone.') ('email_phone_contact', 'You can contact me by Email or Phone.')
], string='Contact Type',
],
string='Contact Type',
default='email_contact', default='email_contact',
help="Which way user want to be contacted.") help="Which way user want to be contacted.")
letter_contact = fields.Boolean("Letter Contact") letter_contact = fields.Boolean("Letter Contact")

124
website_contact_extend/views/contact_report.xml
View File

@ -23,29 +23,103 @@
<div class="page"> <div class="page">
<div class="oe_structure"/> <div class="oe_structure"/>
<h2 class="P8"> <h2 class="P8">
<a id="a__Auskunft_nach_Artikel_15_DS-GVO"><span/></a>Auskunft n<span class="T1">ach Artikel 15 DS-GVO</span>
<a id="a__Auskunft_nach_Artikel_15_DS-GVO">
<span/>
</a>
Auskunft n
<span class="T1">ach Artikel 15 DS-GVO</span>
</h2> </h2>
<p class="Text_20_body"> </p>
<p class="P1">Auskunft für: <span class="T8"><span t-field="doc.name"/></span></p>
<p class="Text_20_body">Die betroffene Person hat das Recht, von dem Verantwortlichen eine Bestätigung darüber zu verlangen, ob sie betreffende personenbezogene Daten verarbeitet werden; ist dies der Fall, so hat sie ein Recht auf Auskunft über diese personenbezogenen Daten und auf folgende Informationen:</p>
<p class="P4">a) <span class="T1">d</span>ie Verarbeitungszwecke:<span class="T1"> </span><span class="T2"></span><span class="T1">Kontaktaufnahme; </span><span class="T2"></span><span class="T3">Geschäftsvorgänge</span><span class="T1">; </span><span class="T2"></span><span class="T3">S</span><span class="T1">onstiges; </span></p>
<p class="P2">b) die Kategorien personenbezogener Daten, die verarbeitet werden: <span class="T1"> <br/></span><span class="T2"></span><span class="T1">Kundendaten, </span><span class="T2"></span><span class="T1">Lieferantendaten, </span><span class="T2"></span><span class="T1">Interessentendaten, </span><span class="T2"></span><span class="T1">Personaldaten</span></p>
<p class="P2">c) die Empfänger oder Kategorien von Empfängern, gegenüber denen die personenbezogenen Daten offengelegt worden sind oder noch offengelegt werden, insbesondere bei Empfängern in Drittländern oder bei internationalen Organisationen: <span class="T1"> </span><span class="T2"></span>_______________________________<br/> <span class="T6">oder</span> <span class="T1"> </span><span class="T2"></span><span class="T3">keine</span><span class="T1"> Offenlegung gegenüber Dritten beabsichtigt, </span><span class="T2"></span><span class="T1">Nicht bekannt</span></p>
<p class="P2">d) geplante Dauer, für die die personenbezogenen Daten gespeichert werden: <span class="T1"> </span></p>
<p class="P4"><span class="T2"></span><span class="T1">bis zum __. __. ____</span> <span> <span class="T1"> </span><span class="T2">□ Bis zu ____ Jahre □ </span><span class="T3">Gesetzl. Aufbewahrungfrist</span></span>
</p>
<p class="P2"><span class="T6">Grund</span><span> <span class="T2">□ Kontakt ____ mal nicht erreicht □ Systemwechsel </span></span>
</p>
<p class="P2">e) <span> <span class="T2"></span>Recht auf Berichtigung oder Löschung der betreffenden personenbezogenen Daten <span class="T1">besteht oder </span><span class="T2"></span>Einschränkung der Verarbeitung durch den Verantwortlichen </span>
</p>
<p class="P2"><span class="T2">oder □ </span>Widerspruchsrecht gegen diese Verarbeitung <span class="T1">besteht</span>; </p>
<p class="P3">f) <span> <span class="T2"></span>das Bestehen eines Beschwerderechts bei einer Aufsichtsbehörde <span class="T5">besteht</span></span>
</p>
<p class="P5">g) die Herkunft der Daten <span class="T7">ist von </span><span class="T2"></span><span class="T4">eigener Recherche, </span><span class="T2"></span><span class="T4">Auskunftei</span></p>
<p class="P5">h) <span class="T2"></span>eine automatisierte Entscheidungsfindung <span class="T7">mit diesen Daten findet nicht statt. </span></p>
<p class="P5"><span class="T2"></span><span class="T4">Wenn doch: Die Daten werden</span><span class="T7"> nach folgender Art ausgewertet und gruppiert _______________ </span></p>
<p class="P5">(2) <span class="T2"></span><span class="T7">Die </span>personenbezogene Daten <span class="T7">werden nicht </span>an ein Drittland oder an eine internationale Organisation übermittelt</p>
<p class="Text_20_body">(3) Der Verantwortliche stellt eine Kopie der personenbezogenen Daten, die Gegenstand der Verarbeitung sind, zur Verfügung: </p>
<p class="Text_20_body"/>
<p class="P1">Auskunft für:
<span class="T8">
<span t-field="doc.name"/>
</span>
</p>
<p class="Text_20_body">Die betroffene Person hat das Recht, von dem Verantwortlichen eine
Bestätigung darüber zu verlangen, ob sie betreffende personenbezogene Daten verarbeitet werden;
ist dies der Fall, so hat sie ein Recht auf Auskunft über diese personenbezogenen Daten und auf
folgende Informationen:
</p>
<p class="P4">a) die Verarbeitungszwecke:
<span class="T1"></span>
<span class="T2"></span>
<span class="T1">Kontaktaufnahme;</span>
<span class="T2"></span>
<span class="T3">Geschäftsvorgänge;</span>
<span class="T2"></span>
<span class="T3">Sonstiges;</span>
</p>
<p class="P2">b) die Kategorien personenbezogener Daten, die verarbeitet werden:
<span class="T1">
<br/>
</span>
<span class="T2"></span>
<span class="T1">Kundendaten,</span>
<span class="T2"></span>
<span class="T1">Lieferantendaten,</span>
<span class="T2"></span>
<span class="T1">Interessentendaten,</span>
<span class="T2"></span>
<span class="T1">Personaldaten</span>
</p>
<p class="P2">c) die Empfänger oder Kategorien von Empfängern, gegenüber denen die personenbezogenen
Daten offengelegt worden sind oder noch offengelegt werden, insbesondere bei Empfängern in
Drittländern oder bei internationalen Organisationen:
<span class="T2"></span>_______________________________
<br/>
<span class="T6">oder</span>
<span class="T2"></span>
<span class="T3">keine Offenlegung gegenüber Dritten beabsichtigt,</span>
<span class="T2"></span>
<span class="T1">Nicht bekannt</span>
</p>
<p class="P2">d) geplante Dauer, für die die personenbezogenen Daten gespeichert werden:
</p>
<p class="P4">
<span class="T2">□ bis zum __. __. ____</span>
<span class="T2">□ Bis zu ____ Jahre</span>
<span class="T3">□ Gesetzl. Aufbewahrungfrist</span>
</p>
<p class="P2">
<span class="T6">Grund</span>
<span class="T2">□ Kontakt ____ mal nicht erreicht □ Systemwechsel</span>
</p>
<p class="P2">e)
<span>□ Recht auf Berichtigung oder Löschung der betreffenden
personenbezogenen Daten besteht oder
</span>
<span>□ Einschränkung der Verarbeitung durch den Verantwortlichen
</span>
</p>
<p class="P2"><span>oder □ Widerspruchsrecht gegen diese Verarbeitung besteht;</span>
</p>
<p class="P3">f)
<span>□ das Bestehen eines Beschwerderechts bei einer Aufsichtsbehörde besteht
</span>
</p>
<p class="P5">g) die Herkunft der Daten
<span class="T7">ist von</span>
<span class="T2"></span>
<span class="T4">eigener Recherche,</span>
<span class="T2"></span>
<span class="T4">Auskunftei</span>
</p>
<p class="P5">h)<span class="T2"></span>eine automatisierte Entscheidungsfindung
<span class="T7">mit diesen Daten findet nicht statt.</span>
</p>
<p class="P5">
<span class="T2"></span>
<span class="T4">Wenn doch: Die Daten werden</span>
<span class="T7">nach folgender Art ausgewertet und gruppiert _______________</span>
</p>
<p class="P5">(2)
<span class="T2"></span>
<span class="T7">Die</span>personenbezogene Daten<span class="T7">werden nicht</span>an ein
Drittland oder an eine internationale Organisation übermittelt
</p>
<p class="Text_20_body">(3) Der Verantwortliche stellt eine Kopie der personenbezogenen Daten, die
Gegenstand der Verarbeitung sind, zur Verfügung:
</p>
<p class="P6"> <p class="P6">
<p t-if="doc.name"> <p t-if="doc.name">
Name: Name:
@ -67,8 +141,10 @@
<span t-field="doc.city"/> <span t-field="doc.city"/>
<span t-field="doc.country_id.name"/> <span t-field="doc.country_id.name"/>
</p> </p>
<p class="Text_20_body">(4) Das Recht auf Erhalt einer Kopie gemäß Absatz 3 darf die Rechte und Freiheiten anderer<br/>Personen nicht beeinträchtigen.</p>
<p class="Text_20_body"> </p>
<p class="Text_20_body">(4) Das Recht auf Erhalt einer Kopie gemäß Absatz 3 darf die Rechte und
Freiheiten anderer<br/>Personen nicht beeinträchtigen.
</p>
<p class="Text_20_body"></p>
<p class="P7">Auskunftsgeber: <p class="P7">Auskunftsgeber:
<span class="T8"> <span class="T8">
<span t-field="doc.user_id.name"/>, <span t-field="doc.user_id.name"/>,

Write Preview
Loading…
Cancel
Save