From 71a46ad3dcfa897bb7323f30e28cd4ce61d55210 Mon Sep 17 00:00:00 2001 From: IanM <16573496+imorland@users.noreply.github.com> Date: Tue, 31 Oct 2023 09:51:03 +0000 Subject: [PATCH] feat: support gdpr export, anonymize and deletion (#32) * feat: support gdpr export, anonymize and deletion * Apply fixes from StyleCI * php versions * fix: phpstan errors --------- Co-authored-by: StyleCI Bot --- .github/workflows/backend.yml | 1 + composer.json | 8 ++++-- extend.php | 7 +++++ resources/locale/en.yml | 6 ++++ src/Data/BannedIPData.php | 54 +++++++++++++++++++++++++++++++++++ 5 files changed, 73 insertions(+), 3 deletions(-) create mode 100644 src/Data/BannedIPData.php diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml index 589f4ff..afee643 100644 --- a/.github/workflows/backend.yml +++ b/.github/workflows/backend.yml @@ -8,5 +8,6 @@ jobs: with: enable_backend_testing: true enable_phpstan: true + php_versions: '["8.0", "8.1", "8.2"]' backend_directory: . diff --git a/composer.json b/composer.json index 4ca9288..aa3f4dc 100644 --- a/composer.json +++ b/composer.json @@ -19,7 +19,7 @@ } ], "require": { - "flarum/core": "^1.2.0" + "flarum/core": "^1.8.3" }, "authors": [ { @@ -51,7 +51,8 @@ "flarum/suspend", "flarum/flags", "flarum/tags", - "flarum/approval" + "flarum/approval", + "blomstra/gdpr" ] }, "flagrow": { @@ -89,6 +90,7 @@ }, "require-dev": { "flarum/testing": "^1.0.0", - "flarum/phpstan": "*" + "flarum/phpstan": "*", + "blomstra/gdpr": "@beta" } } diff --git a/extend.php b/extend.php index 0c0ff56..cb983fa 100644 --- a/extend.php +++ b/extend.php @@ -11,6 +11,7 @@ namespace FoF\BanIPs; +use Blomstra\Gdpr\Extend\UserData; use Flarum\Api\Controller; use Flarum\Api\Serializer; use Flarum\Api\Serializer\AbstractSerializer; @@ -108,4 +109,10 @@ (new Extend\Filter(Search\BannedIPFilterer::class)) ->addFilter(Search\NxGambit::class), + + (new Extend\Conditional()) + ->whenExtensionEnabled('blomstra-gdpr', fn () => [ + (new UserData()) + ->addType(Data\BannedIPData::class), + ]), ]; diff --git a/resources/locale/en.yml b/resources/locale/en.yml index 82e3686..873163c 100644 --- a/resources/locale/en.yml +++ b/resources/locale/en.yml @@ -75,3 +75,9 @@ fof-ban-ips: address_label: IP Address reason_label: Reason +blomstra-gdpr: + lib: + data: + bannedipdata: + export_description: "If an IP ban record is associated with a user (i.e. the user was banned by IP), the user's IP address will be included in the export, along with the reason for the ban and the creation date." + anonymize_description: "Any IP addresses linked to the user are decoupled, but the IP itself will remain banned, along with the reason. Ensure no PII data is stored in the 'reason' field." diff --git a/src/Data/BannedIPData.php b/src/Data/BannedIPData.php new file mode 100644 index 0000000..4f41e47 --- /dev/null +++ b/src/Data/BannedIPData.php @@ -0,0 +1,54 @@ +where('user_id', $this->user->id) + ->each(function (BannedIP $bannedIp) use (&$exportData) { + $exportData[] = ["bannedIP/ip-{$bannedIp->id}.json" => $this->encodeForExport($this->sanitize($bannedIp))]; + }); + + return $exportData; + } + + public function sanitize(BannedIP $bannedIP): array + { + return Arr::except($bannedIP->toArray(), ['id', 'creator_id', 'user_id']); + } + + public function anonymize(): void + { + BannedIP::query() + ->where('user_id', $this->user->id) + ->update(['user_id' => null]); + } + + public static function deleteDescription(): string + { + return self::anonymizeDescription(); + } + + public function delete(): void + { + $this->anonymize(); + } +}