Add SAR support/script for fedocal

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
2018-05-15 15:20:26 +02:00 · 2018-05-15 15:20:26 +02:00 · 6435ac4b1d
commit 6435ac4b1d
parent 2d61c84f2d
3 changed files with 94 additions and 0 deletions
--- a/inventory/host_vars/fedocal02.phx2.fedoraproject.org
+++ b/inventory/host_vars/fedocal02.phx2.fedoraproject.org
@ -10,3 +10,8 @@ volgroup: /dev/vg_guests
 eth0_ip: 10.5.126.56
 vmhost: virthost06.phx2.fedoraproject.org
 datacenter: phx2
+
+# GDPR SAR variables
+sar_script: /usr/local/bin/fedocal_sar.py
+sar_script_user: apache
+sar_output_file: fedocal.json
--- a/roles/fedocal/tasks/main.yml
+++ b/roles/fedocal/tasks/main.yml
@ -59,3 +59,15 @@
                    state=true
                    persistent=true

+- name: Install the SAR script for GDPR
+  when: inventory_hostname.startswith('fedocal02')
+  template: src={{ item.file }}
+            dest={{ item.location }}/{{ item.file }}
+            owner=apache group=apache mode=0700
+  with_items:
+  - { file: 'fedocal_sar.py', location: /usr/local/bin/ }
+  tags:
+  - config
+  - GDPR
+  - SAR
+
--- a/roles/fedocal/templates/fedocal_sar.py
+++ b/roles/fedocal/templates/fedocal_sar.py
@ -0,0 +1,77 @@
+#!/usr/bin/python
+
+from __future__ import unicode_literals, print_function
+
+import os
+import json
+import sys
+
+
+if 'FEDOCAL_CONFIG' not in os.environ \
+        and os.path.exists('/etc/fedocal/fedocal.cfg'):
+    os.environ['FEDOCAL_CONFIG'] = '/etc/fedocal/fedocal.cfg'
+
+
+from fedocal import SESSION  # noqa
+from fedocal.fedocallib import model  # noqa
+
+
+def get_user_calendars(email):
+    ''' Return fedocal.fedocallib.model.Calendar objects related to the
+    specified user.
+    '''
+    query = SESSION.query(
+        model.Calendar
+    ).filter(
+        model.Calendar.calendar_contact == email
+    ).order_by(
+        model.Calendar.calendar_name
+    )
+    return query.all()
+
+
+def get_user_meetings(username):
+    ''' Return fedocal.fedocallib.model.Meeting objects related to the
+    specified user.
+    '''
+    query = SESSION.query(
+        model.Meeting
+    ).filter(
+        model.Meeting.meeting_id == model.MeetingsUsers.meeting_id
+    ).filter(
+        model.MeetingsUsers.username == username
+    ).order_by(
+        model.Meeting.meeting_id
+    )
+    return query.all()
+
+
+def main():
+    ''' Prints out all the calendar and meeting related to the username
+    specified in the SAR_USERNAME environment variable.
+    If no such environment variable is available, the script will bail.
+    '''
+    email = os.getenv('SAR_EMAIL')
+    username = os.getenv('SAR_USERNAME')
+    if not username:
+        print('An username is required to query fedocal')
+        return 1
+
+    output = {}
+    # Get all calendar related to this user.
+    output['calendars'] = [
+        calendar.to_json()
+        for calendar in get_user_calendars(email)
+    ]
+    output['meetings'] = [
+        meeting.to_json()
+        for meeting in get_user_meetings(username)
+    ]
+
+    print(json.dumps(
+        output, sort_keys=True, indent=4, separators=(',', ': ')
+    ).encode('utf-8'))
+
+
+if __name__ == '__main__':
+    sys.exit(main())