* user polaris id and not email

6e1fc2cb · Benjamin Ledel · 51dc61b8 · 6e1fc2cb · 6e1fc2cb
Commit 6e1fc2cb authored 1 year ago by Benjamin Ledel
--- a/src/data_removal/views.py
+++ b/src/data_removal/views.py
@@ -12,43 +12,43 @@ from rest_framework.views import APIView
 from .models import DataRemovalJob


-def rm_user_statements_filter(email):
-    statement_filter = {"actor.mbox": f"mailto:{email}"}
-    description = f"Delete all statements for user {email}"
+def rm_user_statements_filter(user_id):
+    statement_filter = {"actor.mbox": f"mailto:{user_id}-polaris-id@polaris.com"}
+    description = f"Delete all statements for user {user_id}"
    return [statement_filter, description]


-def rm_user_verb_statements_filter(email, verb_id):
+def rm_user_verb_statements_filter(user_id, verb_id):
    statement_filter = {
-        "actor.mbox": f"mailto:{email}",
+        "actor.mbox": f"mailto:{user_id}-polaris-id@polaris.com",
        "verb.id": verb_id,
    }
-    description = f"Delete statements for user {email} and verbId {verb_id}"
+    description = f"Delete statements for user {user_id} and verbId {verb_id}"
    return [statement_filter, description]


-def rm_user_object_statements_filter(email, verb_id, object_id):
+def rm_user_object_statements_filter(user_id, verb_id, object_id):
    statement_filter = {
-        "actor.mbox": f"mailto:{email}",
+        "actor.mbox": f"mailto:{user_id}-polaris-id@polaris.com",
        "verb.id": verb_id,
        "object.id": object_id,
    }
-    description = f"Delete statements for user {email} and verbId {verb_id} and objectId {object_id}"
+    description = f"Delete statements for user {user_id} and verbId {verb_id} and objectId {object_id}"
    return [statement_filter, description]


-def get_scope_filter(email, scope):
+def get_scope_filter(user_id, scope):

    if scope.get("verbId", None) is not None and scope.get("objectId", None) is None:
-        return rm_user_verb_statements_filter(email, scope["verbId"])
+        return rm_user_verb_statements_filter(user_id, scope["verbId"])
    if (
        scope.get("verbId", None) is not None
        and scope.get("objectId", None) is not None
    ):
        return rm_user_object_statements_filter(
-            email, scope["verbId"], scope["objectId"]
+            user_id, scope["verbId"], scope["objectId"]
        )
-    return rm_user_statements_filter(email)
+    return rm_user_statements_filter(user_id)


 class CreateDataRemovalJob(APIView):
@@ -59,7 +59,7 @@ class CreateDataRemovalJob(APIView):

    def post(self, request):
        [statement_filter, description] = get_scope_filter(
-            request.user.email, request.data["scope"]
+            request.user.id, request.data["scope"]
        )
        if request.data["immedialty"]:
            DataRemovalJob.objects.create(

--- a/src/xapi/views.py
+++ b/src/xapi/views.py
@@ -155,6 +155,8 @@ def process_statement(x_api_statement, provider, latest_schema):
    except ObjectDoesNotExist:
        return {"valid": False, "accepted": False, "message": "User not found"}

+    x_api_statement["actor"]["mbox"] = "mailto:" + user.id + "-polaris-id@polaris.com"
+
    # essential verbs do not require consent
    if not verb in [verb["id"] for verb in latest_schema.essential_verbs]:

@@ -306,10 +308,6 @@ class CreateStatement(APIView):
            request.data if isinstance(request.data, list) else [request.data]
        )

-        # IMPORTANT remove this actor override in production
-        #for stmt in x_api_statements:
-        #    stmt["actor"]["account"]["name"] = "user1@polaris.com"
-
        if settings.SHOW_XAPI_STATEMENTS:
           print(x_api_statements)