001/* 002 * Copyright 2025 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.plugins.forms; 017 018import java.time.Period; 019import java.time.ZonedDateTime; 020import java.util.Map; 021 022import org.apache.avalon.framework.activity.Initializable; 023import org.apache.avalon.framework.service.ServiceException; 024import org.apache.avalon.framework.service.ServiceManager; 025import org.apache.avalon.framework.service.Serviceable; 026 027import org.ametys.core.trace.ForensicLogger; 028import org.ametys.core.user.population.UserPopulationDAO; 029import org.ametys.core.user.status.PersonalDataPolicy; 030import org.ametys.core.user.status.UserStatusInfo; 031import org.ametys.plugins.forms.repository.FormEntry; 032import org.ametys.plugins.forms.repository.FormEntryFactory; 033import org.ametys.plugins.repository.AmetysObjectIterable; 034import org.ametys.plugins.repository.AmetysObjectResolver; 035import org.ametys.plugins.repository.query.QueryHelper; 036import org.ametys.plugins.repository.query.expression.Expression; 037import org.ametys.plugins.repository.query.expression.Expression.Operator; 038import org.ametys.plugins.repository.query.expression.UserExpression; 039import org.ametys.runtime.config.Config; 040import org.ametys.runtime.plugin.component.AbstractLogEnabled; 041 042/** 043 * Anonymize all the answers given by the user after a given delay since he is missing 044 */ 045public class FormEntryPersonalDataPolicy extends AbstractLogEnabled implements PersonalDataPolicy, Serviceable, Initializable 046{ 047 /** The ametys object resolver */ 048 protected AmetysObjectResolver _resolver; 049 050 private Period _delay; 051 052 public void service(ServiceManager manager) throws ServiceException 053 { 054 _resolver = (AmetysObjectResolver) manager.lookup(AmetysObjectResolver.ROLE); 055 } 056 057 public void initialize() throws Exception 058 { 059 Long config = Config.getInstance().<Long>getValue("form.data.policy.form.entries.retention", false, null); 060 _delay = config != null && config >= 0 ? Period.ofMonths(config.intValue()) : null; 061 } 062 063 public AnonymizationResult process(UserStatusInfo userStatusInfo) 064 { 065 if (_delay != null && ZonedDateTime.now().isAfter(userStatusInfo.getMissingSinceDate().plus(_delay))) 066 { 067 Expression userExpression = new UserExpression(FormEntry.ATTRIBUTE_USER, Operator.EQ, userStatusInfo.getUserIdentity()); 068 String query = QueryHelper.getXPathQuery(null, FormEntryFactory.NODE_TYPE, userExpression); 069 try (AmetysObjectIterable<FormEntry> entries = _resolver.query(query)) 070 { 071 if (entries.getSize() > 0) 072 { 073 for (FormEntry entry : entries) 074 { 075 entry.anonymize(); 076 } 077 ForensicLogger.info("data.policy.gdpr.anonymize.form.submissions", Map.of("handled", Long.toString(entries.getSize()), "identity", userStatusInfo.getUserIdentity()), UserPopulationDAO.SYSTEM_USER_IDENTITY); 078 return AnonymizationResult.PROCESSED; 079 } 080 else 081 { 082 return AnonymizationResult.NO_DATA; 083 } 084 } 085 } 086 else 087 { 088 return AnonymizationResult.TOO_EARLY; 089 } 090 } 091 092}