Skip to content
Snippets Groups Projects
Commit 680186c0 authored by Johannes Hörmann's avatar Johannes Hörmann
Browse files

implement DSGVO

parent 4fcadd4b
No related branches found
No related tags found
No related merge requests found
Showing
with 291 additions and 57 deletions
......@@ -145,7 +145,7 @@
<displayValueProcess>%aditoprj%/entity/DSGVO_entity/entityfields/type/displayValueProcess.js</displayValueProcess>
</entityField>
<entityParameter>
<name>currentPerson_param</name>
<name>ContactId_param</name>
<expose v="true" />
<mandatory v="true" />
</entityParameter>
......@@ -191,7 +191,6 @@
<entityField>
<name>VALUE</name>
<title>Value</title>
<mandatory v="true" />
<dropDownProcess>%aditoprj%/entity/DSGVO_entity/entityfields/value/dropDownProcess.js</dropDownProcess>
<displayValueProcess>%aditoprj%/entity/DSGVO_entity/entityfields/value/displayValueProcess.js</displayValueProcess>
</entityField>
......@@ -209,6 +208,9 @@
</entityParameter>
</children>
</entityConsumer>
<entityProvider>
<name>DSGVOEntries</name>
</entityProvider>
</entityFields>
<recordContainers>
<jDitoRecordContainer>
......
......@@ -4,7 +4,7 @@ import("system.vars");
if(vars.get("$sys.recordstate") == neon.OPERATINGSTATE_NEW)
{
if(vars.exists("$param.currentPerson_param") && vars.get("$param.currentPerson_param") != null) {
result.string(vars.getString("$param.currentPerson_param"));
if(vars.get("$param.ContactId_param")) {
result.string(vars.getString("$param.ContactId_param"));
}
}
\ No newline at end of file
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
// TODO open View DSGVOPreviewAnonym_view mit Auswahl an Kategorien
//DSGVOUtils.dsgvoMkDataAnonymous(vars.get("$field.CONTACT_ID"), vars.get("$field.ROW_ID"));
\ No newline at end of file
//DataPrivacyUtils.dsgvoMkDataAnonymous(vars.get("$field.CONTACT_ID"), vars.get("$field.ROW_ID"));
\ No newline at end of file
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
DSGVOUtils.openReport(vars.get("$param.currentPerson_param"), "DSGVO_Disclosure_Report");
\ No newline at end of file
DataPrivacyUtils.openReport(vars.get("$param.ContactId_param"), "DSGVO_Disclosure_Report");
\ No newline at end of file
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
DSGVOUtils.openReport(vars.get("$param.currentPerson_param"), "DSGVO_Information_report");
\ No newline at end of file
DataPrivacyUtils.openReport(vars.get("$param.ContactId_param"), "DSGVO_Information_report");
\ No newline at end of file
import("system.vars");
import("system.result");
import("DSGVO_lib");
import("DataPrivacy_lib");
result.object(DSGVOUtils.getSpecificRowId(vars.get("$param.currentPerson_param"), vars.get("$field.TABLENAME")));
\ No newline at end of file
result.object(DataPrivacyUtils.getSpecificRowId(vars.get("$param.ContactId_param"), vars.get("$field.TABLENAME")));
\ No newline at end of file
import("system.result");
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
result.object(DSGVOUtils.getTypes(vars.get("$param.currentPerson_param"), vars.get("$field.TABLENAME")));
\ No newline at end of file
result.object(DataPrivacyUtils.getTypes(vars.get("$param.ContactId_param"), vars.get("$field.TABLENAME")));
\ No newline at end of file
import("system.result");
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
var res = DSGVOUtils.getValues(vars.get("$param.currentPerson_param"), vars.get("$field.TABLENAME"), vars.get("$field.TYPE"));
//var res = DataPrivacyUtils.getValues(vars.get("$param.currentPerson_param"), vars.get("$field.TABLENAME"), vars.get("$field.TYPE"));
result.object(res[0][1]);
\ No newline at end of file
result.object(vars.get("$this.value"));
\ No newline at end of file
import("system.result");
import("system.vars");
import("DSGVO_lib");
import("DataPrivacy_lib");
var res = DSGVOUtils.getValues(vars.get("$param.currentPerson_param"), vars.get("$field.TABLENAME"), vars.get("$field.TYPE"));
var res = DataPrivacyUtils.getValues(vars.get("$param.ContactId_param"), vars.get("$field.TABLENAME"), vars.get("$field.TYPE"));
result.object(res);
\ No newline at end of file
......@@ -8,34 +8,85 @@ import("system.result");
import("Sql_lib");
import("Address_lib");
import("Attribute_lib");
import("DataPrivacy_lib");
var contactId = vars.get("$param.ContactId_param");
DataPrivacyUtils.fillMissing(contactId)
var recordCond = SqlCondition.begin();
var person = vars.get("$param.currentPerson_param");
if (vars.exists("$param.currentPerson_param") && person)
recordCond.andPrepareVars("DSGVO.CONTACT_ID", "$param.currentPerson_param");
recordCond.andPrepare("DSGVO.CONTACT_ID", contactId);
if (vars.exists("$local.idvalues") && vars.get("$local.idvalues") && vars.get("$local.idvalues").length > 0)
{
recordCond.andIn("DSGVO.DSGVOID", vars.get("$local.idvalues"));
}
var data = db.table(recordCond.buildSql("select DSGVOID, ROW_ID, TABLENAME, TYPE, "
var data = db.table(recordCond.buildSql("select DSGVOID, ROW_ID, TABLENAME, TYPE, '',"
+ "STATUORITYSOURCE, PURPOSE, VALID_TO, CONTACT_ID, DATE_NEW, DATE_EDIT, USER_NEW, USER_EDIT "
+ "from DSGVO ", "1 = 2"));
var res = _groupData(data, person);
var res = _groupData(data, contactId);
result.object(res);
function _groupData(pData, pPerson)
function _groupData(pData, pContactId)
{
var tableContainer = $KeywordRegistry.DSGVOTablename();
return pData.map(function(pRow) {
var innerCond = SqlCondition.begin();
switch (pRow[2])
{
case $KeywordRegistry.DSGVOTablename$address():
var addrData = db.array(db.ROW, innerCond.andPrepare("ADDRESS.ADDRESSID", pRow[1]) // RowId
.buildSql("select ADDRESSID, ADDRESS, ADDRESSADDITION, ADDRIDENTIFIER, "
+ "BUILDINGNO, CITY, COUNTRY, DISTRICT, REGION, CONTACT_ID, STATE, ZIP, ADDR_TYPE "
+ "from ADDRESS", "1 = 1"));
if(addrData.length == 1)
{
// TODO Addresse formatieren
var addrVal = "";
addrData.forEach(function(entry)
{
addrVal += entry + " ";
});
pRow[4] = addrVal
}
return pRow;
case $KeywordRegistry.DSGVOTablename$communication():
var commData = db.cell(SqlCondition.begin()
.andPrepare("COMMUNICATION.COMMUNICATIONID", pRow[1])
.buildSql("select ADDR "
+ "from COMMUNICATION ", "1 = 0"));
pRow[4] = commData;
return pRow;
case $KeywordRegistry.DSGVOTablename$attribute():
// TODO
return pRow;
case $KeywordRegistry.DSGVOTablename$personal():
var persData = db.array(db.ROW, SqlCondition.begin()
.andPrepare("CONTACT.CONTACT_ID", pContactId) // 4 8
.buildSql("select CONTACTID, DATEOFBIRTH, FIRSTNAME, MIDDLENAME, LASTNAME, GENDER, SALUTATION, TITLE, TITLESUFFIX, PICTURE "
+ "from CONTACT left join PERSON on PERSONID = PERSON_ID", "1 = 0"));
switch (pRow[3])
{
case $KeywordRegistry.DSGVOType$names():
// TODO format correctly (with lib)
var names = persData[6] + " " + persData[7] + " " + persData[8] + " " + persData[2] + " "
+ persData[3] + " " + persData[4];
pRow[4] = names;
return pRow;
case $KeywordRegistry.DSGVOType$personal():
var otherPersData = persData[9] + datetime.toDate(persData[1], "dd.MM.yyyy") + ", " + persData[5];
pRow[4] = otherPersData;
return pRow;
}
}
}, pPerson);
return pRow;
});
}
\ No newline at end of file
......@@ -885,10 +885,8 @@ Usually this is used for filtering COMMUNICATION-entries by a specified contact
</dependency>
<children>
<entityParameter>
<name>currentPerson_param</name>
<valueProcess>%aditoprj%/entity/Person_entity/entityfields/dsgvoentries/children/currentperson_param/valueProcess.js</valueProcess>
<expose v="true" />
<mandatory v="true" />
<name>ContactId_param</name>
<valueProcess>%aditoprj%/entity/Person_entity/entityfields/dsgvoentries/children/contactid_param/valueProcess.js</valueProcess>
</entityParameter>
</children>
</entityConsumer>
......
import("system.vars");
import("system.result");
result.string(vars.get("$field.PERSONID"));
result.string(vars.get("$field.CONTACTID"));
\ No newline at end of file
......@@ -22,10 +22,6 @@
<name>167afc20-3e2c-452d-9300-f5e105bc85e4</name>
<entityField>TYPE</entityField>
</entityFieldLink>
<entityFieldLink>
<name>732a0a8a-4db3-4ff9-b4a2-c7ab6f2cf144</name>
<entityField>VALUE</entityField>
</entityFieldLink>
<entityFieldLink>
<name>191e8712-abf8-42d8-89d5-649dd0164f56</name>
<entityField>STATUORITYSOURCE</entityField>
......
<?xml version="1.0" encoding="UTF-8"?>
<process xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.2.1" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/process/1.2.1">
<name>DSGVO_lib</name>
<name>DataPrivacy_lib</name>
<majorModelMode>DISTRIBUTED</majorModelMode>
<process>%aditoprj%/process/DSGVO_lib/process.js</process>
<process>%aditoprj%/process/DataPrivacy_lib/process.js</process>
<variants>
<element>LIBRARY</element>
</variants>
......
......@@ -11,15 +11,202 @@ import("system.neon");
import("system.result");
import("Report_lib");
/**
*
* Do not create new instances anywhere else than inside of the get-function!
*
*/
function DataPrivacyType(pKeyId, pGetValuesCallback)
{
this.key = pKeyId;
this.getValues = pGetValuesCallback;
}
/**
* get all possible validation types or one specific
* @param {String} [pKey=undefined] if provided, this function returns only the validation type with this key
*
* @return {Object|DataPrivacyType} object containing all WsValidationTypes or one specific WsValidationType
*/
DataPrivacyType.get = function(pKey)
{
if (!this._cache)
this._cache = {
// Address lookups
TYPE_NAME: new DataPrivacyType("TYPE_NAME", _getName),
TYPE_BIRTH: new DataPrivacyType("TYPE_BIRTH", _getBirthday),
TYPE_ADDRESS: new DataPrivacyType("TYPE_ADDRESS", _getAddress),
TYPE_COMM: new DataPrivacyType("TYPE_COMM", _getCommunication),
TYPE_ATTR: new DataPrivacyType("TYPE_ATTR")//, _getAttribute)
// Picture also?
// Gender also?
// Orgs of the person also?
}
if (pKey)
return this._cache[pKey];
return this._cache;
function _getName(pContactId, pPersonId) {
// Use PersonId as ID, since the data comes from the person
logging.log(JSON.stringify(SqlCondition.begin()
.andPrepareIfSet("CONTACT.CONTACTID", pContactId)
.andPrepareIfSet("PERSON.PERSONID", pPersonId), null, "\t"))
// TODO: with loadEntity
var persData = db.array(db.ROW, SqlCondition.begin()
.andPrepareIfSet("CONTACT.CONTACTID", pContactId)
.andPrepareIfSet("PERSON.PERSONID", pPersonId)
.buildSql("select PERSONID, SALUTATION, TITLE, TITLESUFFIX, FIRSTNAME, MIDDLENAME, LASTNAME "
+ (pContactId ? "from CONTACT left join PERSON on PERSONID = PERSON_ID" : "PERSON"), // use only CONTACT, if contactid is given else use PERSON directly
"1 = 0"));
// TODO format correctly (with lib?)
var names = persData[1] + " " + persData[2] + " " + persData[3] + " " + persData[4] + " "
+ persData[5] + " " + persData[6];
return [{
value: names,
id: persData[0]
}]
}
function _getBirthday(pContactId, pPersonId) {
// Use PersonId as ID, since the data comes from the person
// TODO: with loadEntity
var persData = db.array(db.ROW, SqlCondition.begin()
.andPrepareIfSet("CONTACT.CONTACTID", pContactId)
.andPrepareIfSet("PERSON.PERSONID", pPersonId)
.buildSql("select PERSONID, DATEOFBIRTH "
+ (pContactId ? "from CONTACT left join PERSON on PERSONID = PERSON_ID" : "PERSON"), // use only CONTACT, if contactid is given else use PERSON directly
"1 = 0"));
return [{
value: persData[1],
id: persData[0]
}]
}
function _getAddress(pContactId, pAddressId) {
// TODO: with loadEntity
var addrData = db.table(SqlCondition.begin()
.andPrepareIfSet("ADDRESS.ADDRESSID", pAddressId)
.andPrepareIfSet("ADDRESS.CONTACT_ID", pContactId)
.buildSql("select ADDRESSID, ADDRESS, ADDRESSADDITION, ADDRIDENTIFIER, "
+ "BUILDINGNO, CITY, COUNTRY, DISTRICT, REGION, STATE, ZIP, ADDR_TYPE "
+ "from ADDRESS", "1 = 0"));
return addrData.map(function(pAddr)
{
// TODO Addresse formatieren
var addrVal = "";
pAddr.forEach(function(entry)
{
addrVal += entry + " ";
});
return {
value: addrVal,
id: pAddr[0]
}
});
}
function _getCommunication(pContactId, pCommunicationId) {
// TODO: with loadEntity
var commData = db.table(SqlCondition.begin()
.andPrepareIfSet("COMMUNICATION.COMMUNICATIONID", pCommunicationId)
.andPrepareIfSet("COMMUNICATION.CONTACT_ID", pContactId)
.buildSql("select COMMUNICATIONID, ADDR from COMMUNICATION ", "1 = 0"));
return commData.map(function(pComm)
{
return {
value: pComm[1],
id: pComm[0]
}
});
}
}
/**
* Methods used by DSGVO.
* Do not create an instance of this!
*
* @class
*/
function DSGVOUtils() {}
function DataPrivacyUtils() {}
DataPrivacyUtils.getDSGVO = function(pContactId, pAlternateSelectString)
{
var cond = SqlCondition.begin().andPrepare("DSGVO.CONTACT_ID", pContactId);
var select = (pAlternateSelectString ? pAlternateSelectString :
"DSGVOID," + // 0
"CONTACT_ID," + // 1
"TYPE," + // 2
"ROW_ID," + // 3
"''," + // 4 - dummy for value
"STATUORITYSOURCE," + // 5
"PURPOSE," + // 6
"VALID_TO," + // 7
"DATE_NEW," + // 8
"DATE_EDIT," + // 9
"USER_NEW," + // 10
"USER_EDIT ") // 11
var data = db.table(cond.buildSql("select " + select + " from DSGVO", "1 = 2"));
return data;
}
DataPrivacyUtils.fillMissing = function(pContactId)
{
var contactDSGVO = DataPrivacyUtils.getDSGVO(pContactId, "TYPE, ROW_ID");
var inserts = [];
var currentUser = vars.getString("$sys.user");
var now = vars.getString("$sys.date");
for (type in DataPrivacyType.get())
{
// get type object for current type
var type = DataPrivacyType.get(type);
if (type.getValues == undefined)
break;
// load all data of the current type
var data = type.getValues(pContactId);
data.forEach(function(pRow)
{
// search if it is already in DSGVO table
var found = false;
for (dat in contactDSGVO)
{
if (contactDSGVO[dat][0] == type.key && contactDSGVO[dat][1] == pRow.id)
{
found = true;
break;
}
}
// if not insert it
if (!found)
{
// insert
inserts.push(["DSGVO",
["DSGVOID", "USER_NEW", "DATE_NEW", "TYPE", "ROW_ID", "CONTACT_ID"],
null,
[util.getNewUUID(), currentUser, now, type.key, pRow.id, pContactId]]);
}
});
}
db.inserts(inserts);
}
DSGVOUtils.getTypes = function(pPerson, pTablename)
DataPrivacyUtils.getTypes = function(pPerson, pTablename)
{
var res = [];
......@@ -64,7 +251,7 @@ DSGVOUtils.getTypes = function(pPerson, pTablename)
return res;
}
DSGVOUtils.getValues = function(pPerson, pTablename, pType)
DataPrivacyUtils.getValues = function(pPerson, pTablename, pType)
{
var res = [];
......@@ -135,7 +322,7 @@ DSGVOUtils.getValues = function(pPerson, pTablename, pType)
}
DSGVOUtils.getSpecificRowId = function(pPerson, pTablename)
DataPrivacyUtils.getSpecificRowId = function(pPerson, pTablename)
{
if (pTablename == $KeywordRegistry.DSGVOTablename$address())
{
......@@ -159,7 +346,7 @@ DSGVOUtils.getSpecificRowId = function(pPerson, pTablename)
return null;
}
DSGVOUtils.openReport = function(pPerson, pReportName)
DataPrivacyUtils.openReport = function(pPerson, pReportName)
{
var DSGVOReport = new Report(pReportName);
......@@ -207,7 +394,7 @@ DSGVOUtils.openReport = function(pPerson, pReportName)
* @param pPersId
* @param pContactId
*/
DSGVOUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
DataPrivacyUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
{
// TODO Only Data that comes from private contacts
// TODO ggf. nur ein Param notwendig? oder pRowId statt pPersId
......@@ -241,7 +428,7 @@ DSGVOUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
+ " from PERS "
+ " where PERSID = '" + pPersId + "'");*/
values = [DSGVOUtils.anonymizeText(data[0]), DSGVOUtils.anonymizeText(data[1]), DSGVOUtils.anonymizeText(data[2]), DSGVOUtils.anonymizeText(data[3]), DSGVOUtils.anonymizeText(data[4])];
values = [DataPrivacyUtils.anonymizeText(data[0]), DataPrivacyUtils.anonymizeText(data[1]), DataPrivacyUtils.anonymizeText(data[2]), DataPrivacyUtils.anonymizeText(data[3]), DataPrivacyUtils.anonymizeText(data[4])];
columns = ["SALUTATION", "TITLE", "FIRSTNAME", "MIDDLENAME", "LASTNAME"];
columnTypes = db.getColumnTypes("PERSON", columns);
condition = SqlCondition.andPrepare("PERSONID", pPersId)
......@@ -291,11 +478,11 @@ DSGVOUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
//Jede Addresse muss separat anonymisiert werden
for (let i = 0; i < data.length; i++) {
values = [DSGVOUtils.anonymizeText(data[i][0]), DSGVOUtils.anonymizeText(data[i][1]),
DSGVOUtils.anonymizeText(data[i][2]), DSGVOUtils.anonymizeText(data[i][3]),
DSGVOUtils.anonymizeText(data[i][4]), DSGVOUtils.anonymizeText(data[i][5]),
DSGVOUtils.anonymizeText(data[i][6]), DSGVOUtils.anonymizeText(data[i][7]),
DSGVOUtils.anonymizeText(data[i][8])];
values = [DataPrivacyUtils.anonymizeText(data[i][0]), DataPrivacyUtils.anonymizeText(data[i][1]),
DataPrivacyUtils.anonymizeText(data[i][2]), DataPrivacyUtils.anonymizeText(data[i][3]),
DataPrivacyUtils.anonymizeText(data[i][4]), DataPrivacyUtils.anonymizeText(data[i][5]),
DataPrivacyUtils.anonymizeText(data[i][6]), DataPrivacyUtils.anonymizeText(data[i][7]),
DataPrivacyUtils.anonymizeText(data[i][8])];
// TODO prüfen
condition = SqlCondition.andPrepare("CONTACT_ID", pContactId)
......@@ -319,7 +506,7 @@ DSGVOUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
columnTypes = db.getColumnTypes("COMM", columns);
for (let i = 0; i < data.length; i++) {
values = [DSGVOUtils.anonymizeText(data[i][0]), DSGVOUtils.anonymizeText(data[i][1])];
values = [DataPrivacyUtils.anonymizeText(data[i][0]), DataPrivacyUtils.anonymizeText(data[i][1])];
condition = SqlCondition.andPrepare("CONTACT_ID", pContactId)
.andPrepare("COMMUNICATIONID", data[i][2]).and("1=2");
......@@ -352,10 +539,10 @@ DSGVOUtils.dsgvoMkDataAnonymous = function(pPersId, pContactId)
* @param {String} pText Text to be made anonymous
* @return {String} first and last letter from pText with (pText.length-2) stars(*) between them
*
* @example DSGVOUtils.anonymizeText("Buchstabe")
* @example DataPrivacyUtils.anonymizeText("Buchstabe")
* @exampleresult B*******e
*/
DSGVOUtils.anonymizeText = function(pText)
DataPrivacyUtils.anonymizeText = function(pText)
{
if (pText == null)
return null;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment