Show pseudonymized names #1211
Merged
Show pseudonymized names #1211
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| def get(self, request: HttpRequest) -> HttpResponse: | ||
| pseudonymize = request.session.get("pseudonymize", False) | ||
| request.session["pseudonymize"] = not pseudonymize | ||
| return HttpResponseRedirect(request.META.get("HTTP_REFERER", "/")) |
Check warning
Code scanning / CodeQL
URL redirection from remote source Medium
mikaelGusse
force-pushed
the
feature/pseudonymized-data
branch
8 times, most recently
from
efe9dc9
to
000f732
Compare
- Added studentID to be pseudonymizized - Fixed hashing issues
mikaelGusse
force-pushed
the
feature/pseudonymized-data
branch
from
000f732
to
ff648fc
Compare
murhum1
reviewed
Apr 2, 2024
exercise/staff_views.py
Outdated
| @@ -66,6 +75,9 @@ def get_common_objects(self) -> None: | |||
| Prefetch('submitters', UserProfile.objects.prefetch_tags(self.instance)), | |||
| ) | |||
| ) | |||
| for submission in qs: | |||
| format_submission(submission, self.pseudonymize) | |||
| print(submission.submitters) | |||
murhum1
requested changes
Apr 4, 2024
mikaelGusse
force-pushed
the
feature/pseudonymized-data
branch
from
8ea5f35
to
bc9d2de
Compare
Thanks for the comments! Just went through them, do you think the seed system there is ok for keeping the pseudonymizations consistent? |
mikaelGusse
force-pushed
the
feature/pseudonymized-data
branch
from
bc9d2de
to
75571b8
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This turned out to be very difficult. The only way I came up with is to modify the user instance's fields without storing the changes to the database. I don't know if this is the cleanest way to do it but the upside is that is doesn't require changing the API of user of userprofile. I couldn't figure out a way to pseudonymize the 'All results' page since it doesn't fetch the user data in the view but through a JavaScript script so I can't access the request.session object which contains a boolean value 'pseudonymize' that determines whether personal data should be pseudonymized. Also, the forms are difficult to pseudonymize without changing the form field values which sounds dangerous.
#533