Mercurial > libervia-backend

annotate libervia/backend/plugins/plugin_exp_data_policy.py @ 4378:930a4ea7ab6f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugin data policy: Data Policy implementation: This plugin implement data policy parsing and an algorithm to calculate a score based on them. rel 460
author Goffi <goffi@goffi.org>
date Thu, 26 Jun 2025 17:02:33 +0200
parents
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4378
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
2
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
3 # Libervia plugin for handling stateless file sharing encryption
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
4 # Copyright (C) 2009-2025 Jérôme Poisson (goffi@goffi.org)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
5
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
10
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
15
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
18
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
19
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
20 from enum import Enum, StrEnum, auto
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
21 import enum
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
22 from typing import TYPE_CHECKING, Self, cast
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
23 from typing import get_type_hints
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
24
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
25 from pydantic import BaseModel, ConfigDict, Field, computed_field
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
26 from twisted.internet import defer
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
27 from twisted.words.protocols.jabber import jid
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
28 from wokkel import data_form
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
29
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
30 from libervia.backend.core import exceptions
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
31 from libervia.backend.core.constants import Const as C
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
32 from libervia.backend.core.core_types import SatXMPPEntity
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
33 from libervia.backend.core.i18n import D_, _
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
34 from libervia.backend.core.log import getLogger
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
35
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
36 if TYPE_CHECKING:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
37 from libervia.backend.core.main import LiberviaBackend
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
38
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
39 log = getLogger(__name__)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
40 IMPORT_NAME = "DATA-POLICY"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
41
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
42 PLUGIN_INFO = {
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
43 C.PI_NAME: "Data Policy",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
44 C.PI_IMPORT_NAME: IMPORT_NAME,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
45 C.PI_TYPE: C.PLUG_TYPE_EXP,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
46 C.PI_PROTOCOLS: [],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
47 C.PI_DEPENDENCIES: [],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
48 C.PI_MAIN: "DATA_POLICY",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
49 C.PI_HANDLER: "no",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
50 }
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
51
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
52 NS_DATA_POLICY_BASE = "urn:xmpp:data-policy"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
53 NS_DATA_POLICY = f"{NS_DATA_POLICY_BASE}:0"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
54 NS_DATA_POLICY_ID_PREFIX = f"{NS_DATA_POLICY_BASE}:identity:"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
55 NS_DATA_POLICY_ID_SUFFIX = ":0"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
56 NS_DATA_POLICY_ID_TPL = (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
57 f"{NS_DATA_POLICY_ID_PREFIX}{{category}}:{{type}}{NS_DATA_POLICY_ID_SUFFIX}"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
58 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
59
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
60
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
61 class IndividualScore(BaseModel):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
62 score: int
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
63 description: str
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
64
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
65
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
66 class Score(BaseModel):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
67 score: int
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
68 minimum: int
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
69 maximum: int
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
70 detail: list[IndividualScore]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
71
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
72
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
73 class ScoredStrEnum(StrEnum):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
74 _score_map = enum.nonmember({})
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
75 _min_score = enum.nonmember(0)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
76 _max_score = enum.nonmember(0)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
77
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
78 @classmethod
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
79 def get_score(cls, value: str) -> Score:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
80 score, description = cls._score_map[value]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
81 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
82 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
83 minimum=cls._min_score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
84 maximum=cls._max_score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
85 detail=[IndividualScore(score=score, description=description)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
86 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
87
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
88 def __init_subclass__(cls) -> None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
89 try:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
90 score_map = cls._score_map
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
91 except AttributeError:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
92 raise exceptions.InternalError('"_score_map" must be set.')
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
93 if not score_map:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
94 raise exceptions.InternalError("ScoredEnum must set _score_map.")
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
95
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
96 if set(score_map.keys()) != set(cls):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
97 raise exceptions.InternalError(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
98 "All enum members must be present in _score_map."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
99 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
100
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
101 all_scores = [score for score, _ in score_map.values()]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
102 cls._min_score = min(all_scores)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
103 cls._max_score = max(all_scores)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
104
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
105
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
106 class AuthMechanism(ScoredStrEnum):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
107 NO_AUTH = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
108 PLAIN = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
109 HIDDEN = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
110 RESTRICTED = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
111
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
112 _score_map = enum.nonmember(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
113 {
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
114 NO_AUTH: (20, D_("No authentication is needed.")),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
115 PLAIN: (-20, D_("Your login data are transmitted to this service.")),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
116 HIDDEN: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
117 0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
118 D_("This service logs to your account, but doesn't get logging data."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
119 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
120 RESTRICTED: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
121 15,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
122 D_("This service logs to your account in a restricted way."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
123 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
124 }
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
125 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
126
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
127
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
128 class DataTransmission(ScoredStrEnum):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
129 PLAIN = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
130 ENCRYPTED = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
131 E2E = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
132 GRE = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
133
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
134 _score_map = enum.nonmember(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
135 {
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
136 PLAIN: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
137 -20,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
138 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
139 "Data is transmitted without encryption. This is highly insecure and "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
140 "risks data interception."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
141 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
142 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
143 ENCRYPTED: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
144 0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
145 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
146 "Data is encrypted during transmission but not end-to-end. The "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
147 "service can view the data."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
148 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
149 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
150 E2E: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
151 10,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
152 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
153 "Data is end-to-end encrypted from the service. Only the service and "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
154 "the recipient(s) can view the data."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
155 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
156 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
157 GRE: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
158 30,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
159 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
160 "Data uses Gateway Relayed Encryption, ensuring end-to-end security, "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
161 "only your and your recipient(s) can view the data. Highly secure."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
162 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
163 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
164 }
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
165 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
166
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
167
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
168 class AccessPolicy(ScoredStrEnum):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
169 ADMINS = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
170 MODERATORS = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
171 ORGANIZATION_MEMBER = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
172 GOVERNMENT = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
173 ADVERTISERS = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
174 PARTNERS = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
175 NONE = auto()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
176
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
177 _score_map = enum.nonmember(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
178 {
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
179 ADMINS: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
180 -5,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
181 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
182 "Service administrators can access user data for operational "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
183 "purposes."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
184 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
185 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
186 MODERATORS: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
187 -10,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
188 D_("Moderators can access user data within their moderation scope."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
189 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
190 ORGANIZATION_MEMBER: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
191 -15,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
192 D_("Any organization member can access user data."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
193 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
194 GOVERNMENT: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
195 -10,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
196 D_(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
197 "Government authorities can access user data under legal "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
198 "requirements."
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
199 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
200 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
201 ADVERTISERS: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
202 -30,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
203 D_("Third-party advertisers can access user data for targeted ads."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
204 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
205 PARTNERS: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
206 -20,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
207 D_("Business partners can access user data under agreements."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
208 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
209 NONE: (20, D_("No entity other than the user can access user data.")),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
210 }
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
211 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
212
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
213
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
214 class DataPolicy(BaseModel):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
215 """Represents a data policy form as defined in Data Policy XEP.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
216
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
217 Fields correspond to the data policy specification and may be None when not provided.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
218 """
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
219
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
220 model_config = ConfigDict(use_enum_values=True)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
221
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
222 auth_data: AuthMechanism | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
223 data_transmission: DataTransmission | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
224 encryption_algorithm: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
225 data_retention: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
226 data_deletion: bool | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
227 encryption_at_rest: bool | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
228 tos: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
229 data_export: bool | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
230 access_policy: set[AccessPolicy] | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
231 full_erasure: bool | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
232 backup_frequency: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
233 backup_retention: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
234 extra_info: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
235
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
236 @computed_field
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
237 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
238 def score(self) -> Score:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
239 """Calculate a score based on the filled fields.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
240
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
241 This score helps assess the quality of the data policy at a glance.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
242 """
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
243 total_score = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
244 overall_min = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
245 overall_max = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
246 detail = []
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
247
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
248 fields_names = set(self.__class__.model_fields.keys())
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
249
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
250 for field_name in fields_names:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
251 score = getattr(self, f"_{field_name}_score")
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
252 if score is not None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
253 total_score += score.score
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
254 overall_min += score.minimum
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
255 overall_max += score.maximum
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
256 detail.extend(score.detail)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
257
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
258 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
259 score=total_score, minimum=overall_min, maximum=overall_max, detail=detail
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
260 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
261
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
262 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
263 def _auth_data_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
264 if self.auth_data is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
265 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
266
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
267 return AuthMechanism.get_score(self.auth_data)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
268
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
269 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
270 def _data_transmission_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
271 if self.data_transmission is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
272 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
273
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
274 return DataTransmission.get_score(self.data_transmission)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
275
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
276 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
277 def _encryption_algorithm_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
278 ENCRYPTION_ALGORITHM_SET = (10, D_("The encryption algorithm is {}."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
279 ENCRYPTION_ALGORITHM_UNSET = (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
280 -10,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
281 D_("The encryption algorithm is not specified."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
282 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
283 ALL = (ENCRYPTION_ALGORITHM_SET, ENCRYPTION_ALGORITHM_UNSET)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
284 if not self.data_transmission or self.data_transmission not in (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
285 DataTransmission.E2E,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
286 DataTransmission.ENCRYPTED,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
287 ):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
288 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
289
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
290 if self.encryption_algorithm:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
291 score, desc = ENCRYPTION_ALGORITHM_SET
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
292 desc = desc.format(self.encryption_algorithm)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
293 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
294 score, desc = ENCRYPTION_ALGORITHM_UNSET
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
295
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
296 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
297 score=0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
298 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
299 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
300 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
301 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
302
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
303 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
304 def _data_retention_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
305 if self.data_retention is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
306 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
307
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
308 DATA_RETENTION_0 = (10, D_("The service does not store data."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
309 DATA_RETENTION_INFINITE = (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
310 -15,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
311 D_("Data is stored indefinitely, which may pose privacy risks."),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
312 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
313 DATA_RETENTION_UNKNOWN = (-10, D_("Data retention policy is unknown."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
314 DATA_RETENTION_DEFAULT = (0, D_("Data is stored for {days:.02f} day(s)."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
315 DATA_RETENTION_INVALID = (-20, D_("Invalid data retention policy ({value!r})."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
316 ALL = [
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
317 DATA_RETENTION_0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
318 DATA_RETENTION_INFINITE,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
319 DATA_RETENTION_UNKNOWN,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
320 DATA_RETENTION_DEFAULT,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
321 DATA_RETENTION_INVALID,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
322 ]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
323
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
324 value = self.data_retention
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
325 if value == "0":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
326 score, desc = DATA_RETENTION_0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
327 elif value == "infinite":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
328 score, desc = DATA_RETENTION_INFINITE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
329 elif value == "unknown":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
330 score, desc = DATA_RETENTION_UNKNOWN
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
331 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
332 try:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
333 hours = int(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
334 days = hours / 24
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
335 desc = DATA_RETENTION_DEFAULT[1].format(days=days)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
336 score = DATA_RETENTION_DEFAULT[0]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
337 except ValueError:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
338 score, desc = DATA_RETENTION_INVALID
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
339
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
340 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
341 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
342 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
343 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
344 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
345 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
346
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
347 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
348 def _data_deletion_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
349 if self.data_deletion is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
350 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
351
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
352 DATA_DELETION_TRUE = (20, D_("Users can delete data on this service."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
353 DATA_DELETION_FALSE = (-10, D_("Users cannot delete data on this service."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
354 ALL = [DATA_DELETION_TRUE, DATA_DELETION_FALSE]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
355
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
356 score, desc = DATA_DELETION_TRUE if self.data_deletion else DATA_DELETION_FALSE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
357
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
358 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
359 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
360 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
361 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
362 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
363 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
364
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
365 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
366 def _encryption_at_rest_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
367 if self.encryption_at_rest is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
368 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
369
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
370 ENCRYPTION_AT_REST_TRUE = (10, D_("Data is encrypted at rest."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
371 ENCRYPTION_AT_REST_FALSE = (-5, D_("Data is not encrypted at rest."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
372 ALL = [ENCRYPTION_AT_REST_TRUE, ENCRYPTION_AT_REST_FALSE]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
373
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
374 score, desc = (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
375 ENCRYPTION_AT_REST_TRUE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
376 if self.encryption_at_rest
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
377 else ENCRYPTION_AT_REST_FALSE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
378 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
379
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
380 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
381 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
382 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
383 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
384 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
385 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
386
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
387 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
388 def _tos_score(self) -> Score:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
389 TOS_SET = (5, D_("Terms of Service are linked."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
390 TOS_UNSET = (-5, D_("Terms of Service are not linked."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
391 ALL = [TOS_SET, TOS_UNSET]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
392 score, desc = TOS_SET if self.tos else TOS_UNSET
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
393
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
394 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
395 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
396 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
397 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
398 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
399 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
400
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
401 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
402 def _data_export_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
403 if self.data_export is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
404 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
405
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
406 DATA_EXPORT_TRUE = (15, D_("Users can export their data."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
407 DATA_EXPORT_FALSE = (-10, D_("Users cannot export their data."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
408 ALL = [DATA_EXPORT_TRUE, DATA_EXPORT_FALSE]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
409
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
410 score, desc = DATA_EXPORT_TRUE if self.data_export else DATA_EXPORT_FALSE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
411
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
412 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
413 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
414 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
415 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
416 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
417 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
418
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
419 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
420 def _full_erasure_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
421 if self.full_erasure is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
422 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
423
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
424 FULL_ERASURE_TRUE = (20, D_("Users can fully erase their account and data."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
425 FULL_ERASURE_FALSE = (-20, D_("Users cannot fully erase their account and data."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
426 ALL = [FULL_ERASURE_TRUE, FULL_ERASURE_FALSE]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
427
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
428 score, desc = FULL_ERASURE_TRUE if self.full_erasure else FULL_ERASURE_FALSE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
429
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
430 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
431 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
432 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
433 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
434 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
435 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
436
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
437 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
438 def _backup_frequency_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
439 if self.backup_frequency is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
440 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
441
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
442 BACKUP_FREQUENCY_0 = (0, D_("The service does not do backups."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
443 BACKUP_FREQUENCY_DEFAULT = (5, D_("Backups are done every {days:.02f} day(s)."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
444 BACKUP_FREQUENCY_INVALID = (-20, D_("Invalid backup frequency {value!r}."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
445 ALL = [
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
446 BACKUP_FREQUENCY_0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
447 BACKUP_FREQUENCY_DEFAULT,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
448 BACKUP_FREQUENCY_INVALID,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
449 ]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
450
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
451 value = self.backup_frequency
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
452 if value == "0":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
453 score, desc = BACKUP_FREQUENCY_0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
454 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
455 try:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
456 hours = int(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
457 days = hours / 24
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
458 desc = BACKUP_FREQUENCY_DEFAULT[1].format(days=days)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
459 score = BACKUP_FREQUENCY_DEFAULT[0]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
460 except ValueError:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
461 score, desc = BACKUP_FREQUENCY_INVALID
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
462
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
463 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
464 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
465 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
466 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
467 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
468 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
469
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
470 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
471 def _backup_retention_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
472 if self.backup_retention is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
473 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
474
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
475 BACKUP_RETENTION_0 = (0, D_("No backups are done."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
476 BACKUP_RETENTION_INFINITE = (-10, D_("Backups are stored indefinitely."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
477 BACKUP_RETENTION_UNKNOWN = (-5, D_("Backup retention policy is unknown."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
478 BACKUP_RETENTION_DEFAULT = (0, D_("Backups are kept for {days:.02f} day(s)."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
479 BACKUP_RETENTION_INVALID = (-20, D_("Invalid backup retention {value!r}."))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
480 ALL = [
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
481 BACKUP_RETENTION_0,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
482 BACKUP_RETENTION_INFINITE,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
483 BACKUP_RETENTION_UNKNOWN,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
484 BACKUP_RETENTION_DEFAULT,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
485 BACKUP_RETENTION_INVALID,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
486 ]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
487
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
488 value = self.backup_retention
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
489 if value == "0":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
490 score, desc = BACKUP_RETENTION_0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
491 elif value == "infinite":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
492 score, desc = BACKUP_RETENTION_INFINITE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
493 elif value == "unknown":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
494 score, desc = BACKUP_RETENTION_UNKNOWN
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
495 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
496 try:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
497 hours = int(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
498 days = hours / 24
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
499 desc = BACKUP_RETENTION_DEFAULT[1].format(days=days)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
500 score = BACKUP_RETENTION_DEFAULT[0]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
501 except ValueError:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
502 score, desc = BACKUP_RETENTION_INVALID
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
503
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
504 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
505 score=score,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
506 minimum=min(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
507 maximum=max(score for score, _ in ALL),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
508 detail=[IndividualScore(score=score, description=desc)],
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
509 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
510
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
511 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
512 def _access_policy_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
513 if self.access_policy is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
514 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
515
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
516 total_score = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
517 overall_min = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
518 overall_max = 0
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
519 details = []
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
520
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
521 for policy in self.access_policy:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
522 policy_score = AccessPolicy.get_score(policy)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
523 total_score += policy_score.score
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
524 overall_min += policy_score.minimum
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
525 overall_max += policy_score.maximum
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
526 details.extend(policy_score.detail)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
527
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
528 return Score(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
529 score=total_score, minimum=overall_min, maximum=overall_max, detail=details
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
530 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
531
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
532 @property
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
533 def _extra_info_score(self) -> Score | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
534 if self.extra_info is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
535 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
536
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
537 return Score(score=0, minimum=0, maximum=0, detail=[])
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
538
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
539 @classmethod
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
540 def from_data_form(cls, form: data_form.Form) -> "DataPolicy | None":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
541 """Create a DataPolicy instance from a Wokkel Data Form.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
542
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
543 @param form: The data form to parse.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
544 @return: Parsed DataPolicy instance or None if form type doesn't match.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
545 """
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
546 if not form.formNamespace or not form.formNamespace.startswith(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
547 NS_DATA_POLICY_BASE
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
548 ):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
549 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
550
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
551 fields = cls.model_fields.keys()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
552 kwargs = {}
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
553
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
554 for name in fields:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
555 if name not in form:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
556 continue
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
557
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
558 value = form.get(name)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
559
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
560 match name:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
561 case "access_policy":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
562 if not value:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
563 continue
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
564
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
565 policy_set = set()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
566 policies = [value] if not isinstance(value, list) else value
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
567 for policy in policies:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
568 if policy:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
569 policy_set.add(AccessPolicy(policy))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
570 if policy_set:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
571 kwargs[name] = policy_set
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
572
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
573 case "auth_data":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
574 if value:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
575 kwargs[name] = AuthMechanism(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
576
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
577 case "data_transmission":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
578 if value:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
579 kwargs[name] = DataTransmission(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
580
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
581 case "extra_info":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
582 if isinstance(value, list):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
583 kwargs[name] = "\n".join(str(line) for line in value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
584 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
585 kwargs[name] = str(value)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
586
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
587 case _:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
588 kwargs[name] = value
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
589
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
590 return cls(**kwargs)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
591
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
592 def to_data_form(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
593 self, category: str | None = None, type_: str | None = None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
594 ) -> data_form.Form:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
595 """Convert this model to a Wokkel Data Form.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
596
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
597 @return: Form with type='result' containing all non-None fields.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
598 """
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
599 if category is not None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
600 if type_ is not None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
601 raise exceptions.InternalError(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
602 'If "category" is set, "type_" must be set too.'
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
603 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
604 form_ns = NS_DATA_POLICY_ID_TPL.format(category=category, type=type_)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
605 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
606 form_ns = NS_DATA_POLICY
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
607 form_fields = []
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
608
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
609 for name in self.__class__.model_fields.keys():
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
610 value = getattr(self, name)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
611 if value is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
612 continue
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
613
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
614 match name:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
615 case "auth_data" | "data_transmission":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
616 form_fields.append(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
617 data_form.Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
618 fieldType="list-single",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
619 var=name,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
620 value=value.value,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
621 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
622 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
623 case (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
624 "data_deletion"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
625 | "encryption_at_rest"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
626 | "data_export"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
627 | "full_erasure"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
628 ):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
629 form_fields.append(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
630 data_form.Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
631 fieldType="boolean",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
632 var=name,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
633 value=value,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
634 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
635 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
636 case "access_policy":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
637 field_values = [policy.value for policy in value]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
638 form_fields.append(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
639 data_form.Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
640 fieldType="list-multi",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
641 var=name,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
642 values=field_values,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
643 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
644 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
645 case "extra_info":
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
646 lines = value.split("\n")
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
647 form_fields.append(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
648 data_form.Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
649 fieldType="text-multi",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
650 var=name,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
651 values=lines,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
652 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
653 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
654 case _:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
655 form_fields.append(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
656 data_form.Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
657 fieldType="text-single",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
658 var=name,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
659 value=str(value),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
660 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
661 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
662
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
663 return data_form.Form(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
664 formType="result",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
665 formNamespace=form_ns,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
666 fields=form_fields,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
667 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
668
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
669
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
670 class DataPolicies(BaseModel):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
671 main: DataPolicy
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
672 services: dict[str, DataPolicy] = Field(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
673 default=dict(),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
674 description=(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
675 "Identity to data policy map. Identity is used as key with the "
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
676 'template "{identity}:{type}".'
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
677 ),
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
678 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
679
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
680
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
681 class DATA_POLICY:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
682 namespace = NS_DATA_POLICY
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
683
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
684 def __init__(self, host: "LiberviaBackend") -> None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
685 log.info(f"plugin {PLUGIN_INFO[C.PI_NAME]!r} initialization")
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
686 self.host = host
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
687 host.register_namespace("data-policy", NS_DATA_POLICY)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
688 host.bridge.add_method(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
689 "data_policy_get",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
690 ".plugin",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
691 in_sign="ss",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
692 out_sign="s",
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
693 method=self._data_policy_get,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
694 async_=True,
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
695 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
696
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
697 def _data_policy_get(self, target: str, profile_key: str) -> defer.Deferred[str]:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
698 client = self.host.get_client(profile_key)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
699 d = defer.ensureDeferred(self.get_data_policy(client, jid.JID(target)))
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
700 d.addCallback(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
701 lambda data_policies: (
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
702 "" if data_policies is None else data_policies.model_dump_json()
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
703 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
704 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
705 d = cast(defer.Deferred[str], d)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
706 return d
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
707
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
708 async def get_data_policy(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
709 self, client: SatXMPPEntity, target_jid: jid.JID
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
710 ) -> DataPolicies | None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
711 infos = await self.host.memory.disco.get_infos(client, target_jid)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
712
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
713 if NS_DATA_POLICY not in infos.extensions:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
714 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
715
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
716 # Main data policy.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
717 data_policy = DataPolicy.from_data_form(infos.extensions[NS_DATA_POLICY])
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
718 if data_policy is None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
719 log.error(f"DataPolicy should be found at this point.")
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
720 return None
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
721
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
722 data_policies = DataPolicies(main=data_policy)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
723
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
724 # Now we looks for identities data policies.
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
725 for namespace, form in infos.extensions.items():
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
726 if namespace.startswith(NS_DATA_POLICY_ID_PREFIX) and namespace.endswith(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
727 NS_DATA_POLICY_ID_SUFFIX
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
728 ):
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
729 identity_data = namespace[
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
730 len(NS_DATA_POLICY_ID_PREFIX) : -len(NS_DATA_POLICY_ID_SUFFIX)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
731 ]
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
732 try:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
733 category, type_ = identity_data.split(":", 1)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
734 except ValueError:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
735 log.warning(
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
736 "Invalid namespace for identity data policy: " f"{namespace!r}"
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
737 )
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
738 else:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
739 id_data_policy = DataPolicy.from_data_form(form)
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
740 if id_data_policy is not None:
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
741 data_policies.services[f"{category}:{type_}"] = id_data_policy
930a4ea7ab6f plugin data policy: Data Policy implementation:
Goffi <goffi@goffi.org>
parents:
diff changeset
742 return data_policies