leukeleu-django-gdpr is a tool to generate GDPR documentation based on the project's models.
Project description
leukeleu-django-gdpr
Installation
pip install leukeleu-django-gdpr
Add to INSTALLED_APPS:
INSTALLED_APPS = [
# ...
'leukeleu_django_gdpr',
# ...
]
Usage:
On first run, leukeleu-django-gdpr will generate a gdpr.yml
file with a models
list. This is
a list of models in your project, each containing a list of fields.
./manage.py gdpr
A file gdpr.yml
is created in the project root directory. It should be added to
version control. Each model in the models list has the following structure:
models:
auth.User:
name: User
fields:
username:
name: Username
description: String (up to %(max_length)s)
help_text: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
only.
required: true
pii: null
first_name:
name: First Name
description: String (up to %(max_length)s)
help_text: ''
required: false
pii: null
Leukeleu-django-gdpr adds the pii: null
to all fields. The objective is to replace all those
null
values with the correct boolean value; pii: true
if the field represents PII
data, pii: false
otherwise.
When run again, leukeleu-django-gdpr will persist those values, allowing you to work your way to
eliminating all pii: null
s.
Leukeleu-django-gdpr outputs counts of the pii:
values when run:
./manage.py gdpr
Checking...
No PII set 48
PII True 1
PII False 0
Run with --check
to make the command exit with exit code 1 if 'No PII set' > 0 (the
yaml file will still be generated/updated).
You can prevent leukeleu-django-gdpr from writing (back) to the yaml file by running with the
--dry-run
flag.
Excluding/including
To exclude apps, models or fields from this process altogether, list them in the
exclude:
list in the yaml file. Each item is a regex which should match an object's
string representation in the following formats;
- for apps: the app's
label
, such asadmin
orauth
. - for models: the model's label, such as
admin.LogEntry
orauth.Permission
- for fields: the model's label followed by
.
followed by the field's name, such asauth.User.username
.
Keep in mind that the items in the list are considered to be regexes which should fully match the object's string representation.
Default excludes
By default, leukeleu-django-gdpr excludes fields of the following types:
- AutoField
- UUIDField
- BooleanField
- RelatedField
and the following models:
- ContentType
If you still want to include a field/model that would be excluded this way, you can put
an item in the include:
list in the yaml file:
include:
- clients\.Client\.external_epd_uuid
- accounts\.Profile\.is_pregnant
Pipelines
To run this in Bitbucket Pipelines you need to ensure this package can be installed from
wherever this package is indexed. Run it with --check
to make a (scheduled?) pipeline
fail if there are unmarked fields, which can happen if someone adds a field to a model
but forgets to mark it as (non-) PII in the gdpr.yml.
Reports
When run from a Bitbucket Pipeline, leukeleu-django-gdpr can send the PII stats as a report to
Bitbucket. This will be visible in Pull Requests and Pipelines. Run with
--report-pipeline
to enable it.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for leukeleu-django-gdpr-1.0.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 723d2a9e7647599a70af6c5d229c1b16210019fc65d3cbd7ffb2b9b0cbeab54e |
|
MD5 | ec8f3ba9313679f33d67c909d6354b06 |
|
BLAKE2b-256 | c100f38b0609c845d6218e6f6071d0056d2f28331db3f5c9f17ae37cdc48cf25 |
Hashes for leukeleu_django_gdpr-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 49e5eedd2c4e7f082b7825583fddb0ccfbce8db1a7bfda87901c0508dcd899c3 |
|
MD5 | 4000b121852b78859b85aebc48789839 |
|
BLAKE2b-256 | 12229c79ab94b9ec6b356f8094f6b5f9b83b3c99f7f2432ae044453056886e4c |