Hi,
we want to use the old events as template for the next event. The data protection require that we are delete all old personal information from the registration. The List of registration can be deleted, but in the logfile it is posible to track the user from the old event.
Is it posible to delete the log for this specified event or to hide the option log / reports in the eventmenue if for eventadministrators?
You should probably clone the event (without registrations - you can keep the regform since it’s a separate cloning option) instead of reusing an existing event. In this case you probably want to skip cloning contributions as well, since cloning them would copy all the speakers etc into the person list of the event.
In any case, if you want to delete all log entries for an event, run this in indico shell:
EE(1234).log_entries.delete()
db.session.commit()
(replace 1234 with the ID of the event)
can do that with the shell for a whole categorie like archiv with the categorie ID ? I would run it the with a cronjob.
You could do something like this in indico shell to delete all log entries in a category (in this example category 2) that are older than 31 days:
EventLogEntry.query.filter(EventLogEntry.logged_dt < now_utc() - timedelta(days=31), EventLogEntry.event.has(Event.category_id == 2))
If you want to put it in a script runnable with a cronjob, you could try this (untested):
from datetime import timedelta
from indico.core.db import db
from indico.modules.events import Event
from indico.modules.events.logs import EventLogEntry
from indico.util.date_time import now_utc
from indico.web.flask.app import make_app
def main():
query = EventLogEntry.query.filter(EventLogEntry.logged_dt < now_utc() - timedelta(days=31),
EventLogEntry.event.has(Event.category_id == 2))
query.delete()
db.session.commit()
with make_app().app_context():
main()
Note that you must use the python binary from your virtualenv to run it, so in the crontab you’d have something like /opt/indico/.venv/bin/python path_to_your_script.py as the command.
If you want to keep everything the indico way, you out the code in a plugin and make it a celery task as well. The task itself could be similar to the core category_cleanup task (that deletes complete events). Then the plugin can even contribute a setting (on event and/or category level) to delete logs for the event.
I’ll maybe try to implement that during the next time and publish it on github once ready.
I am still having a few problems in implementing this and some more questions:
How to best configure this: I tried to use a feature for this, but it is hard to write an sql-query for this, as it is stored as a string in a json blob. Probably needs it’s own db-column?
There are acutally more parts where personal information may be left over, e.g. after deleting an event (it is still kept in the database.)
Naivly doing a Event.delete() fails with ForeignKey errors:
e1=db.session.query(Event).filter(Event.is_deleted==True).all()[0]
e1.query.delete()
IntegrityError: (psycopg2.IntegrityError) update or delete on table "events" violates foreign key constraint "fk_settings_event_id_events" on table "settings"
DETAIL: Key (id)=(0) is still referenced from table "settings".
[SQL: 'DELETE FROM events.events'] (Background on this error at: http://sqlalche.me/e/gkpj)
The same occurs when trying to delete a registration:
In [11]: r1=e1.registrations.all()[0]
In [12]: r1.query.delete()
IntegrityError: (psycopg2.IntegrityError) update or delete on table "registrations" violates foreign key constraint "fk_registration_data_registration_id_registrations" on table "registration_data"
DETAIL: Key (id)=(1) is still referenced from table "registration_data".
[SQL: 'DELETE FROM event_registration.registrations'] (Background on this error at: http://sqlalche.me/e/gkpj)
Did I miss utility functions to clean up these things?
I also thought about just anonimyzing registrations to still keep statistics available, but this also hard as there is no way to identify form fields that need to anonymizied (and the email e.g. is required to be a unique key for a registration per event, so replacing that also reuqires some more hoops (well, some hash could be used.)
You cannot (and probably do not want to) delete an event completely. Hard-deleting registrations should work fine though, but you (or rather your code) need to do it one-by-one though since we do not use server-side cascades and calling .delete() on a query a bulk DELETE FROM ... WHERE ... without running cascades on the SQLAlchemy side.
This code should work:
for reg in event.registrations.all():
db.session.delete(reg)
I’ll probably go the way of just anonymizing the registrations.
A first version of the plugin is now available on github: indico-cron-advanced-cleaner
This plugin provides two task and associated event features:
anonymize_registrations iscleanup_log is set, then clean