You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ponymail.apache.org by hu...@apache.org on 2021/09/27 00:21:17 UTC

[incubator-ponymail-foal] 01/02: feed gdpr status to user, use to change the notes at the bottom of the mgmt ui

This is an automated email from the ASF dual-hosted git repository.

humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git

commit 2e16ae3ec38cc00169dc9335beb57c04a0a52751
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Sun Sep 26 19:21:02 2021 -0500

    feed gdpr status to user, use to change the notes at the bottom of the mgmt ui
---
 server/endpoints/preferences.py | 2 ++
 webui/js/source/mgmt.js         | 8 +++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/server/endpoints/preferences.py b/server/endpoints/preferences.py
index 6ca29c0..853c916 100644
--- a/server/endpoints/preferences.py
+++ b/server/endpoints/preferences.py
@@ -58,6 +58,8 @@ async def process(
         }
         if session.credentials.admin is True:
             prefs["login"]["credentials"]["admin"] = True
+            if server.config.ui.fully_delete:  # Needed by the UI
+                prefs["login"]["credentials"]["fully_delete"] = True
 
     # Logging out??
     if indata.get("logout"):
diff --git a/webui/js/source/mgmt.js b/webui/js/source/mgmt.js
index a2a6f63..c1aff8d 100644
--- a/webui/js/source/mgmt.js
+++ b/webui/js/source/mgmt.js
@@ -2,6 +2,7 @@ let admin_current_email = null;
 let audit_entries = []
 let audit_page = 0;
 let audit_size = 30;
+let mgmt_prefs = {}
 
 async function POST(url, formdata, state) {
     const resp = await fetch(url, {
@@ -218,7 +219,11 @@ function admin_email_preview(stats, json) {
     div.inject(new HTML('br'));
     div.inject(new HTML('small', {}, "Modifying emails will remove the option to view their sources via the web interface, as the source may contain traces that reveal the edit."))
     div.inject(new HTML('br'));
-    div.inject(new HTML('small', {}, "Emails that are removed may still be recovered by the base system administrator. For complete expungement, please contact the system administrator."))
+    if (!mgmt_prefs.login.credentials.fully_delete) {
+        div.inject(new HTML('small', {}, "Emails that are removed may still be recovered by the base system administrator. For complete expungement, please contact the system administrator."))
+    } else {
+        div.inject(new HTML('small', {style:{color: 'red'}}, "As GDPR enforcement is enabled on this server, emails that are removed forever from the archive when deleted, and cannot be recovered."))
+    }
 }
 
 function admin_audit_view(state, json) {
@@ -297,6 +302,7 @@ function admin_audit_next() {
 
 // Onload function for admin.html
 function admin_init() {
+    GET('%sapi/preferences.lua'.format(apiURL), (state, json) => {mgmt_prefs = json}, null);
     let mid = location.href.split('/').pop();
     // Specific email/list handling?
     if (mid.length > 0) {