[odrs-web] Automatically delete reviews marked for deletion over one month ago

[Richard Hughes <rhughes src gnome org>]

commit fe23ff2e2ddcb98be4f3f2c2f2f433fab76aaffd
Author: Richard Hughes <richard hughsie com>
Date:   Mon Jul 1 13:27:42 2019 +0100

    Automatically delete reviews marked for deletion over one month ago
    
    The one month buffer is a compromise defending against a moderately good hacker
    deleting all the reviews using the anon API, and GDPR provisions.

 app_data/cron.py                      | 26 ++++++++++++++++++++++++--
 app_data/httpd-pre-init/entrypoint.sh |  1 +
 2 files changed, 25 insertions(+), 2 deletions(-)
---
diff --git a/app_data/cron.py b/app_data/cron.py
index 1eed918..fa861cc 100755
--- a/app_data/cron.py
+++ b/app_data/cron.py
@@ -7,12 +7,29 @@
 
 import json
 import sys
+import datetime
 
 from odrs import db
 
 from odrs.models import Review
 from odrs.util import _get_rating_for_app_id
 
+def _auto_delete():
+
+    since = datetime.datetime.now() - datetime.timedelta(days=31)
+    reviews = db.session.query(Review).\
+                    filter(Review.date_deleted != None).\
+                    filter(Review.date_deleted < since).\
+                    order_by(Review.date_created.asc()).\
+                    all()
+    if len(reviews) > 1000:
+        print('too many reviews to delete: {}'.format(len(reviews)))
+        return
+    print('Deleting {} reviews...'.format(len(reviews)))
+    for review in reviews:
+        db.session.delete(review)
+    db.session.commit()
+
 def _regenerate_ratings(fn):
     item = {}
 
@@ -31,13 +48,18 @@ def _regenerate_ratings(fn):
 
 if __name__ == '__main__':
 
-    if len(sys.argv) < 3:
-        print('Usage: %s ratings filename' % sys.argv[0])
+    if len(sys.argv) < 2:
+        print('Usage: %s ratings|auto-delete' % sys.argv[0])
         sys.exit(1)
 
     # create the ratings data
     if sys.argv[1] == 'ratings':
+        if len(sys.argv) < 3:
+            print('Usage: %s ratings filename' % sys.argv[0])
+            sys.exit(1)
         _regenerate_ratings(sys.argv[2])
+    if sys.argv[1] == 'auto-delete':
+        _auto_delete()
     else:
         print("cron mode %s not known" % sys.argv[1])
         sys.exit(1)
diff --git a/app_data/httpd-pre-init/entrypoint.sh b/app_data/httpd-pre-init/entrypoint.sh
index c230887..cc48b42 100755
--- a/app_data/httpd-pre-init/entrypoint.sh
+++ b/app_data/httpd-pre-init/entrypoint.sh
@@ -3,3 +3,4 @@
 python36 /opt/app-root/src/wsgi-scripts/odrs-apache-setup.py ${HTTPD_CONFIGURATION_PATH}/odrs.gnome.org.conf
 
 while true; do python36 /opt/app-root/src/cron.py ratings /opt/app-root/src/odrs/static/ratings.json ; sleep 
43200 ; done &
+while true; do python36 /opt/app-root/src/cron.py auto-delete ; sleep 43200 ; done &