[odrs-web/oscp] Automatically delete reviews marked for deletion over one month ago

[Richard Hughes <rhughes src gnome org>]

commit c68bcfa73b84271c98854536f89b1447b9bc6614
Author: Richard Hughes <richard hughsie com>
Date:   Mon Jul 1 13:27:42 2019 +0100

    Automatically delete reviews marked for deletion over one month ago
    
    The one month buffer is a compromise defending against a moderately good hacker
    deleting all the reviews using the anon API, and GDPR provisions.

 app_data/cron.py                      | 28 ++++++++++++++++++++++++++--
 app_data/httpd-pre-init/entrypoint.sh |  1 +
 2 files changed, 27 insertions(+), 2 deletions(-)
---
diff --git a/app_data/cron.py b/app_data/cron.py
index 1eed918..009bfb9 100755
--- a/app_data/cron.py
+++ b/app_data/cron.py
@@ -1,18 +1,37 @@
 #!/usr/bin/python3
 # -*- coding: utf-8 -*-
 #
+# pylint: disable=singleton-comparison
+#
 # Copyright (C) 2015-2019 Richard Hughes <richard hughsie com>
 #
 # SPDX-License-Identifier: GPL-3.0+
 
 import json
 import sys
+import datetime
 
 from odrs import db
 
 from odrs.models import Review
 from odrs.util import _get_rating_for_app_id
 
+def _auto_delete():
+
+    since = datetime.datetime.now() - datetime.timedelta(days=31)
+    reviews = db.session.query(Review).\
+                    filter(Review.date_deleted != None).\
+                    filter(Review.date_deleted < since).\
+                    order_by(Review.date_created.asc()).\
+                    all()
+    if len(reviews) > 1000:
+        print('too many reviews to delete: {}'.format(len(reviews)))
+        return
+    print('Deleting {} reviews...'.format(len(reviews)))
+    for review in reviews:
+        db.session.delete(review)
+    db.session.commit()
+
 def _regenerate_ratings(fn):
     item = {}
 
@@ -31,13 +50,18 @@ def _regenerate_ratings(fn):
 
 if __name__ == '__main__':
 
-    if len(sys.argv) < 3:
-        print('Usage: %s ratings filename' % sys.argv[0])
+    if len(sys.argv) < 2:
+        print('Usage: %s ratings|auto-delete' % sys.argv[0])
         sys.exit(1)
 
     # create the ratings data
     if sys.argv[1] == 'ratings':
+        if len(sys.argv) < 3:
+            print('Usage: %s ratings filename' % sys.argv[0])
+            sys.exit(1)
         _regenerate_ratings(sys.argv[2])
+    elif sys.argv[1] == 'auto-delete':
+        _auto_delete()
     else:
         print("cron mode %s not known" % sys.argv[1])
         sys.exit(1)
diff --git a/app_data/httpd-pre-init/entrypoint.sh b/app_data/httpd-pre-init/entrypoint.sh
index c230887..cc48b42 100755
--- a/app_data/httpd-pre-init/entrypoint.sh
+++ b/app_data/httpd-pre-init/entrypoint.sh
@@ -3,3 +3,4 @@
 python36 /opt/app-root/src/wsgi-scripts/odrs-apache-setup.py ${HTTPD_CONFIGURATION_PATH}/odrs.gnome.org.conf
 
 while true; do python36 /opt/app-root/src/cron.py ratings /opt/app-root/src/odrs/static/ratings.json ; sleep 
43200 ; done &
+while true; do python36 /opt/app-root/src/cron.py auto-delete ; sleep 43200 ; done &