feat : GDPR personal data anonymization

2024-04-29 13:04:01 +02:00 · 2024-04-29 13:04:01 +02:00 · 109c499a25
parent 601a346634
commit 109c499a25
9 changed files with 84 additions and 0 deletions
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/domain/job/DataAnonymizationJob.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/domain/job/DataAnonymizationJob.java
@ -0,0 +1,42 @@
 package org.jeecg.modules.business.domain.job;
 import lombok.extern.slf4j.Slf4j;
 import org.jeecg.modules.business.service.IClientService;
 import org.jeecg.modules.business.service.IPlatformOrderService;
 import org.quartz.Job;
 import org.quartz.JobExecutionContext;
 import org.quartz.JobExecutionException;
 import org.springframework.beans.factory.annotation.Autowired;
 /**
 * Data Anonymization job, following EU GDPR guidelines.
 * This job is responsible for anonymizing personal data in the database.
 * It is scheduled to run every day at XX.
 * The job will anonymize personal data in the database, such as names, addresses, and phone numbers.
 * It will replace the personal data with UUIDs to ensure that the data is no longer identifiable.
 * Personal data will be anonymized after 3 years of inactivity for our direct clients.
 * And 2 years after creation for our indirect clients.
 * ---
 * Job frequency : 1 month
 */
@Slf4j
 public class DataAnonymizationJob implements Job {
    @Autowired
    private IPlatformOrderService platformOrderService;
    @Autowired
    private IClientService clientService;
    private final static int DIRECT_CLIENT_ANONYMIZATION_PERIOD = 3;
    private final static int INDIRECT_CLIENT_ANONYMIZATION_PERIOD = 2;
    @Override
    public void execute(JobExecutionContext context) throws JobExecutionException {
        log.info("Data Anonymization job is running...");
        log.info("Anonymizing personal data for indirect clients...");
        platformOrderService.anonymizePersonalData(INDIRECT_CLIENT_ANONYMIZATION_PERIOD);
        log.info("Anonymizing personal data for direct clients...");
        clientService.anonymizePersonalData(DIRECT_CLIENT_ANONYMIZATION_PERIOD);
        log.info("Data Anonymization job completed.");
    }
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/ClientMapper.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/ClientMapper.java
@ -31,4 +31,6 @@ public interface ClientMapper extends BaseMapper<Client> {
    Client getClientBySku(@Param("skuId") String skuId);
    Client getClientFromInvoice(@Param("invoiceNumber") String invoiceNumber);
    void anonymizePersonalData(@Param("period") int directClientAnonymizationPeriod);
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/PlatformOrderMapper.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/PlatformOrderMapper.java
@ -219,4 +219,6 @@ public interface PlatformOrderMapper extends BaseMapper<PlatformOrder> {
    OrderKpi countPlatformOrders(@Param("start") LocalDateTime start, @Param("end") LocalDateTime end, @Param("showAllData") boolean showAllData, @Param("username") String username);
    Map<String, String> fetchShippingPeriodAndType(@Param("invoiceNumber") String invoiceNumber);
    void anonymizePersonalData(@Param("period") int indirectClientAnonymizationPeriod);
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/xml/ClientMapper.xml
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/xml/ClientMapper.xml
@ -72,4 +72,22 @@
        WHERE po.shipping_invoice_number = #{invoiceNumber} OR po.purchase_invoice_number = #{invoiceNumber};
    </select>
    <update id="anonymizePersonalData">
        UPDATE client
        SET first_name = UUID_SHORT(),
            surname = UUID_SHORT(),
            email = CONCAT(UUID(), '@example.com'),
            phone = NULL,
            street_number = 0,
            street_name = UUID_SHORT(),
            additional_address = NULL,
            city = UUID_SHORT(),
            postcode = NULL,
            company_id_value = UUID_SHORT(),
            invoice_entity = UUID_SHORT(),
            ioss_number = NULL,
            internal_code = CONCAT(internal_code, UUID_SHORT())
        WHERE active = 0
        AND IF (update_time IS NOT NULL, update_time, create_time) &lt; DATE_SUB(NOW(), INTERVAL #{period} YEAR);
    </update>
 </mapper>
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/xml/PlatformOrderMapper.xml
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/mapper/xml/PlatformOrderMapper.xml
@ -879,4 +879,10 @@
        JOIN shipping_invoice s ON po.shipping_invoice_number = s.invoice_number
        WHERE shipping_invoice_number = #{invoiceNumber};
    </select>
    <update id="anonymizePersonalData">
        UPDATE platform_order_delete
        SET recipient = UUID()
        WHERE create_time &lt; DATE_SUB(NOW(), INTERVAL #{period} YEAR);
    </update>
 </mapper>
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/IClientService.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/IClientService.java
@ -58,4 +58,6 @@ public interface IClientService extends IService<Client> {
    Client getClientBySku(String skuId);
    Client getClientFromInvoice(String invoiceNumber);
    void anonymizePersonalData(int directClientAnonymizationPeriod);
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/IPlatformOrderService.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/IPlatformOrderService.java
@ -243,4 +243,6 @@ public interface IPlatformOrderService extends IService<PlatformOrder> {
    Map<String, String> fetchShippingPeriodAndType(String invoiceNumber);
    void anonymizePersonalData(int indirectClientAnonymizationPeriod);
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/impl/ClientServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/impl/ClientServiceImpl.java
@ -161,4 +161,9 @@ public class ClientServiceImpl extends ServiceImpl<ClientMapper, Client> impleme
    public String getClientIdByCode(String code) {
        return clientMapper.getClientIdByCode(code);
    }
    @Override
    public void anonymizePersonalData(int directClientAnonymizationPeriod) {
        clientMapper.anonymizePersonalData(directClientAnonymizationPeriod);
    }
 }
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/impl/PlatformOrderServiceImpl.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/business/service/impl/PlatformOrderServiceImpl.java
@ -491,4 +491,9 @@ public class PlatformOrderServiceImpl extends ServiceImpl<PlatformOrderMapper, P
    public Map<String, String> fetchShippingPeriodAndType(String invoiceNumber) {
        return platformOrderMap.fetchShippingPeriodAndType(invoiceNumber);
    }
    @Override
    public void anonymizePersonalData(int indirectClientAnonymizationPeriod) {
        platformOrderMap.anonymizePersonalData(indirectClientAnonymizationPeriod);
    }
 }