fix(pitch-deck): GDPR compliance — automated cleanup, full Art. 13 notice
Build pitch-deck / build-push-deploy (push) Successful in 1m37s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 38s
CI / test-python-voice (push) Successful in 32s
CI / test-bqas (push) Successful in 30s
Build pitch-deck / build-push-deploy (push) Successful in 1m37s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 38s
CI / test-python-voice (push) Successful in 32s
CI / test-bqas (push) Successful in 30s
- runDataCleanup() replaces maskOverdueInvestors(): now also anonymizes never-activated invites after 90 days, deletes sessions + magic links older than 30 days, NULLs IPs in audit logs older than 30 days, and redacts email from audit log details JSONB for masked investors - New /api/admin/cleanup POST endpoint for scheduled invocation - New .gitea/workflows/pitch-cleanup.yml: daily cron at 02:00 UTC calls the cleanup endpoint so anonymization is genuinely automatic, not lazy - Switch masking window from first_activity_at to last_login_at (30 days of inactivity; resets on each login) - Both auth pages: DSGVO footer now covers all Art. 13 requirements — data categories, retention cutoffs, Art. 15–21 rights, contact address, LfDI Baden-Württemberg as supervisory authority Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
@@ -0,0 +1,11 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import { requireAdmin } from '@/lib/admin-auth'
|
||||
import { runDataCleanup } from '@/lib/masking'
|
||||
|
||||
export async function POST(request: NextRequest) {
|
||||
const guard = await requireAdmin(request)
|
||||
if (guard.kind === 'response') return guard.response
|
||||
|
||||
const stats = await runDataCleanup()
|
||||
return NextResponse.json({ success: true, stats })
|
||||
}
|
||||
@@ -1,7 +1,7 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { requireAdmin, logAdminAudit } from '@/lib/admin-auth'
|
||||
import { maskOverdueInvestors } from '@/lib/masking'
|
||||
import { runDataCleanup } from '@/lib/masking'
|
||||
|
||||
interface RouteContext {
|
||||
params: Promise<{ id: string }>
|
||||
@@ -13,7 +13,7 @@ export async function GET(request: NextRequest, ctx: RouteContext) {
|
||||
|
||||
const { id } = await ctx.params
|
||||
|
||||
await maskOverdueInvestors()
|
||||
await runDataCleanup()
|
||||
|
||||
const [investor, sessions, snapshots, audit] = await Promise.all([
|
||||
pool.query(
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
import { NextRequest, NextResponse } from 'next/server'
|
||||
import pool from '@/lib/db'
|
||||
import { requireAdmin } from '@/lib/admin-auth'
|
||||
import { maskOverdueInvestors } from '@/lib/masking'
|
||||
import { runDataCleanup } from '@/lib/masking'
|
||||
|
||||
export async function GET(request: NextRequest) {
|
||||
const guard = await requireAdmin(request)
|
||||
if (guard.kind === 'response') return guard.response
|
||||
|
||||
await maskOverdueInvestors()
|
||||
await runDataCleanup()
|
||||
|
||||
const { rows } = await pool.query(
|
||||
`SELECT i.id, i.email, i.name, i.company, i.status, i.last_login_at, i.login_count, i.created_at,
|
||||
|
||||
Reference in New Issue
Block a user