Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add sanitize() function, which wipes personal data and adds user URLs #29

Merged
merged 5 commits into from
Oct 19, 2023
Merged

Add sanitize() function, which wipes personal data and adds user URLs #29

merged 5 commits into from
Oct 19, 2023

Conversation

shaneh2
Copy link
Contributor

@shaneh2 shaneh2 commented Oct 18, 2023
edited by csgillespie
Loading

This is a function for wiping sensitive data about Posit Connect users from the audit.connect::check() object.

Yet, we include URLs in the form of https://rsc.jumpingrivers.cloud/connect/#/people/users/<GUID>, so if you have access to the Posit Connect server, you can visit each of these links to identify users.

Example usage

CONNECT_API_TOKEN = 
CONNECT_SERVER_URL = "https://rsc.jumpingrivers.cloud/"

audit_connect_object = audit.connect::check(server = CONNECT_SERVER_URL,
					      token = CONNECT_API_TOKEN)

sanitized = audit_connect_object |> 
                audit.connect::sanitize()
sanitized$users_details$user_list$users

Then, sanitized$users_details$user_list$users doesn't contain any emails/usernames/first/last names. Instead, it contains a url column. This column contains a URL associated with each user.

Visiting one of these URLs will let you see details of the corresponding user, as well as administer their account.

@shaneh2 shaneh2 mentioned this pull request Oct 18, 2023
Closed
@csgillespie csgillespie merged commit cd8a282 into main Oct 19, 2023
5 checks passed
@csgillespie csgillespie deleted the sanitize branch October 19, 2023 09:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dataccino dataccino Awaiting requested review from dataccino dataccino is a code owner

@StatsRhian StatsRhian Awaiting requested review from StatsRhian

@csgillespie csgillespie Awaiting requested review from csgillespie csgillespie is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shaneh2 @csgillespie