[odrs-web/oscp] Save a hashed version of the reviewers IP address

[Richard Hughes <rhughes src gnome org>]

commit 80538fc8309bcda8e02bce4f70f6ac941535666f
Author: Richard Hughes <richard hughsie com>
Date:   Wed Jul 3 14:35:35 2019 +0100

    Save a hashed version of the reviewers IP address
    
    This is for GDPR compliance. We only need the IP information if we cannot ban
    by user_hash.

 app_data/migrations/versions/64751cf97429_.py | 23 +++++++++++++++++++++++
 app_data/odrs/models.py                       | 12 ++++++++++--
 app_data/odrs/util.py                         |  5 +++++
 3 files changed, 38 insertions(+), 2 deletions(-)
---
diff --git a/app_data/migrations/versions/64751cf97429_.py b/app_data/migrations/versions/64751cf97429_.py
new file mode 100644
index 0000000..a67357e
--- /dev/null
+++ b/app_data/migrations/versions/64751cf97429_.py
@@ -0,0 +1,23 @@
+"""
+
+Revision ID: 64751cf97429
+Revises: 036f0cd034e5
+Create Date: 2019-07-03 14:24:53.549481
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '64751cf97429'
+down_revision = '036f0cd034e5'
+
+from odrs import db
+from odrs.models import Review
+from odrs.util import _addr_hash
+
+def upgrade():
+    for review in db.session.query(Review).all():
+        review.user_addr = _addr_hash(review.user_addr_hash)
+    db.session.commit()
+
+def downgrade():
+    pass
diff --git a/app_data/odrs/models.py b/app_data/odrs/models.py
index 7d9303d..4684dda 100644
--- a/app_data/odrs/models.py
+++ b/app_data/odrs/models.py
@@ -16,7 +16,7 @@ from sqlalchemy.orm import relationship
 
 from odrs import db
 
-from .util import _password_hash, _get_user_key
+from .util import _password_hash, _get_user_key, _addr_hash
 
 def _vote_exists(review_id, user_id):
     """ Checks to see if a vote exists for the review+user """
@@ -107,7 +107,7 @@ class Review(db.Model):
     summary = Column(Text)
     description = Column(Text)
     user_id = Column(Integer, ForeignKey('users.user_id'), nullable=True)
-    user_addr = Column(Text)
+    user_addr_hash = Column('user_addr', Text)
     user_display = Column(Text)
     version = Column(Text)
     distro = Column(Text)
@@ -135,6 +135,14 @@ class Review(db.Model):
         self.rating = 0
         self.reported = 0
 
+    @property
+    def user_addr(self):
+        raise AttributeError('user_addr is not a readable attribute')
+
+    @user_addr.setter
+    def user_addr(self, user_addr):
+        self.user_addr_hash = _addr_hash(user_addr)
+
     def asdict(self, user_hash=None):
         item = {
             'app_id': self.app_id,
diff --git a/app_data/odrs/util.py b/app_data/odrs/util.py
index 240046c..ae5cfb8 100644
--- a/app_data/odrs/util.py
+++ b/app_data/odrs/util.py
@@ -89,6 +89,11 @@ def _password_hash(value):
     salt = 'odrs%%%'
     return hashlib.sha1(salt.encode('utf-8') + value.encode('utf-8')).hexdigest()
 
+def _addr_hash(value):
+    """ Generate a salted hash of the IP address """
+    from odrs import app
+    return hashlib.sha1((app.secret_key + value).encode('utf-8')).hexdigest()
+
 def _sanitised_input(val):
 
     # remove trailing whitespace