From 7f06952d9e5f96e819e7b8488e1f4833f2aee343 Mon Sep 17 00:00:00 2001 From: zadam Date: Tue, 3 Oct 2023 23:14:02 +0200 Subject: [PATCH] improve anonymization --- bin/create-anonymization-script.js | 0 bin/tpl/anonymize-database.sql | 196 ++++++----------------------- package-lock.json | 4 +- src/services/anonymization.js | 3 +- 4 files changed, 43 insertions(+), 160 deletions(-) mode change 100644 => 100755 bin/create-anonymization-script.js diff --git a/bin/create-anonymization-script.js b/bin/create-anonymization-script.js old mode 100644 new mode 100755 diff --git a/bin/tpl/anonymize-database.sql b/bin/tpl/anonymize-database.sql index 3e8279eeb..57d646a8f 100644 --- a/bin/tpl/anonymize-database.sql +++ b/bin/tpl/anonymize-database.sql @@ -1,165 +1,47 @@ - UPDATE etapi_tokens SET tokenHash = 'API token hash value'; -UPDATE notes SET title = 'title' WHERE noteId != 'root' AND noteId NOT LIKE '\_%' ESCAPE '\'; +UPDATE notes SET title = 'title' WHERE title NOT IN ('root', '_hidden', '_share'); UPDATE blobs SET content = 'text' WHERE content IS NOT NULL; UPDATE revisions SET title = 'title'; -UPDATE attributes SET name = 'name', value = 'value' - WHERE type = 'label' - AND name NOT IN ('inbox', - 'disableVersioning', - 'calendarRoot', - 'archived', - 'excludeFromExport', - 'disableInclusion', - 'appCss', - 'appTheme', - 'hidePromotedAttributes', - 'readOnly', - 'autoReadOnlyDisabled', - 'cssClass', - 'iconClass', - 'keyboardShortcut', - 'run', - 'runOnInstance', - 'runAtHour', - 'customRequestHandler', - 'customResourceProvider', - 'widget', - 'noteInfoWidgetDisabled', - 'linkMapWidgetDisabled', - 'revisionsWidgetDisabled', - 'whatLinksHereWidgetDisabled', - 'similarNotesWidgetDisabled', - 'workspace', - 'workspaceIconClass', - 'workspaceTabBackgroundColor', - 'searchHome', - 'workspaceInbox', - 'workspaceSearchHome', - 'sqlConsoleHome', - 'datePattern', - 'pageSize', - 'viewType', - 'mapRootNoteId', - 'bookmarkFolder', - 'sorted', - 'top', - 'fullContentWidth', - 'shareHiddenFromTree', - 'shareAlias', - 'shareOmitDefaultCss', - 'shareRoot', - 'internalLink', - 'imageLink', - 'relationMapLink', - 'includeMapLink', - 'runOnNoteCreation', - 'runOnNoteTitleChange', - 'runOnNoteContentChange', - 'runOnNoteChange', - 'runOnChildNoteCreation', - 'runOnAttributeCreation', - 'runOnAttributeChange', - 'template', - 'inherit', - 'widget', - 'renderNote', - 'shareCss', - 'shareJs', - 'shareFavicon', - 'executeButton', - 'keepCurrentHoisting', - 'color', - 'toc', - 'excludeFromNoteMap', - 'docName', - 'launcherType', - 'builtinWidget', - 'baseSize', - 'growthFactor' - ); - -UPDATE attributes SET name = 'name' - AND name NOT IN ('inbox', - 'disableVersioning', - 'calendarRoot', - 'archived', - 'excludeFromExport', - 'disableInclusion', - 'appCss', - 'appTheme', - 'hidePromotedAttributes', - 'readOnly', - 'autoReadOnlyDisabled', - 'cssClass', - 'iconClass', - 'keyboardShortcut', - 'run', - 'runOnInstance', - 'runAtHour', - 'customRequestHandler', - 'customResourceProvider', - 'widget', - 'noteInfoWidgetDisabled', - 'linkMapWidgetDisabled', - 'revisionsWidgetDisabled', - 'whatLinksHereWidgetDisabled', - 'similarNotesWidgetDisabled', - 'workspace', - 'workspaceIconClass', - 'workspaceTabBackgroundColor', - 'searchHome', - 'workspaceInbox', - 'workspaceSearchHome', - 'sqlConsoleHome', - 'datePattern', - 'pageSize', - 'viewType', - 'mapRootNoteId', - 'bookmarkFolder', - 'sorted', - 'top', - 'fullContentWidth', - 'shareHiddenFromTree', - 'shareAlias', - 'shareOmitDefaultCss', - 'shareRoot', - 'internalLink', - 'imageLink', - 'relationMapLink', - 'includeMapLink', - 'runOnNoteCreation', - 'runOnNoteTitleChange', - 'runOnNoteContentChange', - 'runOnNoteChange', - 'runOnChildNoteCreation', - 'runOnAttributeCreation', - 'runOnAttributeChange', - 'template', - 'inherit', - 'widget', - 'renderNote', - 'shareCss', - 'shareJs', - 'shareFavicon', - 'executeButton', - 'keepCurrentHoisting', - 'color', - 'toc', - 'excludeFromNoteMap', - 'docName', - 'launcherType', - 'builtinWidget', - 'baseSize', - 'growthFactor' - ); - +UPDATE attributes SET name = 'name', value = 'value' WHERE type = 'label' + AND name NOT IN + ('inbox', 'disableVersioning', 'calendarRoot', 'archived', 'excludeFromExport', 'disableInclusion', 'appCss', + 'appTheme', 'hidePromotedAttributes', 'readOnly', 'autoReadOnlyDisabled', 'cssClass', 'iconClass', + 'keyboardShortcut', 'run', 'runOnInstance', 'runAtHour', 'customRequestHandler', 'customResourceProvider', + 'widget', 'noteInfoWidgetDisabled', 'linkMapWidgetDisabled', 'revisionsWidgetDisabled', + 'whatLinksHereWidgetDisabled', 'similarNotesWidgetDisabled', 'workspace', 'workspaceIconClass', + 'workspaceTabBackgroundColor', 'workspaceCalendarRoot', 'workspaceTemplate', 'searchHome', 'workspaceInbox', + 'workspaceSearchHome', 'sqlConsoleHome', 'datePattern', 'pageSize', 'viewType', 'mapRootNoteId', + 'bookmarkFolder', 'sorted', 'sortDirection', 'sortFoldersFirst', 'sortNatural', 'sortLocale', 'top', + 'fullContentWidth', 'shareHiddenFromTree', 'shareAlias', 'shareOmitDefaultCss', 'shareRoot', 'shareDescription', + 'shareRaw', 'shareDisallowRobotIndexing', 'shareIndex', 'displayRelations', 'hideRelations', 'titleTemplate', + 'template', 'toc', 'color', 'keepCurrentHoisting', 'executeButton', 'executeDescription', 'newNotesOnTop', + 'clipperInbox', 'internalLink', 'imageLink', 'relationMapLink', 'includeMapLink', 'runOnNoteCreation', + 'runOnNoteTitleChange', 'runOnNoteChange', 'runOnNoteContentChange', 'runOnNoteDeletion', 'runOnBranchCreation', + 'runOnBranchDeletion', 'runOnChildNoteCreation', 'runOnAttributeCreation', 'runOnAttributeChange', 'template', + 'inherit', 'widget', 'renderNote', 'shareCss', 'shareJs', 'shareFavicon'); +UPDATE attributes SET name = 'name' WHERE type = 'relation' + AND name NOT IN + ('inbox', 'disableVersioning', 'calendarRoot', 'archived', 'excludeFromExport', 'disableInclusion', 'appCss', + 'appTheme', 'hidePromotedAttributes', 'readOnly', 'autoReadOnlyDisabled', 'cssClass', 'iconClass', + 'keyboardShortcut', 'run', 'runOnInstance', 'runAtHour', 'customRequestHandler', 'customResourceProvider', + 'widget', 'noteInfoWidgetDisabled', 'linkMapWidgetDisabled', 'revisionsWidgetDisabled', + 'whatLinksHereWidgetDisabled', 'similarNotesWidgetDisabled', 'workspace', 'workspaceIconClass', + 'workspaceTabBackgroundColor', 'workspaceCalendarRoot', 'workspaceTemplate', 'searchHome', 'workspaceInbox', + 'workspaceSearchHome', 'sqlConsoleHome', 'datePattern', 'pageSize', 'viewType', 'mapRootNoteId', + 'bookmarkFolder', 'sorted', 'sortDirection', 'sortFoldersFirst', 'sortNatural', 'sortLocale', 'top', + 'fullContentWidth', 'shareHiddenFromTree', 'shareAlias', 'shareOmitDefaultCss', 'shareRoot', 'shareDescription', + 'shareRaw', 'shareDisallowRobotIndexing', 'shareIndex', 'displayRelations', 'hideRelations', 'titleTemplate', + 'template', 'toc', 'color', 'keepCurrentHoisting', 'executeButton', 'executeDescription', 'newNotesOnTop', + 'clipperInbox', 'internalLink', 'imageLink', 'relationMapLink', 'includeMapLink', 'runOnNoteCreation', + 'runOnNoteTitleChange', 'runOnNoteChange', 'runOnNoteContentChange', 'runOnNoteDeletion', 'runOnBranchCreation', + 'runOnBranchDeletion', 'runOnChildNoteCreation', 'runOnAttributeCreation', 'runOnAttributeChange', 'template', + 'inherit', 'widget', 'renderNote', 'shareCss', 'shareJs', 'shareFavicon'); UPDATE branches SET prefix = 'prefix' WHERE prefix IS NOT NULL AND prefix != 'recovered'; UPDATE options SET value = 'anonymized' WHERE name IN - ('documentId', 'documentSecret', 'encryptedDataKey', - 'passwordVerificationHash', 'passwordVerificationSalt', - 'passwordDerivedKeySalt', 'username', 'syncServerHost', 'syncProxy') - AND value != ''; + ('documentId', 'documentSecret', 'encryptedDataKey', + 'passwordVerificationHash', 'passwordVerificationSalt', + 'passwordDerivedKeySalt', 'username', 'syncServerHost', 'syncProxy') + AND value != ''; VACUUM; diff --git a/package-lock.json b/package-lock.json index a115773be..53913fa88 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "trilium", - "version": "0.61.7-beta", + "version": "0.61.8-beta", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "trilium", - "version": "0.61.7-beta", + "version": "0.61.8-beta", "hasInstallScript": true, "license": "AGPL-3.0-only", "dependencies": { diff --git a/src/services/anonymization.js b/src/services/anonymization.js index 0c0b139e6..423c674b2 100644 --- a/src/services/anonymization.js +++ b/src/services/anonymization.js @@ -7,8 +7,9 @@ const sql = require("./sql"); function getFullAnonymizationScript() { // we want to delete all non-builtin attributes because they can contain sensitive names and values -// on the other hand builtin/system attrs should not contain any sensitive info + // on the other hand builtin/system attrs should not contain any sensitive info const builtinAttrNames = BUILTIN_ATTRIBUTES + .filter(attr => !["shareCredentials"].includes(attr.name)) .map(attr => `'${attr.name}'`).join(', '); const anonymizeScript = `