mikaelGusse
commented
5 months ago Just wrote up comments earlier and didn't actually submit them, sorry! New to this review business. Anyway, comments up now.
Thanks for the comments! Just went through them, do you think the seed system there is ok for keeping the pseudonymizations consistent?
This turned out to be very difficult. The only way I came up with is to modify the user instance's fields without storing the changes to the database. I don't know if this is the cleanest way to do it but the upside is that is doesn't require changing the API of user of userprofile. I couldn't figure out a way to pseudonymize the 'All results' page since it doesn't fetch the user data in the view but through a JavaScript script so I can't access the request.session object which contains a boolean value 'pseudonymize' that determines whether personal data should be pseudonymized. Also, the forms are difficult to pseudonymize without changing the form field values which sounds dangerous.
533