modified: web/app.py

modified: web/blueprints/auth.py modified: web/blueprints/site_admin.py modified: web/config.py modified: web/panel_db.py modified: web/templates/admin/audit_log.html modified: web/templates/admin/dashboard.html new file: web/templates/auth/consent.html
2026-04-15 11:05:21 +02:00
parent 179a0e1042
commit bdf83bd275
8 changed files with 333 additions and 2 deletions
--- a/web/panel_db.py
+++ b/web/panel_db.py
@@ -169,6 +169,12 @@ PANEL_MIGRATIONS = [
    (6,
     "ALTER TABLE group_invites ADD COLUMN IF NOT EXISTS is_site_admin TINYINT(1) NOT NULL DEFAULT 0",
     "Add group_invites.is_site_admin"),
+    (7,
+     "ALTER TABLE users ADD COLUMN IF NOT EXISTS consent_version VARCHAR(20) NULL",
+     "Add users.consent_version for GDPR consent tracking"),
+    (8,
+     "ALTER TABLE users ADD COLUMN IF NOT EXISTS consented_at DATETIME NULL",
+     "Add users.consented_at for GDPR consent timestamp"),
 ]

 CREDS_SCHEMA = [
@@ -728,6 +734,25 @@ def has_site_mail_settings() -> bool:
    return row is not None


+# ─────────────────────────────────────────────────────────────
+# DSGVO-Einwilligung
+# ─────────────────────────────────────────────────────────────
+
+def get_user_consent_version(user_id: int) -> str | None:
+    row = _panel_query(
+        "SELECT consent_version FROM users WHERE id = %s", (user_id,), fetchone=True
+    )
+    return row["consent_version"] if row else None
+
+
+def set_user_consent(user_id: int, policy_version: str) -> None:
+    _panel_query(
+        "UPDATE users SET consent_version = %s, consented_at = UTC_TIMESTAMP() WHERE id = %s",
+        (policy_version, user_id),
+        write=True,
+    )
+
+
 # ─────────────────────────────────────────────────────────────
 # Audit-Log
 # ─────────────────────────────────────────────────────────────