Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create Consent Privacy Requests when Enforcement is System Wide Only #3626

Merged
merged 2 commits into from
Jun 21, 2023
Merged

Create Consent Privacy Requests when Enforcement is System Wide Only #3626

merged 2 commits into from
Jun 21, 2023

Conversation

pattisdr
Copy link
Contributor

@pattisdr pattisdr commented Jun 20, 2023
edited
Loading

Closes #3618

Code Changes

  • Update both endpoints that save new-style privacy preferences (through the privacy center and just against fides user device id) to only create and queue a privacy request if at least one of the privacy preferences is attached to a notice with system wide enforcement.

Steps to Confirm

  • Save privacy preferences against one of the default out-of-the-box notices. Via the API directly, it is:
    PATCH {{host}}/privacy-preferences
{
   "browser_identity": {
       "ga_client_id": "UA-XXXXXXXXX",
       "ljt_readerID": "test_sovrn_id",
       "fides_user_device_id": "<uuid4 here>"
   },
   "preferences": [{
       "privacy_notice_history_id": "{{privacy_notice_history_id}}",
       "preference": "opt_out"
   }],
   "user_geography": "us_ca",
   "privacy_experience_id": "{{privacy_experience_id}}",
   "method": "button"
}
  • Verify that no privacy request was created in admin UI http://localhost:3000/privacy-requests
  • Update that privacy notice to have an enforcement level of system wide: via the API it is:
    PATCH {{host}}/privacy-notice
[
  {
    "id": "{{privacy_notice_id}}",
    "enforcement_level": "system_wide"
  }
]
  • Save privacy preferences again - you'll have to update the privacy notice history id as it just changed
  • Note that a privacy request was created because there was at least one notice that had an enforcement level of system wide
  • Fetch historical preferences - you should have two records created, one should have a privacy request attached, the other should have the privacy request id as null GET {{host}}/historical-privacy-preferences

Pre-Merge Checklist

Description Of Changes

Only create PrivacyRequests when there is at least one notice where enforcement == "System wide".

@pattisdr
Only create a privacy request when saving privacy preferences if ther…
29911dd 
…e is at least one privacy notice that has system wide enforcement.
@cypress
Copy link

cypress bot commented Jun 20, 2023
edited
Loading

Passing run #2807 ↗︎

0 4 0 0 Flakiness 0
⚠️ You've recorded test results over your free plan limit.
Upgrade your plan to view test results.

Details:

Merge 30f58e9 into a361329...
Project: fides Commit: 1d296050e7 ℹ️
Status: Passed Duration: 00:47 💡
Started: Jun 20, 2023 7:04 PM Ended: Jun 20, 2023 7:05 PM

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings.

@codecov
Copy link

codecov bot commented Jun 20, 2023
edited
Loading

Codecov Report

Patch coverage: 100.00% and no project coverage change.

Comparison is base (a361329) 87.05% compared to head (30f58e9) 87.06%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #3626   +/-   ##
=======================================
  Coverage   87.05%   87.06%           
=======================================
  Files         310      310           
  Lines       18995    18999    +4     
  Branches     2427     2429    +2     
=======================================
+ Hits        16537    16541    +4     
  Misses       2029     2029           
  Partials      429      429
Impacted Files Coverage Δ
...i/api/v1/endpoints/privacy_preference_endpoints.py 98.05% <100.00%> (+0.05%) ⬆️

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@pattisdr pattisdr marked this pull request as ready for review June 20, 2023 19:01
@pattisdr
Copy link
Contributor Author

This is a small change that changes when we queue privacy requests for new-style consent, context here: https://ethyca.slack.com/archives/C04S7K0T2V7/p1687265733634689, if either of you have time for a quick look @adamsachs or @NevilleS.

Privacy request related fields are already optional for historical privacy preferences so there are no changes there, they can just be null.

@adamsachs
Copy link
Contributor

starting review now...

adamsachs
adamsachs approved these changes Jun 21, 2023
View reviewed changes
Copy link
Contributor

@adamsachs adamsachs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this looks good to me! was able to test manually using the provided steps, thank you for spelling those out, and thank you for the comprehensive automated test coverage as well! 👍

@pattisdr
Copy link
Contributor Author

ah thanks for reviewing @adamsachs 🙏

@pattisdr pattisdr merged commit f20e299 into main Jun 21, 2023
@pattisdr pattisdr deleted the fides_3618_only_create_privacy_requests_if_system_wide_enforcement_exists branch June 21, 2023 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adamsachs adamsachs adamsachs approved these changes

@NevilleS NevilleS Awaiting requested review from NevilleS

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

New Style Consent: Only Create Privacy Requests if System-Wide Enforcement Level Exists
2 participants
@pattisdr @adamsachs