Prevent incorrect gppSection being set #4823
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎ 1 Ignored Deployment
|
gilluminate
force-pushed
the
PROD-1913-gpp-us-national-section-should
branch
from
5daac54
to
c59c876
Compare
Passing run #7417 ↗︎
Details:
Review all test suite changes for PR #4823 ↗︎ |
||||||||||||||||||||
gilluminate
force-pushed
the
PROD-1913-gpp-us-national-section-should
branch
2 times, most recently
from
e9c1d5f
to
56ad9b2
Compare
gilluminate
force-pushed
the
PROD-1913-gpp-us-national-section-should
branch
from
56ad9b2
to
c4b4214
Compare
gilluminate
force-pushed
the
PROD-1913-gpp-us-national-section-should
branch
2 times, most recently
from
ff5215b
to
5c4bc47
Compare
gilluminate
force-pushed
the
PROD-1913-gpp-us-national-section-should
branch
2 times, most recently
from
1e9daa3
to
d7785ad
Compare
| @@ -76,7 +76,7 @@ const mockPrivacyExperience = (override?: Partial<PrivacyExperience>) => { | |||
| updated_at: "2023-12-07T22:03:26.052630+00:00", | |||
| gpp_settings: { | |||
| enabled: true, | |||
| us_approach: GPPUSApproach.STATE, | |||
| us_approach: GPPUSApproach.NATIONAL, | |||
There was a problem hiding this comment.
based on this bug description, all of the tests were running incorrectly by using the state approach. none of these should pass with that enabled!
| gpp_settings: { | ||
| enabled: true, | ||
| us_approach: GPPUSApproach.NATIONAL, // But set setting to national | ||
| mspa_covered_transactions: true, | ||
| mspa_opt_out_option_mode: true, | ||
| mspa_service_provider_mode: false, | ||
| enable_tcfeu_string: true, | ||
| }, |
There was a problem hiding this comment.
this is the default now
|
|
||
| // Whether the developer forced the inclusion of the GPP extension via query param on the script tag | ||
| forceGpp: boolean; |
There was a problem hiding this comment.
with this bug fix, GPP doesn't really need to care if forceGpp is on or not, it will now be correct no matter what.
There was a problem hiding this comment.
love that we have less overall code!
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) | ||
| ) { |
There was a problem hiding this comment.
here's where the bug was fixed
There was a problem hiding this comment.
thanks for adding these helpful comments, very easy to follow :)
| (forceGpp && !experience?.gpp_settings) || | ||
| experience?.gpp_settings?.us_approach === GPPUSApproach.STATE | ||
| ) { | ||
| cmpApi.setApplicableSections([-1]); |
There was a problem hiding this comment.
the logic for this was moved up where other applicable sections were being set, to avoid confusion
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) | ||
| ) { |
There was a problem hiding this comment.
same fix needed in both places. we should consider consolidating these 2 methods!
There was a problem hiding this comment.
we should at last consolidate a check for experienceRegion being in the US
|
|
||
| ## Forcing GPP Inclusion | ||
|
|
||
| In some cases it may be necessary to always support the IAB's Global Privacy Platform (GPP), even if a visiting user is from a location without a privacy regulation. Forcing the inclusion of the [GPP API](/docs/tutorials/consent-management/consent-management-configuration/cmp-javascript-apis#gpp-api) can be accomplished by including query parameter `gpp=true` on the FidesJS script: | ||
|
|
||
| ``` | ||
| <script src="path/to/fides.js?gpp=true"></script> | ||
| ``` | ||
|
|
||
| When the GPP API is included this way, the `applicableSections` property is set to `[-1]` whenever a user visits a page from a non-supported location. |
There was a problem hiding this comment.
had to move this. can't do arbitrary documentation here, since it gets auto-generated from the fides-js jsdocs. Moved this to a direct add in the fidesdocs repo.
There was a problem hiding this comment.
ah right. This is always a point of confusion actually. Where to add docs / what will get autogenerated etc 😢
| if (!tcSet && !sectionsSet.length && !sectionsChanged.length) { | ||
| cmpApi.setApplicableSections([-1]); | ||
| } |
There was a problem hiding this comment.
logic moved here
| if ( | ||
| experienceRegion?.toLowerCase().startsWith("us") && | ||
| usApproach === GPPUSApproach.NATIONAL | ||
| ) { |
There was a problem hiding this comment.
non-US regions were slipping through if force gpp was true. making sure it's a U.S. region before forcing this setting.
There was a problem hiding this comment.
is there a better / more robust way to check for "US" regions? If not can we at least add a shared method / util for this so it's more documented?
|
|
||
| ## Forcing GPP Inclusion | ||
|
|
||
| In some cases it may be necessary to always support the IAB's Global Privacy Platform (GPP), even if a visiting user is from a location without a privacy regulation. Forcing the inclusion of the [GPP API](/docs/tutorials/consent-management/consent-management-configuration/cmp-javascript-apis#gpp-api) can be accomplished by including query parameter `gpp=true` on the FidesJS script: | ||
|
|
||
| ``` | ||
| <script src="path/to/fides.js?gpp=true"></script> | ||
| ``` | ||
|
|
||
| When the GPP API is included this way, the `applicableSections` property is set to `[-1]` whenever a user visits a page from a non-supported location. |
There was a problem hiding this comment.
ah right. This is always a point of confusion actually. Where to add docs / what will get autogenerated etc 😢
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) | ||
| ) { |
There was a problem hiding this comment.
thanks for adding these helpful comments, very easy to follow :)
| if ( | ||
| experienceRegion?.toLowerCase().startsWith("us") && | ||
| usApproach === GPPUSApproach.NATIONAL | ||
| ) { |
There was a problem hiding this comment.
is there a better / more robust way to check for "US" regions? If not can we at least add a shared method / util for this so it's more documented?
| } | ||
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) |
There was a problem hiding this comment.
is this going to work if experienceRegion is something like "us_ny"? Can we follow the same approach we use on L 56?
There was a problem hiding this comment.
experienceRegion here is the result of what's happening in L 56 so "us_ny" gets converted to "us" up there.
There was a problem hiding this comment.
oh crap! I just realized that's not the case. This needs to be gppRegion!
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) | ||
| ) { |
| if ( | ||
| !gppSection || | ||
| (experienceRegion === "us" && usApproach === GPPUSApproach.STATE) | ||
| ) { |
There was a problem hiding this comment.
we should at last consolidate a check for experienceRegion being in the US
|
|
||
| // Whether the developer forced the inclusion of the GPP extension via query param on the script tag | ||
| forceGpp: boolean; |
There was a problem hiding this comment.
love that we have less overall code!
| @@ -356,7 +356,7 @@ describe("Fides-js GPP extension", () => { | |||
| supportedAPIs, | |||
| } = data.pingData; | |||
| expect(signalStatus).to.eql("ready"); | |||
| expect(applicableSections).to.eql([]); | |||
| expect(applicableSections).to.eql([-1]); | |||
Closes #PROD-1913
Description Of Changes
US National should only ever be a parsed section if the US National approach is selected in Management > Consent
Code Changes
[]early if approach is set to state and the region is "us"Steps to Confirm
__gpp('ping', ({parsedSections}) => {console.log(parsedSections)})You should see an empty array
[]instead ofusnatv1in the parsed sections.Pre-Merge Checklist
CHANGELOG.md