View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005584 | Composr | core_privacy | public | 2024-01-30 17:46 | 2024-08-04 22:45 |
| Reporter | Patrick Schmalstig | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | assigned | Resolution | open | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0005584: Handle catalogue fields in privacy system | ||||
| Description | Currently, only the download privacy action handles catalogue fields (via serialise). Also handle catalogue fields in the anonymise privacy action, and get_selection_sql privacy code module function: get_selection_sql: piggy-back off of catalogue_entries... in catalogue_entries, JOIN on the catalogue field values field hooks: Add a new method: privacy_anonymise. Return true if catalogue fields of this type should be anonymised via the privacy system. Generally, anything involving members, usernames, IP addresses, e-mails, legal names, phone numbers, etc should be true. privacy hook: Add the table holding fields and their values to the hook, with ANONYMISE as the default and only allowed method. Don't define anything for the fields. Add this table as an exception in privacy_hooks unit test when it complains about not defining this because it has no personal data fields defined. anonymise: Add an anonymise override on the privacy hook. When running on the table dealing with catalogue field values, check the field type and determine via the field hook if it should be anonymised (providing it matches criteria). It should be anonymised if either the value directly matches the criteria or its parent catalogue_entries row passes the is_owner check. | ||||
| Additional Information | This is work I'm going to do untracked as I'd like to see this functionality | ||||
| Tags | Roadmap: v11, Type: Legal compliance / Privacy | ||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
| related to | 0005555 | resolved | Patrick Schmalstig | Composr alpha bug reports | Privacy purging overhaul |
| related to | 0005585 | resolved | Patrick Schmalstig | Composr | Provide files in privacy download archive |
|
|
Need to also account for fields which may hold personally uploaded files ( 0005585 ) |
|
|
Actually this system won't work get selection SQL: cannot easily piggy back because we'd be joining on many tables (catalogues store entry values depending on field type) Field hooks: Instead of defining in the hook whether to anonymise it, I added a new setting when creating fields on catalogues: "May contain personal information". That way, admins can define per-field which ones should be handled by privacy. I did add a new method in some field hooks, privacy_field_type, to define how the privacy system should treat this field (e.g. what criteria to match against it). By default, privacy treats as an additional anonymise field unless this method returns otherwise. Added IP address field hooks so admins can define IP addresses specifically; necessary so the privacy system can treat them as such. Did NOT add the tables holding catalogue values to privacy hooks (at least not yet). It won't work the way I'd want it to considering values are stored separately from fields. --- WHAT NEEDS DONE --- * Currently v11 only matches against the catalogue entry details itself, not the values within an entry. So if a (sensitive) field contains, say, a member ID, it still won't match in privacy unless the catalogue entry itself matched. I have absolutely no idea right now how to remedy this; it is a very complex problem. Deferring to Chris on this one. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-01-30 17:46 | Patrick Schmalstig | New Issue | |
| 2024-01-30 17:46 | Patrick Schmalstig | Status | non-assigned => assigned |
| 2024-01-30 17:46 | Patrick Schmalstig | Assigned To | => Patrick Schmalstig |
| 2024-01-30 17:50 | Patrick Schmalstig | Tag Attached: Roadmap: v11 | |
| 2024-01-30 17:50 | Patrick Schmalstig | Relationship added | related to 0005555 |
| 2024-01-30 17:50 | Patrick Schmalstig | Relationship added | related to 0005585 |
| 2024-04-01 01:00 | Patrick Schmalstig | Note Added: 0008505 | |
| 2024-04-07 00:34 | Patrick Schmalstig | Note Added: 0008530 | |
| 2024-04-07 00:34 | Patrick Schmalstig | Assigned To | Patrick Schmalstig => Chris Graham |
| 2024-04-07 00:34 | Patrick Schmalstig | Note Edited: 0008530 | View Revisions |
| 2024-08-04 22:44 | Chris Graham | Description Updated | View Revisions |
| 2024-08-04 22:45 | Chris Graham | Tag Attached: Type: Legal compliance / Privacy |
