Skip to content
This repository has been archived by the owner on Nov 30, 2022. It is now read-only.

1154 email upon privacy request receipt #1303

Merged
merged 13 commits into from
Sep 14, 2022
Merged

1154 email upon privacy request receipt #1303

merged 13 commits into from
Sep 14, 2022

Conversation

eastandwestwind
Copy link
Contributor

@eastandwestwind eastandwestwind commented Sep 12, 2022
edited
Loading

Purpose

Allows sending email upon privacy request receipt

Changes

  • Adds template for privacy request receipt
  • Adds new config var FIDESOPS__NOTIFICATIONS__SEND_REQUEST_RECEIPT_NOTIFICATION
  • Adds logic in privacy request endpoint to handle email send, if applicable
  • Adds docs

Checklist

  • Update CHANGELOG.md file
    • Merge in main so the most recent CHANGELOG.md file is being appended to
    • Add description within the Unreleased section in an appropriate category. Add a new category from the list at the top of the file if the needed one isn't already there.
    • Add a link to this PR at the end of the description with the PR number as the text. example: #1
  • Applicable documentation updated (guides, quickstart, postman collections, tutorial, fidesdemo, database diagram.
  • If docs updated (select one):
    • documentation complete, or draft/outline provided (tag docs-team to complete/review on this branch)
    • documentation issue created (tag docs-team to complete issue separately)
  • Good unit test/integration test coverage
  • This PR contains a DB migration. If checked, the reviewer should confirm with the author that the down_revision correctly references the previous migration before merging
  • The Run Unsafe PR Checks label has been applied, and checks have passed, if this PR touches any external services

Ticket

Fixes #1154

seanpreston
seanpreston reviewed Sep 13, 2022
View reviewed changes
src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py
db: Session, policy: Policy, email: Optional[str]
) -> None:
"""Helper function to send request receipt email to the user"""
if not email:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this function will error if no email is provided, should the function be optional?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to keep email optional here so that this helper function can encapsulate handling err cases for params needed to send an email. Is that what you meant?

pattisdr
pattisdr reviewed Sep 13, 2022
View reviewed changes
Copy link
Contributor

@pattisdr pattisdr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice work @eastandwestwind I just left a couple comments

src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Show resolved Hide resolved
src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Outdated
)
except EmailDispatchException as e:
# catch early since this failure isn't fatal to privacy request, unlike the subject id verification email
logger.error(e)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One of the EmailDispatchExceptions can log the exception error plain, is that a concern here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

to be safe, I can mask for potential pii here

data/config/fidesops.toml Show resolved Hide resolved
tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py Show resolved Hide resolved
conceptualshark
conceptualshark approved these changes Sep 14, 2022
View reviewed changes
Copy link
Contributor

@conceptualshark conceptualshark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Good from a docs perspective!

@eastandwestwind
Copy link
Contributor Author

Over to you again @pattisdr, appreciate the review !

pattisdr
pattisdr reviewed Sep 14, 2022
View reviewed changes
Copy link
Contributor

@pattisdr pattisdr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This works well @eastandwestwind, just requesting a small change to where you're masking Pii so as much useful information gets surfaced as possible. Your EmailDispatchExceptions are in general very good without revealing Pii so it would be good to surface as much of that as we could to the user.

src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Outdated Show resolved Hide resolved
src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Outdated Show resolved Hide resolved
src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Show resolved Hide resolved
src/fidesops/ops/api/v1/endpoints/privacy_request_endpoints.py Outdated Show resolved Hide resolved
tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py Show resolved Hide resolved
eastandwestwind
eastandwestwind commented Sep 14, 2022
View reviewed changes
src/fidesops/ops/service/connectors/email_connector.py
@@ -77,7 +76,7 @@ def test_connection(self) -> Optional[ConnectionTestStatus]:
],
)
except EmailDispatchException as exc:
logger.info("Email connector test failed with exception %s", Pii(exc))
logger.info("Email connector test failed with exception %s", exc)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've updated this, too, to let the email dispatch service handle the PII masking for these exceptions

pattisdr
pattisdr reviewed Sep 14, 2022
View reviewed changes
Copy link
Contributor

@pattisdr pattisdr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🏆

@pattisdr pattisdr merged commit 532f5e5 into main Sep 14, 2022
@pattisdr pattisdr deleted the 1154-email-upon-privacy-request-receipt branch September 14, 2022 21:58
sanders41 pushed a commit that referenced this pull request Sep 22, 2022
@eastandwestwind
1154 send email upon privacy request receipt (#1303)
e02636b
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@pattisdr pattisdr pattisdr left review comments

@seanpreston seanpreston seanpreston left review comments

@conceptualshark conceptualshark conceptualshark approved these changes

Assignees

@pattisdr pattisdr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Email notification acknowledging PrivacyRequest receipt
4 participants
@eastandwestwind @seanpreston @pattisdr @conceptualshark