Skip to content
This repository has been archived by the owner on Nov 30, 2022. It is now read-only.

Backend - Add manual webhook execution #1228

Closed
pattisdr opened this issue Aug 31, 2022 · 3 comments · Fixed by #1285 or #1308
Closed

Backend - Add manual webhook execution #1228

pattisdr opened this issue Aug 31, 2022 · 3 comments · Fixed by #1285 or #1308
Assignees
@pattisdr
Labels
enhancement New feature or request Manual Input DSR Fulfillment

Comments

@pattisdr
Copy link
Contributor

pattisdr commented Aug 31, 2022
edited
Loading

Is your feature request related to a specific problem?

❗ Dependent on #1224

Add API endpoints and support for manual webhooks in the execution layer.

Describe the solution you'd like

Temporarily caching manual data received

  • Add a method to the PrivacyRequest model that caches manual data received for a PolicyManualWebhook. The key might contain a combination of the privacy_request_id and the policy_manual_webhook_id, and store a dictionary of fields/values received.
  • Add an API endpoint that lets you save data to the cache (calls the previous method) for a particular privacy request id and policy_manual_webhook with the values corresponding to the fields configured on the PolicyManualWebhook.
    • The request must be a in a "requires_input" state. All this endpoint does is add data to the cache, it doesn't queue the privacy request for processing again.
  • Add an API endpoint that lets you get data from the cache for a particular privacy request id and policy manual webhook
  • Add an endpoint that shows all the manual webhooks.

Execution

  • First thing in privacy execution, add a check that looks up the PolicyManualWebhooks in the database and compares them with the data received from the PolicyManualWebhooks in the cache for the given privacy_request_id. If we don't have entries for all PolicyManualWebhooks, pause request execution.
  • Add a separate endpoint for resuming privacy request execution after all the data from the manual webhooks has been received:
    • Request must be in "requires_input" mode.
    • We at least must have entries in the cache for all policy_manual_webhooks, there doesn't need to be data, but we need confirmation that all have them have been approved in that the keys exist in the cache
    • Sets request to in_processing, and queues the privacy request again from the "access step".
  • Have upload_access_results separately look up if there's any input data from any PolicyManualWebhooks in the cache and adds those directly to the filtered results with each key as the connection_config key. Unlike regular access results, these fields are just passed directly through, we don't filter on data category.

Describe alternatives you've considered, if any

A description of any alternative solutions or features you've considered.

Additional context

Add any other context or screenshots about the feature request here.
@pattisdr pattisdr added the enhancement New feature or request label Aug 31, 2022
@pattisdr pattisdr mentioned this issue Sep 7, 2022
Merged
10 tasks
@pattisdr
Copy link
Contributor Author

pattisdr commented Sep 7, 2022
edited
Loading

Remember to update the ERD diagram here along with other docs updates.

Also Manual Webhooks are not associated with Policies as they were laid out in the initial design.

See if resume instructions should be modified with this.

@pattisdr
Copy link
Contributor Author

pattisdr commented Sep 8, 2022

Note: Instead of a paused state, these privacy requests are going to be put into a requires_input state

@pattisdr
Copy link
Contributor Author

pattisdr commented Sep 8, 2022
edited
Loading

Assuming that there is no row inputs added, that there is one value that corresponds. This matches the mockups, but I'm not sure if this will match up in reality. In a pinch, data could be supplied comma-separated.

@pattisdr pattisdr mentioned this issue Sep 9, 2022
Merged
10 tasks
eastandwestwind pushed a commit that referenced this issue Sep 13, 2022
@pattisdr
Enable Manual Webhooks in Request Execution [#1228] (#1285)
df4834a 
* Add a method to cache data supplied for a manual webhook on a particular privacy request.

* Add an endpoint to retrieve all enabled access manual webhooks.

* Add an endpoint for uploading manual data corresponding to fields in a manual webhook for a given privacy request with "requires_input" status.

* Add an endpoint to view data manually uploaded for an access manual webhook.

- Add new scopes for the endpoints to upload/view manual data for webhooks.
- Enforce that at least one field is added when defining a manual webhook, and add a fallback if no fields were defined.

* Add an endpoint to resume a privacy request from "requires_input" status once all input has been added.  None of the fields are required, but the a key for each manual webhook still needs to exist in the cache to proceed.

As part of request execution check if data has been uploaded (data can be empty) for all manual webhooks. If True, we can proceed with request execution, otherwise, we put the PrivacyRequest in "requires_input" status and exits.

Also adds the manual data uploaded directly to the packet we upload to the user at the very end.

* Update postman collection.

* Fix request_id query param in existing postman request.

* Include additional details about how to resume a "requires_input" privacy request when getting its status.

* Add docs and update changelog.

* Upload new ERD diagram.

* Don't put a privacy request in requires_input state if this policy only has erasure rules.

* Respond to CR!

* Update manual_webhooks.md
@pattisdr pattisdr mentioned this issue Sep 13, 2022
Merged
10 tasks
eastandwestwind pushed a commit that referenced this issue Sep 14, 2022
@pattisdr
Manual Webhook Followup: UI scopes / Delete [#1228] (#1308)
5177da3 
* Add new scopes related to uploading privacy request data or viewing privacy request data to the UI.

* Set up manual webhooks to cascade delete if their connection config is deleted.

* Mypy issues.
sanders41 pushed a commit that referenced this issue Sep 22, 2022
@pattisdr
Enable Manual Webhooks in Request Execution [#1228] (#1285)
2b25383 
* Add a method to cache data supplied for a manual webhook on a particular privacy request.

* Add an endpoint to retrieve all enabled access manual webhooks.

* Add an endpoint for uploading manual data corresponding to fields in a manual webhook for a given privacy request with "requires_input" status.

* Add an endpoint to view data manually uploaded for an access manual webhook.

- Add new scopes for the endpoints to upload/view manual data for webhooks.
- Enforce that at least one field is added when defining a manual webhook, and add a fallback if no fields were defined.

* Add an endpoint to resume a privacy request from "requires_input" status once all input has been added.  None of the fields are required, but the a key for each manual webhook still needs to exist in the cache to proceed.

As part of request execution check if data has been uploaded (data can be empty) for all manual webhooks. If True, we can proceed with request execution, otherwise, we put the PrivacyRequest in "requires_input" status and exits.

Also adds the manual data uploaded directly to the packet we upload to the user at the very end.

* Update postman collection.

* Fix request_id query param in existing postman request.

* Include additional details about how to resume a "requires_input" privacy request when getting its status.

* Add docs and update changelog.

* Upload new ERD diagram.

* Don't put a privacy request in requires_input state if this policy only has erasure rules.

* Respond to CR!

* Update manual_webhooks.md
sanders41 pushed a commit that referenced this issue Sep 22, 2022
@pattisdr
Manual Webhook Followup: UI scopes / Delete [#1228] (#1308)
0be261d 
* Add new scopes related to uploading privacy request data or viewing privacy request data to the UI.

* Set up manual webhooks to cascade delete if their connection config is deleted.

* Mypy issues.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@pattisdr pattisdr

Labels
enhancement New feature or request Manual Input DSR Fulfillment
Projects
None yet
Milestone
No milestone
2 participants
@seanpreston @pattisdr