Skip to content
This repository has been archived by the owner on Nov 30, 2022. It is now read-only.

DB ExecutionLogs should only print affected data categories for erasures #144

Closed
iamkelllly opened this issue Dec 22, 2021 · 1 comment · Fixed by #236
Closed

DB ExecutionLogs should only print affected data categories for erasures #144

iamkelllly opened this issue Dec 22, 2021 · 1 comment · Fixed by #236
Assignees
Labels
bug Something isn't working

Comments

@iamkelllly
Copy link
Contributor

Born from the discussion on #38 , we found that fields_affected in the logs includes data_categories that were not specified on the erasure rule. This is misleading and incorrect.

The logs fields_affected should only output categories that were, in fact, masked by fidesops. This issue should correct the log output and for any other place that the logs incorrectly print what was affected, correct that as well.

@iamkelllly iamkelllly added the bug Something isn't working label Dec 22, 2021
@iamkelllly iamkelllly added this to the Roadmap milestone Dec 22, 2021
@iamkelllly iamkelllly changed the title Logs should only output affected Logs should only output affected data categories Dec 22, 2021
@iamkelllly iamkelllly changed the title Logs should only output affected data categories Logs should only print affected data categories for erasures Dec 22, 2021
@pattisdr
Copy link
Contributor

Note, these are the ExecutionLogs that are written to the db-

@iamkelllly iamkelllly changed the title Logs should only print affected data categories for erasures DB ExecutionLogs should only print affected data categories for erasures Dec 22, 2021
@iamkelllly iamkelllly modified the milestones: Roadmap, Fidesops 1.3.0 Feb 22, 2022
seanpreston pushed a commit that referenced this issue Mar 2, 2022
* Log just potentially affected fields on the execution logs, rather than all of the fields.

* Add test asserting rules with overlapping data categories don't produce duplicate fields in log.

* Update reporting docs to correct an inaccuracy  - queries are not logged in the execution logs, we just have the status of the request and potential fields affected.

- Also have the examples show the in_processing/complete execution logs instead of pending execution logs, because we don't create pending execution logs for an individual collection anymore.
- Privacy requests can also have a "paused" status due to pre-execution policy webhooks

* Add missing backticks around collection names.
sanders41 pushed a commit that referenced this issue Sep 22, 2022
* Log just potentially affected fields on the execution logs, rather than all of the fields.

* Add test asserting rules with overlapping data categories don't produce duplicate fields in log.

* Update reporting docs to correct an inaccuracy  - queries are not logged in the execution logs, we just have the status of the request and potential fields affected.

- Also have the examples show the in_processing/complete execution logs instead of pending execution logs, because we don't create pending execution logs for an individual collection anymore.
- Privacy requests can also have a "paused" status due to pre-execution policy webhooks

* Add missing backticks around collection names.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants