gdpr_admin 1.4.2 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0ec941ad2e7b5708375e99e895438d87a0ba4d444793e160eb856153e50416e4
-  data.tar.gz: 3c32e9b55b937b8ae8f3985aa94303cdacb2886ecd310b698cc42131425ae449
+  metadata.gz: b8f6f1437e957b783de64f6a16847142b7eff9ebf14428b8c1d6d8db4011dcde
+  data.tar.gz: 4ea36ea2245d25a95883501dbe7727149bb1f971c4e5f1de27c00621f7526f69
 SHA512:
-  metadata.gz: 6ce2ae11b31814d2a70da810245f966247a1bff2080a6c65c44b25df4d29af81bebd04f8e0d8ae75b25f06c1a9d5e0ca40941620404dd1f8dae9f02d05a9cac0
-  data.tar.gz: bfee1582a3e58facf792acf4ca077cf880009d3c75129d39d6ad2203481a86805b8a2de3fd505c2246f3ebf3fd052e53e3dca4defba73657f51ebde27a0cba8a
+  metadata.gz: 931d742f6e132f9aac3ebf5babf2cf3596b49827830cb90dc5c169f4b8fd570c45ce43a0be4b76c62bea487b2b0bbe1dc643d8486f7e9e58ff35610c4313b77b
+  data.tar.gz: 9f19d2ad664ea3dd95b73524ca914e4f1cd2bdcacfd83a305a2128443bee3036da70002f21bb9487614b4593c2350d0a815f36d70239a2005b34f6a1e27d83a1

data/README.md

@@ -47,12 +47,20 @@ Implement the methods `#scope`, `#export` and `#erase` for the new data policy.
 able to access the `GdprAdmin::Request` object in any method by calling the method `request` - you can, therefore, have
 different scopes and different removal behaviors depending on the request.
 
+Optinally, you may declare a `#subject_scope` method with logic for scoping subject data. If this method is not present,
+it will fallback to the `#scope` method.
+
 ```ruby
 class UserDataPolicy < GdprAdmin::ApplicationDataPolicy
   def scope
     User.with_deleted.where(updated_at: ...request.data_older_than)
   end
 
+  # Optional
+  def subject_scope
+    scope.where(email: request.subject)
+  end
+
   def erase(user)
     user.update_columns(
       first_name: 'Anonymous',

data/app/models/gdpr_admin/request.rb

@@ -3,7 +3,7 @@
 module GdprAdmin
   class Request < ApplicationRecord
     belongs_to :tenant, class_name: GdprAdmin.config.tenant_class
-    belongs_to :requester, class_name: GdprAdmin.config.requester_class, optional: true
+    belongs_to :requester, polymorphic: true, optional: true
 
     VALID_STATUS_TRANSITIONS = {
       pending: %i[processing],
@@ -29,20 +29,26 @@ module GdprAdmin
     after_create_commit :schedule_processing
 
     validates :status, presence: true
+    validates :subject, presence: true, if: :subject_request?
+    validates :subject, absence: true, unless: :subject_request?
     validate :valid_status_transition?
 
     def process!
       GdprAdmin.load_data_policies
-      with_lock { processing! }
+      reload.with_lock { processing! }
       with_lock do
         process_policies
         completed!
       end
     rescue StandardError
-      with_lock { failed! }
+      failed!
       raise
     end
 
+    def subject_request?
+      export_subject? || erase_subject?
+    end
+
     def erase?
       erase_data? || erase_subject?
     end

data/db/migrate/20230212185817_create_gdpr_admin_requests.rb

@@ -4,7 +4,7 @@ class CreateGdprAdminRequests < ActiveRecord::Migration[7.0]
   def change
     create_table :gdpr_admin_requests do |t|
       t.references :tenant, null: false, foreign_key: { to_table: :organizations }
-      t.references :requester, null: true, foreign_key: { to_table: :admin_users }
+      t.references :requester, null: true, polymorphic: true
       t.string :request_type, null: false
       t.string :status, default: 'pending', null: false
       t.datetime :data_older_than, null: false

data/db/migrate/20230417104258_add_subject_to_gdpr_admin_requests.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class AddSubjectToGdprAdminRequests < ActiveRecord::Migration[7.0]
+  def change
+    add_column :gdpr_admin_requests, :subject, :string
+  end
+end

data/lib/gdpr_admin/application_data_policy.rb

@@ -43,14 +43,14 @@ module GdprAdmin
     def process
       GdprAdmin.config.tenant_adapter.with_tenant(request.tenant) do
         run_preprocessors
-        process_scope(scope)
+        process_scope
       rescue SkipDataPolicyError
         nil
       end
     end
 
-    def process_scope(scope)
-      scope.find_each do |record|
+    def process_scope
+      policy_scope.find_each do |record|
         process_record(record)
       end
     end
@@ -59,6 +59,12 @@ module GdprAdmin
 
     attr_reader :request
 
+    def policy_scope
+      return subject_scope if request.subject_request? && respond_to?(:subject_scope)
+
+      scope
+    end
+
     def process_record(record)
       run_record_preprocessors(record)
       export(record) if request.export?

data/lib/gdpr_admin/configuration.rb

@@ -2,13 +2,12 @@
 
 module GdprAdmin
   class Configuration
-    attr_accessor :tenant_class, :requester_class, :data_policies_path, :default_job_queue,
+    attr_accessor :tenant_class, :data_policies_path, :default_job_queue,
                   :erasure_grace_period, :export_grace_period
     attr_writer :tenant_adapter
 
     def initialize
       @tenant_class = 'Organization'
-      @requester_class = 'AdminUser'
       @tenant_adapter = TenantAdapters::ActsAsTenantAdapter.new
       @data_policies_path = Rails.root.join('app', 'gdpr')
       @default_job_queue = :default

data/lib/gdpr_admin/version.rb

@@ -2,6 +2,6 @@
 
 # :nocov:
 module GdprAdmin
-  VERSION = '1.4.2'
+  VERSION = '1.6.0'
 end
 # :nocov:

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: gdpr_admin
 version: !ruby/object:Gem::Version
-  version: 1.4.2
+  version: 1.6.0
 platform: ruby
 authors:
 - Colex
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-03 00:00:00.000000000 Z
+date: 2023-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -156,6 +156,7 @@ files:
 - config/routes.rb
 - db/migrate/20230212185817_create_gdpr_admin_requests.rb
 - db/migrate/20230216171202_create_gdpr_admin_data_retention_policies.rb
+- db/migrate/20230417104258_add_subject_to_gdpr_admin_requests.rb
 - lib/gdpr_admin.rb
 - lib/gdpr_admin/anonymizers/company_anonymizer.rb
 - lib/gdpr_admin/anonymizers/contact_anonymizer.rb