@c15t/backend 2.0.0-rc.0 → 2.0.0-rc.2

package/src/db/tenant-scope.test.ts

@@ -150,14 +150,13 @@ describe('withTenantScope', () => {
 				id: 'sub_1',
 				externalId: null,
 				identityProvider: 'anonymous',
-				isIdentified: false,
 			} as any);
 
 			expect(db.create).toHaveBeenCalledWith('subject', {
 				id: 'sub_1',
 				externalId: null,
 				identityProvider: 'anonymous',
-				isIdentified: false,
+
 				tenantId: 'tenant_abc',
 			});
 		});
@@ -169,13 +168,13 @@ describe('withTenantScope', () => {
 			const scoped = withTenantScope(db, tenantId);
 
 			await scoped.createMany('subject', [
-				{ id: 'sub_1', isIdentified: false } as any,
-				{ id: 'sub_2', isIdentified: true } as any,
+				{ id: 'sub_1', externalId: null } as any,
+				{ id: 'sub_2', externalId: 'ext_1' } as any,
 			]);
 
 			expect(db.createMany).toHaveBeenCalledWith('subject', [
-				{ id: 'sub_1', isIdentified: false, tenantId: 'tenant_abc' },
-				{ id: 'sub_2', isIdentified: true, tenantId: 'tenant_abc' },
+				{ id: 'sub_1', externalId: null, tenantId: 'tenant_abc' },
+				{ id: 'sub_2', externalId: 'ext_1', tenantId: 'tenant_abc' },
 			]);
 		});
 	});
@@ -284,7 +283,7 @@ describe('withTenantScope', () => {
 			const scoped = withTenantScope(db, tenantId);
 
 			await scoped.count('subject', {
-				where: (b: any) => b('isIdentified', '=', true),
+				where: (b: any) => b('externalId', '=', 'ext_1'),
 			});
 
 			const passedOpts = db.count.mock.calls[0][1];
@@ -295,9 +294,9 @@ describe('withTenantScope', () => {
 				conditions: [
 					{
 						_type: 'condition',
-						col: 'isIdentified',
+						col: 'externalId',
 						op: '=',
-						val: true,
+						val: 'ext_1',
 					},
 					{
 						_type: 'condition',
@@ -380,7 +379,6 @@ describe('withTenantScope', () => {
 				create: {
 					id: 'sub_1',
 					externalId: 'ext_1',
-					isIdentified: true,
 				} as any,
 				update: { identityProvider: 'google' },
 			});
@@ -391,7 +389,7 @@ describe('withTenantScope', () => {
 			expect(passedOpts.create).toEqual({
 				id: 'sub_1',
 				externalId: 'ext_1',
-				isIdentified: true,
+
 				tenantId: 'tenant_abc',
 			});
 
@@ -432,7 +430,6 @@ describe('withTenantScope', () => {
 			await scoped.transaction(async (tx) => {
 				await tx.create('subject', {
 					id: 'sub_1',
-					isIdentified: false,
 				} as any);
 				await tx.findFirst('subject', {
 					where: (b: any) => b('id', '=', 'sub_1'),
@@ -442,7 +439,7 @@ describe('withTenantScope', () => {
 			// The inner db should have tenantId injected
 			expect(innerDb.create).toHaveBeenCalledWith('subject', {
 				id: 'sub_1',
-				isIdentified: false,
+
 				tenantId: 'tenant_abc',
 			});
 

package/src/handlers/subject/get.handler.ts

@@ -69,7 +69,6 @@ export const getSubjectHandler = async (c: Context) => {
 			subject: {
 				id: subject.id,
 				externalId: subject.externalId ?? undefined,
-				isIdentified: subject.isIdentified,
 				createdAt: subject.createdAt,
 			},
 			consents: filteredConsents,

package/src/handlers/subject/list.handler.ts

@@ -60,7 +60,6 @@ export const listSubjectsHandler = async (c: Context) => {
 				return {
 					id: subject.id,
 					externalId: subject.externalId ?? externalId,
-					isIdentified: subject.isIdentified,
 					createdAt: subject.createdAt,
 					consents: consentItems,
 				};

package/src/handlers/subject/patch.handler.ts

@@ -59,7 +59,6 @@ export const patchSubjectHandler = async (c: Context) => {
 				set: {
 					externalId,
 					identityProvider,
-					isIdentified: true,
 					updatedAt: new Date(),
 				},
 			});
@@ -79,7 +78,6 @@ export const patchSubjectHandler = async (c: Context) => {
 						from: subject.identityProvider,
 						to: identityProvider,
 					},
-					isIdentified: { from: subject.isIdentified, to: true },
 				},
 				metadata: {
 					externalId,
@@ -101,7 +99,6 @@ export const patchSubjectHandler = async (c: Context) => {
 			subject: {
 				id: subjectId,
 				externalId,
-				isIdentified: true,
 			},
 		});
 	} catch (error) {

package/src/handlers/subject/post.handler.ts

@@ -40,6 +40,19 @@ export const postSubjectHandler = async (c: Context) => {
 	const preferences = 'preferences' in input ? input.preferences : undefined;
 	const givenAt = new Date(givenAtEpoch);
 
+	// Derive model-aware consent action from the raw frontend type
+	const rawConsentAction =
+		'consentAction' in input ? input.consentAction : undefined;
+	let derivedConsentAction: string | undefined;
+	if (rawConsentAction === 'all') {
+		derivedConsentAction = 'accept_all';
+	} else if (rawConsentAction === 'necessary') {
+		derivedConsentAction =
+			input.jurisdictionModel === 'opt-out' ? 'opt_out' : 'reject_all';
+	} else if (rawConsentAction === 'custom') {
+		derivedConsentAction = 'custom';
+	}
+
 	logger.debug('Request parameters', {
 		type,
 		subjectId,
@@ -188,6 +201,7 @@ export const postSubjectHandler = async (c: Context) => {
 				jurisdictionModel: input.jurisdictionModel,
 				tcString: input.tcString,
 				uiSource: input.uiSource,
+				consentAction: derivedConsentAction,
 				givenAt,
 			});
 

package/src/routes/init.ts

@@ -63,20 +63,20 @@ Use for geo-targeted consent banners and regional compliance.`,
 
 			// Get GVL if enabled
 			let gvl = null;
-			if (options.advanced?.gvl?.enabled) {
+			if (options.advanced?.iab?.enabled) {
 				const language = translationsResult.language.split('-')[0] || 'en';
 				const gvlResolver = createGVLResolver({
 					appName: options.appName || 'c15t',
-					bundled: options.advanced.gvl.bundled,
+					bundled: options.advanced.iab.bundled,
 					cacheAdapter: options.advanced.cache?.adapter,
-					vendorIds: options.advanced.gvl.vendorIds,
-					endpoint: options.advanced.gvl.endpoint,
+					vendorIds: options.advanced.iab.vendorIds,
+					endpoint: options.advanced.iab.endpoint,
 				});
 				gvl = await gvlResolver.get(language);
 			}
 
 			// Get custom vendors if configured
-			const customVendors = options.advanced?.gvl?.customVendors;
+			const customVendors = options.advanced?.iab?.customVendors;
 
 			// Record init metric
 			const gpc = request.headers.get('sec-gpc') === '1';
@@ -94,6 +94,9 @@ Use for geo-targeted consent banners and regional compliance.`,
 				branding: options.advanced?.branding || 'c15t',
 				gvl,
 				customVendors,
+				...(options.advanced?.iab?.cmpId != null && {
+					cmpId: options.advanced.iab.cmpId,
+				}),
 			});
 		}
 	);

package/src/types/index.ts

@@ -182,17 +182,26 @@ export interface AdvancedOptions {
 	apiKeys?: string[];
 
 	/**
-	 * GVL (Global Vendor List) configuration for IAB TCF compliance.
+	 * IAB TCF configuration including GVL, CMP registration, and custom vendors.
 	 * Disabled by default - most users don't need IAB TCF.
-	 * Set enabled: true to activate GVL support.
+	 * Set enabled: true to activate IAB support.
 	 */
-	gvl?: {
+	iab?: {
 		/**
-		 * Enable GVL support.
+		 * Enable IAB TCF support.
 		 * When false or not provided, /init returns gvl: null.
 		 */
 		enabled: true;
 
+		/**
+		 * CMP ID registered with IAB Europe.
+		 * This is returned to clients via the /init endpoint so they
+		 * can use the correct CMP identity in TC Strings.
+		 *
+		 * @see https://iabeurope.eu/cmp-list/ - List of registered CMPs
+		 */
+		cmpId?: number;
+
 		/**
 		 * Bundled GVL translations by language code.
 		 * These are checked first before any cache or fetch.
@@ -202,7 +211,7 @@ export interface AdvancedOptions {
 		 * import enGVL from './gvl/en.json';
 		 * import deGVL from './gvl/de.json';
 		 *
-		 * gvl: {
+		 * iab: {
 		 *   enabled: true,
 		 *   bundled: { en: enGVL, de: deGVL }
 		 * }

package/src/version.ts

@@ -1,2 +1,2 @@
 // Generated by genversion.
-export const version = '2.0.0-rc.0';
+export const version = '2.0.0-rc.2';