npm - @tantainnovative/ndpr-toolkit - Versions diffs - 1.0.3 → 1.0.5 - Mend

@tantainnovative/ndpr-toolkit 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/packages/ndpr-toolkit/src/__tests__/utils/breach.test.ts DELETED Viewed

@@ -1,149 +0,0 @@
-import { calculateBreachSeverity } from '../../utils/breach';
-import { BreachReport, RiskAssessment } from '../../types/breach';
-describe('calculateBreachSeverity', () => {
-  const breachReport: BreachReport = {
-    id: 'breach-123',
-    title: 'Database Breach',
-    description: 'Unauthorized access to customer database',
-    category: 'unauthorized_access',
-    discoveredAt: 1620000000000,
-    occurredAt: 1619900000000,
-    reportedAt: 1620010000000,
-    reporter: {
-      name: 'John Smith',
-      email: 'john@example.com',
-      department: 'IT Security',
-      phone: '1234567890'
-    },
-    affectedSystems: ['customer-db', 'payment-system'],
-    dataTypes: ['personal', 'financial'],
-    estimatedAffectedSubjects: 1000,
-    status: 'contained'
-  };
-  it('should calculate high severity for sensitive data and large number of affected subjects', () => {
-    const assessment: RiskAssessment = {
-      id: 'risk-123',
-      breachId: 'breach-123',
-      assessor: {
-        name: 'John Doe',
-        role: 'DPO',
-        email: 'dpo@example.com'
-      },
-      assessedAt: 1620000000000,
-      confidentialityImpact: 4,
-      integrityImpact: 3,
-      availabilityImpact: 3,
-      harmLikelihood: 4,
-      harmSeverity: 4,
-      overallRiskScore: 16,
-      riskLevel: 'high',
-      risksToRightsAndFreedoms: true,
-      highRisksToRightsAndFreedoms: true,
-      justification: 'High risk due to sensitive financial data'
-    };
-    const result = calculateBreachSeverity(breachReport, assessment);
-    expect(result.severityLevel).toBe('high');
-    expect(result.notificationRequired).toBe(true);
-    expect(result.urgentNotificationRequired).toBe(true);
-    expect(result.timeframeHours).toBe(72);
-    expect(result.justification).toBe('High risk due to sensitive financial data');
-  });
-  it('should calculate medium severity for non-sensitive data with medium impact', () => {
-    const assessment: RiskAssessment = {
-      id: 'risk-456',
-      breachId: 'breach-456',
-      assessor: {
-        name: 'Jane Smith',
-        role: 'Security Officer',
-        email: 'security@example.com'
-      },
-      assessedAt: 1620100000000,
-      confidentialityImpact: 3,
-      integrityImpact: 2,
-      availabilityImpact: 2,
-      harmLikelihood: 3,
-      harmSeverity: 3,
-      overallRiskScore: 9,
-      riskLevel: 'medium',
-      risksToRightsAndFreedoms: true,
-      highRisksToRightsAndFreedoms: false,
-      justification: 'Medium risk due to personal data exposure'
-    };
-    const result = calculateBreachSeverity(breachReport, assessment);
-    expect(result.severityLevel).toBe('medium');
-    expect(result.notificationRequired).toBe(true);
-    expect(result.urgentNotificationRequired).toBe(false);
-    expect(result.timeframeHours).toBe(72);
-    expect(result.justification).toBe('Medium risk due to personal data exposure');
-  });
-  it('should calculate low severity for contained breach with low impact', () => {
-    const assessment: RiskAssessment = {
-      id: 'risk-789',
-      breachId: 'breach-789',
-      assessor: {
-        name: 'Alex Johnson',
-        role: 'Compliance Manager',
-        email: 'compliance@example.com'
-      },
-      assessedAt: 1620200000000,
-      confidentialityImpact: 1,
-      integrityImpact: 1,
-      availabilityImpact: 2,
-      harmLikelihood: 2,
-      harmSeverity: 1,
-      overallRiskScore: 2,
-      riskLevel: 'low',
-      risksToRightsAndFreedoms: false,
-      highRisksToRightsAndFreedoms: false,
-      justification: 'Low risk due to minimal data exposure'
-    };
-    const result = calculateBreachSeverity(breachReport, assessment);
-    expect(result.severityLevel).toBe('low');
-    expect(result.notificationRequired).toBe(false);
-    expect(result.urgentNotificationRequired).toBe(false);
-    expect(result.timeframeHours).toBe(72);
-    expect(result.justification).toBe('Low risk due to minimal data exposure');
-  });
-  it('should calculate severity based on breach report when no assessment is provided', () => {
-    // Create a breach report with sensitive data and large scale
-    const sensitiveBreachReport: BreachReport = {
-      ...breachReport,
-      dataTypes: ['personal', 'financial', 'health'],
-      estimatedAffectedSubjects: 5000,
-      status: 'ongoing'
-    };
-    const result = calculateBreachSeverity(sensitiveBreachReport);
-    // With 3 severity factors (sensitive data, large scale, ongoing), it should be critical
-    expect(result.severityLevel).toBe('critical');
-    expect(result.notificationRequired).toBe(true);
-    expect(result.urgentNotificationRequired).toBe(true);
-    expect(result.timeframeHours).toBe(72);
-    expect(result.justification).toContain('Critical risk');
-  });
-  it('should always require notification for ongoing breaches', () => {
-    const ongoingBreachReport: BreachReport = {
-      ...breachReport,
-      status: 'ongoing',
-      dataTypes: ['personal']
-    };
-    const result = calculateBreachSeverity(ongoingBreachReport);
-    expect(result.notificationRequired).toBe(true);
-    expect(result.justification).toContain('Medium risk');
-  });
-});

package/packages/ndpr-toolkit/src/__tests__/utils/consent.test.ts DELETED Viewed

@@ -1,88 +0,0 @@
-import { validateConsent } from '../../utils/consent';
-import { ConsentSettings } from '../../types/consent';
-describe('validateConsent', () => {
-  it('should validate valid consent settings', () => {
-    const settings: ConsentSettings = {
-      consents: {
-        necessary: true,
-        analytics: false,
-        marketing: true
-      },
-      timestamp: Date.now(),
-      version: '1.0',
-      method: 'banner',
-      hasInteracted: true
-    };
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(true);
-    expect(result.errors).toEqual([]);
-  });
-  it('should invalidate settings with missing consents', () => {
-    const settings: ConsentSettings = {
-      consents: {},
-      timestamp: Date.now(),
-      version: '1.0',
-      method: 'banner',
-      hasInteracted: true
-    };
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(false);
-    expect(result.errors).toContain('Consent settings must include at least one consent option');
-  });
-  it('should invalidate settings with missing timestamp', () => {
-    const settings = {
-      consents: { necessary: true },
-      version: '1.0',
-      method: 'banner',
-      hasInteracted: true
-    } as unknown as ConsentSettings;
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(false);
-    expect(result.errors).toContain('Consent timestamp is required');
-  });
-  it('should invalidate settings with missing version', () => {
-    const settings = {
-      consents: { necessary: true },
-      timestamp: Date.now(),
-      method: 'banner',
-      hasInteracted: true
-    } as unknown as ConsentSettings;
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(false);
-    expect(result.errors).toContain('Consent version is required');
-  });
-  it('should invalidate settings with missing method', () => {
-    const settings = {
-      consents: { necessary: true },
-      timestamp: Date.now(),
-      version: '1.0',
-      hasInteracted: true
-    } as unknown as ConsentSettings;
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(false);
-    expect(result.errors).toContain('Consent collection method is required');
-  });
-  it('should invalidate settings with missing hasInteracted', () => {
-    const settings = {
-      consents: { necessary: true },
-      timestamp: Date.now(),
-      version: '1.0',
-      method: 'banner'
-    } as unknown as ConsentSettings;
-    const result = validateConsent(settings);
-    expect(result.valid).toBe(false);
-    expect(result.errors).toContain('User interaction status is required');
-  });
-});

package/packages/ndpr-toolkit/src/__tests__/utils/dpia.test.ts DELETED Viewed

@@ -1,160 +0,0 @@
-import { assessDPIARisk } from '../../utils/dpia';
-import { DPIAResult, DPIARisk } from '../../types/dpia';
-describe('assessDPIARisk', () => {
-  it('should correctly assess risk based on high risk data', () => {
-    // Create a DPIA result with high risks
-    const dpiaResult: DPIAResult = {
-      id: '123',
-      title: 'Test DPIA',
-      processingDescription: 'Processing sensitive customer data',
-      startedAt: Date.now(),
-      assessor: {
-        name: 'John Doe',
-        role: 'DPO',
-        email: 'john@example.com'
-      },
-      answers: {
-        q1: 'yes',
-        q2: 'large'
-      },
-      risks: [
-        {
-          id: 'risk_1',
-          description: 'Processing involves sensitive personal data',
-          likelihood: 5,
-          impact: 5,
-          score: 25,
-          level: 'high',
-          mitigated: false,
-          relatedQuestionIds: ['q1']
-        },
-        {
-          id: 'risk_2',
-          description: 'Large volume of data being processed',
-          likelihood: 5,
-          impact: 5,
-          score: 25,
-          level: 'high',
-          mitigated: false,
-          relatedQuestionIds: ['q2']
-        },
-        {
-          id: 'risk_3',
-          description: 'Another high risk factor',
-          likelihood: 5,
-          impact: 5,
-          score: 25,
-          level: 'high',
-          mitigated: false,
-          relatedQuestionIds: ['q3']
-        }
-      ],
-      overallRiskLevel: 'low', // Will be updated by the function
-      canProceed: true, // Will be updated by the function
-      conclusion: 'Initial conclusion',
-      version: '1.0'
-    };
-    const result = assessDPIARisk(dpiaResult);
-    expect(result.overallRiskLevel).toBe('high');
-    expect(result.requiresConsultation).toBe(true);
-    expect(result.canProceed).toBe(false);
-    expect(result.recommendations.length).toBeGreaterThan(0);
-  });
-  it('should handle medium risk levels', () => {
-    // Create a DPIA result with medium risks
-    const dpiaResult: DPIAResult = {
-      id: '456',
-      title: 'Test DPIA',
-      processingDescription: 'Processing customer data',
-      startedAt: Date.now(),
-      assessor: {
-        name: 'Jane Smith',
-        role: 'Privacy Officer',
-        email: 'jane@example.com'
-      },
-      answers: {
-        q1: 'no',
-        q2: 'medium'
-      },
-      risks: [
-        {
-          id: 'risk_1',
-          description: 'Medium volume of data being processed',
-          likelihood: 3,
-          impact: 3,
-          score: 9,
-          level: 'medium',
-          mitigated: false,
-          relatedQuestionIds: ['q2']
-        },
-        {
-          id: 'risk_2',
-          description: 'Another medium risk factor',
-          likelihood: 3,
-          impact: 3,
-          score: 9,
-          level: 'medium',
-          mitigated: false,
-          relatedQuestionIds: ['q3']
-        }
-      ],
-      overallRiskLevel: 'low', // Will be updated by the function
-      canProceed: true, // Will be updated by the function
-      conclusion: 'Initial conclusion',
-      version: '1.0'
-    };
-    const result = assessDPIARisk(dpiaResult);
-    expect(result.overallRiskLevel).toBe('medium');
-    expect(result.requiresConsultation).toBe(false);
-    expect(result.canProceed).toBe(true);
-    expect(result.recommendations.length).toBeGreaterThan(0);
-  });
-  it('should handle low risk levels', () => {
-    // Create a DPIA result with no significant risks
-    const dpiaResult: DPIAResult = {
-      id: '789',
-      title: 'Test DPIA',
-      processingDescription: 'Processing minimal customer data',
-      startedAt: Date.now(),
-      assessor: {
-        name: 'Alex Johnson',
-        role: 'Compliance Manager',
-        email: 'alex@example.com'
-      },
-      answers: {
-        q1: 'Marketing purposes',
-        q2: 'small'
-      },
-      risks: [
-        {
-          id: 'risk_1',
-          description: 'Small volume of data being processed',
-          likelihood: 1,
-          impact: 1,
-          score: 1,
-          level: 'low',
-          mitigated: true,
-          relatedQuestionIds: ['q2']
-        }
-      ],
-      overallRiskLevel: 'low', // Will be updated by the function
-      canProceed: true, // Will be updated by the function
-      conclusion: 'Initial conclusion',
-      version: '1.0'
-    };
-    const result = assessDPIARisk(dpiaResult);
-    expect(result.overallRiskLevel).toBe('low');
-    expect(result.requiresConsultation).toBe(false);
-    expect(result.canProceed).toBe(true);
-    expect(result.recommendations.length).toBeGreaterThan(0);
-  });
-});

package/packages/ndpr-toolkit/src/__tests__/utils/dsr.test.ts DELETED Viewed

@@ -1,110 +0,0 @@
-import { formatDSRRequest } from '../../utils/dsr';
-import { DSRRequest, DSRType, DSRStatus } from '../../types/dsr';
-describe('formatDSRRequest', () => {
-  it('should format a DSR request correctly', () => {
-    const request: DSRRequest = {
-      id: '123',
-      type: 'access',
-      status: 'pending',
-      createdAt: 1620000000000,
-      updatedAt: 1620000000000,
-      subject: {
-        name: 'John Doe',
-        email: 'john@example.com',
-        phone: '1234567890'
-      },
-      description: 'I want to access my data'
-    };
-    const result = formatDSRRequest(request);
-    expect(result.isValid).toBe(true);
-    expect(result.formattedRequest.dataSubject.name).toBe('John Doe');
-    expect(result.formattedRequest.requestType).toBe('access');
-    expect(result.formattedRequest.status).toBe('pending');
-    expect(result.formattedRequest.dataSubject.email).toBe('john@example.com');
-    expect(result.formattedRequest.additionalInformation).toEqual({});
-    expect(result.validationErrors.length).toBe(0);
-  });
-  it('should handle missing optional fields', () => {
-    const request: DSRRequest = {
-      id: '456',
-      type: 'erasure',
-      status: 'completed',
-      createdAt: 1620000000000,
-      updatedAt: 1620100000000,
-      completedAt: 1620200000000,
-      subject: {
-        name: 'Jane Smith',
-        email: 'jane@example.com'
-        // phone is missing
-      }
-      // description is missing
-    };
-    const result = formatDSRRequest(request);
-    expect(result.isValid).toBe(true);
-    expect(result.formattedRequest.dataSubject.name).toBe('Jane Smith');
-    expect(result.formattedRequest.requestType).toBe('erasure');
-    expect(result.formattedRequest.status).toBe('completed');
-    expect(result.formattedRequest.dataSubject.email).toBe('jane@example.com');
-    expect(result.formattedRequest.dataSubject.phone).toBe('Not provided');
-    expect(JSON.stringify(result.formattedRequest)).not.toContain('undefined');
-  });
-  it('should include completion date when available', () => {
-    const request: DSRRequest = {
-      id: '789',
-      type: 'rectification',
-      status: 'completed',
-      createdAt: 1620000000000,
-      updatedAt: 1620100000000,
-      completedAt: 1620200000000,
-      subject: {
-        name: 'Bob Johnson',
-        email: 'bob@example.com'
-      }
-    };
-    const result = formatDSRRequest(request);
-    expect(result.isValid).toBe(true);
-    // Check that the completedAt date is properly formatted in ISO format
-    expect(result.formattedRequest.lastUpdated).toBe(new Date(1620100000000).toISOString());
-    expect(result.formattedRequest.dataSubject.name).toBe('Bob Johnson');
-    expect(result.formattedRequest.requestType).toBe('rectification');
-    expect(result.formattedRequest.status).toBe('completed');
-  });
-  it('should handle additional info when present', () => {
-    const request: DSRRequest = {
-      id: '101',
-      type: 'portability',
-      status: 'inProgress',
-      createdAt: 1620000000000,
-      updatedAt: 1620100000000,
-      subject: {
-        name: 'Alice Brown',
-        email: 'alice@example.com'
-      },
-      additionalInfo: {
-        format: 'CSV',
-        timeRange: 'Last 12 months'
-      }
-    };
-    const result = formatDSRRequest(request);
-    expect(result.isValid).toBe(true);
-    expect(result.formattedRequest.dataSubject.name).toBe('Alice Brown');
-    expect(result.formattedRequest.requestType).toBe('portability');
-    expect(result.formattedRequest.status).toBe('inProgress');
-    expect(result.formattedRequest.additionalInformation).toEqual({
-      format: 'CSV',
-      timeRange: 'Last 12 months'
-    });
-  });
-});

package/packages/ndpr-toolkit/src/__tests__/utils/privacy.test.ts DELETED Viewed

@@ -1,97 +0,0 @@
-import { generatePolicyText } from '../../utils/privacy';
-import { PolicySection } from '../../types/privacy';
-describe('generatePolicyText', () => {
-  it('should replace variables in templates', () => {
-    const sections: PolicySection[] = [
-      {
-        id: 'introduction',
-        title: 'Introduction',
-        template: 'This Privacy Policy explains how {{organizationName}} collects and uses your data.',
-        required: true,
-        included: true
-      },
-      {
-        id: 'contact',
-        title: 'Contact Information',
-        template: 'For questions about this policy, please contact us at {{contactEmail}}.',
-        required: true,
-        included: true
-      }
-    ];
-    const variables = {
-      organizationName: 'Acme Corporation',
-      contactEmail: 'privacy@acme.com'
-    };
-    const result = generatePolicyText(sections, variables) as {
-      fullText: string;
-      sectionTexts: Record<string, string>;
-      missingVariables: string[];
-    };
-    expect(result.fullText).toContain('This Privacy Policy explains how Acme Corporation collects and uses your data.');
-    expect(result.fullText).toContain('For questions about this policy, please contact us at privacy@acme.com.');
-    // Check the number of sections by counting keys in sectionTexts
-    expect(Object.keys(result.sectionTexts).length).toBe(2);
-    // Check the content of the first section
-    expect(Object.values(result.sectionTexts)[0]).toBe('This Privacy Policy explains how Acme Corporation collects and uses your data.');
-  });
-  it('should skip sections that are not included', () => {
-    const sections: PolicySection[] = [
-      {
-        id: 'introduction',
-        title: 'Introduction',
-        template: 'This is the introduction.',
-        required: true,
-        included: true
-      },
-      {
-        id: 'optional',
-        title: 'Optional Section',
-        template: 'This is optional.',
-        required: false,
-        included: false
-      }
-    ];
-    const result = generatePolicyText(sections, {}) as {
-      fullText: string;
-      sectionTexts: Record<string, string>;
-      missingVariables: string[];
-    };
-    expect(result.fullText).toContain('This is the introduction.');
-    expect(result.fullText).not.toContain('This is optional.');
-    expect(Object.keys(result.sectionTexts).length).toBe(1);
-  });
-  it('should handle missing variables gracefully', () => {
-    const sections: PolicySection[] = [
-      {
-        id: 'test',
-        title: 'Test',
-        template: 'Hello {{name}}, welcome to {{company}}.',
-        required: true,
-        included: true
-      }
-    ];
-    const variables = {
-      name: 'John'
-      // company is missing
-    };
-    const result = generatePolicyText(sections, variables) as {
-      fullText: string;
-      sectionTexts: Record<string, string>;
-      missingVariables: string[];
-    };
-    expect(result.fullText).toContain('Hello John, welcome to .');
-    // Verify that 'company' is in the missing variables list
-    expect(result.missingVariables).toContain('company');
-  });
-});

package/src/__tests__/example.test.ts DELETED Viewed

@@ -1,13 +0,0 @@
-/**
- * Example test file for NDPR-Toolkit
- *
- * This file demonstrates how to structure tests for the NDPR-Toolkit.
- * Add your actual tests in this directory following a similar pattern.
- */
-describe('NDPR-Toolkit', () => {
-  test('example test setup', () => {
-    // This is just a placeholder test to demonstrate the test structure
-    expect(true).toBe(true);
-  });
-});

package/src/__tests__/requestService.test.ts DELETED Viewed

@@ -1,57 +0,0 @@
-import requestService from '@/lib/requestService';
-describe('requestService', () => {
-  beforeEach(() => {
-    const localStorageMock = (() => {
-      let store: Record<string, string> = {};
-      return {
-        getItem: (key: string) => (key in store ? store[key] : null),
-        setItem: (key: string, value: string) => {
-          store[key] = value;
-        },
-        removeItem: (key: string) => {
-          delete store[key];
-        },
-        clear: () => {
-          store = {};
-        }
-      };
-    })();
-    Object.defineProperty(window, 'localStorage', {
-      value: localStorageMock,
-      writable: true,
-    });
-    requestService.clear();
-  });
-  test('creates and retrieves a request', () => {
-    const req = requestService.createRequest('access', 'John Doe', 'john@example.com', 'details', true);
-    const stored = requestService.getRequest(req.id);
-    expect(stored).not.toBeNull();
-    expect(stored?.requestType).toBe('access');
-    expect(stored?.status).toBe('pending');
-  });
-  test('updates request status', () => {
-    const req = requestService.createRequest('erasure', 'Jane', 'jane@example.com', 'erase', true);
-    const updated = requestService.updateStatus(req.id, 'completed');
-    expect(updated?.status).toBe('completed');
-    const stored = requestService.getRequest(req.id);
-    expect(stored?.status).toBe('completed');
-  });
-  test('retrieves all requests', () => {
-    requestService.createRequest('access', 'A', 'a@example.com', 'a', true);
-    requestService.createRequest('erasure', 'B', 'b@example.com', 'b', true);
-    const all = requestService.getAllRequests();
-    expect(all.length).toBe(2);
-  });
-  test('clears storage', () => {
-    requestService.createRequest('access', 'A', 'a@example.com', 'a', true);
-    requestService.clear();
-    const all = requestService.getAllRequests();
-    expect(all.length).toBe(0);
-  });
-});