PyPI - ethyca-fides - Versions diffs - 2.66.1b1__py2.py3-none-any.whl → 2.66.2b0__py2.py3-none-any.whl - Mend

ethyca-fides 2.66.1b1py2.py3-none-any.whl → 2.66.2b0py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of ethyca-fides might be problematic. Click here for more details.

Files changed (198) hide show

fides/_version.py CHANGED Viewed

@@ -8,11 +8,11 @@ import json
 version_json = '''
 {
- "date": "2025-07-23T12:23:11-0600",
+ "date": "2025-07-25T16:16:16-0700",
  "dirty": false,
  "error": null,
- "full-revisionid": "c91a4a39d154eb33dc8333448c5500da2979eda5",
- "version": "2.66.1b1"
+ "full-revisionid": "3805a2cc72d6f998672d84b64fd0f2c78a64f81d",
+ "version": "2.66.2b0"
 }
 '''  # END VERSION_JSON

fides/api/alembic/migrations/versions/7e9a2b52f498_adding_masking_secrets.py ADDED Viewed

@@ -0,0 +1,60 @@
+"""adding masking secrets
+Revision ID: 7e9a2b52f498
+Revises: d0031087eacb
+Create Date: 2024-12-23 23:29:53.557951
+"""
+import sqlalchemy as sa
+import sqlalchemy_utils
+from alembic import op
+# revision identifiers, used by Alembic.
+revision = "7e9a2b52f498"
+down_revision = "d0031087eacb"
+branch_labels = None
+depends_on = None
+def upgrade():
+    op.create_table(
+        "masking_secret",
+        sa.Column("id", sa.String(length=255), nullable=False),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=True,
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            server_default=sa.text("now()"),
+            nullable=True,
+        ),
+        sa.Column("privacy_request_id", sa.String(), nullable=False),
+        sa.Column(
+            "secret",
+            sqlalchemy_utils.types.encrypted.encrypted_type.StringEncryptedType(),
+            nullable=False,
+        ),
+        sa.Column("masking_strategy", sa.String(), nullable=False),
+        sa.Column(
+            "secret_type",
+            sa.String(),
+            nullable=False,
+        ),
+        sa.ForeignKeyConstraint(
+            ["privacy_request_id"], ["privacyrequest.id"], ondelete="CASCADE"
+        ),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    op.create_index(
+        op.f("ix_masking_secret_id"), "masking_secret", ["id"], unique=False
+    )
+def downgrade():
+    op.drop_index(op.f("ix_masking_secret_id"), table_name="masking_secret")
+    op.drop_table("masking_secret")

fides/api/api/v1/endpoints/drp_endpoints.py CHANGED Viewed

@@ -125,7 +125,13 @@ async def create_drp_privacy_request(
             "Decrypting identity for DRP privacy request {}", privacy_request.id
         )
-        cache_data(privacy_request, policy, mapped_identity, None, data)
+        cache_data(privacy_request, mapped_identity, None, data)
+        if masking_secrets := policy.generate_masking_secrets():
+            logger.info(
+                "Caching masking secrets for privacy request {}", privacy_request.id
+            )
+            privacy_request.persist_masking_secrets(masking_secrets)
         queue_privacy_request(privacy_request.id)

fides/api/app_setup.py CHANGED Viewed

@@ -171,8 +171,9 @@ async def run_database_startup(app: FastAPI) -> None:
     if CONFIG.database.automigrate:
         try:
             configure_db(CONFIG.database.sync_database_uri)
-            with get_autoclose_db_session() as session:
-                seed_db(session)
+            if not CONFIG.test_mode:
+                with get_autoclose_db_session() as session:
+                    seed_db(session)
             if CONFIG.database.load_samples:
                 async with get_async_autoclose_db_session() as async_session:
                     await seed.load_samples(async_session)

fides/api/common_exceptions.py CHANGED Viewed

@@ -283,6 +283,10 @@ class MalisciousUrlException(Exception):
     """Fides has detected a potentially maliscious URL."""
+class MaskingSecretsExpired(BaseException):
+    """The cached masking secrets have expired for the given privacy request."""
 class AuthenticationError(HTTPException):
     """To be raised when attempting to fetch an access token using
     invalid credentials.

fides/api/db/database.py CHANGED Viewed

@@ -123,7 +123,7 @@ def get_db_health(
 def seed_db(session: Session) -> None:
-    """Load default resources into the database, and optionally load samples."""
+    """Load default resources into the database"""
     load_default_resources(session)

fides/api/models/masking_secret.py ADDED Viewed

@@ -0,0 +1,72 @@
+from __future__ import annotations
+from typing import TYPE_CHECKING, Any, Union
+from urllib.parse import unquote_to_bytes
+from sqlalchemy import Column, ForeignKey, String
+from sqlalchemy.ext.declarative import declared_attr
+from sqlalchemy.orm import Session, relationship
+from sqlalchemy_utils.types.encrypted.encrypted_type import (
+    AesGcmEngine,
+    StringEncryptedType,
+)
+from fides.api.db.base_class import Base, JSONTypeOverride
+from fides.api.util.custom_json_encoder import ENCODED_BYTES_PREFIX
+from fides.config import CONFIG
+if TYPE_CHECKING:
+    from fides.api.models.privacy_request import PrivacyRequest
+class MaskingSecret(Base):
+    """SQLAlchemy model for storing secret caching information"""
+    @declared_attr
+    def __tablename__(self) -> str:
+        return "masking_secret"
+    privacy_request_id = Column(
+        String, ForeignKey("privacyrequest.id", ondelete="CASCADE"), nullable=False
+    )
+    secret = Column(
+        StringEncryptedType(
+            JSONTypeOverride,
+            CONFIG.security.app_encryption_key,
+            AesGcmEngine,
+            "pkcs5",
+        ),
+        nullable=False,
+    )
+    masking_strategy = Column(String, nullable=False)
+    secret_type = Column(String, nullable=False)
+    privacy_request = relationship("PrivacyRequest", back_populates="masking_secrets")
+    def set_secret(self, secret: Union[str, bytes]) -> None:
+        """Set the secret value, handling both string and bytes types"""
+        if isinstance(secret, str):
+            self.secret = secret.encode("utf-8")
+        elif isinstance(secret, bytes):
+            self.secret = secret
+        else:
+            raise ValueError("Secret must be either string or bytes")
+    def get_secret(self) -> Union[str, bytes]:
+        """Retrieve the secret in its original type"""
+        secret = self.secret
+        if isinstance(secret, str) and secret.startswith(ENCODED_BYTES_PREFIX):
+            return unquote_to_bytes(secret)[len(ENCODED_BYTES_PREFIX) :]
+        return secret
+    @classmethod
+    def create(
+        cls,
+        db: Session,
+        *,
+        data: dict[str, Any],
+        check_name: bool = True,
+    ) -> "MaskingSecret":
+        """
+        Create a new masking secret. Handles both string and bytes secrets automatically, encrypting them for storage.
+        """
+        return super().create(db=db, data=data, check_name=check_name)

fides/api/models/policy.py CHANGED Viewed

@@ -25,7 +25,9 @@ from fides.api.models.client import ClientDetail
 from fides.api.models.connectionconfig import ConnectionConfig
 from fides.api.models.sql_models import DataCategory  # type: ignore
 from fides.api.models.storage import StorageConfig, get_active_default_storage_config
+from fides.api.schemas.masking.masking_secrets import MaskingSecretCache
 from fides.api.schemas.policy import ActionType, DrpAction
+from fides.api.service.masking.strategy.masking_strategy import MaskingStrategy
 from fides.api.util.data_category import _validate_data_category
 from fides.config import CONFIG
@@ -140,6 +142,27 @@ class Policy(Base):
         except IndexError:
             return None
+    def generate_masking_secrets(self) -> Optional[List[MaskingSecretCache]]:
+        """
+        Returns a list of masking secrets for the masking strategies in the policy.
+        """
+        masking_secrets: List[MaskingSecretCache] = []
+        erasure_rules = self.get_rules_for_action(action_type=ActionType.erasure)
+        unique_masking_strategies_by_name: Set[str] = set()
+        for rule in erasure_rules:
+            strategy_name: str = rule.masking_strategy["strategy"]  # type: ignore
+            configuration = rule.masking_strategy["configuration"]  # type: ignore
+            if strategy_name in unique_masking_strategies_by_name:
+                continue
+            unique_masking_strategies_by_name.add(strategy_name)
+            masking_strategy = MaskingStrategy.get_strategy(
+                strategy_name, configuration
+            )
+            if masking_strategy.secrets_required():
+                masking_secrets.extend(masking_strategy.generate_secrets_for_cache())
+        return masking_secrets
     def applies_to(self, node: "TraversalNode") -> bool:
         """
         Returns True if any data category in the traversal node starts with any of the policy's target categories.

fides/api/models/privacy_request/privacy_request.py CHANGED Viewed

@@ -50,6 +50,7 @@ from fides.api.models.comment import Comment, CommentReference, CommentReference
 from fides.api.models.fides_user import FidesUser
 from fides.api.models.field_types import EncryptedLargeDataDescriptor
 from fides.api.models.manual_webhook import AccessManualWebhook
+from fides.api.models.masking_secret import MaskingSecret
 from fides.api.models.policy import (
     Policy,
     PolicyPreWebhook,
@@ -98,7 +99,6 @@ from fides.api.util.cache import (
     get_drp_request_body_cache_key,
     get_encryption_cache_key,
     get_identity_cache_key,
-    get_masking_secret_cache_key,
 )
 from fides.api.util.collection_util import Row, extract_key_for_address
 from fides.api.util.constants import API_DATE_FORMAT
@@ -289,6 +289,13 @@ class PrivacyRequest(
         order_by="RequestTask.created_at",
     )
+    masking_secrets: "RelationshipProperty[List[MaskingSecret]]" = relationship(
+        "MaskingSecret",
+        back_populates="privacy_request",
+        uselist=True,
+        passive_deletes="all",
+    )
     @property
     def days_left(self: PrivacyRequest) -> Union[int, None]:
         if self.due_date is None:
@@ -566,19 +573,24 @@ class PrivacyRequest(
             encryption_key,
         )
-    def cache_masking_secret(self, masking_secret: MaskingSecretCache) -> None:
-        """Sets masking encryption secrets in the Fides app cache if provided"""
-        if not masking_secret:
+    def persist_masking_secrets(
+        self, masking_secrets: List[MaskingSecretCache]
+    ) -> None:
+        """Persists masking encryption secrets to database."""
+        if not masking_secrets:
             return
-        cache: FidesopsRedis = get_cache()
-        cache.set_with_autoexpire(
-            get_masking_secret_cache_key(
-                self.id,
-                masking_strategy=masking_secret.masking_strategy,
-                secret_type=masking_secret.secret_type,
-            ),
-            FidesopsRedis.encode_obj(masking_secret.secret),
-        )
+        session = Session.object_session(self)
+        for masking_secret in masking_secrets:
+            MaskingSecret.create(
+                db=session,
+                data={
+                    "privacy_request_id": self.id,
+                    "secret": masking_secret.secret,
+                    "masking_strategy": masking_secret.masking_strategy,
+                    "secret_type": masking_secret.secret_type,
+                },
+            )
     def get_cached_identity_data(self) -> Dict[str, Any]:
         """Retrieves any identity data pertaining to this request from the cache"""

fides/api/schemas/masking/masking_secrets.py CHANGED Viewed

@@ -5,7 +5,7 @@ from typing import Callable, Generic, TypeVar
 T = TypeVar("T")
-class SecretType(Enum):
+class SecretType(str, Enum):
     """Enum that holds all possible types of secrets across all masking strategies"""
     key = "key"

fides/api/service/connectors/query_configs/bigquery_query_config.py CHANGED Viewed

@@ -199,9 +199,16 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
         table = Table(self._generate_table_name(), MetaData(bind=client), autoload=True)
         where_clauses: List[ColumnElement] = [
-            getattr(table.c, k) == v for k, v in non_empty_reference_field_keys.items()
+            table.c[k] == v for k, v in non_empty_reference_field_keys.items()
         ]
+        # Create update values using Column objects as keys to handle column names with spaces
+        update_values = {}
+        for column_name, value in final_update_map.items():
+            # Use bracket notation to access columns with spaces in their names
+            column = table.c[column_name]
+            update_values[column] = value
         if self.partitioning:
             partition_clauses = self.get_partition_clauses()
             partitioned_queries = []
@@ -212,12 +219,12 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
                 partitioned_queries.append(
                     table.update()
                     .where(*(where_clauses + [text(partition_clause)]))
-                    .values(**final_update_map)
+                    .values(update_values)
                 )
             return partitioned_queries
-        return [table.update().where(*where_clauses).values(**final_update_map)]
+        return [table.update().where(*where_clauses).values(update_values)]
     def generate_delete(
         self,
@@ -255,9 +262,9 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
         where_clauses: List[ColumnElement] = []
         for column_name, values in filtered_data.items():
             if len(values) == 1:
-                where_clauses.append(getattr(table.c, column_name) == values[0])
+                where_clauses.append(table.c[column_name] == values[0])
             else:
-                where_clauses.append(getattr(table.c, column_name).in_(values))
+                where_clauses.append(table.c[column_name].in_(values))
         # Combine reference clauses with OR instead of AND
         combined_reference_clause = or_(*where_clauses)
@@ -306,6 +313,25 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
                 formatted_fields.append(field_path.levels[0])
         return formatted_fields
+    def format_clause_for_query(
+        self, string_path: str, operator: str, operand: str
+    ) -> str:
+        """
+        Returns clauses with proper BigQuery backtick escaping for column names.
+        Handles column names with spaces and nested fields (dot-separated) by escaping each part individually.
+        """
+        # For nested fields (containing dots), escape each part individually
+        if "." in string_path:
+            parts = string_path.split(".")
+            escaped_field = ".".join(f"`{part}`" for part in parts)
+        else:
+            # For simple fields, wrap the entire name in backticks
+            escaped_field = f"`{string_path}`"
+        if operator == "IN":
+            return f"{escaped_field} IN ({operand})"
+        return f"{escaped_field} {operator} :{operand}"
     def generate_raw_query_without_tuples(
         self, field_list: List[str], filters: Dict[str, List[Any]]
     ) -> Optional[TextClause]:
@@ -315,27 +341,35 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
         This is an override of the base class method that supports nested fields for BigQuery.
-        Examples with dot-delimited field names, notice the periods are replaced with underscores in the parameter bindings:
+        Examples with field names containing dots and spaces, notice these are replaced with underscores in the parameter bindings:
         1. Single value filter:
            field_list = ["id", "name", "email"]
            filters = {"user.id": [123]}
-           Generates: SELECT id, name, email FROM `project_id.dataset_id.table_name` WHERE (user.id = :user_id)
+           Generates: SELECT id, name, email FROM `project_id.dataset_id.table_name` WHERE (`user`.`id` = :user_id)
            With parameter binding: user_id = 123
-        2. Multiple value filter:
+        2. Field with spaces:
+           field_list = ["id", "custom id", "email"]
+           filters = {"custom id": ["abc123"]}
+           Generates: SELECT id, `custom id`, email FROM `project_id.dataset_id.table_name` WHERE (`custom id` = :custom_id)
+           With parameter binding: custom_id = "abc123"
+        3. Multiple value filter with nested field:
            field_list = ["id", "name", "email"]
-           filters = {"user.status": ["active", "pending"]}
+           filters = {"contact_info.primary_email": ["active", "pending"]}
-           Generates: SELECT id, name, email FROM `project_id.dataset_id.table_name` WHERE (user.status IN (:user_status_in_stmt_generated_0, :user_status_in_stmt_generated_1))
-           With parameter bindings: user_status_in_stmt_generated_0 = "active", user_status_in_stmt_generated_1 = "pending"
+           Generates: SELECT id, name, email FROM `project_id.dataset_id.table_name` WHERE (`contact_info`.`primary_email` IN (:contact_info_primary_email_in_stmt_generated_0, :contact_info_primary_email_in_stmt_generated_1))
+           With parameter bindings: contact_info_primary_email_in_stmt_generated_0 = "active", contact_info_primary_email_in_stmt_generated_1 = "pending"
         """
         clauses = []
         query_data = {}
         for field_name, field_value in filters.items():
-            # Replace dots with underscores in field names for parameter binding
-            field_binding_name = field_name.replace(".", "_")
+            # Replace dots and spaces with underscores in field names for parameter binding
+            # SQLAlchemy parameter names cannot contain spaces or special characters
+            field_binding_name = field_name.replace(".", "_").replace(" ", "_")
             data = set(field_value)
             if len(data) == 1:
                 clauses.append(
@@ -358,7 +392,7 @@ class BigQueryQueryConfig(QueryStringWithoutTuplesOverrideQueryConfig):
                 clauses.append(self.format_clause_for_query(field_name, "IN", operand))
         if len(clauses) > 0:
-            formatted_fields = ", ".join(field_list)
+            formatted_fields = ", ".join([f"`{field}`" for field in field_list])
             query_str = self.get_formatted_query_string(formatted_fields, clauses)
             return text(query_str).params(query_data)

fides/api/service/privacy_request/request_runner_service.py CHANGED Viewed

@@ -14,6 +14,7 @@ from fides.api.common_exceptions import (
     ClientUnsuccessfulException,
     IdentityNotFoundException,
     ManualWebhookFieldsUnset,
+    MaskingSecretsExpired,
     MessageDispatchException,
     NoCachedManualWebhookEntry,
     PrivacyRequestExit,
@@ -75,6 +76,7 @@ from fides.api.task.graph_task import (
 from fides.api.task.manual.manual_task_utils import create_manual_task_artificial_graphs
 from fides.api.tasks import DatabaseTask, celery_app
 from fides.api.tasks.scheduled.scheduler import scheduler
+from fides.api.util.cache import get_all_masking_secret_keys
 from fides.api.util.collection_util import Row
 from fides.api.util.logger import Pii, _log_exception, _log_warning
 from fides.api.util.logger_context_utils import LoggerContextKeys, log_context
@@ -531,6 +533,8 @@ def run_privacy_request(
                     request_checkpoint=CurrentStep.erasure, from_checkpoint=resume_step
                 ):
                     privacy_request.cache_failed_checkpoint_details(CurrentStep.erasure)
+                    _verify_masking_secrets(policy, privacy_request, resume_step)
                     # We only need to run the erasure once until masking strategies are handled
                     erasure_runner(
                         privacy_request=privacy_request,
@@ -1000,3 +1004,25 @@ def run_webhooks_and_report_status(
             return False
     return True
+def _verify_masking_secrets(
+    policy: Policy, privacy_request: PrivacyRequest, resume_step: Optional[CurrentStep]
+) -> None:
+    """
+    Checks that the required masking secrets are still cached for the given request.
+    Raises an exception if masking secrets are needed for the given policy but they don't exist.
+    """
+    if resume_step is None:
+        return
+    # if masking can be performed without any masking secrets, we skip the cache check
+    if (
+        policy.generate_masking_secrets()
+        and not get_all_masking_secret_keys(privacy_request.id)
+        and not privacy_request.masking_secrets
+    ):
+        raise MaskingSecretsExpired(
+            f"The masking secrets for privacy request ID '{privacy_request.id}' have expired. Please submit a new erasure request."
+        )

fides/api/service/privacy_request/request_service.py CHANGED Viewed

@@ -3,7 +3,7 @@ from __future__ import annotations
 import json
 from asyncio import sleep
 from datetime import datetime, timedelta
-from typing import Any, Dict, List, Optional, Set
+from typing import Any, Dict, Optional, Set
 from httpx import AsyncClient
 from loguru import logger
@@ -11,7 +11,6 @@ from sqlalchemy import text
 from sqlalchemy.sql.elements import TextClause
 from fides.api.common_exceptions import PrivacyRequestNotFound
-from fides.api.models.policy import Policy
 from fides.api.models.privacy_request import (
     EXITED_EXECUTION_LOG_STATUSES,
     PrivacyRequest,
@@ -19,14 +18,12 @@ from fides.api.models.privacy_request import (
 )
 from fides.api.models.worker_task import ExecutionLogStatus
 from fides.api.schemas.drp_privacy_request import DrpPrivacyRequestCreate
-from fides.api.schemas.masking.masking_secrets import MaskingSecretCache
 from fides.api.schemas.policy import ActionType
 from fides.api.schemas.privacy_request import (
     PrivacyRequestResponse,
     PrivacyRequestStatus,
 )
 from fides.api.schemas.redis_cache import Identity
-from fides.api.service.masking.strategy.masking_strategy import MaskingStrategy
 from fides.api.tasks import DSR_QUEUE_NAME, DatabaseTask, celery_app
 from fides.api.tasks.scheduled.scheduler import scheduler
 from fides.api.util.cache import (
@@ -69,7 +66,6 @@ def build_required_privacy_request_kwargs(
 def cache_data(
     privacy_request: PrivacyRequest,
-    policy: Policy,
     identity: Identity,
     encryption_key: Optional[str],
     drp_request_body: Optional[DrpPrivacyRequestCreate],
@@ -82,23 +78,6 @@ def cache_data(
     privacy_request.cache_custom_privacy_request_fields(custom_privacy_request_fields)
     privacy_request.cache_encryption(encryption_key)  # handles None already
-    # Store masking secrets in the cache
-    logger.info("Caching masking secrets for privacy request {}", privacy_request.id)
-    erasure_rules = policy.get_rules_for_action(action_type=ActionType.erasure)
-    unique_masking_strategies_by_name: Set[str] = set()
-    for rule in erasure_rules:
-        strategy_name: str = rule.masking_strategy["strategy"]  # type: ignore
-        configuration = rule.masking_strategy["configuration"]  # type: ignore
-        if strategy_name in unique_masking_strategies_by_name:
-            continue
-        unique_masking_strategies_by_name.add(strategy_name)
-        masking_strategy = MaskingStrategy.get_strategy(strategy_name, configuration)
-        if masking_strategy.secrets_required():
-            masking_secrets: List[MaskingSecretCache] = (
-                masking_strategy.generate_secrets_for_cache()
-            )
-            for masking_secret in masking_secrets:
-                privacy_request.cache_masking_secret(masking_secret)
     if drp_request_body:
         privacy_request.cache_drp_request_body(drp_request_body)

fides/api/task/graph_task.py CHANGED Viewed

@@ -421,6 +421,7 @@ class GraphTask(ABC):  # pylint: disable=too-many-instance-attributes
         action_type: ActionType,
         ex: Optional[BaseException] = None,
         success_override_msg: Optional[str] = None,
+        record_count: Optional[int] = None,
     ) -> None:
         """On completion activities"""
         if ex:
@@ -440,8 +441,23 @@ class GraphTask(ABC):  # pylint: disable=too-many-instance-attributes
                 mark_current_and_downstream_nodes_as_failed(request_task, db)
         else:
             logger.info("Ending {}, {}", self.resources.request.id, self.key)
+            # Build standardized success message with record count
+            base_message = (
+                str(success_override_msg) if success_override_msg else "success"
+            )
+            if record_count is not None:
+                if action_type == ActionType.access:
+                    message = f"{base_message} - retrieved {record_count} records"
+                elif action_type == ActionType.erasure:
+                    message = f"{base_message} - masked {record_count} records"
+                else:
+                    message = f"{base_message} - processed {record_count} records"
+            else:
+                message = base_message
             self.update_status(
-                str(success_override_msg) if success_override_msg else "success",
+                message,
                 build_affected_field_logs(
                     self.execution_node, self.resources.policy, action_type
                 ),
@@ -637,7 +653,11 @@ class GraphTask(ABC):  # pylint: disable=too-many-instance-attributes
         if messages:
             success_message = "\n".join(messages)
-        self.log_end(ActionType.access, success_override_msg=success_message)
+        self.log_end(
+            ActionType.access,
+            success_override_msg=success_message,
+            record_count=len(filtered_output),
+        )
         return filtered_output
     @retry(action_type=ActionType.erasure, default_return=0)
@@ -731,7 +751,11 @@ class GraphTask(ABC):  # pylint: disable=too-many-instance-attributes
         if messages:
             success_message = "\n".join(messages)
-        self.log_end(ActionType.erasure, success_override_msg=success_message)
+        self.log_end(
+            ActionType.erasure,
+            success_override_msg=success_message,
+            record_count=output,
+        )
         return output
     @retry(action_type=ActionType.consent, default_return=False)

fides/api/util/cache.py CHANGED Viewed

@@ -387,3 +387,8 @@ def get_queue_counts() -> Dict[str, int]:
         logger.critical(exception)
         queue_counts = {}
     return queue_counts
+def get_all_masking_secret_keys(privacy_request_id: str) -> List[str]:
+    cache: FidesopsRedis = get_cache()
+    return cache.keys(f"id-{privacy_request_id}-masking-secret-*")

ethyca-fides 2.66.1b1__py2.py3-none-any.whl → 2.66.2b0__py2.py3-none-any.whl

Potentially problematic release.

ethyca-fides 2.66.1b1py2.py3-none-any.whl → 2.66.2b0py2.py3-none-any.whl