fides icon indicating copy to clipboard operation
fides copied to clipboard
verified publisher icon ethyca

Eng 2185 finalization and email for consent tasks

Open JadeCara opened this issue 1 month ago • 4 comments

Ticket ENG-2185

Description Of Changes

🎯 Request for Consent finalization allowing for the option for manual sign off. This setting will default to not being turned on, but can be enabled in the config.

In this PR added a consent finalize option to config. This config option is not enabled by default and must be turned on. When a consent DSR is finalizing it checks for the setting and will either complete or wait for finalization. I also added a consent finalization email template which is not enabled by default and must be turned on by the user.

Code Changes

  • ts files:
    • clients/admin-ui/src/features/messaging-templates/CustomizableMessagingTemplatesEnum.ts
    • clients/admin-ui/src/features/messaging-templates/CustomizableMessagingTemplatesLabelEnum.ts
    • clients/admin-ui/src/features/messaging-templates/CustomizableMessagingTemplatesLabelEnum.ts
    • clients/admin-ui/src/types/api/models/MessagingActionType.ts
    • clients/privacy-center/types/api/models/MessagingActionType.ts
  • Added new template to src/fides/api/models/messaging_template.py
  • Added new message to src/fides/api/schemas/messaging/messaging.py
  • Updated src/fides/api/service/privacy_request/request_runner_service.py with both new finalize check and new messaging call
  • Added finalize configs to config proxy src/fides/config/config_proxy.py
  • Added new config to src/fides/config/execution_settings.py
  • Updated all associated tests

Steps to Confirm

  1. Run with fidesplus pointed at this back end.
  2. First test to make sure the new consent_request_finalization_required execution setting can be updated using config_proxy.

PATCH /api/v1/config

{
  "execution": {
    "consent_request_finalization_required": true
  }
}

Verify that in the returned response the value is true

  1. From the Privacy Center we need to do a consent request. (http://localhost:3001/ if running locally). We want it to create a DSR which means it must be configured for your area.
  • If you are not in the US you can add a new privacy center to http://localhost:3000/consent/privacy-experience with a privacy center component or update the US Privacy Center with wherever you are. Either way it must be enabled on the experience page.
  • The notices on the privacy center must be enabled and have system wide enforcement. You can set this by going to http://localhost:3000/consent/privacy-notices enabling the notices and then clicking in to them to set the enforcment to system wide.
Screenshot 2025-12-11 at 2 51 56 PM
  • Lets turn on the consent email notification as well. (http://localhost:3000/notifications/templates) enable the one at the end (Consent request completed) - you may need to set a property for it, the default is fine.
  1. Now you can make that consent request. It will take a second because it also uses celery workers but it should come through in the Request Manager (http://localhost:3000/new-privacy-requests) and show that it requires finalization. Screenshot 2025-12-11 at 2 56 16 PM

Note: if it shows completed you might need to restart your worker (especially if it was running before you pulled this in for testing.

  1. Finalize the request and then check your emails - you can also test that updating the template works here too. Screenshot 2025-12-11 at 2 58 09 PM

  2. Finally - set the consent_request_finalization_required back to False (step 2) Send through another consent request. The DSR should create but go straight to completed when finished. (if you still have email enabled you will receive another email - I edited the text on this one :) ) Screenshot 2025-12-11 at 3 01 53 PM Screenshot 2025-12-11 at 3 02 02 PM

Pre-Merge Checklist

  • [ ] Issue requirements met
  • [ ] All CI pipelines succeeded
  • [ ] CHANGELOG.md updated
    • [ ] Add a https://github.com/ethyca/fides/labels/db-migration label to the entry if your change includes a DB migration
    • [ ] Add a https://github.com/ethyca/fides/labels/high-risk label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
    • [ ] Updates unreleased work already in Changelog, no new entry necessary
  • UX feedback:
    • [ ] All UX related changes have been reviewed by a designer
    • [ ] No UX review needed
  • Followup issues:
    • [ ] Followup issues created
    • [ ] No followup issues
  • Database migrations:
    • [ ] Ensure that your downrev is up to date with the latest revision on main
    • [ ] Ensure that your downgrade() migration is correct and works
      • [ ] If a downgrade migration is not possible for this change, please call this out in the PR description!
    • [ ] No migrations
  • Documentation:
    • [ ] Documentation complete, PR opened in fidesdocs
    • [ ] Documentation issue created in fidesdocs
    • [ ] If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
    • [ ] No documentation updates required

JadeCara avatar Dec 10 '25 18:12 JadeCara