Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Cookie-Banner ↔ Backend Integration (DSR, Retention, Consent Proof)

Browse Source 
Phase 1: Vendor sync from service registry (82+ services → banner vendors)
Phase 2: Category-based retention (marketing=90d, statistics=790d, not hardcoded 365d)
Phase 3: DSR ↔ Banner email linking (link-email, by-email, Art.17 erasure, Art.15/20 export)
Phase 4: Consent sync (Banner → Einwilligungen bridge)
Phase 6: Consent proof (SHA256 config hash + config_version in audit log, Art. 7(1) DSGVO)

New files:
- banner_dsr_service.py — email linking + DSR integration
- vendor_banner_sync.py — service registry → vendor configs
- migration 106 — linked_email, banner_config_hash, consent_version columns

Tests: 20+ new backend tests + 2 Playwright E2E test suites (API + UI)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-02 19:41:22 +02:00
parent c3f8e19e92
commit 44acd68c96
12 changed files with 1522 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend-compliance/migrations/106_banner_email_link_consent_proof.sql
+23
View File
@@ -0,0 +1,23 @@
-- Migration 106: Banner Email Linking + Consent Proof
-- Phase 3: linked_email for DSR ↔ Banner-Consent correlation
-- Phase 6: banner_config_hash + consent_version for Art. 7(1) DSGVO proof
-- 1. Add linked_email to banner consents (optional, nullable)
-- Allows correlating device-based consents with user email for DSR processing
ALTER TABLE compliance_banner_consents
ADD COLUMN IF NOT EXISTS linked_email TEXT;
CREATE INDEX IF NOT EXISTS idx_banner_consent_email
ON compliance_banner_consents (linked_email)
WHERE linked_email IS NOT NULL;
-- 2. Add consent proof columns to audit log
-- banner_config_hash: SHA256 of the site config at consent time (Art. 7(1) DSGVO)
-- consent_version: incremented per site on config change, tracks which banner version was shown
ALTER TABLE compliance_banner_consent_audit_log
ADD COLUMN IF NOT EXISTS banner_config_hash TEXT,
ADD COLUMN IF NOT EXISTS consent_version INTEGER;
-- 3. Add config_version counter to site configs (auto-incremented on config change)
ALTER TABLE compliance_banner_site_configs
ADD COLUMN IF NOT EXISTS config_version INTEGER NOT NULL DEFAULT 1;