Benjamin Admin
44acd68c96
Phase 1: Vendor sync from service registry (82+ services → banner vendors) Phase 2: Category-based retention (marketing=90d, statistics=790d, not hardcoded 365d) Phase 3: DSR ↔ Banner email linking (link-email, by-email, Art.17 erasure, Art.15/20 export) Phase 4: Consent sync (Banner → Einwilligungen bridge) Phase 6: Consent proof (SHA256 config hash + config_version in audit log, Art. 7(1) DSGVO) New files: - banner_dsr_service.py — email linking + DSR integration - vendor_banner_sync.py — service registry → vendor configs - migration 106 — linked_email, banner_config_hash, consent_version columns Tests: 20+ new backend tests + 2 Playwright E2E test suites (API + UI) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
24 lines
1.1 KiB
SQL
24 lines
1.1 KiB
SQL
-- Migration 106: Banner Email Linking + Consent Proof
|
|
-- Phase 3: linked_email for DSR ↔ Banner-Consent correlation
|
|
-- Phase 6: banner_config_hash + consent_version for Art. 7(1) DSGVO proof
|
|
|
|
-- 1. Add linked_email to banner consents (optional, nullable)
|
|
-- Allows correlating device-based consents with user email for DSR processing
|
|
ALTER TABLE compliance_banner_consents
|
|
ADD COLUMN IF NOT EXISTS linked_email TEXT;
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_banner_consent_email
|
|
ON compliance_banner_consents (linked_email)
|
|
WHERE linked_email IS NOT NULL;
|
|
|
|
-- 2. Add consent proof columns to audit log
|
|
-- banner_config_hash: SHA256 of the site config at consent time (Art. 7(1) DSGVO)
|
|
-- consent_version: incremented per site on config change, tracks which banner version was shown
|
|
ALTER TABLE compliance_banner_consent_audit_log
|
|
ADD COLUMN IF NOT EXISTS banner_config_hash TEXT,
|
|
ADD COLUMN IF NOT EXISTS consent_version INTEGER;
|
|
|
|
-- 3. Add config_version counter to site configs (auto-incremented on config change)
|
|
ALTER TABLE compliance_banner_site_configs
|
|
ADD COLUMN IF NOT EXISTS config_version INTEGER NOT NULL DEFAULT 1;
|