From 5a66350b2676333bf43b24f404e3612e2726efe4 Mon Sep 17 00:00:00 2001 From: Dawn Pattison Date: Tue, 24 Sep 2024 15:44:19 -0500 Subject: [PATCH] Collection-Level Masking Strategy Override and Erase After (#17) Define two things on Collection Meta to support erasure operations at the row level for database connectors: - Defines a masking strategy override under Collection Meta that will override Policy-based masking strategies if applicable and supported. - Also allow `erase_after` to be specified for DSR's (specifically for database connectors). We can manually specify that one collection should be erased after another. --- CHANGELOG.md | 5 +++++ src/fideslang/models.py | 14 ++++++++++++++ tests/fideslang/test_validation.py | 19 ++++++++++++++++++- 3 files changed, 37 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b2b90b8..df4c0d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,6 +16,11 @@ The types of changes are: ## [Unreleased](https://github.com/ethyca/fideslang/compare/3.0.5...main) +### Changed + +- Add collection-level masking strategy overrides and support specifying one collection to be erased after another [#17](https://github.com/ethyca/fideslang/pull/17) + + ## [3.0.5](https://github.com/ethyca/fideslang/compare/3.0.4...3.0.5) ### Added diff --git a/src/fideslang/models.py b/src/fideslang/models.py index 33fabf8..8d943d3 100644 --- a/src/fideslang/models.py +++ b/src/fideslang/models.py @@ -62,6 +62,18 @@ ) +class MaskingStrategies(str, Enum): + """Possible options for masking strategy overrides""" + + DELETE = "delete" + + +class MaskingStrategyOverride(BaseModel): + """Overrides policy-level masking strategies.""" + + strategy: MaskingStrategies + + class FidesModel(BaseModel): """The base model for most top-level Fides objects.""" @@ -515,7 +527,9 @@ class CollectionMeta(BaseModel): """Collection-level specific annotations used for query traversal""" after: Optional[List[FidesCollectionKey]] = None + erase_after: Optional[List[FidesCollectionKey]] = None skip_processing: Optional[bool] = False + masking_strategy_override: Optional[MaskingStrategyOverride] = None class DatasetCollection(FidesopsMetaBackwardsCompat): diff --git a/tests/fideslang/test_validation.py b/tests/fideslang/test_validation.py index 0de6c7f..d14c145 100644 --- a/tests/fideslang/test_validation.py +++ b/tests/fideslang/test_validation.py @@ -15,6 +15,8 @@ FidesDatasetReference, FidesMeta, FidesModel, + MaskingStrategies, + MaskingStrategyOverride, Policy, PolicyRule, PrivacyDeclaration, @@ -642,7 +644,7 @@ def test_specify_fides_meta_with_custom_request_field(self): length=None, return_all_elements=None, read_only=None, - custom_request_field="site_id" + custom_request_field="site_id", ) def test_specify_both_fidesops_meta_and_fides_meta(self): @@ -789,6 +791,21 @@ def test_collection_key_has_too_many_components(self): def test_valid_collection_key(self): CollectionMeta(after=[FidesCollectionKey("test_dataset.test_collection")]) + def test_delete_masking_strategy(self): + meta = CollectionMeta(masking_strategy_override={"strategy": "delete"}) + + assert meta.masking_strategy_override == MaskingStrategyOverride( + strategy=MaskingStrategies.DELETE + ) + + def test_erase_after(self): + meta = CollectionMeta( + erase_after=[FidesCollectionKey("test_dataset.test_collection")] + ) + + assert meta.erase_after == [FidesCollectionKey("test_dataset.test_collection")] + + class TestAnyUrlString: def test_valid_url(self):