adding check if gdpr module ran enforcment logic (prebid#5178)

* adding check if gdpr module ran enforcment logic * adding tests for new hasValidated flag Co-authored-by: rmartinez <Rachael24!>
openx · Jun 12, 2020 · 7735398 · 7735398
1 parent 253652d
commit 7735398
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 4 deletions.
diff --git a/modules/gdprEnforcement.js b/modules/gdprEnforcement.js
@@ -147,7 +147,7 @@ export function userIdHook(fn, submodules, consentData) {
         }
         return undefined;
       }).filter(module => module)
-      fn.call(this, userIdModules, consentData);
+      fn.call(this, userIdModules, {...consentData, hasValidated: true});
     } else {
       utils.logInfo('Enforcing TCF2 only');
       fn.call(this, submodules, consentData);

diff --git a/modules/userId/index.js b/modules/userId/index.js
@@ -396,7 +396,7 @@ function getUserIdsAsEids() {
  * This hook returns updated list of submodules which are allowed to do get user id based on TCF 2 enforcement rules configured
  */
 export const validateGdprEnforcement = hook('sync', function (submodules, consentData) {
-  return submodules;
+  return {userIdModules: submodules, hasValidated: consentData && consentData.hasValidated};
 }, 'validateGdprEnforcement');
 
 /**
@@ -406,8 +406,8 @@ export const validateGdprEnforcement = hook('sync', function (submodules, consen
  */
 function initSubmodules(submodules, consentData) {
   // gdpr consent with purpose one is required, otherwise exit immediately
-  let userIdModules = validateGdprEnforcement(submodules, consentData);
-  if (!hasGDPRConsent(consentData)) {
+  let {userIdModules, hasValidated} = validateGdprEnforcement(submodules, consentData);
+  if (!hasValidated && !hasGDPRConsent(consentData)) {
     utils.logWarn(`${MODULE_NAME} - gdpr permission not valid for local storage or cookies, exit module`);
     return [];
   }

diff --git a/test/spec/modules/gdprEnforcement_spec.js b/test/spec/modules/gdprEnforcement_spec.js
@@ -362,6 +362,9 @@ describe('gdpr enforcement', function() {
         }
       }]
       userIdHook(nextFnSpy, submodules, consentData);
+      // Should pass back hasValidated flag since version 2
+      const args = nextFnSpy.getCalls()[0].args;
+      expect(args[1].hasValidated).to.be.true;
       expect(nextFnSpy.calledOnce).to.equal(true);
     });
 
@@ -374,10 +377,42 @@ describe('gdpr enforcement', function() {
       }];
       let consentData = null;
       userIdHook(nextFnSpy, submodules, consentData);
+      // Should not pass back hasValidated flag since version 2
+      const args = nextFnSpy.getCalls()[0].args;
+      expect(args[1]).to.be.null;
       expect(nextFnSpy.calledOnce).to.equal(true);
       expect(nextFnSpy.calledWith(undefined, submodules, consentData));
     });
 
+    it('should not enforce if not apiVersion 2', function() {
+      setEnforcementConfig({
+        gdpr: {
+          rules: [{
+            purpose: 'storage',
+            enforcePurpose: false,
+            enforceVendor: true,
+            vendorExceptions: []
+          }]
+        }
+      });
+      let consentData = {}
+      consentData.vendorData = staticConfig.consentData.getTCData;
+      consentData.apiVersion = 1;
+      consentData.gdprApplies = true;
+      let submodules = [{
+        submodule: {
+          gvlid: 1,
+          name: 'sampleUserId'
+        }
+      }]
+      userIdHook(nextFnSpy, submodules, consentData);
+      // Should not pass back hasValidated flag since version 1
+      const args = nextFnSpy.getCalls()[0].args;
+      expect(args[1].hasValidated).to.be.undefined;
+      expect(args[0]).to.deep.equal(submodules);
+      expect(nextFnSpy.calledOnce).to.equal(true);
+    });
+
     it('should not allow user id module if user denied consent', function() {
       setEnforcementConfig({
         gdpr: {