From 12ccfc918f54ad921030a174aa2c79a467b68f2f Mon Sep 17 00:00:00 2001 From: Demetrio Girardi Date: Mon, 5 Jun 2023 07:24:46 -0700 Subject: [PATCH] Prebid 8: remove GDPR check when GDPR enforcement is disabled --- modules/gdprEnforcement.js | 15 --------------- modules/userId/index.js | 21 ++------------------- test/spec/modules/euidIdSystem_spec.js | 7 ------- test/spec/modules/uid2IdSystem_spec.js | 10 ---------- 4 files changed, 2 insertions(+), 51 deletions(-) diff --git a/modules/gdprEnforcement.js b/modules/gdprEnforcement.js index a834c0da2d5..4bac4b0cf74 100644 --- a/modules/gdprEnforcement.js +++ b/modules/gdprEnforcement.js @@ -6,7 +6,6 @@ import {deepAccess, logError, logWarn} from '../src/utils.js'; import {config} from '../src/config.js'; import adapterManager, {gdprDataHandler} from '../src/adapterManager.js'; import {find} from '../src/polyfill.js'; -import {getHook} from '../src/hook.js'; import * as events from '../src/events.js'; import CONSTANTS from '../src/constants.json'; import {GDPR_GVLIDS, VENDORLESS_GVLID} from '../src/consentHandler.js'; @@ -219,15 +218,6 @@ export const accessDeviceRule = ((rule) => { export const syncUserRule = gdprRule(1, () => purpose1Rule, storageBlocked); export const enrichEidsRule = gdprRule(1, () => purpose1Rule, storageBlocked); -export function userIdHook(fn, submodules, consentData) { - // TODO: remove this in v8 (https://github.com/prebid/Prebid.js/issues/9766) - if (shouldEnforce(consentData, 1, 'User ID')) { - fn.call(this, submodules, {...consentData, hasValidated: true}); - } else { - fn.call(this, submodules, consentData); - } -} - export const fetchBidsRule = ((rule) => { return function (params) { if (params[ACTIVITY_PARAM_COMPONENT_TYPE] !== MODULE_TYPE_BIDDER) { @@ -307,8 +297,6 @@ export function setEnforcementConfig(config) { RULE_HANDLES.push(registerActivityControl(ACTIVITY_ACCESS_DEVICE, RULE_NAME, accessDeviceRule)); RULE_HANDLES.push(registerActivityControl(ACTIVITY_SYNC_USER, RULE_NAME, syncUserRule)); RULE_HANDLES.push(registerActivityControl(ACTIVITY_ENRICH_EIDS, RULE_NAME, enrichEidsRule)); - // TODO: remove this hook in v8 (https://github.com/prebid/Prebid.js/issues/9766) - getHook('validateGdprEnforcement').before(userIdHook, 47); } if (purpose2Rule) { RULE_HANDLES.push(registerActivityControl(ACTIVITY_FETCH_BIDS, RULE_NAME, fetchBidsRule)); @@ -321,9 +309,6 @@ export function setEnforcementConfig(config) { export function uninstall() { while (RULE_HANDLES.length) RULE_HANDLES.pop()(); - [ - getHook('validateGdprEnforcement').getHooks({hook: userIdHook}), - ].forEach(hook => hook.remove()); hooksAdded = false; } diff --git a/modules/userId/index.js b/modules/userId/index.js index f906458a3f5..91654981c22 100644 --- a/modules/userId/index.js +++ b/modules/userId/index.js @@ -132,7 +132,7 @@ import * as events from '../../src/events.js'; import {getGlobal} from '../../src/prebidGlobal.js'; import adapterManager, {gdprDataHandler} from '../../src/adapterManager.js'; import CONSTANTS from '../../src/constants.json'; -import {hook, module, ready as hooksReady} from '../../src/hook.js'; +import {module, ready as hooksReady} from '../../src/hook.js'; import {buildEidPermissions, createEidsArray, USER_IDS_CONFIG} from './eids.js'; import { getCoreStorageManager, @@ -159,7 +159,6 @@ import { } from '../../src/utils.js'; import {getPPID as coreGetPPID} from '../../src/adserver.js'; import {defer, GreedyPromise} from '../../src/utils/promise.js'; -import {hasPurpose1Consent} from '../../src/utils/gpdr.js'; import {registerOrtbProcessor, REQUEST} from '../../src/pbjsORTB.js'; import {newMetrics, timedAuctionHook, useMetrics} from '../../src/utils/perfMetrics.js'; import {findRootDomain} from '../../src/fpd/rootDomain.js'; @@ -784,15 +783,6 @@ function getUserIdsAsync() { ); } -/** - * This hook returns updated list of submodules which are allowed to do get user id based on TCF 2 enforcement rules configured - */ -export const validateGdprEnforcement = hook('sync', function (submodules, consentData) { - // TODO: remove the `hasValidated` check in v8. Enforcement should be OFF by default. - // https://github.com/prebid/Prebid.js/issues/9766 - return { userIdModules: submodules, hasValidated: consentData && consentData.hasValidated }; -}, 'validateGdprEnforcement'); - function populateSubmoduleId(submodule, consentData, storedConsentData, forceRefresh) { // There are two submodule configuration types to handle: storage or value // 1. storage: retrieve user id data from cookie/html storage or with the submodule's getId method @@ -882,18 +872,11 @@ function initSubmodules(dest, submodules, consentData, forceRefresh = false) { return []; } - // TODO: remove this check in v8 (https://github.com/prebid/Prebid.js/issues/9766) - let { userIdModules, hasValidated } = validateGdprEnforcement(submodules, consentData); - if (!hasValidated && !hasPurpose1Consent(consentData)) { - logWarn(`${MODULE_NAME} - gdpr permission not valid for local storage or cookies, exit module`); - return []; - } - // we always want the latest consentData stored, even if we don't execute any submodules const storedConsentData = getStoredConsentData(); setStoredConsentData(consentData); - const initialized = userIdModules.reduce((carry, submodule) => { + const initialized = submodules.reduce((carry, submodule) => { return submoduleMetrics(submodule.submodule.name).measureTime('init', () => { try { populateSubmoduleId(submodule, consentData, storedConsentData, forceRefresh); diff --git a/test/spec/modules/euidIdSystem_spec.js b/test/spec/modules/euidIdSystem_spec.js index 5f75f9dc16f..9a016b0facd 100644 --- a/test/spec/modules/euidIdSystem_spec.js +++ b/test/spec/modules/euidIdSystem_spec.js @@ -64,13 +64,6 @@ describe('EUID module', function() { coreStorage.removeDataFromLocalStorage(moduleCookieName); }); - it('When a server-only token value is provided in config but consent is not available, it is not available to the auction.', async function() { - setGdprApplies(); - config.setConfig(makePrebidConfig(null, {value: makeEuidIdentityContainer(initialToken)})); - const bid = await runAuction(); - expectNoIdentity(bid); - }); - it('When a server-only token value is provided in config, it is available to the auction.', async function() { setGdprApplies(true); config.setConfig(makePrebidConfig(null, {value: makeEuidIdentityContainer(initialToken)})); diff --git a/test/spec/modules/uid2IdSystem_spec.js b/test/spec/modules/uid2IdSystem_spec.js index 400e8988493..20a38a292bb 100644 --- a/test/spec/modules/uid2IdSystem_spec.js +++ b/test/spec/modules/uid2IdSystem_spec.js @@ -170,16 +170,6 @@ describe(`UID2 module`, function () { expectLegacyToken(bid); }); - it('When a legacy value is provided directly in configuration but GDPR applies, it is not passed on', async function() { - const valueConfig = makePrebidConfig(); - setGdprApplies(); - valueConfig.userSync.userIds[0].value = {uid2: {id: legacyToken}} - config.setConfig(valueConfig); - const bid = await runAuction(); - - expectNoIdentity(bid); - }); - // These tests cover 'legacy' cookies - i.e. cookies set with just the uid2 advertising token, which was how some previous integrations worked. // Some users might still have this cookie, and the module should use that token if a newer one isn't provided. // This should cover older integrations where the server is setting this legacy cookie and expecting the module to pass it on.