Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prebid 8: remove GDPR check when GDPR enforcement is disabled #10050

Merged
merged 1 commit into from
Jun 7, 2023
Merged

Prebid 8: remove GDPR check when GDPR enforcement is disabled #10050

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 0 additions & 15 deletions modules/gdprEnforcement.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import {deepAccess, logError, logWarn} from '../src/utils.js';
import {config} from '../src/config.js';
import adapterManager, {gdprDataHandler} from '../src/adapterManager.js';
import {find} from '../src/polyfill.js';
import {getHook} from '../src/hook.js';
import * as events from '../src/events.js';
import CONSTANTS from '../src/constants.json';
import {GDPR_GVLIDS, VENDORLESS_GVLID} from '../src/consentHandler.js';
Expand Down Expand Up @@ -219,15 +218,6 @@ export const accessDeviceRule = ((rule) => {
export const syncUserRule = gdprRule(1, () => purpose1Rule, storageBlocked);
export const enrichEidsRule = gdprRule(1, () => purpose1Rule, storageBlocked);

export function userIdHook(fn, submodules, consentData) {
// TODO: remove this in v8 (https://github.com/prebid/Prebid.js/issues/9766)
if (shouldEnforce(consentData, 1, 'User ID')) {
fn.call(this, submodules, {...consentData, hasValidated: true});
} else {
fn.call(this, submodules, consentData);
}
}

export const fetchBidsRule = ((rule) => {
return function (params) {
if (params[ACTIVITY_PARAM_COMPONENT_TYPE] !== MODULE_TYPE_BIDDER) {
Expand Down Expand Up @@ -307,8 +297,6 @@ export function setEnforcementConfig(config) {
RULE_HANDLES.push(registerActivityControl(ACTIVITY_ACCESS_DEVICE, RULE_NAME, accessDeviceRule));
RULE_HANDLES.push(registerActivityControl(ACTIVITY_SYNC_USER, RULE_NAME, syncUserRule));
RULE_HANDLES.push(registerActivityControl(ACTIVITY_ENRICH_EIDS, RULE_NAME, enrichEidsRule));
// TODO: remove this hook in v8 (https://github.com/prebid/Prebid.js/issues/9766)
getHook('validateGdprEnforcement').before(userIdHook, 47);
}
if (purpose2Rule) {
RULE_HANDLES.push(registerActivityControl(ACTIVITY_FETCH_BIDS, RULE_NAME, fetchBidsRule));
Expand All @@ -321,9 +309,6 @@ export function setEnforcementConfig(config) {

export function uninstall() {
while (RULE_HANDLES.length) RULE_HANDLES.pop()();
[
getHook('validateGdprEnforcement').getHooks({hook: userIdHook}),
].forEach(hook => hook.remove());
hooksAdded = false;
}

Expand Down
21 changes: 2 additions & 19 deletions modules/userId/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ import * as events from '../../src/events.js';
import {getGlobal} from '../../src/prebidGlobal.js';
import adapterManager, {gdprDataHandler} from '../../src/adapterManager.js';
import CONSTANTS from '../../src/constants.json';
import {hook, module, ready as hooksReady} from '../../src/hook.js';
import {module, ready as hooksReady} from '../../src/hook.js';
import {buildEidPermissions, createEidsArray, USER_IDS_CONFIG} from './eids.js';
import {
getCoreStorageManager,
Expand All @@ -159,7 +159,6 @@ import {
} from '../../src/utils.js';
import {getPPID as coreGetPPID} from '../../src/adserver.js';
import {defer, GreedyPromise} from '../../src/utils/promise.js';
import {hasPurpose1Consent} from '../../src/utils/gpdr.js';
import {registerOrtbProcessor, REQUEST} from '../../src/pbjsORTB.js';
import {newMetrics, timedAuctionHook, useMetrics} from '../../src/utils/perfMetrics.js';
import {findRootDomain} from '../../src/fpd/rootDomain.js';
Expand Down Expand Up @@ -784,15 +783,6 @@ function getUserIdsAsync() {
);
}

/**
* This hook returns updated list of submodules which are allowed to do get user id based on TCF 2 enforcement rules configured
*/
export const validateGdprEnforcement = hook('sync', function (submodules, consentData) {
// TODO: remove the `hasValidated` check in v8. Enforcement should be OFF by default.
// https://github.com/prebid/Prebid.js/issues/9766
return { userIdModules: submodules, hasValidated: consentData && consentData.hasValidated };
}, 'validateGdprEnforcement');

function populateSubmoduleId(submodule, consentData, storedConsentData, forceRefresh) {
// There are two submodule configuration types to handle: storage or value
// 1. storage: retrieve user id data from cookie/html storage or with the submodule's getId method
Expand Down Expand Up @@ -882,18 +872,11 @@ function initSubmodules(dest, submodules, consentData, forceRefresh = false) {
return [];
}

// TODO: remove this check in v8 (https://github.com/prebid/Prebid.js/issues/9766)
let { userIdModules, hasValidated } = validateGdprEnforcement(submodules, consentData);
if (!hasValidated && !hasPurpose1Consent(consentData)) {
logWarn(`${MODULE_NAME} - gdpr permission not valid for local storage or cookies, exit module`);
return [];
}

// we always want the latest consentData stored, even if we don't execute any submodules
const storedConsentData = getStoredConsentData();
setStoredConsentData(consentData);

const initialized = userIdModules.reduce((carry, submodule) => {
const initialized = submodules.reduce((carry, submodule) => {
return submoduleMetrics(submodule.submodule.name).measureTime('init', () => {
try {
populateSubmoduleId(submodule, consentData, storedConsentData, forceRefresh);
Expand Down
7 changes: 0 additions & 7 deletions test/spec/modules/euidIdSystem_spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,13 +64,6 @@ describe('EUID module', function() {
coreStorage.removeDataFromLocalStorage(moduleCookieName);
});

it('When a server-only token value is provided in config but consent is not available, it is not available to the auction.', async function() {
setGdprApplies();
config.setConfig(makePrebidConfig(null, {value: makeEuidIdentityContainer(initialToken)}));
const bid = await runAuction();
expectNoIdentity(bid);
});

it('When a server-only token value is provided in config, it is available to the auction.', async function() {
setGdprApplies(true);
config.setConfig(makePrebidConfig(null, {value: makeEuidIdentityContainer(initialToken)}));
Expand Down
10 changes: 0 additions & 10 deletions test/spec/modules/uid2IdSystem_spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,16 +170,6 @@ describe(`UID2 module`, function () {
expectLegacyToken(bid);
});

it('When a legacy value is provided directly in configuration but GDPR applies, it is not passed on', async function() {
const valueConfig = makePrebidConfig();
setGdprApplies();
valueConfig.userSync.userIds[0].value = {uid2: {id: legacyToken}}
config.setConfig(valueConfig);
const bid = await runAuction();

expectNoIdentity(bid);
});

// These tests cover 'legacy' cookies - i.e. cookies set with just the uid2 advertising token, which was how some previous integrations worked.
// Some users might still have this cookie, and the module should use that token if a newer one isn't provided.
// This should cover older integrations where the server is setting this legacy cookie and expecting the module to pass it on.
Expand Down