Skip to content

Gdpr privacy#361

Merged
Nightsd01 merged 8 commits intomasterfrom
gdpr_privacy
Apr 24, 2018
Merged

Gdpr privacy#361
Nightsd01 merged 8 commits intomasterfrom
gdpr_privacy

Conversation

@Nightsd01
Copy link
Copy Markdown
Contributor

@Nightsd01 Nightsd01 commented Apr 16, 2018
edited by jwilm
Loading

• Adds ability to require privacy consent and lets developers add privacy consent/revoke to their apps
• Uses Onesignal_require_privacy_consent info.plist key to let developers require consent
• Adds consentGranted(boolean) to indicate if the user gives their consent. Can also be used to revoke previously granted consent

This change is Reviewable

@Nightsd01
Privacy Consent
07f9761 
• Adds the capability to require user privacy consent before the SDK can be initialized
@Nightsd01
Revoke Consent
c7f7f29 
• Made it so that when the user revokes consent after granting it, the SDK will immediately stop sending any information to the server
• Added checks in some internal methods to make sure personal data is never sent when consent is revoked or not provided
@Nightsd01
Improve Consent
9be784e 
• Adds consent checks to location data so that the SDK will not send location data if consent is revoked
• Adds nullability specifiers to the new DelayedInitializationParameters class
@Nightsd01 Nightsd01 requested a review from jkasten2 April 16, 2018 22:15
@Nightsd01
Add Test
c308345 
• Adds a test to make sure the privacy consent functionality works correctly, delays initialization, and resumes correctly.
@Nightsd01
Add Consent Setting Override
80997c3 
• Adds a method to override the plist consent setting, intended for wrapper SDK's that cannot use a plist setting
@jkasten2
Copy link
Copy Markdown
Member

jkasten2 commented Apr 23, 2018

handleNotificationOpened should have a call to shouldLogMissingPrivacyConsentErrorWithMethodName: incase the user removes their acceptance.

Review status: 0 of 14 files reviewed at latest revision, all discussions resolved, some commit checks failed.

iOS_SDK/OneSignalSDK/UnitTests/UnitTests.m, line 1865 at r1 (raw file):

    //indicates initialization was delayed
    XCTAssertNil(OneSignal.app_id);

Can you try calling a few other OneSignal methods here like sendTags in the test?

iOS_SDK/OneSignalSDK/UnitTests/UnitTests.m, line 1876 at r1 (raw file):

    [NSBundleOverrider setPrivacyState:false];
}

Can we add a 2nd test for shouldRequireUserConsent?

Comments from Reviewable

@Nightsd01
Download Params
913d653 
• Changes the SDK so that iOS params are still downloaded even if the user has not provided consent yet (to make things faster if they do eventually provide consent)
• Added additional checks to ensure that the SDK will _never_ initiate an HTTP request (asides from GET requests) if the user has not provided consent
• Adds test to make sure that swizzled methods (ie. didRegisterForRemoteNotifications) do not initiate HTTP requests or change state (ie. push token) if consent has not been granted
• Adds a test to make sure the OneSignal setRequiresUserPrivacyConsent: override method works correctly
• Adds a check to make sure handleNotificationOpened: does not execute if the user has not provided consent
@jkasten2
Copy link
Copy Markdown
Member

jkasten2 commented Apr 24, 2018

Reviewed 10 of 14 files at r1, 4 of 4 files at r2.
Review status: 14 of 16 files reviewed at latest revision, all discussions resolved, some commit checks failed.

iOS_SDK/OneSignalDevApp/OneSignalDevApp/Info.plist, line 5 at r2 (raw file):

<plist version="1.0">
<dict>
	<key>Onesignal_require_privacy_consent</key>

This should be OneSignal_require_privacy_consent instead to match the casing of our other plist entires. Code will need to be update to check this case difference too.

Comments from Reviewable

@Nightsd01
Plist Capitalization
869a466 
• Changes the privacy consent parameter name capitalization from Onesignal_require_privacy_consent to OneSignal_require_privacy_consent to be more consistent
@jkasten2
Copy link
Copy Markdown
Member

jkasten2 commented Apr 24, 2018

Reviewed 2 of 2 files at r3.
Review status: all files reviewed at latest revision, all discussions resolved, some commit checks failed.

Comments from Reviewable

@Nightsd01 Nightsd01 merged commit 0e25931 into master Apr 24, 2018
@Nightsd01 Nightsd01 deleted the gdpr_privacy branch April 24, 2018 22:21
@nan-li nan-li mentioned this pull request Feb 13, 2025
Merged
18 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkasten2 jkasten2 Awaiting requested review from jkasten2

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Nightsd01 @jkasten2