Add a new module for better ensuring privacy of user data.

Review Request #9893 — Created April 25, 2018 and submitted — Latest diff uploaded

Information

Djblets
release-1.0.x
0f5c4fa...

Reviewers

This introduces djblets.privacy, a new module designed for more easily
ensuring protection of private user data, helping Django applications to
meet GDPR compliance and to otherwise help with the management and
safe-keeping of user data.

This initial version of the module focuses on consent tracking, giving
users control over operations or processing of data. It's designed to
allow applications (and even extensions) to dynamically register things
that require consent, to check if the user granted/denied that consent,
to (later) present options for consent, and to keep an audit log for
later proof. For now, only the backend is in place, with UI helpers
coming later.

This lives almost exclusively within the djblets.privacy.consent
module (with models living in djblets.privacy.models). There are a few
components:

  • Consent: An enum containing values to represent whether
    consent was given or denied, or simply not set yet.

  • ConsentRequirement: Represents a part of a product that requires
    consent. This can be instantiated with a unique ID, displayable name
    and description, and an optional URL for learning more about the
    requirement (useful for linking to privacy policies or documentation).

  • ConsentRequirementsRegistry: Used to register, track, and look up
    ConsentRequirement instances.

  • ConsentData: An object for store consent and consent-related
    information (timestamp, source of where the consent was given, and
    additional data to include), for serializing or deserializing.

  • BaseConsentTracker/DatabaseConsentTracker: Used to record if
    consent was given or denied for a requirement, check that consent on
    demand, and for keeping an audit log for helping to later document and
    prove when users set, denied, or revoked consent. By default,
    DatabaseConsentTracker (which stores the data in the database) is
    used, but projects can make use of custom ones for storing the audit
    data in other locations outside the database.

With this module, it will be very easy to start enforcing user control
of the processing of data without a lot of additional work.

Future changes will build on this to offer standard UI for consent
management and redacting of personal information before sending to
services.

Unit tests pass.

Built the docs and checked for build and generation errors.