datahub/wherehows-web/app/utils/datasets/compliance-policy.js

import Ember from 'ember';
import { datasetClassifiers } from 'wherehows-web/constants/dataset-classification';
import { lastSeenSuggestionInterval } from 'wherehows-web/constants/metadata-acquisition';

const { assert, Logger: { warn } } = Ember;

/**
 * Builds a default shape for securitySpecification & privacyCompliancePolicy with default / unset values
 *   for non null properties as per Avro schema
 * @param {Number} datasetId id for the dataset that this privacy object applies to
 */
const createInitialComplianceInfo = datasetId => ({
  datasetId,
  complianceType: '',
  compliancePurgeNote: '',
  complianceEntities: [],
  datasetClassification: {}
});

/**
 *
 * @type {{complianceEntities: {type: string, of: {type: string, keys: [*]}}, datasetClassification: {type: string, keys: (*)}, fieldClassification: {type: string}}}
 */
const policyShape = {
  complianceEntities: {
    type: 'array',
    of: {
      type: 'object',
      keys: [
        'identifierField:string',
        'identifierType:string',
        'securityClassification:string|object',
        'logicalType:string|object|undefined'
      ]
    }
  },
  datasetClassification: { type: 'object', keys: Object.keys(datasetClassifiers).map(key => `${key}:boolean`) }
};

/**
 * Checks that a policy is valid
 * @param candidatePolicy
 * @return {boolean}
 */
const isPolicyExpectedShape = (candidatePolicy = {}) => {
  const candidateMatchesShape = policyKey => {
    assert(
      `Expected each compliance policy attribute to be one of ${Object.keys(policyShape)}, but got ${policyKey}`,
      policyShape.hasOwnProperty(policyKey)
    );

    const policyProps = policyShape[policyKey];
    const expectedType = policyProps.type;
    const policyKeyValue = candidatePolicy[policyKey];
    const isValueExpectedType =
      expectedType === 'array' ? Array.isArray(policyKeyValue) : typeof policyKeyValue === expectedType;
    const typeDeclarations =
      {
        get array() {
          return policyProps.of.keys;
        },
        get object() {
          return policyProps.keys;
        }
      }[expectedType] || [];

    if (!policyKeyValue || !isValueExpectedType) {
      return false;
    }

    if (expectedType === 'array') {
      return policyKeyValue.every(value => {
        if (!value && typeof value !== policyProps.of.type) {
          warn(`Typedefs for ${policyKey} with value ${policyKeyValue} does not equal ${policyProps.of.type}`);
          return false;
        }

        return typeDeclarations.every(typeString => {
          const [key, type] = typeString.split(':');
          const result = type.includes(typeof value[key]);
          if (!result) {
            warn(`Typedefs for ${policyKey} don't include '${typeof value[key]}' for ${key}`);
          }

          return result;
        });
      });
    }

    if (expectedType === typeof {}) {
      return typeDeclarations.every(typeString => {
        const [key, type] = typeString.split(':');
        const result = type.includes(typeof policyKeyValue[key]);
        if (!result) {
          warn(`Typedefs for ${policyKey} don't include ${typeof policyKeyValue[key]} for ${key}`);
        }

        return result;
      });
    }
  };

  if (typeof candidatePolicy === 'object' && candidatePolicy) {
    return Object.keys(policyShape).every(candidateMatchesShape);
  }

  return false;
};

/**
 * Checks if the compliance suggestion has a date that is equal or exceeds the policy mod time by at least the
 * ms time in lastSeenSuggestionInterval
 * @param {number} [policyModificationTime = 0] timestamp for the policy modification date
 * @param {number} suggestionModificationTime timestamp for the suggestion modification date
 * @return {boolean}
 */
const isRecentSuggestion = (policyModificationTime = 0, suggestionModificationTime) =>
  !!suggestionModificationTime && suggestionModificationTime - policyModificationTime >= lastSeenSuggestionInterval;

/**
 * Checks if a compliance policy changeSet field requires user attention: if a suggestion
 * is available  but the user has not indicated intent or a policy for the field does not currently exist remotely
 * and the related field changeSet has not been modified on the client
 * @param {boolean} isDirty flag indicating the field changeSet has been modified on the client
 * @param {object|void} suggestion the field suggestion properties
 * @param {boolean} privacyPolicyExists flag indicating that the field has a current policy upstream
 * @param {string} suggestionAuthority possibly empty string indicating the user intent for the suggestion
 * @return {boolean}
 */
const fieldChangeSetRequiresReview = ({ isDirty, suggestion, privacyPolicyExists, suggestionAuthority } = {}) => {
  if (suggestion) {
    return !suggestionAuthority;
  }

  // If either the privacy policy exists, or user has made changes, then no review is required
  return !(privacyPolicyExists || isDirty);
};

/**
 * Merges the column fields with the suggestion for the field if available
 * @param {object} mappedColumnFields a map of column fields to compliance entity properties
 * @param {object} fieldSuggestionMap a map of field suggestion properties keyed by field name
 * @return {Array<object>} mapped column field augmented with suggestion if available
 */
const mergeMappedColumnFieldsWithSuggestions = (mappedColumnFields = {}, fieldSuggestionMap = {}) =>
  Object.keys(mappedColumnFields).map(fieldName => {
    const {
      identifierField,
      dataType,
      identifierType,
      logicalType,
      securityClassification,
      policyModificationTime,
      privacyPolicyExists,
      isDirty
    } = mappedColumnFields[fieldName];
    const suggestion = fieldSuggestionMap[identifierField];

    const field = {
      identifierField,
      dataType,
      identifierType,
      logicalType,
      privacyPolicyExists,
      isDirty,
      classification: securityClassification
    };

    // If a suggestion exists for this field add the suggestion attribute to the field properties / changeSet
    // Check if suggestion isRecent before augmenting, otherwise, suggestion will not be considered on changeSet
    if (suggestion && isRecentSuggestion(policyModificationTime, suggestion.suggestionsModificationTime)) {
      return { ...field, suggestion };
    }

    return field;
  });

export {
  createInitialComplianceInfo,
  isPolicyExpectedShape,
  fieldChangeSetRequiresReview,
  mergeMappedColumnFieldsWithSuggestions,
  isRecentSuggestion
};
adds typescript. adds mirage. updates dependencies. begins separating api concerns from app: datasets. removes jshint. adds mirage model+factory for compliance suggestion updates gitignore: removes typings. adds environment.d.ts declaration file for config/environment. adds unit test for datasets-test. adds extracted datasets api file updates destroy app test helper updates compliance component to work with modified api from compliance api: removes isSubject, adds securityClassification updates uploaded compliance shape validation. updates the dataset route adds typescript files to prettier linting updates gitignore with vscode 2017-08-15 23:16:38 -07:00			`import Ember from 'ember';`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`import { datasetClassifiers } from 'wherehows-web/constants/dataset-classification';`
removes hasRecentSuggestions computed property in favour of diffing suggestion and policy timestamp prior to augmenting compliancepolicy changeSet with suggestion. updates logic to get field value: identifierType/logicalType prior to suggested value. issues: needs to update the previous field value with user friendly label/displayAs value 2017-10-07 17:49:57 -07:00			`import { lastSeenSuggestionInterval } from 'wherehows-web/constants/metadata-acquisition';`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			`const { assert, Logger: { warn } } = Ember;`
adds typescript. adds mirage. updates dependencies. begins separating api concerns from app: datasets. removes jshint. adds mirage model+factory for compliance suggestion updates gitignore: removes typings. adds environment.d.ts declaration file for config/environment. adds unit test for datasets-test. adds extracted datasets api file updates destroy app test helper updates compliance component to work with modified api from compliance api: removes isSubject, adds securityClassification updates uploaded compliance shape validation. updates the dataset route adds typescript files to prettier linting updates gitignore with vscode 2017-08-15 23:16:38 -07:00
Adds application utility module: build-url module to ensure url is encoded and decoded in a w3 spec compliant way. encode-decode-uri-component-with-space util replaces spaces with + as opposed to '\%20' separator. Functions for dataset security and privacy spec. Email address validator 2017-03-24 20:50:42 -07:00			`/**`
updates pii data collection feature: single tab for compliance and confidential, renamed to compliance. moved closer to ownership tab. add notification dot for tab requiring user attention. moved action bar to fixed position at bottom of screen. removed app footer. myriad styling changes. etc 2017-05-19 03:05:25 -07:00			`* Builds a default shape for securitySpecification & privacyCompliancePolicy with default / unset values`
implements default classification for data fields. creates constants for metadata-acquisition. refactors datasets utils function to export default module. updates column ordering for security classification table. 2017-04-28 22:02:46 -07:00			`* for non null properties as per Avro schema`
adds support for passing datasetUrn on new compliance policy creation. fixes ui rendering issue with notification. 2017-05-19 09:52:19 -07:00			`* @param {Number} datasetId id for the dataset that this privacy object applies to`
updates security spec creation, removes unused specification 2017-04-01 14:13:28 -07:00			`*/`
removes support for datasetUrn from new policy creation. changes find by username to search by full name. fixes issues with null properties on compliance policy. add styling to reduce visibility of semi-hidden select 2017-05-19 10:52:58 -07:00			`const createInitialComplianceInfo = datasetId => ({`
updates pii data collection feature: single tab for compliance and confidential, renamed to compliance. moved closer to ownership tab. add notification dot for tab requiring user attention. moved action bar to fixed position at bottom of screen. removed app footer. myriad styling changes. etc 2017-05-19 03:05:25 -07:00			`datasetId,`
updates initial compliance info function and updates tests 2017-10-20 21:57:40 -07:00			`complianceType: '',`
implements purge policy feature. constants for platforms and purge types. adds styles for feature. implements ui logic for selecting purge based on platform availability. 2017-10-19 18:17:16 -07:00			`compliancePurgeNote: '',`
updates dataset-compliance compliance component. adds notification component styles. fixes complianceEntities key name 2017-05-19 08:45:05 -07:00			`complianceEntities: [],`
implements purge policy feature. constants for platforms and purge types. adds styles for feature. implements ui logic for selecting purge based on platform availability. 2017-10-19 18:17:16 -07:00			`datasetClassification: {}`
updates pii data collection feature: single tab for compliance and confidential, renamed to compliance. moved closer to ownership tab. add notification dot for tab requiring user attention. moved action bar to fixed position at bottom of screen. removed app footer. myriad styling changes. etc 2017-05-19 03:05:25 -07:00			`});`
implements default classification for data fields. creates constants for metadata-acquisition. refactors datasets utils function to export default module. updates column ordering for security classification table. 2017-04-28 22:02:46 -07:00
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`/**`
			`*`
			`* @type {{complianceEntities: {type: string, of: {type: string, keys: []}}, datasetClassification: {type: string, keys: ()}, fieldClassification: {type: string}}}`
			`*/`
			`const policyShape = {`
			`complianceEntities: {`
			`type: 'array',`
			`of: {`
			`type: 'object',`
			`keys: [`
			`'identifierField:string',`
			`'identifierType:string',`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			`'securityClassification:string\|object',`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`'logicalType:string\|object\|undefined'`
			`]`
			`}`
			`},`
adds typescript. adds mirage. updates dependencies. begins separating api concerns from app: datasets. removes jshint. adds mirage model+factory for compliance suggestion updates gitignore: removes typings. adds environment.d.ts declaration file for config/environment. adds unit test for datasets-test. adds extracted datasets api file updates destroy app test helper updates compliance component to work with modified api from compliance api: removes isSubject, adds securityClassification updates uploaded compliance shape validation. updates the dataset route adds typescript files to prettier linting updates gitignore with vscode 2017-08-15 23:16:38 -07:00			datasetClassification: { type: 'object', keys: Object.keys(datasetClassifiers).map(key => `${key}:boolean`) }
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`};`

			`/**`
			`* Checks that a policy is valid`
			`* @param candidatePolicy`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			`* @return {boolean}`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`*/`
			`const isPolicyExpectedShape = (candidatePolicy = {}) => {`
			`const candidateMatchesShape = policyKey => {`
adds typescript. adds mirage. updates dependencies. begins separating api concerns from app: datasets. removes jshint. adds mirage model+factory for compliance suggestion updates gitignore: removes typings. adds environment.d.ts declaration file for config/environment. adds unit test for datasets-test. adds extracted datasets api file updates destroy app test helper updates compliance component to work with modified api from compliance api: removes isSubject, adds securityClassification updates uploaded compliance shape validation. updates the dataset route adds typescript files to prettier linting updates gitignore with vscode 2017-08-15 23:16:38 -07:00			`assert(`
			`Expected each compliance policy attribute to be one of ${Object.keys(policyShape)}, but got ${policyKey}`,
			`policyShape.hasOwnProperty(policyKey)`
			`);`

adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`const policyProps = policyShape[policyKey];`
			`const expectedType = policyProps.type;`
			`const policyKeyValue = candidatePolicy[policyKey];`
adds typescript. adds mirage. updates dependencies. begins separating api concerns from app: datasets. removes jshint. adds mirage model+factory for compliance suggestion updates gitignore: removes typings. adds environment.d.ts declaration file for config/environment. adds unit test for datasets-test. adds extracted datasets api file updates destroy app test helper updates compliance component to work with modified api from compliance api: removes isSubject, adds securityClassification updates uploaded compliance shape validation. updates the dataset route adds typescript files to prettier linting updates gitignore with vscode 2017-08-15 23:16:38 -07:00			`const isValueExpectedType =`
			`expectedType === 'array' ? Array.isArray(policyKeyValue) : typeof policyKeyValue === expectedType;`
			`const typeDeclarations =`
			`{`
			`get array() {`
			`return policyProps.of.keys;`
			`},`
			`get object() {`
			`return policyProps.keys;`
			`}`
			`}[expectedType] \|\| [];`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00
			`if (!policyKeyValue \|\| !isValueExpectedType) {`
			`return false;`
			`}`

			`if (expectedType === 'array') {`
			`return policyKeyValue.every(value => {`
			`if (!value && typeof value !== policyProps.of.type) {`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			warn(`Typedefs for ${policyKey} with value ${policyKeyValue} does not equal ${policyProps.of.type}`);
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`return false;`
			`}`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`return typeDeclarations.every(typeString => {`
			`const [key, type] = typeString.split(':');`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			`const result = type.includes(typeof value[key]);`
			`if (!result) {`
			warn(`Typedefs for ${policyKey} don't include '${typeof value[key]}' for ${key}`);
			`}`

			`return result;`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`});`
			`});`
			`}`

			`if (expectedType === typeof {}) {`
			`return typeDeclarations.every(typeString => {`
			`const [key, type] = typeString.split(':');`
updates compliance notifications. implements toasts for notifications service. fixes issue with data upload: does not automatically save on upload. adds object to type def for security classification since field can be null. adds utility for promise based delay 2017-08-30 10:26:44 -07:00			`const result = type.includes(typeof policyKeyValue[key]);`
			`if (!result) {`
			warn(`Typedefs for ${policyKey} don't include ${typeof policyKeyValue[key]} for ${key}`);
			`}`

			`return result;`
adds feature to download a compliance policy as a json document. upload as json and apply to policy. performs attribute type assertions on values in uploaded policy 2017-06-01 13:11:26 -07:00			`});`
			`}`
			`};`

			`if (typeof candidatePolicy === 'object' && candidatePolicy) {`
			`return Object.keys(policyShape).every(candidateMatchesShape);`
			`}`

			`return false;`
			`};`

removes hasRecentSuggestions computed property in favour of diffing suggestion and policy timestamp prior to augmenting compliancepolicy changeSet with suggestion. updates logic to get field value: identifierType/logicalType prior to suggested value. issues: needs to update the previous field value with user friendly label/displayAs value 2017-10-07 17:49:57 -07:00			`/**`
			`* Checks if the compliance suggestion has a date that is equal or exceeds the policy mod time by at least the`
			`* ms time in lastSeenSuggestionInterval`
			`* @param {number} [policyModificationTime = 0] timestamp for the policy modification date`
			`* @param {number} suggestionModificationTime timestamp for the suggestion modification date`
			`* @return {boolean}`
			`*/`
			`const isRecentSuggestion = (policyModificationTime = 0, suggestionModificationTime) =>`
			`!!suggestionModificationTime && suggestionModificationTime - policyModificationTime >= lastSeenSuggestionInterval;`

renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`/**`
			`* Checks if a compliance policy changeSet field requires user attention: if a suggestion`
			`* is available but the user has not indicated intent or a policy for the field does not currently exist remotely`
			`* and the related field changeSet has not been modified on the client`
			`* @param {boolean} isDirty flag indicating the field changeSet has been modified on the client`
			`* @param {object\|void} suggestion the field suggestion properties`
			`* @param {boolean} privacyPolicyExists flag indicating that the field has a current policy upstream`
			`* @param {string} suggestionAuthority possibly empty string indicating the user intent for the suggestion`
			`* @return {boolean}`
			`*/`
slightly refactors impementation for fieldChangeSetRequiresReview helper function. adds unit tests for utility functions on dataset-compliance 2017-10-02 18:49:35 -07:00			`const fieldChangeSetRequiresReview = ({ isDirty, suggestion, privacyPolicyExists, suggestionAuthority } = {}) => {`
renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`if (suggestion) {`
			`return !suggestionAuthority;`
			`}`

slightly refactors impementation for fieldChangeSetRequiresReview helper function. adds unit tests for utility functions on dataset-compliance 2017-10-02 18:49:35 -07:00			`// If either the privacy policy exists, or user has made changes, then no review is required`
			`return !(privacyPolicyExists \|\| isDirty);`
renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`};`

			`/**`
			`* Merges the column fields with the suggestion for the field if available`
			`* @param {object} mappedColumnFields a map of column fields to compliance entity properties`
			`* @param {object} fieldSuggestionMap a map of field suggestion properties keyed by field name`
			`* @return {Array<object>} mapped column field augmented with suggestion if available`
			`*/`
			`const mergeMappedColumnFieldsWithSuggestions = (mappedColumnFields = {}, fieldSuggestionMap = {}) =>`
			`Object.keys(mappedColumnFields).map(fieldName => {`
			`const {`
			`identifierField,`
			`dataType,`
			`identifierType,`
			`logicalType,`
			`securityClassification,`
removes hasRecentSuggestions computed property in favour of diffing suggestion and policy timestamp prior to augmenting compliancepolicy changeSet with suggestion. updates logic to get field value: identifierType/logicalType prior to suggested value. issues: needs to update the previous field value with user friendly label/displayAs value 2017-10-07 17:49:57 -07:00			`policyModificationTime,`
renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`privacyPolicyExists,`
			`isDirty`
			`} = mappedColumnFields[fieldName];`
			`const suggestion = fieldSuggestionMap[identifierField];`

			`const field = {`
			`identifierField,`
			`dataType,`
			`identifierType,`
			`logicalType,`
			`privacyPolicyExists,`
			`isDirty,`
			`classification: securityClassification`
			`};`

removes hasRecentSuggestions computed property in favour of diffing suggestion and policy timestamp prior to augmenting compliancepolicy changeSet with suggestion. updates logic to get field value: identifierType/logicalType prior to suggested value. issues: needs to update the previous field value with user friendly label/displayAs value 2017-10-07 17:49:57 -07:00			`// If a suggestion exists for this field add the suggestion attribute to the field properties / changeSet`
			`// Check if suggestion isRecent before augmenting, otherwise, suggestion will not be considered on changeSet`
			`if (suggestion && isRecentSuggestion(policyModificationTime, suggestion.suggestionsModificationTime)) {`
renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`return { ...field, suggestion };`
			`}`

			`return field;`
			`});`

			`export {`
			`createInitialComplianceInfo,`
			`isPolicyExpectedShape,`
			`fieldChangeSetRequiresReview,`
removes hasRecentSuggestions computed property in favour of diffing suggestion and policy timestamp prior to augmenting compliancepolicy changeSet with suggestion. updates logic to get field value: identifierType/logicalType prior to suggested value. issues: needs to update the previous field value with user friendly label/displayAs value 2017-10-07 17:49:57 -07:00			`mergeMappedColumnFieldsWithSuggestions,`
			`isRecentSuggestion`
renames array-map util module and adds functions for filter and uniqueness. adds mergeMappedColumnFieldsWithSuggestions and fieldChangeSetRequiresReview to compliance shared functions 2017-09-26 23:07:29 -07:00			`};`