github.com/prebid/prebid-server/v2@v2.18.0/gdpr/gdpr.go

github.com/prebid/prebid-server/v2@v2.18.0/gdpr/gdpr.go (about)

     1  package gdpr
     2  
     3  import (
     4  	"context"
     5  
     6  	"github.com/prebid/prebid-server/v2/config"
     7  	"github.com/prebid/prebid-server/v2/openrtb_ext"
     8  )
     9  
    10  type Permissions interface {
    11  	// Determines whether or not the host company is allowed to read/write cookies.
    12  	//
    13  	// If the consent string was nonsensical, the returned error will be an ErrorMalformedConsent.
    14  	HostCookiesAllowed(ctx context.Context) (bool, error)
    15  
    16  	// Determines whether or not the given bidder is allowed to user personal info for ad targeting.
    17  	//
    18  	// If the consent string was nonsensical, the returned error will be an ErrorMalformedConsent.
    19  	BidderSyncAllowed(ctx context.Context, bidder openrtb_ext.BidderName) (bool, error)
    20  
    21  	// Determines whether or not to send PI information to a bidder, or mask it out.
    22  	//
    23  	// If the consent string was nonsensical, the returned error will be an ErrorMalformedConsent.
    24  	AuctionActivitiesAllowed(ctx context.Context, bidderCoreName openrtb_ext.BidderName, bidder openrtb_ext.BidderName) (permissions AuctionPermissions, err error)
    25  }
    26  
    27  type PermissionsBuilder func(TCF2ConfigReader, RequestInfo) Permissions
    28  
    29  type RequestInfo struct {
    30  	AliasGVLIDs map[string]uint16
    31  	Consent     string
    32  	GDPRSignal  Signal
    33  	PublisherID string
    34  }
    35  
    36  // NewPermissionsBuilder takes host config data used to configure the builder function it returns
    37  func NewPermissionsBuilder(cfg config.GDPR, gvlVendorIDs map[openrtb_ext.BidderName]uint16, vendorListFetcher VendorListFetcher) PermissionsBuilder {
    38  	return func(tcf2Cfg TCF2ConfigReader, requestInfo RequestInfo) Permissions {
    39  		purposeEnforcerBuilder := NewPurposeEnforcerBuilder(tcf2Cfg)
    40  
    41  		return NewPermissions(cfg, tcf2Cfg, gvlVendorIDs, vendorListFetcher, purposeEnforcerBuilder, requestInfo)
    42  	}
    43  }
    44  
    45  // NewPermissions gets a per-request Permissions object that can then be used to check GDPR permissions for a given bidder.
    46  func NewPermissions(cfg config.GDPR, tcf2Config TCF2ConfigReader, vendorIDs map[openrtb_ext.BidderName]uint16, fetcher VendorListFetcher, purposeEnforcerBuilder PurposeEnforcerBuilder, requestInfo RequestInfo) Permissions {
    47  	if !cfg.Enabled {
    48  		return &AlwaysAllow{}
    49  	}
    50  
    51  	permissionsImpl := &permissionsImpl{
    52  		fetchVendorList:        fetcher,
    53  		gdprDefaultValue:       cfg.DefaultValue,
    54  		hostVendorID:           cfg.HostVendorID,
    55  		nonStandardPublishers:  cfg.NonStandardPublisherMap,
    56  		cfg:                    tcf2Config,
    57  		vendorIDs:              vendorIDs,
    58  		publisherID:            requestInfo.PublisherID,
    59  		gdprSignal:             SignalNormalize(requestInfo.GDPRSignal, cfg.DefaultValue),
    60  		consent:                requestInfo.Consent,
    61  		aliasGVLIDs:            requestInfo.AliasGVLIDs,
    62  		purposeEnforcerBuilder: purposeEnforcerBuilder,
    63  	}
    64  
    65  	if cfg.HostVendorID == 0 {
    66  		return &AllowHostCookies{
    67  			permissionsImpl: permissionsImpl,
    68  		}
    69  	}
    70  
    71  	return permissionsImpl
    72  }
    73  
    74  // An ErrorMalformedConsent will be returned by the Permissions interface if
    75  // the consent string argument was the reason for the failure.
    76  type ErrorMalformedConsent struct {
    77  	Consent string
    78  	Cause   error
    79  }
    80  
    81  func (e *ErrorMalformedConsent) Error() string {
    82  	return "malformed consent string " + e.Consent + ": " + e.Cause.Error()
    83  }