adding lawfulbasis, consentmethod, referencecode fields to consent records

2025-10-29 09:02:22 +00:00 · 2019-12-25 12:08:53 +02:00
parent bdd1c28394
commit a3640586fa
4 changed files with 79 additions and 35 deletions
--- a/API.md
+++ b/API.md
@@ -326,11 +326,17 @@ This API is used to store user consent.

 POST Body can contain regular form data or JSON. Here is a table with list of expected parameters.

-| Parameter   | Required  | Description                                                                    |
-| ----------- | --------- | ------------------------------------------------------------------------------ |
-| status      | No        | Consent status. Default value is **accept**. Allowed values: cancel/accept.    |
-| message     | No        | Optional text message describing consent.                                      |
-| expiration  | No        | Optional consent expiration date. It is an integer number in UNIX time format. |
+| Parameter (required)  | Description                                                                    |
+| --------------------- | ------------------------------------------------------------------------------ |
+| status (no)           | Consent status. Default value is **accept**. Allowed values: cancel/accept.    |
+| freetext (no)         | Free text, used to internal usage.                                             |
+| message (no)          | Text message describing consent. If empty **brief** is displayed.              |
+| expiration (no)       | Consent expiration date. It is be in UNIX time formar for like 10d or 1m.      |
+| lawfulbasis (no)      | Default is **consent**. It can be: **contract-agreement**, **legal-obligations**, etc...|
+| consentmethod (no)    | Default is **api**. It can be: **phone-consent**, **contract**, **app-consent**, etc...|
+| referencecode (no)    | This can be used as an id of your internal document, contract, etc.            |
+| lastmodifiedby (no)   | Name of the person that last modified this consnet or **customer**.            |
+| lastmodifieddate (no) | Date of the last modification.                                                 |

 When consent is expired, the status value is changed to **expired**.

--- a/src/consent_api.go
+++ b/src/consent_api.go
@@ -65,6 +65,9 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro
 		return
 	}
 	message := ""
+	lawfulbasis := ""
+	consentmethod := ""
+	referencecode := ""
 	status := "accept"
 	expiration := int32(0)
 	if value, ok := records["message"]; ok {
@@ -72,6 +75,21 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro
 			message = value.(string)
 		}
 	}
+	if value, ok := records["lawfulbasis"]; ok {
+		if reflect.TypeOf(value) == reflect.TypeOf("string") {
+			lawfulbasis = value.(string)
+		}
+	}
+	if value, ok := records["consentmethod"]; ok {
+		if reflect.TypeOf(value) == reflect.TypeOf("string") {
+			consentmethod = value.(string)
+		}
+	}
+	if value, ok := records["referencecode"]; ok {
+		if reflect.TypeOf(value) == reflect.TypeOf("string") {
+			referencecode = value.(string)
+		}
+	}
 	if value, ok := records["status"]; ok {
 		if reflect.TypeOf(value) == reflect.TypeOf("string") {
 			status = value.(string)
@@ -95,7 +113,7 @@ func (e mainEnv) consentAccept(w http.ResponseWriter, r *http.Request, ps httpro
 	case "phone":
 		address = normalizePhone(address, e.conf.Sms.Default_country)
 	}
-	e.db.createConsentRecord(userTOKEN, mode, address, brief, message, status, expiration)
+	e.db.createConsentRecord(userTOKEN, mode, address, brief, message, status, lawfulbasis, consentmethod, referencecode, expiration)
 }

 func (e mainEnv) consentCancel(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
--- a/src/consent_db.go
+++ b/src/consent_db.go
@@ -11,18 +11,37 @@ import (
 )

 type consentEvent struct {
-	When    int32  `json:"when,omitempty" structs:"when"`
-	Who     string `json:"who,omitempty" structs:"who"`
-	Mode    string `json:"mode,omitempty" structs:"mode"`
-	Token   string `json:"token" structs:"token"`
-	Brief   string `json:"brief,omitempty" structs:"brief"`
-	Message string `json:"message,omitempty" structs:"message,omitempty"`
-	Status  string `json:"status,omitempty" structs:"status"`
-	Endtime int32  `json:"endtime" structs:"endtime"`
+	Endtime       int32  `json:"endtime" structs:"endtime"`
+	When          int32  `json:"when,omitempty" structs:"when"`
+	Who           string `json:"who,omitempty" structs:"who"`
+	Mode          string `json:"mode,omitempty" structs:"mode"`
+	Token         string `json:"token" structs:"token"`
+	Brief         string `json:"brief,omitempty" structs:"brief"`
+	Message       string `json:"message,omitempty" structs:"message,omitempty"`
+	Status        string `json:"status,omitempty" structs:"status"`
+	Lawfulbasis   string `json:"lawfulbasis,omitempty" structs:"lawfulbasis"`
+	Consentmethod string `json:"consentmethod,omitempty" structs:"consentmethod"`
+	Referencecode string `json:"referencecode,omitempty" structs:"referencecode"`
 }

-func (dbobj dbcon) createConsentRecord(userTOKEN string, mode string, usercode string, brief string, message string, status string, endtime int32) {
+func (dbobj dbcon) createConsentRecord(userTOKEN string, mode string, usercode string,
+	brief string, message string, status string, lawfulbasis string, consentmethod string,
+	referencecode string, endtime int32) {
 	now := int32(time.Now().Unix())
+	bdoc := bson.M{}
+	bdoc["when"] = now
+	bdoc["status"] = status
+	bdoc["endtime"] = endtime
+	if len(lawfulbasis) > 0 {
+		// in case of update, consent, use new value
+		bdoc["lawfulbasis"] = lawfulbasis
+	}
+	if len(consentmethod) > 0 {
+		bdoc["consentmethod"] = consentmethod
+	}
+	if len(referencecode) > 0 {
+		bdoc["referencecode"] = referencecode
+	}
 	if len(userTOKEN) > 0 {
 		// first check if this consent exists, then update
 		raw, err := dbobj.getRecord2(TblName.Consent, "token", userTOKEN, "brief", brief)
@@ -31,11 +50,6 @@ func (dbobj dbcon) createConsentRecord(userTOKEN string, mode string, usercode s
 			return
 		}
 		if raw != nil {
-			// update date, status
-			bdoc := bson.M{}
-			bdoc["when"] = now
-			bdoc["status"] = status
-			bdoc["endtime"] = endtime
 			dbobj.updateRecord2(TblName.Consent, "token", userTOKEN, "brief", brief, &bdoc, nil)
 			return
 		}
@@ -46,25 +60,28 @@ func (dbobj dbcon) createConsentRecord(userTOKEN string, mode string, usercode s
 			return
 		}
 		if raw != nil {
-			fmt.Println("update rec")
-			// update date, status
-			bdoc := bson.M{}
-			bdoc["when"] = now
-			bdoc["status"] = status
-			bdoc["endtime"] = endtime
 			dbobj.updateRecord2(TblName.Consent, "who", usercode, "brief", brief, &bdoc, nil)
 			return
 		}
 	}
+	if len(consentmethod) == 0 {
+		consentmethod = "api"
+	}
+	if len(lawfulbasis) == 0 {
+		lawfulbasis = "consent"
+	}
 	ev := consentEvent{
-		When:    now,
-		Who:     usercode,
-		Token:   userTOKEN,
-		Mode:    mode,
-		Brief:   brief,
-		Message: message,
-		Status:  status,
-		Endtime: endtime,
+		Endtime:       endtime,
+		When:          now,
+		Who:           usercode,
+		Token:         userTOKEN,
+		Mode:          mode,
+		Brief:         brief,
+		Message:       message,
+		Status:        status,
+		Lawfulbasis:   lawfulbasis,
+		Consentmethod: consentmethod,
+		Referencecode: referencecode,
 	}
 	// in any case - insert record
 	_, err := dbobj.createRecord(TblName.Consent, structs.Map(ev))
--- a/src/qldb.go
+++ b/src/qldb.go
@@ -954,8 +954,11 @@ func initConsent(db *sql.DB) error {
 	  mode STRING,
 	  token STRING,
 	  brief STRING,
-	  message STRING,
 	  status STRING,
+	  message STRING,
+	  lawfulbasis STRING,
+	  consentmethod STRING,
+	  referencecode STRING,
 	  endtime int,
 	  ` + "`when` int);")
 	if err != nil {