mogilvie / gdprbundle Goto Github PK
View Code? Open in Web Editor NEWA symfony3 bundle to assist with defining data in accordance with GDPR, and for encrypting and reporting.
License: MIT License
A symfony3 bundle to assist with defining data in accordance with GDPR, and for encrypting and reporting.
License: MIT License
Hello,
Is there a way to query on an encrypted data ?...
For example, I want to encrypt the firstname
of the User
Entity. But I still want to be able to query on it. How can we do that ?
Even if the data is not encrypted, how can we query on Personal Data
field ? Do we have to reset all the options of the Personal Data
field before passing the parameter to the findOneBy
function ? Like this :
// App\Entity\User.php
/**
* @ORM\Column(type="personal_data", length=256, options={
* "format"="STRING",
* "isSensitive"=false,
* "isEncrypted"=true,
* "idMethod"="DIRECT",
* "basisOfCollection"="LEGITIMATE_INTEREST",
* "identifiableBy"="Can be used to identify an individual if compared with third party database",
* "providedBy"="The employee, the employer",
* "purposeFor"="Used to identify the user and contact",
* "retainFor"="P6Y",
* "disposeBy"="ANONYMISE",
* "methodOfReceipt"={"HTTP"},
* "receiptProtection"={"TSS"},
* "methodOfReturn"={"HTTP"},
* "returnProtection"={"TSS"}
* })
*
* @GdprAssert\PersonalData({
* @Assert\NotBlank
* })
*/
private $firstName;
// App\Controller\DefaultController.php
$firstname = new PersonalData();
$firstname->setData($encryptor->encrypt('John'))
->setFormat(PersonalData::FORMAT_STRING)
->setIsSensitive(true)
->setIsEncrypted(true)
->setIdMethod(PersonalData::ID_METHOD_DIRECT)
->setBasisOfCollection(PersonalData::BASIS_LEGITIMATE_INTEREST)
->setIdentifiableBy('Can be used to identify an individual if compared with third party database')
;
$protectedUser = $em->getRepository(User::class)
->setEncryptor($encryptor)
->findOneBy([ 'firstName' => $firstname ]);
Thanks.
Greetings.
Matthieu
Hi,
Do you have any plans to implement symfony 4 support?
Best regards,
Michal
I've started work on the disposer command, which the intention is to have run by cron to a schedule of the users choosing.
The basic structure of the disposer is there, as are some common disposer types.
I'm trying to decide how to reduce the amount of records that need to be scanned for expiry, the process could be resource intensive for large data sets, if you have to open each PersonalData type to check the creation date and the retention period.
Hi,
After failing at update command.
At first the command failed without having created a column gdpr_temp_password in the target entity.
Then comes an error message telling me about invalid keys :
I notice that the command import as as typo in naming from an array keys at
line 218 :
$personalData = $result['originalData'];
line 350 :
$personalData = $result['newPersonalData'];
Fixed with small caps as awaited.
line 218 :
$personalData = $result['originaldata'];
line 350 :
$personalData = $result['newpersonaldata'];
Greetings.
Gérard
Hi,
when I can expect support on ODM?
GdprSubscriber.php:188
Order.php:154, App\Entity\Order->getId()
GdprSubscriber.php:188, SpecShaper\GdprBundle\Subscribers\GdprSubscriber->onInsert()
GdprSubscriber.php:152, SpecShaper\GdprBundle\Subscribers\GdprSubscriber->onFlush()
ContainerAwareEventManager.php:63, Symfony\Bridge\Doctrine\ContainerAwareEventManager->dispatchEvent()
UnitOfWork.php:3733, Doctrine\ORM\UnitOfWork->dispatchOnFlushEvent()
UnitOfWork.php:424, Doctrine\ORM\UnitOfWork->commit()
EntityManager.php:403, Doctrine\ORM\EntityManager->flush()
OrderRepository.php:94, App\Repository\OrderRepository->save()
ApiController.php:70, App\Controller\ApiController->orderSetup()
HttpKernel.php:181, Symfony\Component\HttpKernel\HttpKernel->handleRaw()
HttpKernel.php:76, Symfony\Component\HttpKernel\HttpKernel->handle()
Kernel.php:197, Symfony\Component\HttpKernel\Kernel->handle()
index.php:29, {main}()
Gen key command not working in Symfony 4 deployment as noted by @eventhorizonpl in #2.
This needs to be resolved in the Encrypt Bundle
One requirement of GDPR is the ability to provide a report of who and when someone get access to a personal data. Have you plan something for this ?
Some ideas :
The coverage report generator needs to be amended to append mapped superclass objects.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.