XML

Word

Printable

Details

Type: Story
Status: Closed
Priority: Minor
Resolution: Completed
Affects Version/s: None
Fix Version/s: 7.4.13 DXP U66, Master
Component/s: Information Security > Cookie Preference Settings
Labels:
- beyond_7.4
- beyond_7.4-must
- fc_22_03
- fc_22_04
- fc_22_05
- fc_22_06
- fc_22_07
- fc_22_08
- fc_22_09

Epic Link:
Support cookie compliance with GDPR
Sprint:
AppSec Iteration 82, AppSec Iteration 83, AppSec Iteration 84, AppSec Iteration 85, AppSec Iteration 86, AppSec Iteration 87, AppSec Iteration 88, AppSec Iteration 89, AppSec Iteration 90, AppSec Iteration 91, AppSec Iteration 92, AppSec Iteration 93, AppSec Iteration 94, AppSec Iteration 95, AppSec Iteration 96, AppSec Iteration 97
Git Pull Request:
https://github.com/brianchandotcom/liferay-portal/pull/117388

Description

Motivation

We want to have a built in feature of cookie handling with which it's possible to make the site within the portal be GDPR compliant.

Design

https://www.figma.com/file/BFiKtvHk2qJqdI7FqAt4wC/?node-id=141%3A20553

Changes we decided to make for the sake of simplicity or because that would be significantly more effort to implement as it is in the original design:

The admin entries are:
1. Banner
2. "Consent Panel"
Banner config page entries
1. The "Active on this site" switcher goes to the first config entry on the Banner config page as a checkbox.
2. There is no change in the style of the config page at checking, unchecking the "Active on this site".
3. The "Consent Panel" config menu option appears only if the "Active on this site" is checked on the Banner config page.
4. "Consent Mode" is a checkbox.
5. The "Privacy Policy Link" is a simple text field and the value of that must be a full URL. No radio, no picker.
6. The following entries are not shown on the Banner config page:
  1. "Display in Page"
  2. "Accept All Label"
  3. "DeclineAll Label"
"Consent Panel" config page entries
1. This config menu option appears only if the "Active on this site" is checked on the Banner config page.
2. The "Privacy Policy Link" is a simple text field and the value of that must be a full URL. No radio, no picker.
3. The "Cookie Preferences" categories' title and description must be the text from here: https://liferay.atlassian.net/wiki/spaces/ENGDXPONLINE/pages/1666810584/Cookies+in+Liferay+DXP+WIP#By-purpose
4. "Pre-checked" checkboxes are clear by default.

Acceptance Criteria

AC-1
- Given that the Site Administrator can configure cookie handling
- When the Site Administrator goes to the site configuration, Platform section and clicks on Cookies configuration entry
- Then a configuration page appears with the possibilities of configuring
  1. Basic cookie handling
  2. How the cookie preference banner and the
  3. Cookie preference setting panel for End Users behave and look.

See the description of the sub tasks for further AC list.

Attachments

Issue Links

is a dependency of

LPS-148284 As a Site Administrator, I want the End User's cookie preferences to be considered at managing cookies on server side

Closed

LPS-148317 As a Site Administrator, I want the End User's cookie preferences to be considered at managing cookies on client (Javascript) side

Closed

Is blocking

LPS-153901 [Dev] Consider cookies OSGI config

Closed

is related to

LPS-133704 Cookie security prefixes

Under Review

LRDOCS-10735 Configure GDPR-compliant cookie preference handling

Ready For Documentation

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

(4 mentioned in)

Sub-Tasks

1.	[Dev] Site level OSGI configs	LPS-148320	Closed	Oliver Kecskemety
2.	[Dev] Site page selector for the privacy policy	LPS-148325	Closed	SE Support
3.	[Dev] Align existing properties with the new ones	LPS-148326	Closed	Oliver Kecskemety
4.	[Doc] Documentation of the Story: As a Site Administrator, I want to configure a GDPR compliant cookie preference handling in my site	LPS-148327	Closed	Zsigmond Rab
5.	[Release] Release / Feature flag and app.bnd	LPS-148328	Closed	Zsigmond Rab
6.	[Test] Plan to write tests	LPS-148329	Closed	Gábor Lovas
7.	[Test] Write test cases based on ACs	LPS-153434	Closed	Gábor Lovas
8.	[Bug] Consent Panel can be saved with blank title and description	LPS-153615	Closed	Oliver Kecskemety
9.	[Release] Hide Cookie configuration until release	LPS-156400	Closed	Gábor Lovas
10.	[Dev] Order the configuration menu entries better	LPS-156903	Closed	Gábor Lovas
11.	[Doc] Extend Documentation based on the investigation of LPS-146282	LPS-161778	Closed	Zsigmond Rab
12.	[Bug] Cookie Consent Configuration portlet cannot save cookies via Confirm button on a Widget Page	LPS-162101	Closed	Unassigned

Activity

People

Assignee:: Zsigmond Rab

Reporter:: Zsigmond Rab

Engineering Assignee:: Oliver Kecskemety

Recent user:: Nóra Szél

Participants of an Issue:: Gábor Lovas, Joyce Wang, Nóra Szél, Zsigmond Rab

Backend Developer(s) Assigned:: Oliver Kecskemety

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Feb/22 8:24 AM

Updated:: 28/Feb/23 4:53 AM

Resolved:: 27/Sep/22 7:01 AM

Packages

Version	Package
7.4.13 DXP U66
Master