Sign in


All notable changes to the Privacy Services will be documented in this file.

2019-06-12 - 13:30

Release v2.0.3 / v1.0.3

Jira Ref            Title
DPS-423 Updated deployment pipeline

2019-05-31 - 09.35

Release v2.0.2 / v1.0.2

Jira Ref            Title
DPS-417 Refactored endpoints for clarity
DPS-416 Upgraded to Node 10.x
DPS-413 Added security-focused linter
DPS-409 Upgraded schema validator library
DPS-231 Added Trusted Advisor to guidelines & practices
DPS-230 Added Snyk to CI/CD pipeline

2019-05-06 - 16.39

Release v2.0.1 / v1.0.1

Jira Ref            Title
DPS-353 Tuned alarms for v1
DPS-359 Added SonarQube to CI/CD Pipeline
DPS-372 Added support for new authorization URL
DPS-408 Upgraded node packages
DPS-399 Enabled Slack alarms for sandbox

2019-04-25 - 15:06

Release v2.0.0 / v1.0.0

Jira Ref            Title
DPS-277 Unifying Error Response Format

2019-04-09 - 17.13

Jira Ref            Title
DPS-317 Custom Retry DynamoDB
DPS-341 Changed alarms SNS topic name
DPS-337 Prevented false alarms from v1.get.receipts
DPS-286 Moved Log Group to Terraform

2019-02-27 - 15.58

Jira Ref            Title
DPS-306 Retry with delay
DPS-307 Changed warm up schedule
DPS-309 Updating slack hook
DPS-316 Adding Xray to dynogel base model
DPS-322 Remove unnecessary/defunct files in the repo
DPS-324 Create documentaion for Telia SE configuration update

Update node version in readme

Updating some of the feedback text in the tests for clarification

Aligning stress test environment and repo scenarios

2019-02-12 - 15.46

Jira Ref            Title
DPS-300 Upgrade serverless version
DPS-305 Disable sending metrics for v2
DPS-274 Stress test configuration
DPS-318 Added timeout variable on APIs that where missing it
DPS-320 Excluded more folders from serverless deployment

2019-01-22 - 09.55

Jira Ref            Title
DPS-272 Some stress-test alternatives and evaluation
DPS-274 Better documentation on Gatling usage
DPS-301 Disable alarm for v2AggregateLogs

2019-01-18 - 09.50

Jira Ref            Title
DPS-284 Push slack notification on Travis build failure
DPS-271 Adding new environment for stress testing on new aws account
DPS-289 Allow for removal of string 'backup' from entries pushed to Athena
DPS-295 Update a python package use for serverless in docker due to security alert
DPS-159 Add Cloudwatch alarms for Lambdas
DPS-285 Document that Cloudwatch alarms that has been added
DPS-296 Add script to more easily work with v1 configuration updates
DPS-294 Script to check consent-state based for entries in csv file

2018-12-04 - 14.20

Jira Ref            Title
DPS-260 Run integration tests on after deploy to sandbox and production. And abort the release in the case of failure.

2018-12-03 - 15.56

Jira Ref            Title
DPS-250 The property 'created' is not returned on POST party, dataGroup and purpose
DPS-263 Create a jira ticket creation template
DPS-198 Write integration tests for v2 API endpoints
DPS-251 Allow whitelisted project to have immediate DELETE
DPS-252 Upgrade v1 integration tests, and run them on release
DPS-227 Create script that imports all current states into Firehose
DPS-205 Setup Athena pipeline
DPS-254 Athena: Add referenceId table

2018-11-13 - 12.20

Jira Ref            Title
DPS-244 Rotate Basic auth secrets and redeploy so new secrets take affect.

2018-11-09 - 13.10

Jira Ref            Title
DPS-238 Update password masking for new multiValueHeaders

2018-11-08 - 11.40

Jira Ref            Title
DPS-238 updated descriptions of GET Privacy State and GET Privacy Data
DPS-217 Fix auto subscribe new logs
DPS-222 Renaming Cloudwatch class to CloudWatchMetics

2018-11-06 - 11.40

Jira Ref            Title
DPS-167 Align response statuses with documentation.
DPS-193 Embrace AWS:ssm to store secrets
DPS-208 Prevent use of duplicated subitems on purposes.

2018-10-24 - 11:00

Jira Ref           Title
DPS-219 Improve parameter validation and update deployment section of documentation
DPS-62 Create deployment checklists
DPS-216 removed retentionPeriod
DPS-213 Remove writes to s3 from api
DPS-165 do not allow purposes to be created without controllers
DPS-181 create aggregation log group
DPS-150 Collecting statistics with X-Ray

2018-10-16 - 10:33

Jira Ref            Title
DPS-204 Remove dynamoDb definition from serverless-framework. Only maintained by Terraform from now on.

2018-10-11 - 13:45

Jira Ref            Title
DPS-204 Prepare lambda v2DeleteResourcesByIdentity for follow up deployment (Removing trigger event with streamArn)
DPS-211 Perform reads of main resource and projects in parallel on most v2 endpoints

2018-10-04 - 14:12

Jira Ref            Title
DPS-171 On GET state, filter out datagroups, processors recipient that have been removed from purposes.

2018-10-03 - 10:40

Jira Ref           Title
DPS-83 Create new tables for v1 purposes
DPS-187 Fix deployment issue due to exceeding resrouce limit in stack.
DPS-199 Remove description of mashup GET configurations api from swagger
DPS-178 Use new tables for v1 purposes
DPS-199 Add script to get url for serverless environment
DPS-174 Implementing feature that remove all resrources for a project.
DPS-202 Remove abandoned plugin serverless-plugin-stack-config
DPS-194 Update documentation for new developer experience
DPS-203 Change POST project to take projectId in body instead of path parameter
DPS-209 Remove implementation for v1/resources endpoint
DPS-207 Reduce request time by populating referenceIdMapper in the background

2018-09-06 - 14:59

Jira Ref           Title
DPS-187 Upgrade node used in jenkins built simulate environment
DPS-178 Change v1 code to point to purposes-v1 table
DPS-199 Commented out GET configurations
DPS-199 Small script to get api url of particular environment

2018-08-30: - 14.15

Jira Ref           Title
DPS-190 Remove versioning of lambdas to solve deployment issue caused by to many outputs
DPS-140 Adding CRUD endpoints for Erasure
DPS-189 Fix logic around swagger validation of our api response.
DPS-164 Include access and erasure resources in identities/{identityId}/data endpoint
DPS-175 Adding support for scheduling full delete of project with all its resrouces. (Actual delete is added in follow up task)
DPS-12 Upgrading to run lambda function with node 8.10

2018-08-14 - 16:01

Jira Ref           Title
DPS-187 Remove all deployed v2 endpoints
DPS-188 Introduce nested stacks per privacy resource type. Re-add v2 endpoints

2018-08-03 - 10:30

Jira Ref           Title
DPS-141 Implement access CRUD endpoint
DPS-168 Delete referenceId on DELETE purpose
DPS-86 Add DELETE parties endpoint
DPS-155 Add DELETE DataGroups endpoint
DPS-173 Add delete project endpoint that flags a project with isDeleted = true
DPS-132 Add requestType to permission state to indicate what requestId points to
DPS-131 Update Joi restrictions on db models
DPS-172 Validate that project exists on all v2 requests. Validate identity exists on some request.
DPS-180 Return property warmupEnvironments to a simple list/array

2018-07-26 - 14:01

Jira Ref           Title
DPS-88 Alter output schema for multi-object GET requests
DPS-145 Trying to update an Identity with an alias list that includes the same alias twice will cause an Unexpected Error
DPS-138 Update Permissions and Objections to check that an Identity exists before writing state
DPS-147 CRU for datagroups
DPS-153 Setting integration test command in the package.json
DPS-87 Add filtering-out of outdate items on GET state requests
DPS-149 Creating script for deleting configuration data of Integration test
DPS-24 Add custom privacy database metrics to CloudWatch
DPS-83 Part 1: Created new v1 purposes table (not used yet)
DPS-81 Implement ACCESS data subject endpoints

2018-06-20 - 15:50

Jira Ref           Title
DPS-113 Integrate integration tests with privacy repo
DPS-17 Implement DELETE data subject operation in Privacy v2
DPS-122 Update Objections to enable initial posting of Status

2018-06-18 - 08:45

Jira Ref           Title
DPS-79 Implement v2/projects/{projectId}/identities/{identityId}/states
DPS-106 Implement CRUD for projectInfo

2018-06-13 - 14:33

Jira Ref           Title
DPS-111 Update objection privacy etc to be based on identityId instead of userId

2018-06-13 - 10:10

Jira Ref           Title
DPS-121 Update Permissions to enable initial posting of Status

2018-06-12 - 12:10

Jira Ref           Title
DPS-110 Remove /configurations/ from v2 URLs

2018-06-11 - 14:30

Jira Ref           Title
DPS-77 Implement Create & Update identity endpoints without aliases
DPS-133 Unhandled error instead of 404 on Get purpose when purpose is not found
DPS-134 Tweak the lambda names in order to cleanup API gateway

2018-06-07 - 13:05

Jira Ref           Title
DPS-29 On completed objection, trigger change in permission and eventually in state

2018-06-06 - 15:34

Jira Ref           Title
TAAS-999 Determine which services these clientIDs belong to
DPS-117 Implement GET /identity/{identityId} endpoint

2018-05-31 - 13:40

Jira Ref           Title
DPS-63 CRUD for Permissions endpoint
DPS-128 U portal can not see users for Telia Wifi

2018-05-28 - 15:10

Jira Ref           Title
DPS-109 FIX Cloudformation resource limit and serverless

2018-05-27 - 16:01

Jira Ref           Title
TAAS-993 Whitelist new SS in the privacy setup

2018-05-24 - 23:02

Jira Ref           Title
DPS-96 Update operationId in Swagger
DPS-82 Update Swagger with new and changed endpoints
DPS-123 Update Swagger file with correct meta information about the service
DPS-109 FIX Cloudformation resource limit and serverless

2018-05-15 - 08:28

Jira Ref           Title
DPS-97 Replace Winston logger with bunyan

2018-05-09 - 13:34

Jira Ref           Title
DPS-70 Move v1 API code into a v1 folder

2018-05-08 - 16:40

Jira Ref           Title
DPS-22 Privacy: Implement Configuration/Parties endpoint
DPS-61 Add Privacy documentation to DivX Portal Developer Portal
DPS-80 Rename v2ResourceBase and Notification-Model to PrivacyRequest and PrivacyRequestModel
DPS-89 Update getting-started-as-a-developer
DPS-59 Create CRUD endpoints for v2 configuration-purposes
DPS-44 Convert Privacy Request API document to swagger
DPS-108 Error is thrown when there is no queryStringParameters in APIs that utilise extractQueryParams()

2018-04-11 - 13:40

Jira Ref           Title
DPS-23 Implement V2 Objections endpoints
DPS-44 Convert Privacy Request API document to swagger
DPS-56 On POST configuration, we fail to add created (and updated) timestamp to data items
DPS-55 Consent: When storing state and given a payload with empty dataIds, do we add a dataItem without status to state?

2018-02-20 - 09:30

Jira Ref           Title
DPS-34 Consent: Update node dependencie

2018-02-19 - 12:25

Jira Ref           Title
TAAS-658 Consent: Add logging of the projectId extracted from Bearer token
TAAS-691 Add the oauth public key envvar to docker consent simulation

2018-02-02 - 10:34

Jira Ref           Title
TAAS-647 Consent messages are being rejected based on timestamps, but when the message is sent through again it will be accepted
TAAS-647 Allow timestamp with 3,2,1,0 decimals for milliseconds.
TAAS-286 POST consent doesn't validate userId in path
TAAS-286 Add the path parameter userId in invoke script.

2018-01-31 - 15:00

Jira Ref           Title
TAAS-618 Consent: Make 'legalGround' into an enum in the swagger specification
TAAS-613 Consent: respondWithError will overwrite details in an ErrorHandler when the status code is 500
TAAS-422 Define and implement restrictions for referenceId (string + length + url friendliness)
TAAS-313 Consolidate reference data in /v1/configurations/users/{userId} to one section of the response and avoid duplication.
TAAS-627 Consent: Transition Travis jobs from running on 'precise' to 'trusty'

2018-01-30 - 09:00

Jira Ref           Title
TAAS-286 POST consent doesn't validate userId in path
TAAS-611 Get the consent api from serverless
TAAS-583 V1 validation to satisfy the swagger changes. POST /configuration
TAAS-601 Getting consent to create custom environments on the fly

2018-01-18 - 16:30

Jira Ref           Title
TAAS-326 Consent timestamps returned by API are unixtime (with miliseconds). Transition to ISO-8601, prefereably when bumping endpoint versions.

2018-01-12 - 12:45

Jira Ref           Title
TAAS-466 Set appropriate Dynamodb read/write capacity
TAAS-536 Make dockerised version of consent run
TAAS-531 Calls to keep consent authorizer warm, causes 'unauthorized' and counts as a rejected request in logs and New Relic
TAAS-538 Throw an error using the ErrorHandler-class instead of the Error-class
TAAS-475 Consent: DELETE states endpoint failed to remove all receipts when user had a lot of them
TAAS-540 Warmup calls to lambda for GET receipts causes an error that shows up in New Relic

2018-01-09 - 14:20

Jira Ref           Title
TAAS-519 Endpoint can return consented as int, when it is defined as string

2018-01-08 - 12:20

Jira Ref           Title
TAAS-508 Storing consent with a valid purpose but an invalid data should not be possible

2018-01-08 - 10:05

Jira Ref           Title
TAAS-497 Move consent solution to the new selfservice api url
TAAS-500 Run more db operation in parallel on POST consent

2017-12-13 - 15:30

Jira Ref           Title
TAAS-233 It's possible to store a receipt without storing a state
TAAS-421 Add support for swagger validation of all API responses
TAAS-429 Consent: Swagger for GET state does not expect the referenceIds that it should
TAAS-441 Consent: Swagger-ui reports errors on our definitions
TAAS-402 Write tests and get familiar with consent-code

2017-12-06 - 09:10

Jira Ref           Title
TAAS-381 Silently log if endpoints are providing valid output based on our swagger files
TAAS-397 Tried to use isObjectionable from configuration when creating receipt
TAAS-374 Consent: incorrect properties in response for users/{userid}/configurations
TAAS-398 Use slack to notify team when validation of json output fails

2017-11-21 - 17:00

Jira Ref           Title
TAAS-289 Change gpg key for .env file
TAAS-241 Fix undefined projectId when querystring projectId is used
TAAS-260 Look into using Promise.all for Configuration.getConfiguration
TAAS-290 Double set of purpose in "answered"
TAAS-211 Swagger Validation for Post Configuration does not raise an error for malformed Purposes
TAAS-292 Fix Swagger so all endpoints can be used in swagger-codegen
TAAS-253 Create lambda function for webhooks
ID-919 Add privacy to the telia-norway sandbox environment.
TAAS-299 Update serverless.env.yml.gpg with the new environment variables
TAAS-232 Consent-Service: Fetch OAUTHPUBLICKEY from keycloak
TAAS-292 Fix Swagger so all endpoints can be used in swagger-codegen
TAAS-311 The example in swagger-ui is missing all properties
TAAS-155 Create GET /users/{userId}/receipts/{receiptId}
TAAS-321 GET receipts response do not validate against our swagger
TAAS-245 Update sinon version
TAAS-318 As an API consumer, I want POST consent to return a json schema instead of "Success"

2017-10-24 - 16:30

Jira Ref           Title
TAAS-288 Missing "consented" in /users/{userId}/configurations

2017-10-23 - 16:30

Jira Ref           Title
TAAS-262 Change POST consent to support referenceId
TAAS-270 Add to Swagger documentation
TAAS-218 Create new GET consent prompt api

2017-10-18 - 10:05

Jira Ref           Title
TAAS-251 Lambda trigger for current state table
TAAS-256 Update swagger definition for ConsentState and ConsentReceipt
TAAS-202 Static outbound IPs for TAAS

2017-10-11 - 11:48

Jira Ref           Title
TAAS-203 Enrich with referenceId in the GET current state
TAAS-196 Lack of thirdpartysIds arrays causes issues when updating configuration
TAAS-248 isBasicAuth-function is not docker compatible
TAAS-257 POST large configuration fails due exceeding lambda timeout

2017-10-05 - 12:19

Jira Ref           Title
TAAS-217 Add missing fields to current state table

2017-10-04 - 09:09

Jira Ref           Title
TAAS-237 Improve logging in 500 scenarios
TAAS-192 Query with idp in the services API
TAAS-241 Fix undefined projectId when querystring projectId is used
TAAS-229 Internal server error on POST consent when project has no config
TAAS-242 Improve errors logs by adding request ID and request url to error message
TAAS-244 Update package.json versions
TAAS-220 Setup the jump account for Privacy team
TAAS-233 It's possible to store a receipt without storing a state