Rename PrivacyRequestIdentity schema to Identity (#1324)

* Rename PrivacyRequestIdentity schema to Identity

* Update changelog

Co-authored-by: Paul Sanders <pau@ethyca.com>

CHANGELOG.md

@@ -53,6 +53,10 @@ The types of changes are:
 * Added generic request sorting button [#1320](https://github.com/ethyca/fidesops/pull/1320)
 
 
+### Changed
+
+* Renamed `PrivacyRequestIdentity` to `Identity` [#1324](https://github.com/ethyca/fidesops/pull/1324)
+
 ### Docs
 
 * Fix analytics opt out environment variable name [#1170](https://github.com/ethyca/fidesops/pull/1170)

scripts/create_test_data.py

@@ -25,7 +25,7 @@
     PrivacyRequestStatus,
 )
 from fidesops.ops.models.storage import ResponseFormat, StorageConfig
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.schemas.storage.storage import FileNaming, StorageDetails, StorageType
 from fidesops.ops.util.data_category import DataCategory
 
@@ -195,7 +195,7 @@ def create_test_data(db: orm.Session) -> FidesUser:
             )
             pr.persist_identity(
                 db=db,
-                identity=PrivacyRequestIdentity(
+                identity=Identity(
                     email="test@example.com",
                     phone_number="+1 234 567 8910",
                 ),

src/fidesops/ops/api/v1/endpoints/drp_endpoints.py

@@ -31,7 +31,7 @@
     DrpRevokeRequest,
 )
 from fidesops.ops.schemas.privacy_request import PrivacyRequestDRPStatusResponse
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.service.drp.drp_fidesops_mapper import DrpFidesopsMapper
 from fidesops.ops.service.privacy_request.request_runner_service import (
     queue_privacy_request,
@@ -95,7 +95,7 @@ async def create_drp_privacy_request(
             **jwt.decode(data.identity, jwt_key, algorithms=["HS256"])
         )
 
-        mapped_identity: PrivacyRequestIdentity = DrpFidesopsMapper.map_identity(
+        mapped_identity: Identity = DrpFidesopsMapper.map_identity(
             drp_identity=decrypted_identity
         )
 

src/fidesops/ops/models/privacy_request.py

@@ -54,7 +54,7 @@
     WebhookJWE,
 )
 from fidesops.ops.schemas.masking.masking_secrets import MaskingSecretCache
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.tasks import celery_app
 from fidesops.ops.util.cache import (
     FidesopsRedis,
@@ -260,7 +260,7 @@ def delete(self, db: Session) -> None:
             provided_identity.delete(db=db)
         super().delete(db=db)
 
-    def cache_identity(self, identity: PrivacyRequestIdentity) -> None:
+    def cache_identity(self, identity: Identity) -> None:
         """Sets the identity's values at their specific locations in the Fidesops app cache"""
         cache: FidesopsRedis = get_cache()
         identity_dict: Dict[str, Any] = dict(identity)
@@ -271,7 +271,7 @@ def cache_identity(self, identity: PrivacyRequestIdentity) -> None:
                     value,
                 )
 
-    def persist_identity(self, db: Session, identity: PrivacyRequestIdentity) -> None:
+    def persist_identity(self, db: Session, identity: Identity) -> None:
         """
         Stores the identity provided with the privacy request in a secure way, compatible with
         blind indexing for later searching and audit purposes.
@@ -292,11 +292,11 @@ def persist_identity(self, db: Session, identity: PrivacyRequestIdentity) -> Non
                     },
                 )
 
-    def get_persisted_identity(self) -> PrivacyRequestIdentity:
+    def get_persisted_identity(self) -> Identity:
         """
         Retrieves persisted identity fields from the DB.
         """
-        schema = PrivacyRequestIdentity()
+        schema = Identity()
         for field in self.provided_identities:
             setattr(
                 schema,

src/fidesops/ops/schemas/external_https.py

@@ -4,7 +4,7 @@
 from pydantic import BaseModel
 
 from fidesops.ops.models.policy import WebhookDirection
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 
 
 class CallbackType(Enum):
@@ -20,7 +20,7 @@ class SecondPartyRequestFormat(BaseModel):
     privacy_request_id: str
     direction: WebhookDirection
     callback_type: CallbackType
-    identity: PrivacyRequestIdentity
+    identity: Identity
 
     class Config:
         """Using enum values"""
@@ -34,7 +34,7 @@ class SecondPartyResponseFormat(BaseModel):
     Responses are only expected (and considered) for two_way webhooks.
     """
 
-    derived_identity: Optional[PrivacyRequestIdentity] = None
+    derived_identity: Optional[Identity] = None
     halt: bool
 
     class Config:
@@ -46,7 +46,7 @@ class Config:
 class PrivacyRequestResumeFormat(BaseModel):
     """Expected request body to resume a privacy request after it was paused by a webhook"""
 
-    derived_identity: Optional[PrivacyRequestIdentity] = {}  # type: ignore
+    derived_identity: Optional[Identity] = {}  # type: ignore
 
     class Config:
         """Using enum values"""

src/fidesops/ops/schemas/privacy_request.py

@@ -16,7 +16,7 @@
 from fidesops.ops.schemas.api import BulkResponse, BulkUpdateFailed
 from fidesops.ops.schemas.base_class import BaseSchema
 from fidesops.ops.schemas.policy import PolicyResponse as PolicySchema
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.schemas.shared_schemas import FidesOpsKey
 from fidesops.ops.util.encryption.aes_gcm_encryption_scheme import verify_encryption_key
 
@@ -57,7 +57,7 @@ class PrivacyRequestCreate(BaseSchema):
     started_processing_at: Optional[datetime]
     finished_processing_at: Optional[datetime]
     requested_at: Optional[datetime]
-    identity: PrivacyRequestIdentity
+    identity: Identity
     policy_key: FidesOpsKey
     encryption_key: Optional[str] = None
 
@@ -157,7 +157,7 @@ class PrivacyRequestResponse(BaseSchema):
     paused_at: Optional[datetime]
     status: PrivacyRequestStatus
     external_id: Optional[str]
-    # This field intentionally doesn't use the PrivacyRequestIdentity schema
+    # This field intentionally doesn't use the Identity schema
     # as it is an API response field, and we don't want to reveal any more
     # about our PII structure than is explicitly stored in the cache on request
     # creation.

src/fidesops/ops/schemas/redis_cache.py

@@ -5,7 +5,7 @@
 from fidesops.ops.schemas.base_class import BaseSchema
 
 
-class PrivacyRequestIdentity(BaseSchema):
+class Identity(BaseSchema):
     """Some PII grouping pertaining to a human"""
 
     phone_number: Optional[str] = None

src/fidesops/ops/service/drp/drp_fidesops_mapper.py

@@ -7,7 +7,7 @@
 )
 from fidesops.ops.schemas.drp_privacy_request import DrpIdentity
 from fidesops.ops.schemas.privacy_request import PrivacyRequestDRPStatus
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 
 logger = logging.getLogger(__name__)
 
@@ -18,10 +18,10 @@ class DrpFidesopsMapper:
     """
 
     @staticmethod
-    def map_identity(drp_identity: DrpIdentity) -> PrivacyRequestIdentity:
+    def map_identity(drp_identity: DrpIdentity) -> Identity:
         """
         Currently, both email and phone_number identity props map 1:1 to the corresponding
-        Fidesops identity props in PrivacyRequestIdentity. This may not always be the case.
+        Fidesops identity props in Identity. This may not always be the case.
         This class also allows us to implement custom logic to handle "verified" id props.
         """
         fidesops_identity_kwargs: Dict[str, str] = {}
@@ -42,7 +42,7 @@ def map_identity(drp_identity: DrpIdentity) -> PrivacyRequestIdentity:
                     attr
                 ].value
                 fidesops_identity_kwargs[fidesops_prop] = val
-        return PrivacyRequestIdentity(**fidesops_identity_kwargs)
+        return Identity(**fidesops_identity_kwargs)
 
     @staticmethod
     def map_status(

src/fidesops/ops/service/privacy_request/onetrust_service.py

@@ -17,7 +17,7 @@
 from fidesops.ops.models.policy import Policy
 from fidesops.ops.models.privacy_request import PrivacyRequest
 from fidesops.ops.models.storage import StorageConfig
-from fidesops.ops.schemas.privacy_request import PrivacyRequestIdentity
+from fidesops.ops.schemas.privacy_request import Identity
 from fidesops.ops.schemas.shared_schemas import FidesOpsKey
 from fidesops.ops.schemas.storage.storage import StorageDetails, StorageSecrets
 from fidesops.ops.schemas.third_party.onetrust import (
@@ -92,7 +92,7 @@ def intake_onetrust_requests(config_key: FidesOpsKey) -> None:
         )
         for request in all_requests:
             identity_kwargs = {"email": request.email}
-            identity = PrivacyRequestIdentity(**identity_kwargs)
+            identity = Identity(**identity_kwargs)
             fides_task: Optional[OneTrustSubtask] = OneTrustService._get_fides_subtask(
                 hostname, request.requestQueueRefId, access_token  # type: ignore
             )
@@ -134,7 +134,7 @@ def transition_status(
     def _create_privacy_request(  # pylint: disable=R0913
         subtask_id: str,
         requested_at: str,
-        identity: PrivacyRequestIdentity,
+        identity: Identity,
         onetrust_policy: Policy,
         hostname: str,
         access_token: str,
@@ -156,7 +156,7 @@ def _create_privacy_request(  # pylint: disable=R0913
         privacy_request: PrivacyRequest = PrivacyRequest.create(db=db, data=kwargs)
         privacy_request.persist_identity(
             db=db,
-            identity=PrivacyRequestIdentity(email=identity.email),
+            identity=Identity(email=identity.email),
         )
         privacy_request.cache_identity(identity)
         try:

src/fidesops/ops/service/privacy_request/request_service.py

@@ -7,7 +7,7 @@
 from fidesops.ops.models.privacy_request import PrivacyRequest, PrivacyRequestStatus
 from fidesops.ops.schemas.drp_privacy_request import DrpPrivacyRequestCreate
 from fidesops.ops.schemas.masking.masking_secrets import MaskingSecretCache
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.service.masking.strategy.masking_strategy import MaskingStrategy
 
 logger = logging.getLogger(__name__)
@@ -36,7 +36,7 @@ def build_required_privacy_request_kwargs(
 def cache_data(
     privacy_request: PrivacyRequest,
     policy: Policy,
-    identity: PrivacyRequestIdentity,
+    identity: Identity,
     encryption_key: Optional[str],
     drp_request_body: Optional[DrpPrivacyRequestCreate],
 ) -> None:

tests/ops/api/v1/endpoints/test_privacy_request_endpoints.py

@@ -69,7 +69,7 @@
 )
 from fidesops.ops.schemas.masking.masking_secrets import SecretType
 from fidesops.ops.schemas.policy import PolicyResponse
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.tasks import EMAIL_QUEUE_NAME
 from fidesops.ops.util.cache import (
     get_encryption_cache_key,
@@ -806,7 +806,7 @@ def test_filter_privacy_requests_by_identity_no_request_id(
         TEST_EMAIL = "test-12345678910@example.com"
         privacy_request.persist_identity(
             db=db,
-            identity=PrivacyRequestIdentity(
+            identity=Identity(
                 email=TEST_EMAIL,
             ),
         )

tests/ops/fixtures/application_fixtures.py

@@ -41,7 +41,7 @@
     EmailServiceSecretsMailgun,
     EmailServiceType,
 )
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.schemas.storage.storage import (
     FileNaming,
     S3AuthMethod,
@@ -888,7 +888,7 @@ def _create_privacy_request_for_policy(
     pr.cache_identity(identity_kwargs)
     pr.persist_identity(
         db=db,
-        identity=PrivacyRequestIdentity(
+        identity=Identity(
             email=email_identity,
             phone_number="+1 234 567 8910",
         ),
@@ -988,7 +988,7 @@ def succeeded_privacy_request(cache, db: Session, policy: Policy) -> PrivacyRequ
     pr.cache_identity(identity_kwargs)
     pr.persist_identity(
         db=db,
-        identity=PrivacyRequestIdentity(**identity_kwargs),
+        identity=Identity(**identity_kwargs),
     )
     yield pr
     pr.delete(db)

tests/ops/integration_tests/saas/request_override/test_mailchimp_override_task.py

@@ -4,7 +4,7 @@
 
 from fidesops.ops.graph.graph import DatasetGraph
 from fidesops.ops.models.privacy_request import ExecutionLog, PrivacyRequest
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.task import graph_task
 from fidesops.ops.task.graph_task import get_cached_data_for_erasures
 from tests.ops.graph.graph_test_util import assert_rows_match, records_matching_fields
@@ -42,7 +42,7 @@ async def test_mailchimp_override_access_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_saas_access_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": mailchimp_identity_email})
+    identity = Identity(**{"email": mailchimp_identity_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = mailchimp_override_connection_config.get_saas_config().fides_key
@@ -156,7 +156,7 @@ async def test_mailchimp_erasure_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_saas_erasure_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": mailchimp_identity_email})
+    identity = Identity(**{"email": mailchimp_identity_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = mailchimp_override_connection_config.get_saas_config().fides_key

tests/ops/integration_tests/saas/test_adobe_campaign_task.py

@@ -5,7 +5,7 @@
 from fidesops.ops.core.config import config
 from fidesops.ops.graph.graph import DatasetGraph
 from fidesops.ops.models.privacy_request import PrivacyRequest
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.service.connectors import get_connector
 from fidesops.ops.task import graph_task
 from fidesops.ops.task.graph_task import get_cached_data_for_erasures
@@ -35,7 +35,7 @@ async def test_adobe_campaign_access_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_adobe_campaign_access_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": adobe_campaign_identity_email})
+    identity = Identity(**{"email": adobe_campaign_identity_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = adobe_campaign_connection_config.get_saas_config().fides_key
@@ -179,7 +179,7 @@ async def test_adobe_campaign_saas_erasure_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_saas_access_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": erasure_email})
+    identity = Identity(**{"email": erasure_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = adobe_campaign_connection_config.get_saas_config().fides_key

tests/ops/integration_tests/saas/test_auth0_task.py

@@ -6,7 +6,7 @@
 from fidesops.ops.core.config import config
 from fidesops.ops.graph.graph import DatasetGraph
 from fidesops.ops.models.privacy_request import PrivacyRequest
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.task import graph_task
 from fidesops.ops.task.graph_task import get_cached_data_for_erasures
 from tests.ops.graph.graph_test_util import assert_rows_match
@@ -27,7 +27,7 @@ async def test_auth0_access_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_auth0_access_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": auth0_identity_email})
+    identity = Identity(**{"email": auth0_identity_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = auth0_connection_config.get_saas_config().fides_key
@@ -101,7 +101,7 @@ async def test_auth0_erasure_request_task(
     privacy_request = PrivacyRequest(
         id=f"test_auth0_erasure_request_task_{random.randint(0, 1000)}"
     )
-    identity = PrivacyRequestIdentity(**{"email": auth0_erasure_identity_email})
+    identity = Identity(**{"email": auth0_erasure_identity_email})
     privacy_request.cache_identity(identity)
 
     dataset_name = auth0_connection_config.get_saas_config().fides_key

tests/ops/integration_tests/saas/test_datadog_task.py

@@ -5,7 +5,7 @@
 
 from fidesops.ops.graph.graph import DatasetGraph
 from fidesops.ops.models.privacy_request import PrivacyRequest
-from fidesops.ops.schemas.redis_cache import PrivacyRequestIdentity
+from fidesops.ops.schemas.redis_cache import Identity
 from fidesops.ops.service.connectors import get_connector
 from fidesops.ops.task import graph_task
 from tests.ops.graph.graph_test_util import assert_rows_match
@@ -38,7 +38,7 @@ async def test_saas_access_request_task(
     identity_attribute = "email"
     identity_value = datadog_identity_email
     identity_kwargs = {identity_attribute: identity_value}
-    identity = PrivacyRequestIdentity(**identity_kwargs)
+    identity = Identity(**identity_kwargs)
     privacy_request.cache_identity(identity)
 
     dataset_name = datadog_connection_config.get_saas_config().fides_key