Download the PHP package specshaper/gdpr-bundle without Composer
On this page you can find all versions of the php package specshaper/gdpr-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download specshaper/gdpr-bundle
More information about specshaper/gdpr-bundle
Files in specshaper/gdpr-bundle
Package gdpr-bundle
Short Description A Symfony 5|6 bundle for classifying entity parameters according to GDPR requirements and encrypting data
License MIT
Homepage https://github.com/mogilvie/GdprBundle
Informations about the package gdpr-bundle
GDPR Bundle
A bundle to aid with the General Data Protection Regulation requirements.
Features include:
- Written for Symfony version 3|4|5|6, current master and v3.0 is Symfony 6
- Provides annotation for adding to entity parameter doc blocks - this method is being deprecated.
- Uses a PersonalData object and data transformers.
- Records values for Data Protection Impact Assessments of entity parameters.
- Uses SpecShaper\EncryptBundle to encrypt sensitive data
Version History
Version 3
Updated for Symfny 5.4|6 and PHP8
Version 2
Version 2 uses a PersonalData entity to store the GDPR parameters associated with the personal data parameter.
A custom twig function can be used to:
- Decrypt any encrypted data
- Display current data in its correct format.
- Display deleted/aggregated/annonymised data once it has been sanitised
Version 2 Features:
- [x] Create a storage entity
- [x] Create twig templates for entity to handle displaying expired data.
- [x] Create a migration command to create new database fields, and convert PersonalData attributes to PersonalData entity rows.
- [x] Create disposal classes and service
- [ ] Create a command to dispose of data
- [ ] Implement a cron task to dispose of data
- [ ] Generate activity report
- [ ] Create consent forms
- [ ] Generate consent report
- [ ] Export data command
Version 1
Version 1 of this project used annotations to classify entity parameter personal data.
This unfortunately could not be extended to managing live data, it runs into problems where data
become expired. What should get displayed instead? How can live data status be reported with annotations?
Version 1 Features:
- [x] Generate a entity parameter coverage report.
- [x] Generate a summary report of all entity parameters and GDPR annotations.
Warning
- This bundle has not been unit tested.
Documentation
The source of the documentation is stored in the Resources/doc/
folder
in this bundle.
License
This bundle is under the MIT license. See the complete license in the bundle:
Resources/meta/LICENSE
About
GdprBundle has been written for Parolla website to encode users private data.
Reporting an issue or a feature request
Issues and feature requests are tracked in the Github issue tracker.
When reporting a bug, it may be a good idea to reproduce it in a basic project built using the Symfony Standard Edition to allow developers of the bundle to reproduce the issue by simply cloning it and following some steps.
Installation
Step 1: Download the bundle
Open a command console, enter your project directory and execute the following command to download the latest version of this bundle:
This command requires you to have Composer installed globally, as explained in the installation chapter of the Composer documentation.
Step 2: Enable the bundle
Then, enable the bundle by adding it to the list of registered bundles
in the app/AppKernel.php
file of your project:
Step 2: Configure the bundle
Add an empty value for encrypt_key
to your parameters file.
Geneate a 256 bit 32 character key using the command tool in the Encrypt bundle
Now, replace your encryption key.
Configure the EncryptBundle.
You can disable encryption of the database by setting deleting is_disabled or setting it true.
Configure the routing to access the reports in dev environment only:
You should make sure that the /gdpr path is behind a firewall in your security settings.
Add the personal_data doctrine type to doctrine
Step 3: Create the entities if using the new personal_data type.
User the personal_data column type, and pass the options.
Using Attributes and to be deprecated:
Using Annotations going forward under Php 8
Or with multiple Assertions use nested attributes
Look at the PersonalData object constants for the full range of options available.
The PersonalData field can be validated from within the entity by wrapping regular constraints within the PersonalData constraint.
Step 4: Converting your database.
Use the command below to update your database.
The command will find all Column annotations of type personal_data and convert the stored value to a PersonalData object.
Use the command option 'tables' to convert specific tables and fields.
You can enter a class, to search every property in the class. Or for specific class properties
then append the property name. You can also append multiple classes.
Step 5: Use in forms
Use the PersonalDataType in forms. Note that this is different from the doctrine PersonalDataType.
In most cases you validate the entered value in the enitity using the PersonalData constraint to wrap other constraints. This is because the submitted data has been through the data transformer.
If you are validating in the form then you do not need to use the PersonalData constraint. Just use your constraints as normal.
Step 5: Decrypt in templates
To view your data in a twig template:
This will call the toString method of the PersonalData object, which will convert the data to its format as set in the entity field annotation.
If you want to access the data without any default conversion then use:
If you query a repository using a select method, or get an array result then the doctrine onLoad event subscriber will not decyrpt any encrypted values.
In this case, use the twig_filter to decrypt your value when rendering.
Todo: Use the twig_filter for personal_data to pass rendering options:
Step 6: Decrypt in repository
The problem with encrypting data in the DB is that it can no longer be used for ordering or searching.
We use a trait in the entity repositories to provide common functions for dealing with PersonalData objects.
The trait is used in the repository.
Using a repository as a service, inject the encryptor during construction.
Alternatively, use the setter in the controller.
Step 7: Reporting
Coverage Report
Access the coverage report by navigating your browser to '\gdpr\reporting\coverage'.
This will serve an excel file that contains all the entities and parameters managed by the entity manager. If any of the parameters contain the "personal_data" column type it will also list each of the attributes values.
Note that at the moment we are only pulling information from the default entity manager. I need to improve the coverage report to get all entityManagers.
History Report
@todo Not yet written.
A report of log entries for:
- PersonalData object creation and updates.
- PersonalData object disposal.
- PersonalData objects exported.
All versions of gdpr-bundle with dependencies
symfony/console Version ^5.4|^6.0
symfony/form Version ^5.4|^6.0
symfony/framework-bundle Version ^5.4|^6.0
symfony/validator Version ^5.4|^6.0
symfony/twig-bundle Version ^5.4|^6.0
symfony/security-bundle Version ^5.4|^6.0
twig/twig Version ^3.0
symfony/orm-pack Version *
specshaper/encrypt-bundle Version ^3.0
roromix/spreadsheetbundle Version ^1.0