Skip to content

Weborama RTD Module : check gdpr consent data #13147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ChrisHuie merged 7 commits into from
May 27, 2025
Merged

Weborama RTD Module : check gdpr consent data #13147

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
c9b1c45
* Weborama RTD Module: update publisher restriction
May 16, 2025
982ba6d
Merge branch 'prebid:master' into COL-2041-implement-publisher-restri…
peczenyj May 21, 2025
182351a
* Weborama RTD Module: bugfix typo in the label of a prebid test
May 21, 2025
b181bb4
* Weborama RTD Module: update documentation
May 23, 2025
ab32bbd
Merge branch 'prebid:master' into COL-2041-implement-publisher-restri…
peczenyj May 26, 2025
0fbafb4
* Weborama RTD Module: bugfix delete whitespaces in weborama module
May 26, 2025
de2e537
Merge branch 'COL-2041-implement-publisher-restriction-type-0-and-1-v…
May 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 42 additions & 8 deletions integrationExamples/gpt/weboramaRtdProvider_example.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,54 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>weborama rtd submodule example</title>
</head>
<body>
<script
async
src="https://securepubads.g.doubleclick.net/tag/js/gpt.js"
></script>
<body>
<script src="../../build/dev/prebid.js" async></script>

<script async src="https://securepubads.g.doubleclick.net/tag/js/gpt.js"></script>
<script>
var pbjs = pbjs || {};
pbjs.que = pbjs.que || [];

pbjs.que.push(function () {
pbjs.setConfig({
debug: true,
enableTIDs: false,
consentManagement: {
gdpr: {
cmpApi: "static",
timeout: 8000,
consentData: {
getTCData: {
tcString: "sample_tc_string",
gdprApplies: true,
purpose: {
consents: {
1: true,
3: true,
4: true,
5: true,
6: true,
},
legitimateInterests: {
2: true,
7: true,
8: true,
9: true,
10: true,
11: true,
},
},
vendor: {
consents: {
284: true,
},
legitimateInterests: {
284: true,
},
}
}
}
}
},
realTimeData: {
auctionDelay: 1000,
dataProviders: [
Expand All @@ -43,11 +77,11 @@
webo_ds: ["bar"],
},
baseURLProfileAPI: "ctx-preprod.weborama.com",
// enabled: false,
enabled: false,
//, onData: function (data,...) { ...}
},
weboUserDataConf: {
enabled: false,
enabled: true,
accountId: 12345, // recommended
setPrebidTargeting: true, // override param.setPrebidTargeting or default true
sendToBidders: ["smartadserver"], // specify the bidder to share data
Expand Down
59 changes: 47 additions & 12 deletions modules/weboramaRtdProvider.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -389,6 +389,9 @@ class WeboramaRtdProvider {
* @param {?Object.<number, boolean>} gdpr.vendorData.purpose.consents
* @param {?Object} gdpr.vendorData.vendor
* @param {?Object.<number, boolean>} gdpr.vendorData.vendor.consents
* @param {?Object.<number, boolean>} gdpr.vendorData.vendor.legitimateInterests
* @param {?Object.<number, boolean>} gdpr.vendorData.purpose.legitimateInterests
* @param {?Object.<number, boolean>} gdpr.vendorData.publisher.restrictions
* @return {boolean}
*/

Expand All @@ -397,18 +400,50 @@ class WeboramaRtdProvider {
return true;
}

if (
deepAccess(gdpr, 'vendorData.vendor.consents') &&
deepAccess(gdpr, 'vendorData.purpose.consents')
) {
return (
gdpr.vendorData.vendor.consents[GVLID] === true && // check weborama vendor id
gdpr.vendorData.purpose.consents[1] === true && // info storage access
gdpr.vendorData.purpose.consents[3] === true && // create personalized ads
gdpr.vendorData.purpose.consents[4] === true && // select personalized ads
gdpr.vendorData.purpose.consents[5] === true && // create personalized content
gdpr.vendorData.purpose.consents[6] === true
); // select personalized content
const vendorConsents = deepAccess(gdpr, 'vendorData.vendor.consents');
const vendorLegitimateInterests = deepAccess(gdpr, 'vendorData.vendor.legitimateInterests');
const purposeConsents = deepAccess(gdpr, 'vendorData.purpose.consents');
const purposeLegitimateInterests = deepAccess(gdpr, 'vendorData.purpose.legitimateInterests');
const publisherRestrictions = deepAccess(gdpr, 'vendorData.publisher.restrictions');

const consentPurposeIDSet = new Set([1, 3, 4, 5, 6]);
const legitimateInterestPurposeIDSet = new Set([2, 7, 8, 9, 10, 11]);

const allPurposeIDs = new Set([...consentPurposeIDSet, ...legitimateInterestPurposeIDSet]);

for (const purposeID of allPurposeIDs) {
if (publisherRestrictions?.[purposeID]?.[GVLID] === 0) {
return false;
}
}

for (const purposeID of legitimateInterestPurposeIDSet) {
if (publisherRestrictions?.[purposeID]?.[GVLID] === 1) {
legitimateInterestPurposeIDSet.delete(purposeID);
consentPurposeIDSet.add(purposeID);
}
}

if (consentPurposeIDSet.size > 0) {
if (!vendorConsents[GVLID]) {
return false;
}
for (const purposeID of consentPurposeIDSet) {
if (!purposeConsents[purposeID]) {
return false;
}
}
}

if (legitimateInterestPurposeIDSet.size > 0) {
if (!vendorLegitimateInterests[GVLID]) {
return false;
}
for (const purposeID of legitimateInterestPurposeIDSet) {
if (!purposeLegitimateInterests[purposeID]) {
return false;
}
}
}

return true;
Expand Down
8 changes: 2 additions & 6 deletions modules/weboramaRtdProvider.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,12 +136,8 @@ On this section we will explain the `params.weboUserDataConf` subconfiguration:

##### User Consent

The WAM User-Centric configuration will check for user consent if gdpr applies. It will check for consent:

* Vendor ID 284 (Weborama)
* Purpose IDs: 1, 3, 4, 5 and 6

If the user consent does not match such conditions, this module will not load, means we will not check for any data in local storage and the default profile will be ignored.
In a user-centric configuration, the WAM module will verify user consent when GDPR is applicable. It specifically checks for consent related to the purposes declared by Weborama in the Global Vendor List (Vendor ID 284).
If the required consent is not provided, the module will not activate, and it will neither access local storage nor apply any default user profile.

#### Sfbx LiTE Site-Centric Configuration

Expand Down
98 changes: 97 additions & 1 deletion test/spec/modules/weboramaRtdProvider_spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ describe('weboramaRtdProvider', function() {
}
expect(weboramaSubmodule.init(moduleConfig, userConsent)).to.equal(true);
});
it('should initialize if gdpr applies and consent is ok', function() {
it('should initialize if gdpr applies and consent / legitimate interests / vendor are ok', function() {
const moduleConfig = {
params: {
weboUserDataConf: {}
Expand All @@ -89,7 +89,14 @@ describe('weboramaRtdProvider', function() {
4: true,
5: true,
6: true,
},
legitimateInterests: {
2: true,
7: true,
8: true,
9: true,
10: true,
11: true,
},
},
specialFeatureOptins: {
Expand All @@ -99,12 +106,101 @@ describe('weboramaRtdProvider', function() {
consents: {
284: true,
},
legitimateInterests: {
284: true,
},
}
},
},
}
expect(weboramaSubmodule.init(moduleConfig, userConsent)).to.equal(true);
});
it('should NOT initialize if gdpr applies and consent is nok: miss legitimate interests vendor id', function() {
const moduleConfig = {
params: {
weboUserDataConf: {}
}
};
const userConsent = {
gdpr: {
gdprApplies: true,
vendorData: {
purpose: {
consents: {
1: true,
3: true,
4: true,
5: true,
6: true,
},
legitimateInterests: {
2: true,
7: true,
8: true,
9: true,
10: true,
11: true,
},
},
specialFeatureOptins: {
1: true,
},
vendor: {
consents: {
284: true,
},
legitimateInterests: {
284: false,
},
}
},
},
}
expect(weboramaSubmodule.init(moduleConfig, userConsent)).to.equal(false);
});
it('should NOT initialize if gdpr applies and consent is nok: miss legitimate interest purpose id', function() {
const moduleConfig = {
params: {
weboUserDataConf: {}
}
};
const userConsent = {
gdpr: {
gdprApplies: true,
vendorData: {
purpose: {
consents: {
1: true,
3: true,
4: true,
5: true,
6: true,
},
legitimateInterests: {
2: true,
7: true,
8: true,
9: false,
10: true,
11: true,
},
},
specialFeatureOptins: {
1: true,
},
vendor: {
consents: {
284: true,
},
legitimateInterests: {
284: true,
},
}
},
},
}
expect(weboramaSubmodule.init(moduleConfig, userConsent)).to.equal(false);
});
it('should NOT initialize if gdpr applies and consent is nok: miss consent vendor id', function() {
const moduleConfig = {
params: {
Expand Down