Update consents

Author: KillerX

backend/internal/database/migrations/00028_improve_consents.sql

@@ -0,0 +1,153 @@
+-- +goose Up
+-- +goose StatementBegin
+
+-- Migration: Improve consent system
+-- - Add URL field to consents
+-- - Add remote consent tracking fields
+-- - Transform user_consents to user_consent_history with rejection tracking
+
+-- 1. Add new columns to consents table
+ALTER TABLE consents
+ADD COLUMN url VARCHAR(500),
+ADD COLUMN managed_by VARCHAR(100),
+ADD COLUMN is_remote BOOLEAN DEFAULT false NOT NULL;
+
+CREATE INDEX idx_consents_is_remote ON consents(is_remote) WHERE is_remote = true;
+
+-- 2. Rename user_consents to user_consent_history
+ALTER TABLE user_consents RENAME TO user_consent_history;
+
+-- 3. Update ID prefix constraint to accept both UC (legacy) and UH (new) prefixes
+ALTER TABLE user_consent_history
+DROP CONSTRAINT user_consents_id_check;
+
+ALTER TABLE user_consent_history
+ADD CONSTRAINT user_consent_history_id_check
+CHECK (id ~ '^U[CH][0-9A-Z]{26}$');
+
+-- 4. Add new columns to user_consent_history
+ALTER TABLE user_consent_history
+ADD COLUMN action VARCHAR(20) NOT NULL DEFAULT 'ACCEPTED',
+ADD COLUMN consent_key VARCHAR(100) NOT NULL DEFAULT '',
+ADD COLUMN occurred_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+ADD COLUMN source VARCHAR(100),
+ADD COLUMN external_consent_id VARCHAR(255),
+ADD COLUMN external_timestamp TIMESTAMPTZ;
+
+-- 5. Backfill consent_key from consents table
+UPDATE user_consent_history uch
+SET consent_key = c.key
+FROM consents c
+WHERE uch.consent_id = c.id;
+
+-- 6. Backfill occurred_at from accepted_at
+UPDATE user_consent_history
+SET occurred_at = accepted_at;
+
+-- 7. Remove defaults after backfill
+ALTER TABLE user_consent_history
+ALTER COLUMN consent_key DROP DEFAULT,
+ALTER COLUMN action DROP DEFAULT,
+ALTER COLUMN occurred_at DROP DEFAULT;
+
+-- 8. Add constraint for action enum
+ALTER TABLE user_consent_history
+ADD CONSTRAINT check_action CHECK (action IN ('ACCEPTED', 'REJECTED'));
+
+-- 9. Drop old columns
+ALTER TABLE user_consent_history
+DROP COLUMN accepted_at,
+DROP COLUMN created_at;
+
+-- 10. Drop old unique constraint (allow multiple actions over time)
+ALTER TABLE user_consent_history
+DROP CONSTRAINT user_consents_user_id_consent_id_key;
+
+-- 11. Update indexes
+DROP INDEX IF EXISTS idx_user_consents_user;
+DROP INDEX IF EXISTS idx_user_consents_consent;
+
+CREATE INDEX idx_user_consent_history_user ON user_consent_history(user_id);
+CREATE INDEX idx_user_consent_history_consent ON user_consent_history(consent_id);
+CREATE INDEX idx_user_consent_history_key ON user_consent_history(consent_key);
+CREATE INDEX idx_user_consent_history_user_key ON user_consent_history(user_id, consent_key);
+CREATE INDEX idx_user_consent_history_occurred ON user_consent_history(occurred_at);
+
+-- 12. Add unique index for idempotency of remote consents
+CREATE UNIQUE INDEX idx_user_consent_history_remote_idempotent
+ON user_consent_history(user_id, consent_key, external_consent_id)
+WHERE external_consent_id IS NOT NULL;
+
+-- +goose StatementEnd
+
+-- +goose Down
+-- +goose StatementBegin
+
+-- Reverse migration: Revert consent system changes
+
+-- 1. Drop unique remote consent index
+DROP INDEX IF EXISTS idx_user_consent_history_remote_idempotent;
+
+-- 2. Drop new indexes
+DROP INDEX IF EXISTS idx_user_consent_history_occurred;
+DROP INDEX IF EXISTS idx_user_consent_history_user_key;
+DROP INDEX IF EXISTS idx_user_consent_history_key;
+DROP INDEX IF EXISTS idx_user_consent_history_consent;
+DROP INDEX IF EXISTS idx_user_consent_history_user;
+
+-- 3. Recreate old indexes
+CREATE INDEX idx_user_consents_user ON user_consent_history(user_id);
+CREATE INDEX idx_user_consents_consent ON user_consent_history(consent_id);
+
+-- 4. Add back old columns with data
+ALTER TABLE user_consent_history
+ADD COLUMN accepted_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+ADD COLUMN created_at TIMESTAMPTZ NOT NULL DEFAULT now();
+
+-- 5. Backfill accepted_at from occurred_at
+UPDATE user_consent_history
+SET accepted_at = occurred_at,
+    created_at = occurred_at;
+
+-- 6. Drop defaults after backfill
+ALTER TABLE user_consent_history
+ALTER COLUMN accepted_at DROP DEFAULT,
+ALTER COLUMN created_at DROP DEFAULT;
+
+-- 7. Restore unique constraint
+ALTER TABLE user_consent_history
+ADD CONSTRAINT user_consents_user_id_consent_id_key UNIQUE (user_id, consent_id);
+
+-- 8. Drop action constraint
+ALTER TABLE user_consent_history
+DROP CONSTRAINT check_action;
+
+-- 9. Drop new columns
+ALTER TABLE user_consent_history
+DROP COLUMN external_timestamp,
+DROP COLUMN external_consent_id,
+DROP COLUMN source,
+DROP COLUMN occurred_at,
+DROP COLUMN consent_key,
+DROP COLUMN action;
+
+-- 10. Revert ID prefix constraint (back to UC only)
+ALTER TABLE user_consent_history
+DROP CONSTRAINT user_consent_history_id_check;
+
+ALTER TABLE user_consent_history
+ADD CONSTRAINT user_consents_id_check
+CHECK (id ~ '^UC[0-9A-Z]{26}$');
+
+-- 11. Rename table back
+ALTER TABLE user_consent_history RENAME TO user_consents;
+
+-- 12. Drop consent table additions
+DROP INDEX IF EXISTS idx_consents_is_remote;
+
+ALTER TABLE consents
+DROP COLUMN is_remote,
+DROP COLUMN managed_by,
+DROP COLUMN url;
+
+-- +goose StatementEnd

backend/internal/database/queries/consents.sql

@@ -1,77 +1,116 @@
 -- Consent queries
 
 -- name: GetConsentByID :one
-SELECT id, key, version, title, body, published_at, created_at, updated_at
+SELECT id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at
 FROM consents WHERE id = @id::text;
 
 -- name: GetConsentsByIDs :many
-SELECT id, key, version, title, body, published_at, created_at, updated_at
+SELECT id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at
 FROM consents WHERE id = ANY(@ids::text[]);
 
 -- name: GetLatestPublishedConsentByKey :one
-SELECT id, key, version, title, body, published_at, created_at, updated_at
+SELECT id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at
 FROM consents
 WHERE key = @key::text AND published_at IS NOT NULL AND published_at <= now()
 ORDER BY version DESC LIMIT 1;
 
 -- name: GetAllLatestPublishedConsents :many
-SELECT DISTINCT ON (key) id, key, version, title, body, published_at, created_at, updated_at
+SELECT DISTINCT ON (key) id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at
 FROM consents
 WHERE published_at IS NOT NULL AND published_at <= now()
 ORDER BY key, version DESC;
 
+-- name: GetLatestConsentByKey :one
+SELECT id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at
+FROM consents
+WHERE key = @key::text
+ORDER BY version DESC
+LIMIT 1;
+
 -- name: CreateConsent :one
-INSERT INTO consents (id, key, version, title, body, published_at)
-VALUES (@id::text, @key::text, @version::int, @title::text, @body::text, @published_at)
-RETURNING id, key, version, title, body, published_at, created_at, updated_at;
+INSERT INTO consents (id, key, version, title, body, url, published_at, is_remote, managed_by)
+VALUES (@id::text, @key::text, @version::int, @title::text, @body::text, @url, @published_at, @is_remote::bool, @managed_by)
+RETURNING id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at;
 
 -- name: UpdateConsent :one
 UPDATE consents SET
     title = CASE WHEN @title::text = '' THEN title ELSE @title::text END,
     body = CASE WHEN @body::text = '' THEN body ELSE @body::text END,
+    url = CASE WHEN @url::text = '' THEN url ELSE @url::text END,
     published_at = @published_at,
     updated_at = now()
 WHERE id = @id::text
-RETURNING id, key, version, title, body, published_at, created_at, updated_at;
+RETURNING id, key, version, title, body, url, published_at, is_remote, managed_by, created_at, updated_at;
 
 -- name: GetNextVersionForConsentKey :one
 SELECT COALESCE(MAX(version), 0) + 1 as next_version FROM consents WHERE key = @key::text;
 
--- User consent queries
-
--- name: GetUserConsentsByUserID :many
-SELECT uc.id, uc.user_id, uc.consent_id, uc.accepted_at, uc.created_at,
-       c.key as consent_key, c.version as consent_version
-FROM user_consents uc
-INNER JOIN consents c ON uc.consent_id = c.id
-WHERE uc.user_id = @user_id::text;
-
--- name: GetUserConsentsByUserIDs :many
-SELECT uc.id, uc.user_id, uc.consent_id, uc.accepted_at, uc.created_at,
-       c.key as consent_key, c.version as consent_version
-FROM user_consents uc
-INNER JOIN consents c ON uc.consent_id = c.id
-WHERE uc.user_id = ANY(@user_ids::text[]);
-
--- name: GetUserConsentByUserAndConsent :one
-SELECT id, user_id, consent_id, accepted_at, created_at
-FROM user_consents WHERE user_id = @user_id::text AND consent_id = @consent_id::text;
-
--- name: CreateUserConsent :one
-INSERT INTO user_consents (id, user_id, consent_id, accepted_at)
-VALUES (@id::text, @user_id::text, @consent_id::text, @accepted_at)
-RETURNING id, user_id, consent_id, accepted_at, created_at;
-
--- name: GetMissingConsentsForUser :many
-SELECT c.id, c.key, c.version, c.title, c.body, c.published_at, c.created_at, c.updated_at
+-- User consent history queries
+
+-- name: CreateUserConsentHistory :one
+INSERT INTO user_consent_history (
+    id, user_id, consent_id, consent_key, action, occurred_at,
+    source, external_consent_id, external_timestamp
+)
+VALUES (
+    @id::text, @user_id::text, @consent_id::text, @consent_key::text,
+    @action::text, @occurred_at, @source, @external_consent_id, @external_timestamp
+)
+RETURNING id, user_id, consent_id, consent_key, action, occurred_at,
+          source, external_consent_id, external_timestamp;
+
+-- name: GetLatestUserConsentActionByKey :one
+SELECT id, user_id, consent_id, consent_key, action, occurred_at,
+       source, external_consent_id, external_timestamp
+FROM user_consent_history
+WHERE user_id = @user_id::text AND consent_key = @consent_key::text
+ORDER BY occurred_at DESC
+LIMIT 1;
+
+-- name: GetCurrentUserConsentStatusesByUsers :many
+-- Gets the latest action for each consent key for multiple users
+SELECT DISTINCT ON (user_id, consent_key)
+    id, user_id, consent_id, consent_key, action, occurred_at, source
+FROM user_consent_history
+WHERE user_id = ANY(@user_ids::text[])
+ORDER BY user_id, consent_key, occurred_at DESC;
+
+-- name: GetUserConsentHistoryByUserAndKey :many
+SELECT id, user_id, consent_id, consent_key, action, occurred_at,
+       source, external_consent_id, external_timestamp
+FROM user_consent_history
+WHERE user_id = @user_id::text AND consent_key = @consent_key::text
+ORDER BY occurred_at DESC;
+
+-- name: GetUserConsentHistoryByUser :many
+SELECT id, user_id, consent_id, consent_key, action, occurred_at,
+       source, external_consent_id, external_timestamp
+FROM user_consent_history
+WHERE user_id = @user_id::text
+ORDER BY occurred_at DESC;
+
+-- name: GetUserConsentHistoryByUsers :many
+SELECT id, user_id, consent_id, consent_key, action, occurred_at,
+       source, external_consent_id, external_timestamp
+FROM user_consent_history
+WHERE user_id = ANY(@user_ids::text[])
+ORDER BY user_id, occurred_at DESC;
+
+-- name: GetMissingConsentsForUserWithRejections :many
+-- Gets consents that user has never acted upon (no history)
+SELECT c.id, c.key, c.version, c.title, c.body, c.url, c.published_at,
+       c.is_remote, c.managed_by, c.created_at, c.updated_at
 FROM (
-    SELECT DISTINCT ON (key) id, key, version, title, body, published_at, created_at, updated_at
+    SELECT DISTINCT ON (key) id, key, version, title, body, url, published_at,
+           is_remote, managed_by, created_at, updated_at
     FROM consents
     WHERE published_at IS NOT NULL AND published_at <= now()
     ORDER BY key, version DESC
 ) c
 WHERE NOT EXISTS (
-    SELECT 1 FROM user_consents uc WHERE uc.user_id = @user_id::text AND uc.consent_id = c.id
+    SELECT 1 FROM user_consent_history uch
+    WHERE uch.user_id = @user_id::text
+    AND uch.consent_key = c.key
 );
 
 -- Translation queries