Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add anonymisation of user_id in the web request event data #64

Merged
merged 2 commits into from
Feb 21, 2023
Merged

Add anonymisation of user_id in the web request event data #64

merged 2 commits into from
Feb 21, 2023

Conversation

asatwal
Copy link
Collaborator

@asatwal asatwal commented Feb 20, 2023

Trello-975

Add anonymisation of user_id in the web request event data

  • Make this configurable through dfe analytics config
  • Update README to explain anonymisation and custom user identifier

@asatwal
Add anonymisation of user_id in the web request event data
9bac3ee 
- Make this configurable through dfe analytics config
- Update README to explain anonymisation and custom user identifier
@asatwal asatwal self-assigned this Feb 20, 2023
stevenleggdfe
stevenleggdfe reviewed Feb 20, 2023
View reviewed changes
README.md Outdated
If a field other than `id` is required for the user identifier, then a custom user identifier proc can be defined in `config/initializers/dfe_analytics.rb`:

```ruby
DfE::Analytics.config.user_idenitifier = proc { |user| user&.id }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asatwal I think there's a typo here? idenitifier should be identifier?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well spotted @stevenleggdfe

stevenleggdfe
stevenleggdfe reviewed Feb 20, 2023
View reviewed changes
README.md Outdated

#### User ID anonymisation

The `user_id` in the web request event will not be anonymised by default. This can be changed by updating the configuration option in `config/initializers/dfe_analytics.rb`:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@asatwal would it be worth adding a line here like 'You probably want to anonymise user_id if the field it comes from in your schema is in analytics_pii.yml so that analysts can join the IDs together. If your user_id is not in analytics_pii.yml but is in analytics.yml then you probably want to ensure user_id is not anonymised so you can join the IDs together.'

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea. Done.

duncanjbrown
duncanjbrown approved these changes Feb 20, 2023
View reviewed changes
Copy link
Contributor

@duncanjbrown duncanjbrown left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, (tiny) nits inline!

README.md Outdated
If a field other than `id` is required for the user identifier, then a custom user identifier proc can be defined in `config/initializers/dfe_analytics.rb`:

```ruby
DfE::Analytics.config.user_idenitifier = proc { |user| user&.id }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
DfE::Analytics.config.user_idenitifier = proc { |user| user&.id }
DfE::Analytics.config.user_identifier = proc { |user| user&.id }

lib/dfe/analytics/event.rb

def user_identifier_for(user)
user_id = DfE::Analytics.user_identifier(user)
user_id = DfE::Analytics.anonymise(user_id) if user_id.present? && DfE::Analytics.config.anonymise_web_request_user_id
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd turn this into a multiline if, but if Rubocop's fussy 🤷

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rubocop not happy with multiline if, so left as is :-)

@asatwal asatwal mentioned this pull request Feb 20, 2023
Merged
@asatwal asatwal merged commit 82428e2 into main Feb 21, 2023
@asatwal asatwal deleted the anonymise-web-request-user-id branch February 21, 2023 11:14
@asatwal asatwal mentioned this pull request Feb 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevenleggdfe stevenleggdfe stevenleggdfe left review comments

@duncanjbrown duncanjbrown duncanjbrown approved these changes

Assignees

@asatwal asatwal

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@asatwal @duncanjbrown @stevenleggdfe