75 lines
2.4 KiB
Markdown
75 lines
2.4 KiB
Markdown
---
|
|
status: in-progress
|
|
title: "GDPR Analytics Sync + Error Reporting Hardening"
|
|
story: 4.1-gdpr-analytics-sync
|
|
epic: 4
|
|
priority: high
|
|
blast_radius: medium
|
|
---
|
|
|
|
# Spec: GDPR Analytics Sync + Error Reporting Hardening
|
|
|
|
## Context
|
|
|
|
Deferred work from Story 4.1 (GDPR Cookie Consent):
|
|
- AC5 anonymousAnalytics DB sync was not implemented
|
|
- Original constraint: "zero DB writes in 4.1, 100% client consent"
|
|
- Now removing constraint to implement proper sync
|
|
|
|
## Goals
|
|
|
|
1. **Primary**: Sync cookie consent `anonymousAnalytics` to database for authenticated users
|
|
2. **Secondary**: Verify error reporting is properly wired (legitimate interest, no consent needed)
|
|
|
|
## Acceptance Criteria
|
|
|
|
### AC1: Authenticated user consent syncs to DB
|
|
- When a logged-in user accepts/rejects analytics via banner or preferences, `UserAISettings.anonymousAnalytics` is updated in DB
|
|
- Guest users (no session) continue using localStorage only
|
|
|
|
### AC2: Cross-device consistency
|
|
- User's analytics consent persists across devices when logged in
|
|
- Initial consent load prefers DB value when local storage is empty
|
|
|
|
### AC3: Error reporting verification
|
|
- Existing error reporting continues to work without consent (legitimate interest)
|
|
- Verify `/api/debug/client-error` route exists and is wired
|
|
|
|
## Tasks
|
|
|
|
- [ ] Task 1: Create server action for consent sync
|
|
- [ ] Task 2: Update cookie consent utilities
|
|
- [ ] Task 3: Update banner and dialog components
|
|
- [ ] Task 4: Verify error reporting route
|
|
|
|
## Code Map
|
|
|
|
### New/Modified Files
|
|
|
|
| File | Change |
|
|
|------|--------|
|
|
| `lib/consent/cookie-consent.ts` | Add `saveConsentWithSync()` client wrapper |
|
|
| `app/actions/cookie-consent.ts` | NEW - Server action for DB sync |
|
|
| `components/legal/cookie-consent-banner.tsx` | Use new sync action |
|
|
| `components/legal/cookie-preferences-dialog.tsx` | Use new sync action |
|
|
| `app/api/debug/client-error/route.ts` | Verify exists |
|
|
|
|
### Design Notes
|
|
|
|
- Server action calls `updateAISettings({ anonymousAnalytics: boolean })`
|
|
- Client-side: combine `setConsent()` + server action in parallel
|
|
- Server action silently succeeds for guests (no session) — component ignores result
|
|
- Error reporting uses `/api/debug/client-error` — already exists, no consent gate needed
|
|
|
|
## Spec Change Log
|
|
|
|
- 2026-05-30: Created spec for deferred AC5 implementation
|
|
- 2026-05-30: Added error reporting verification as secondary goal
|
|
|
|
## Dev Agent Record
|
|
|
|
### Agent Model Used
|
|
Claude Opus 4.8
|
|
|
|
### Completion Notes List
|