2.4 KiB
2.4 KiB
status, title, story, epic, priority, blast_radius
| status | title | story | epic | priority | blast_radius |
|---|---|---|---|---|---|
| in-progress | GDPR Analytics Sync + Error Reporting Hardening | 4.1-gdpr-analytics-sync | 4 | high | medium |
Spec: GDPR Analytics Sync + Error Reporting Hardening
Context
Deferred work from Story 4.1 (GDPR Cookie Consent):
- AC5 anonymousAnalytics DB sync was not implemented
- Original constraint: "zero DB writes in 4.1, 100% client consent"
- Now removing constraint to implement proper sync
Goals
- Primary: Sync cookie consent
anonymousAnalyticsto database for authenticated users - Secondary: Verify error reporting is properly wired (legitimate interest, no consent needed)
Acceptance Criteria
AC1: Authenticated user consent syncs to DB
- When a logged-in user accepts/rejects analytics via banner or preferences,
UserAISettings.anonymousAnalyticsis updated in DB - Guest users (no session) continue using localStorage only
AC2: Cross-device consistency
- User's analytics consent persists across devices when logged in
- Initial consent load prefers DB value when local storage is empty
AC3: Error reporting verification
- Existing error reporting continues to work without consent (legitimate interest)
- Verify
/api/debug/client-errorroute exists and is wired
Tasks
- Task 1: Create server action for consent sync
- Task 2: Update cookie consent utilities
- Task 3: Update banner and dialog components
- Task 4: Verify error reporting route
Code Map
New/Modified Files
| File | Change |
|---|---|
lib/consent/cookie-consent.ts |
Add saveConsentWithSync() client wrapper |
app/actions/cookie-consent.ts |
NEW - Server action for DB sync |
components/legal/cookie-consent-banner.tsx |
Use new sync action |
components/legal/cookie-preferences-dialog.tsx |
Use new sync action |
app/api/debug/client-error/route.ts |
Verify exists |
Design Notes
- Server action calls
updateAISettings({ anonymousAnalytics: boolean }) - Client-side: combine
setConsent()+ server action in parallel - Server action silently succeeds for guests (no session) — component ignores result
- Error reporting uses
/api/debug/client-error— already exists, no consent gate needed
Spec Change Log
- 2026-05-30: Created spec for deferred AC5 implementation
- 2026-05-30: Added error reporting verification as secondary goal
Dev Agent Record
Agent Model Used
Claude Opus 4.8