Files
Momento/_bmad-output/implementation-artifacts/spec-gdpr-analytics-sync.md
Antigravity a623454347
Some checks failed
CI / Lint, Unit Tests & Build (push) Failing after 1m32s
CI / Deploy production (on server) (push) Has been skipped
perf: memo GridCard, fuse save fns, fix slash tab active color
2026-06-14 14:06:05 +00:00

75 lines
2.4 KiB
Markdown

---
status: in-progress
title: "GDPR Analytics Sync + Error Reporting Hardening"
story: 4.1-gdpr-analytics-sync
epic: 4
priority: high
blast_radius: medium
---
# Spec: GDPR Analytics Sync + Error Reporting Hardening
## Context
Deferred work from Story 4.1 (GDPR Cookie Consent):
- AC5 anonymousAnalytics DB sync was not implemented
- Original constraint: "zero DB writes in 4.1, 100% client consent"
- Now removing constraint to implement proper sync
## Goals
1. **Primary**: Sync cookie consent `anonymousAnalytics` to database for authenticated users
2. **Secondary**: Verify error reporting is properly wired (legitimate interest, no consent needed)
## Acceptance Criteria
### AC1: Authenticated user consent syncs to DB
- When a logged-in user accepts/rejects analytics via banner or preferences, `UserAISettings.anonymousAnalytics` is updated in DB
- Guest users (no session) continue using localStorage only
### AC2: Cross-device consistency
- User's analytics consent persists across devices when logged in
- Initial consent load prefers DB value when local storage is empty
### AC3: Error reporting verification
- Existing error reporting continues to work without consent (legitimate interest)
- Verify `/api/debug/client-error` route exists and is wired
## Tasks
- [ ] Task 1: Create server action for consent sync
- [ ] Task 2: Update cookie consent utilities
- [ ] Task 3: Update banner and dialog components
- [ ] Task 4: Verify error reporting route
## Code Map
### New/Modified Files
| File | Change |
|------|--------|
| `lib/consent/cookie-consent.ts` | Add `saveConsentWithSync()` client wrapper |
| `app/actions/cookie-consent.ts` | NEW - Server action for DB sync |
| `components/legal/cookie-consent-banner.tsx` | Use new sync action |
| `components/legal/cookie-preferences-dialog.tsx` | Use new sync action |
| `app/api/debug/client-error/route.ts` | Verify exists |
### Design Notes
- Server action calls `updateAISettings({ anonymousAnalytics: boolean })`
- Client-side: combine `setConsent()` + server action in parallel
- Server action silently succeeds for guests (no session) — component ignores result
- Error reporting uses `/api/debug/client-error` — already exists, no consent gate needed
## Spec Change Log
- 2026-05-30: Created spec for deferred AC5 implementation
- 2026-05-30: Added error reporting verification as secondary goal
## Dev Agent Record
### Agent Model Used
Claude Opus 4.8
### Completion Notes List