DSR 3.0 Bugfix: Approved -> Failed Privacy Requests Don't Change Stat…

…us (#4837)
ethyca · Apr 29, 2024 · a925cd5 · a925cd5
1 parent 368f84b
commit a925cd5
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -41,6 +41,7 @@ The types of changes are:
 - Fixed bug where Language selector button was overlapping other buttons when Privacy Policy wasn't present. [#4815](https://github.com/ethyca/fides/pull/4815)
 - Fixed bug where icons of the Language selector were displayed too small on some sites [#4815](https://github.com/ethyca/fides/pull/4815)
 - Fixed bug where GPP US National Section was incorrectly included when the State by State approach was selected [#4823]https://github.com/ethyca/fides/pull/4823
+- Fixed DSR 3.0 Scheduling bug where Approved Privacy Requests that failed wouldn't change status [#4837](https://github.com/ethyca/fides/pull/4837)
 
 ## [2.34.0](https://github.com/ethyca/fides/compare/2.33.1...2.34.0)
 

diff --git a/src/fides/api/models/privacy_request.py b/src/fides/api/models/privacy_request.py
@@ -153,7 +153,9 @@ class PrivacyRequestStatus(str, EnumType):
 
     identity_unverified = "identity_unverified"
     requires_input = "requires_input"
-    pending = "pending"
+    pending = (
+        "pending"  # Privacy Request likely awaiting approval, if hanging in this state.
+    )
     approved = "approved"
     denied = "denied"
     in_processing = "in_processing"

diff --git a/src/fides/api/service/privacy_request/request_service.py b/src/fides/api/service/privacy_request/request_service.py
@@ -187,10 +187,19 @@ def poll_for_exited_privacy_request_tasks(self: DatabaseTask) -> Set[str]:
     can be reprocessed.
     """
     with self.get_new_session() as db:
-        logger.debug("Polling for privacy requests awaiting status change")
+        logger.debug("Polling for privacy requests awaiting errored status change")
+
+        # Privacy Requests that needed approval are in "Approved" status as they process.
+        # Privacy Requests that didn't need approval are "In Processing".
+        # Privacy Requests in these states should be examined to see if all of its Request Tasks have had a chance
+        # to complete.
         in_progress_privacy_requests = (
             db.query(PrivacyRequest)
-            .filter(PrivacyRequest.status == PrivacyRequestStatus.in_processing)
+            .filter(
+                PrivacyRequest.status.in_(
+                    [PrivacyRequestStatus.in_processing, PrivacyRequestStatus.approved]
+                )
+            )
             .order_by(PrivacyRequest.created_at)
         )
 

diff --git a/tests/ops/integration_tests/test_execution.py b/tests/ops/integration_tests/test_execution.py
@@ -446,11 +446,8 @@ async def test_skip_collection_new_request(
         assert mongo_logs.filter_by(status="skipped").count() == 9
 
     @mock.patch("fides.api.task.graph_task.GraphTask.log_start")
+    @pytest.mark.usefixtures("use_dsr_2_0")
     @pytest.mark.asyncio
-    @pytest.mark.parametrize(
-        "dsr_version",
-        ["use_dsr_3_0", "use_dsr_2_0"],
-    )
     async def test_run_disabled_collections_in_progress(
         self,
         mocked_log_start,
@@ -459,13 +456,12 @@ async def test_run_disabled_collections_in_progress(
         privacy_request,
         integration_postgres_config,
         example_datasets,
-        dsr_version,
-        request,
     ) -> None:
         """Assert that disabling a collection while the privacy request is in progress can affect the current execution plan.
         ConnectionConfigs that are disabled while a request is in progress will be skipped after the current session is committed.
+
+        This test was written for DSR 2.0 and is flaky for DSR 3.0 - only running on DSR 2.0 here.
         """
-        request.getfixturevalue(dsr_version)  # REQUIRED to test both DSR 3.0 and 2.0
 
         # Create a new ConnectionConfig instead of using the fixture because I need to be able to access this
         # outside of the current session.

diff --git a/tests/ops/service/privacy_request/test_request_service.py b/tests/ops/service/privacy_request/test_request_service.py
@@ -158,6 +158,34 @@ def test_request_tasks_all_exited_and_some_errored(
         db.refresh(privacy_request)
         assert privacy_request.status == PrivacyRequestStatus.error
 
+    def test_approved_privacy_request_task_with_errored_tasks(
+        self, db, privacy_request, request_task
+    ):
+        """Approved privacy requests remain in approved status while they are processing,
+        so if there's an error, they will be in this state.
+
+        The "poll_for_exited_privacy_request_tasks" task looks for Privacy Requests in both
+        "approved" and "in_processing" states.
+        """
+
+        privacy_request.status = PrivacyRequestStatus.approved
+        privacy_request.save(db)
+
+        # Put all tasks in an exited state - completed, errored, or skipped
+        root_task = privacy_request.get_root_task_by_action(ActionType.access)
+        assert root_task.status == ExecutionLogStatus.complete
+        request_task.update_status(db, ExecutionLogStatus.error)
+        terminator_task = privacy_request.get_terminate_task_by_action(
+            ActionType.access
+        )
+        terminator_task.update_status(db, ExecutionLogStatus.error)
+
+        errored_prs = poll_for_exited_privacy_request_tasks.delay().get()
+        assert errored_prs == {privacy_request.id}
+
+        db.refresh(privacy_request)
+        assert privacy_request.status == PrivacyRequestStatus.error
+
     def test_request_tasks_all_exited_none_errored(
         self, db, privacy_request, request_task
     ):