becklyn/ddd-gdpr-bundle
Composer 安装命令:
composer require becklyn/ddd-gdpr-bundle
包简介
GDPR compliance for Becklyn event sourcing
README 文档
README
This Symfony bundle integrates with the Becklyn DDD framework to allow for anonymizing personal information stored in the event store as required by GDPR or other privacy regulations.
Installation
- Run
composer require becklyn/ddd-gdpr-bundle - Add the following to bundles.php:
Becklyn\Ddd\PersonalData\BecklynDddGdprBundle::class => ['all' => true],
- There is a doctrine migration provided. Execute it by running
php bin/console doctrine:migrations:migrate
How To
Personal values, in other words data which needs to be anonymized in the event store, must be passed to events as objects of classes extending the Becklyn\Ddd\PersonalData\Domain\AbstractPersonalData class. Such classes for storing strings and datetime values are already provided:
Becklyn\Ddd\PersonalData\Domain\PersonalDateBecklyn\Ddd\PersonalData\Domain\PersonalNullableDateBecklyn\Ddd\PersonalData\Domain\PersonalNullableStringBecklyn\Ddd\PersonalData\Domain\PersonalString
The bundle will replace values contained in these objects with a reference pointing to the personal_data_store DB table, where the actual values are stored, just before persisting events in the event store. Note that the event objects themselves won't be changed, only their serialized form is manipulated. If you are passing the events to other parts of the application after they get saved in the event store, they will still contain the real data.
Similarly, the bundle will restore the values stored in personal_data_store into the event objects as they are loaded via EventStore::getAggregateStream.
Anonymizing
Currently, the bundle only anonymizes expired personal data at the time of loading the events from the event store. This will only be persisted to the database if your application flushes the entity manager during the request, after the events have been loaded. This is intended as a fallback so that no expired personal data exits the event store; we recommend implementing your own mechanism for reliably anonymizing personal data at the correct times.
This must be done by replacing the personal values stored in the personal_data_store table with the value of the PersonalData::ANONYMIZED_STRING constant, which at the time of this writing is ANONYMIZED. Expiry times for personal data are stored in the personal_data_store table with every record.
Handling anonymized data
As mentioned, anonymized data will have the value ANONYMIZED in its internal string representation. For PersonalDate and PersonalNullableDate, which return \DateTimeImmutable objects as their value, we have decided to represent this with the date of 0001-01-01 00:00:00.000000. It is your responsibility to handle this data as you deem appropriate in your application.
The value null has not been chosen to represent anonymized data because it can be a valid, non-anonymized value.
becklyn/ddd-gdpr-bundle 适用场景与选型建议
becklyn/ddd-gdpr-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3.63k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2022 年 04 月 11 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 becklyn/ddd-gdpr-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 becklyn/ddd-gdpr-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 3.63k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 7
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2022-04-11