Frontend/privacy policy page

[rmolinares]

Requirements List

• None

Description List

• Created privacy policy page
• Add link to page from the public dashboard page

Testing List

• yarn test:unit:all should run without errors or warnings
• yarn serve should run without errors or warnings
• yarn build should run without errors or warnings
• Code review
• Testing:
  • Visit the public dashboard page and confirm there is a link at the bottom to the privacy policy page
  • Click the link and confirm that you are redirected to the privacy policy page and it looks as expected based on the latest Figma designs
  • Confirm that clicking the back button redirects you back to the public dashboard page
  • Confirm the above in mobile / desktop screens

Closes #888

Summary by CodeRabbit

• New Features

  • Introduced a dedicated Privacy Policy page with localized content in English and Spanish.
  • Added a back button for easy navigation from the Privacy Policy page.
  • Included a footer link to the Privacy Policy on the public dashboard.
  • Implemented responsive styling for the Privacy Policy and public dashboard pages.

• Bug Fixes

  • None.

• Tests

  • Added tests to verify the Privacy Policy page mounts correctly.

• Chores

  • Updated routing to support navigation to the new Privacy Policy page.

[coderabbitai]

Walkthrough

A new Privacy Policy feature was introduced, including a dedicated Vue component and associated styles, test, and localized content in both English and Spanish. The router was updated to add a /PrivacyPolicy route, and the Public Dashboard page now links to this new policy. No existing logic was modified.

Changes

Cohort / File(s)	Change Summary
Localization: Privacy Policy Text webroot/src/locales/en.json, webroot/src/locales/es.json	Added a new "privacyPolicy" section with multiple keys for privacy policy content in both English and Spanish locale files.
Privacy Policy Page Implementation webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue, webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts, webroot/src/pages/PrivacyPolicy/PrivacyPolicy.less	Introduced a new Privacy Policy Vue component, its TypeScript logic, and scoped LESS styles for layout and appearance.
Privacy Policy Page Test webroot/src/pages/PrivacyPolicy/PrivacyPolicy.spec.ts	Added a test file to verify that the Privacy Policy component mounts successfully.
Router Update webroot/src/router/routes.ts	Added a new route for /PrivacyPolicy pointing to the new component, protected by noAuthGuard.
Public Dashboard Integration webroot/src/pages/PublicDashboard/PublicDashboard.vue, webroot/src/pages/PublicDashboard/PublicDashboard.less	Updated dashboard layout to include a link to the Privacy Policy page and added corresponding styling for new content containers and footer.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant PublicDashboard
    participant Router
    participant PrivacyPolicyPage

    User->>PublicDashboard: Navigates to Public Dashboard
    User->>PublicDashboard: Clicks "Privacy Policy" link
    PublicDashboard->>Router: Navigates to /PrivacyPolicy
    Router->>PrivacyPolicyPage: Loads PrivacyPolicy component
    PrivacyPolicyPage->>User: Displays privacy policy content
    User->>PrivacyPolicyPage: Clicks "Back" button
    PrivacyPolicyPage->>Router: Navigates to DashboardPublic

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Include privacy policy in Compact Connect app (#888)	✅
Privacy policy content covers data collection and use (#888)	✅
Privacy policy is accessible from the public dashboard (#888)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes found.

Suggested reviewers

• carlsims
• isabeleliassen
• jlkravitz

Poem

A privacy page now takes the stage,
With style and words in every language.
Click the link, take a look,
Find all the details in this nook.
The dashboard smiles, the bunny hops—
Your data’s safe, from start to stop!
🐇✨

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f866ab2 and 45db0de.

📒 Files selected for processing (2)

• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts (1 hunks)
• webroot/src/router/routes.ts (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• webroot/src/router/routes.ts
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: CheckWebroot

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (5)

webroot/src/router/routes.ts (1)

24-29: Use kebab-case paths for new public routes

Existing public paths are a mixture of /Dashboard, /Search, /styleguide, etc. Newer additions (e.g. /styleguide) are lowercase; adding /PrivacyPolicy re-introduces a capitalised path. For consistency and predictable URLs, consider /privacy-policy (kebab-case, all lowercase). No functional change, but it keeps the public surface uniform and friendlier for SEO.

webroot/src/pages/PublicDashboard/PublicDashboard.less (2)

16-32: min-height: 100vh may cause iOS viewport jump

On mobile Safari the dynamic address-bar hides/shows and can make 100vh taller than the visible viewport, producing a small white gap when the bar collapses. If this becomes noticeable, consider min-height: 100dvh (supported in modern Safari/Chrome) with a fallback for older browsers.

---

158-165: Footer not pinned

.dashboard-footer gets margin-bottom: 1rem but no margin-top or flex-grow push, so on very tall screens the link may float close to the cards instead of at the page bottom. If the design calls for a bottom-pinned footer, you can add margin-top: auto; to let flexbox push it down.

webroot/src/pages/PublicDashboard/PublicDashboard.vue (1)

75-77: Add aria-label for the Privacy Policy link

router-link renders an anchor; screen-reader users will hear just the text. If design later shortens the visible text, an explicit aria-label="Privacy policy" keeps it accessible.

-<router-link :to="{ name: 'PrivacyPolicy' }">{{ $t('privacyPolicy.title') }}</router-link>
+<router-link
+    :to="{ name: 'PrivacyPolicy' }"
+    :aria-label="$t('privacyPolicy.title')"
+>
+    {{ $t('privacyPolicy.title') }}
+</router-link>

webroot/src/pages/PrivacyPolicy/PrivacyPolicy.spec.ts (1)

12-19: Simplify redundant assertion.

The test follows the team's preferred mount testing strategy well. However, the second assertion on Line 17 is redundant since wrapper is already the mounted PrivacyPolicy component.

Consider simplifying to:

 describe('PrivacyPolicy page', async () => {
     it('should mount the page component', async () => {
         const wrapper = await mountShallow(PrivacyPolicy);

         expect(wrapper.exists()).to.equal(true);
-        expect(wrapper.findComponent(PrivacyPolicy).exists()).to.equal(true);
     });
 });

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ccabfb0 and 3d2b460.

📒 Files selected for processing (9)

• webroot/src/locales/en.json (1 hunks)
• webroot/src/locales/es.json (1 hunks)
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.less (1 hunks)
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.spec.ts (1 hunks)
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts (1 hunks)
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue (1 hunks)
• webroot/src/pages/PublicDashboard/PublicDashboard.less (2 hunks)
• webroot/src/pages/PublicDashboard/PublicDashboard.vue (2 hunks)
• webroot/src/router/routes.ts (1 hunks)

🧰 Additional context used

🧠 Learnings (7)

📓 Common learnings

Learnt from: landonshumway-ia
PR: csg-org/CompactConnect#848
File: backend/compact-connect/lambdas/python/provider-data-v1/handlers/registration.py:111-117
Timestamp: 2025-06-17T19:05:36.255Z
Learning: In CompactConnect PR #848, the user landonshumway-ia decided to leave timezone handling code in _should_allow_reregistration function as-is after testing in sandbox environment confirmed it works correctly. The user's reasoning was that reregistration is an edge case, the code has been tested and verified, and AWS is unlikely to change behavior that would break many clients. This represents a pragmatic engineering decision based on testing and risk assessment.

Learnt from: jsandoval81
PR: csg-org/CompactConnect#822
File: webroot/src/router/routes.ts:96-99
Timestamp: 2025-05-28T16:12:31.310Z
Learning: In webroot/src/router/routes.ts, the team prefers to keep router logic simple and handle route parameter validation (like state abbreviations) in the page components themselves based on user permissions, rather than adding validation at the router level.

📚 Learning: in the compactconnect frontend codebase, the team prefers to keep non-dynamic text directly in vue t...

Learnt from: rmolinares
PR: csg-org/CompactConnect#905
File: webroot/src/components/UpdateHomeJurisdiction/UpdateHomeJurisdiction.vue:32-41
Timestamp: 2025-07-03T15:35:57.893Z
Learning: In the CompactConnect frontend codebase, the team prefers to keep non-dynamic text directly in Vue templates rather than moving it to computed properties in TypeScript modules, as this approach prevents cluttering the TS files with template labels.

Applied to files:

• webroot/src/pages/PublicDashboard/PublicDashboard.vue
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue

📚 Learning: the compactconnect app uses mount testing as their general component testing strategy, focusing more...

Learnt from: jsandoval81
PR: csg-org/CompactConnect#822
File: webroot/src/components/StateSettingsConfig/StateSettingsConfig.spec.ts:12-19
Timestamp: 2025-05-28T16:09:24.547Z
Learning: The CompactConnect app uses mount testing as their general component testing strategy, focusing more on testing the data layer (models and store) rather than comprehensive component testing. This meets their test coverage needs and is their preferred approach.

Applied to files:

• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.spec.ts

📚 Learning: the compactconnect application uses mount testing as the general component testing strategy. they fo...

Learnt from: jsandoval81
PR: csg-org/CompactConnect#822
File: webroot/src/components/Forms/InputEmailList/InputEmailList.spec.ts:12-19
Timestamp: 2025-05-28T16:09:12.906Z
Learning: The CompactConnect application uses mount testing as the general component testing strategy. They focus their testing efforts on the data layer (models and store) rather than extensive component testing, and mount tests meet their coverage needs.

Applied to files:

• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.spec.ts

📚 Learning: in webroot/src/router/routes.ts, the team prefers to keep router logic simple and handle route param...

Learnt from: jsandoval81
PR: csg-org/CompactConnect#822
File: webroot/src/router/routes.ts:96-99
Timestamp: 2025-05-28T16:12:31.310Z
Learning: In webroot/src/router/routes.ts, the team prefers to keep router logic simple and handle route parameter validation (like state abbreviations) in the page components themselves based on user permissions, rather than adding validation at the router level.

Applied to files:

• webroot/src/router/routes.ts
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts

📚 Learning: in the compactconnect frontend codebase, the project prefers to avoid early returns in frontend code...

Learnt from: jsandoval81
PR: csg-org/CompactConnect#873
File: webroot/src/components/LicenseCard/LicenseCard.ts:509-528
Timestamp: 2025-06-24T00:07:10.463Z
Learning: In the CompactConnect frontend codebase, the project prefers to avoid early returns in frontend code when possible, as mentioned by jsandoval81 in webroot/src/components/LicenseCard/LicenseCard.ts.

Applied to files:

• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts
• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue

📚 Learning: in the inputemaillist component (webroot/src/components/forms/inputemaillist/inputemaillist.vue), th...

Learnt from: jsandoval81
PR: csg-org/CompactConnect#822
File: webroot/src/components/Forms/InputEmailList/InputEmailList.vue:26-30
Timestamp: 2025-05-28T16:13:19.506Z
Learning: In the InputEmailList component (webroot/src/components/Forms/InputEmailList/InputEmailList.vue), the formInput.labelSubtext property rendered with v-html contains only developer-controlled content, not user-controlled content, so XSS concerns do not apply.

Applied to files:

• webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue

🔇 Additional comments (6)

webroot/src/locales/en.json (1)

384-398: ✅ Privacy policy keys are in sync between en.json and es.json

We’ve extracted and compared the privacyPolicy keys in webroot/src/locales/en.json and webroot/src/locales/es.json—both contain the same 13 entries with no differences.

• If you have any other active locale files, please run the same check to ensure full key parity across all languages.

webroot/src/pages/PrivacyPolicy/PrivacyPolicy.less (1)

31-44: Typographic scale aligns with shared variables — LGTM

Headings and body copy leverage @h1FontSize / @h2FontSize and 1.7 rem paragraphs, keeping visual rhythm consistent with the rest of the app.

webroot/src/pages/PublicDashboard/PublicDashboard.vue (1)

10-17: Good separation of content container

Wrapping existing rows in .dashboard-content-container simplifies future layout tweaks and keeps the new footer logically separate—nice touch.

webroot/src/pages/PrivacyPolicy/PrivacyPolicy.ts (1)

11-24: LGTM! Clean and focused component implementation.

The component follows established patterns with proper decorator usage, correct component registration, and clean navigation logic using named routes.

webroot/src/locales/es.json (1)

854-868: LGTM! Comprehensive Spanish privacy policy translations.

The translations are well-structured and cover all essential privacy policy sections including data collection, usage, protection, policy changes, and disclaimers. The content appears professionally translated and contextually appropriate.

webroot/src/pages/PrivacyPolicy/PrivacyPolicy.vue (1)

8-40: LGTM! Excellent template implementation with strong accessibility and i18n support.

The template demonstrates excellent practices:

• Semantic HTML structure with proper heading hierarchy
• Comprehensive internationalization throughout
• Proper accessibility attributes on the back button
• Clean component structure with external TypeScript and styling
• Logical content organization for privacy policy sections

[rmolinares]

@jlkravitz This PR is now ready for review.

[jlkravitz]

looks good! @isabeleliassen good to merge