Add a new method to Fides object for updating user consent

[gilluminate]

Closes LJ-684

Description Of Changes

Added a new updateConsent method to the Fides interface, allowing developers to programmatically update user consent preferences using either a consent object or fidesString.

Code Changes

• Added comprehensive tests for the updateConsent function in preferences module
• Updated Fides interface documentation to include the new updateConsent method
• Implemented error handling for various edge cases in the consent update process

Steps to Confirm

1. Add 6Sense vendor in Admin UI
2. Enable Analytics, Data sales and sharing, and Essential notices
3. Create a Headless experience and add those 3 notices to it
4. Add location Utah to the Headless experience
5. Visit the privacy center demo page for Utah (/fides-js-demo.html?geolocation=us-ut)
6. Verify updating consent works with a plain consent object by pasting the following in to the browser devtools console. You should see the values updated in the main window, in Fides.consent, and the cookie.

Fides.encodeNoticeConsentString({ data_sales_and_sharing: false, analytics: true })

7. Delete the cookie and reload the demo (do this between each step below)
8. Verify updating consent works with a fidesString

Fides.updateConsent({ fidesString: ",,,eyJkYXRhX3NhbGVzX2FuZF9zaGFyaW5nIjpmYWxzZSwiYW5hbHl0aWNzIjp0cnVlfQ==" })

9. Confirm error handling for invalid inputs works correctly by pasting the following in to the borwser devtools console:

Fides.updateConsent({invalid: true});

10. Test that fidesString takes priority when both options are provided:

Fides.updateConsent({
  consent: {
    data_sales_and_sharing: false,
    analytics: true,
  },
  fidesString: ",,,eyJkYXRhX3NhbGVzX2FuZF9zaGFyaW5nIjpmYWxzZSwiYW5hbHl0aWNzIjp0cnVlfQ=="
});

11. Verify consent mechanism types are handled correctly by running:

Fides.updateConsent({ consent: { data_sales_and_sharing: "opt_out", analytics: "opt_in" } });

12. Verify with mixed value types:

Fides.updateConsent({ consent: { analytics: true, data_sales_and_sharing: "opt_out" } });

13. Test validation mode behavior:

// Try to use an invalid value with validation='reject'
  Fides.updateConsent({ 
    consent: { essential: true }, // should be "acknowledge" 
    validation: "reject" 
  });

// Try with validation='warn' - should warn but not throw
Fides.updateConsent({ 
  consent: { essential: true }, 
  validation: "warn" 
});
// Check console for warning

// Try with validation='ignore' - should not warn or throw
Fides.updateConsent({ 
  consent: { essential: true }, 
  validation: "ignore" 
});

14. Test NOTICE_ONLY consent mechanism:

Fides.updateConsent({ consent: { essential: "acknowledge" } });

15. Test error handling scenarios:

Fides.updateConsent({});

Fides.updateConsent({ fidesString: "invalid-string" });

Fides.updateConsent({ 
  consent: { analytics: true }, 
  validation: "invalid" 
});

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
fides-privacy-center	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 21, 2025 7:09pm

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
fides-plus-nightly	⬜️ Ignored (Inspect)	Visit Preview		May 21, 2025 7:09pm

[eastandwestwind]

Couple small questions and requests. Looking great otherwise @gilluminate !

[eastandwestwind]

do we also need to update this with "not_applicable" option too?

[gilluminate]

Good callout. No, we don't want to support non_applicable but we do want to create an error specifically for that purpose that I forgot to add (see Neville's comment in JIRA https://ethyca.atlassian.net/browse/ENG-439?focusedCommentId=53324)

[eastandwestwind]

looks great! 1 small Q, non-blocking

[eastandwestwind]

can these be enums?

[gilluminate]

good suggestion! I'll create a task in Jira for that so we don't hold up the release any longer. :)

[cypress]

fides    Run #12937

Run Properties:   Passed #12937  •  8c41b39bfe: Add a new method to Fides object for updating user consent (#6151)

Project	fides
Branch Review	main
Run status	Passed #12937
Run duration	00m 51s
Commit	8c41b39bfe: Add a new method to Fides object for updating user consent (#6151)
Committer	Jason Gill
View all properties for this run ↗︎

---

Test results
Failures	0
Flaky	0
Pending	0
Skipped	0
Passing	5
View all changes introduced in this branch ↗︎