Allow Responsys and Firebase connectors to ignore extra identities (#…

…5388)

src/fides/api/service/saas_request/override_implementations/firebase_auth_request_overrides.py

@@ -57,10 +57,6 @@ def firebase_auth_user_access(  # pylint: disable=R0914
                     logger.warning(
                         f"Could not find user with phone_number {Pii(phone_number)} in firebase"
                     )
-        else:
-            raise FidesopsException(
-                "Unsupported identity type for Firebase connector. Currently only `email` and `phone_number` are supported"
-            )
     return processed_data
 
 
@@ -177,7 +173,7 @@ def retrieve_user_record(
             return auth.get_user_by_phone_number(phone_number, app=app)
 
     raise FidesopsException(
-        "Unsupported identity type for Firebase connector. Currently only `email` and `phone_number` are supported"
+        "Either `email` or `phone_number` must be provided on identity data"
     )
 
 

src/fides/api/service/saas_request/override_implementations/oracle_responsys_request_overrides.py

@@ -147,9 +147,7 @@ def oracle_responsys_profile_list_recipients_read(
                 query_ids[idx] = query_id[1:] if query_id.startswith("+") else query_id
             query_attribute = "m"
         else:
-            raise FidesopsException(
-                "Unsupported identity type for Oracle Responsys connector. Currently only `email` and `phone_number` are supported"
-            )
+            continue
 
         body = {
             "fieldList": ["all"],

tests/ops/integration_tests/saas/request_override/test_firebase_auth_task.py

@@ -276,10 +276,12 @@ async def test_firebase_auth_access_request_multiple_identities(
     request.getfixturevalue(dsr_version)  # REQUIRED to test both DSR 3.0 and 2.0
     clear_cache_identities(privacy_request.id)
 
+    # Adds extra identity ga_client_id for testing. Firebase does not use this identity type
     identity = Identity(
         **{
             "email": firebase_auth_user.email,
             "phone_number": firebase_auth_user.phone_number,
+            "ga_client_id": "extra-identity-value",
         }
     )
     privacy_request.cache_identity(identity)
@@ -370,7 +372,10 @@ async def test_firebase_auth_update_request(
     privacy_request.policy_id = erasure_policy_string_rewrite.id
     privacy_request.save(db)
 
-    identity = Identity(**{"email": firebase_auth_user.email})
+    # Adds extra identity for testing. Firebase does not use this identity type
+    identity = Identity(
+        **{"email": firebase_auth_user.email, "ga_client_id": "extra-identity-value"}
+    )
     privacy_request.cache_identity(identity)
 
     dataset_name = firebase_auth_connection_config.get_saas_config().fides_key

tests/ops/integration_tests/saas/test_oracle_responsys_task.py

@@ -59,6 +59,34 @@ async def test_access_request_by_phone_number(
             == oracle_responsys_identity_phone_number[1:]
         )
 
+    @pytest.mark.parametrize(
+        "dsr_version",
+        ["use_dsr_3_0", "use_dsr_2_0"],
+    )
+    async def test_access_request_by_email_and_extra_identities(
+        self,
+        dsr_version,
+        request,
+        oracle_responsys_runner: ConnectorRunner,
+        policy,
+        oracle_responsys_identity_email: str,
+    ):
+        request.getfixturevalue(dsr_version)  # REQUIRED to test both DSR 3.0 and 2.0
+
+        access_results = await oracle_responsys_runner.access_request(
+            access_policy=policy,
+            identities={
+                "email": oracle_responsys_identity_email,
+                "ga_client_id": "extra_value",  # Extra identity for testing. Responsys does not use this identity type
+            },
+        )
+        assert (
+            access_results["oracle_responsys_instance:profile_list_recipient"][0][
+                "email_address"
+            ]
+            == oracle_responsys_identity_email
+        )
+
     @pytest.mark.parametrize(
         "dsr_version",
         ["use_dsr_3_0", "use_dsr_2_0"],