Properly use PrivacyRequestResponse type

[lucanovera]

Ticket ENG-1830

Description Of Changes

This PR addresses the following issues:

1. Using an unconnected type (PrivacyRequestEntity) instead of the openapi generated PrivacyRequestResponse for the new privacy request manager screen. There are many FE changes that strengthen the code to handle the new type (supports legacy style properties, null values, etc).
2. Using the deprecated GET /api/v1/privacy-request instead of the new POST /api/v1/privacy-request/search endpoint

Note: There is currently still one property that required a manual override (it's commented in the code). The autogenerated type for that one is null. This will be fixed in a followup issue, possibly the migration to a new ts generation library (ENG-1859) could fix it.

Code Changes

• Update PrivacyRequestResponse type to latest
• Update every component in the new request manager page to use the new types
• Add new search endpoint to privacy request slice file
• Use new endpoint in new request manager page
• Update ApprovePrivacyRequestModal to also handle the new type (this does impact the old Request Manager page too)

Steps to Confirm

1. CI passes

Regression testing old/current request manger

1. Go to the Privacy Request > Request Manager
2. Approve a request
3. Check the approval modal displays the identity correctly

Regression testing

1. Login to admin-ui (Recommended to use the preview link with nightly build credentials)
2. Go to /settings/about and enable the "Privacy request v2" feature flag
3. Go to the Privacy Request > Request Manager (new) option
4. Try pagination, filters, different actions and make sure everything works

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• UX feedback:
  • All UX related changes have been reviewed by a designer
  • No UX review needed
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
fides-plus-nightly	Ready	Preview	Comment	Nov 4, 2025 0:36am

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
fides-privacy-center	Ignored			Nov 4, 2025 0:36am

[greptile-apps]

Greptile Overview

Greptile Summary

This PR migrates the privacy request manager screen from using the disconnected PrivacyRequestEntity type to the OpenAPI-generated PrivacyRequestResponse type. This improves type safety and ensures the frontend stays in sync with the backend API contract.

Key changes:

• Updated PrivacyRequestResponse type with new fields: identity now supports both legacy string format and new IdentityValue object format, added location and duplicate_request_group_id fields
• Added backward compatibility layer in utils.ts to handle both legacy string identities and new object-based identities
• Applied proper null/undefined handling throughout components using optional chaining and null guards
• Updated all components and hooks to use PrivacyRequestResponse instead of PrivacyRequestEntity
• Added comprehensive test coverage for the utility functions handling identity and custom fields
• Created new ItemActions component for better code organization

Manual type override:
The custom_privacy_request_fields property has a manual type override (commented in code) because the auto-generated type is currently null. This is tracked for future resolution in ENG-1859.

Confidence Score: 5/5

• This PR is safe to merge - it's a well-executed type migration with proper backward compatibility
• The changes are thorough and well-tested with comprehensive null handling, backward compatibility for legacy formats, updated test coverage, and proper optional chaining throughout. The manual type override is documented and tracked for future resolution.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
clients/admin-ui/src/types/api/models/PrivacyRequestResponse.ts	5/5	Updated type with new fields (identity now supports IdentityValue, location, duplicate_request_group_id) and manual override for custom_privacy_request_fields
clients/admin-ui/src/features/privacy-requests/dashboard/utils.ts	5/5	Added backward compatibility for legacy string identities and proper null/empty handling with lodash isEmpty
clients/admin-ui/src/features/privacy-requests/dashboard/list-item/components/Header.tsx	5/5	Updated to use PrivacyRequestResponse type and added optional chaining for policy.rules

_{27 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[lucanovera]

@jpople fyi this is ready for review now. pr size fails for file changes count, I expect this to be a common occurance with typescript updates.

[jpople]

I know this is outside the scope of this PR but we've gotta figure something out about all these undefined | nulls, they're so unpleasant.

[jpople]

Code changes look sound, and I clicked around in the privacy request screen on my local and everything is working for me.