Support request data as criteria for manual task conditions

[lucanovera]

Ticket ENG-2014

Description Of Changes

Basic support for using request data as manual task conditions behind an alpha feature flag.

This is the first PR that implements the fields. There will be followup PRs to add custom pickers (location, policy, etc), restricting opeators (only list operators on list fields, etc) and supporting custom fields.

Code Changes

• Added new endpoint to connection-manual-tasks.slice.ts to get the condition field options
• Added radio picker to AddConditionForm.tsx to pick between dataset references and the new request fields option.
• Added the PrivacyRequestFieldPicker.tsx component to show the different options for privacy request fields
• Added tests for utils
• Adds feature flag

Steps to Confirm

1. Visit preview link in the conditions tab of a manual task integration
2. Click Add Condition and check "Field source" field is not visible and selectors for picking a dataset reference are shown.
3. Turn on the feature flag "Privacy request field conditions" here
4. Go to the conditions tab again
5. Check that when adding a new condition there is "Field source" radio selector preselected with the "
   Privacy request field" option
6. Check that Field shows different options for privacy request fields with group names like "Privacy Request", "Policy" and "Identity".
7. Check that you can select one of the fields, operator and values and add a new condition.
8. Check that you can edit the condition just created and the modal is correctly populated with the values

Note: Currently there is no filtering for valid conditions depending on the field selected, and the value input is always text. There will be a followup PR for those improvements.

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
  • Hidden under alpha feature flag, no new entry necessary
• UX feedback:
  • All UX related changes have been reviewed by a designer
  • No UX review needed
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
fides-plus-nightly	Ready	Preview	Comment	Dec 5, 2025 4:23pm

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
fides-privacy-center	Ignored			Dec 5, 2025 4:23pm

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds support for using privacy request data as criteria for manual task conditions. Users can now select between dataset fields and privacy request fields (like privacy_request.identity.email, privacy_request.policy.name, etc.) when configuring conditions.

Key changes:

• Added new API endpoint getPrivacyRequestFields to fetch available privacy request fields
• Created PrivacyRequestFieldPicker component for selecting privacy request fields
• Added radio button toggle in AddConditionForm to switch between dataset and privacy request field sources
• Implemented utility functions for filtering, formatting, and displaying privacy request fields
• Updated condition display logic to handle both field types appropriately

The implementation includes an allowlist of privacy request fields to prevent overwhelming users with too many options. The code follows existing patterns but contains some any types that should be replaced with proper TypeScript types per the codebase standards.

Confidence Score: 4/5

• This PR is safe to merge with minor style improvements needed
• The implementation is solid with good error handling and follows existing patterns. The use of any types violates codebase standards but doesn't introduce bugs. No tests were added for the new functionality, which is a concern for a feature of this scope.
• Pay attention to utils.ts and AddConditionForm.tsx for the any type usage that should be fixed

Important Files Changed

File Analysis

Filename	Score	Overview
clients/admin-ui/src/features/integrations/configure-tasks/utils.ts	3/5	New utility functions for handling privacy request field formatting and filtering. Contains any type that should be properly typed.
clients/admin-ui/src/features/integrations/configure-tasks/AddConditionForm.tsx	3/5	Added radio button field source selection and privacy request field support. Contains any type in event handler.
clients/admin-ui/src/features/integrations/configure-tasks/components/PrivacyRequestFieldPicker.tsx	4/5	New component for selecting privacy request fields. Clean implementation with proper error handling.

[greptile-apps]

_{7 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[gilluminate]

It looks like this needs to be conditional against the Alpha Flag as well.

[lucanovera]

great catch, I've just updated that part to check for the flag

[lucanovera]

@gilluminate Thanks for the review! I've added the flag check for the text and removed the style prop. It's now ready for a re-review when you have the time.

[gilluminate]

Looks good!