Consenting to a category of cookies, or individual cookies?

[wizzud]

There seems to be a general confusion, throughout the plugin, over what is being consented to.
The presentation of options - in Settings, the Preference Center, and the Privacy Bar (if configured to) - is that consent is applied to a category.
However, code - in privacy-preferences-modal.php, for just one example - tests for each individual cookie [within categories] having consent, and adjusts the category status accordingly.

This creates a problem if a category's cookies are amended, because a category status can yo-yo between enabled & disabled as the code runs through the category's cookies and [possibly] finds that some of them are in allowed_cookies and some aren't.

I don't have an immediate solution at hand for this.
My thoughts would be that consent at category level is good. But that should mean that allowed_cookies stores consented-to categories, not individual cookies (which can change). If a category is consented to (either by default or explicitly), then allowed_cookies holds the category name, and plugin options holds the [current] cookies that are covered by that category. That would simplify the allowed_cookies cookie, and make is_allowed_cookie() - and any similar helpers - simpler as well (use options to determine the container category of an asked-for cookie, then check allowed_cookies for the category consent)? It would also remove the yo-yo effect of code such as is in the Preference Center module, since that would only need to check for category consent, not individual cookie consent (which can't currently be given!).

[fclaussen]

I have plans to switch to a category base check instead of a cookie base check.
That will take a little while to make because I'm leaving for holidays on the 15th and I'll be out for a couple weeks. The 2 scheduled updates have other things in already.

I'll try to squeeze this in the Jun 12th but I can't promise.