Privacy: add new wp-admin screens for exporting and removing of personal data.

Props @melchoyce, @mikejolley, @allendav, @xkon.
See #43481.

git-svn-id: https://develop.svn.wordpress.org/trunk@42967 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Ozz
2018-04-10 18:01:20 +00:00
parent d68affa9c2
commit 33979450ac
5 changed files with 1114 additions and 8 deletions

View File

@@ -226,6 +226,38 @@ function create_initial_post_types() {
)
);
register_post_type(
'user_export_request', array(
'labels' => array(
'name' => __( 'Export Personal Data Requests' ),
'singular_name' => __( 'Export Personal Data Request' ),
),
'public' => false,
'_builtin' => true, /* internal use only. don't use this when registering your own post type. */
'hierarchical' => false,
'rewrite' => false,
'query_var' => false,
'can_export' => false,
'delete_with_user' => false,
)
);
register_post_type(
'user_remove_request', array(
'labels' => array(
'name' => __( 'Remove Personal Data Requests' ),
'singular_name' => __( 'Remove Personal Data Request' ),
),
'public' => false,
'_builtin' => true, /* internal use only. don't use this when registering your own post type. */
'hierarchical' => false,
'rewrite' => false,
'query_var' => false,
'can_export' => false,
'delete_with_user' => false,
)
);
register_post_status(
'publish', array(
'label' => _x( 'Published', 'post status' ),
@@ -297,6 +329,42 @@ function create_initial_post_types() {
'exclude_from_search' => false,
)
);
register_post_status(
'request-pending', array(
'label' => _x( 'Pending', 'request status' ),
'internal' => true,
'_builtin' => true, /* internal use only. */
'exclude_from_search' => false,
)
);
register_post_status(
'request-confirmed', array(
'label' => _x( 'Confirmed', 'request status' ),
'internal' => true,
'_builtin' => true, /* internal use only. */
'exclude_from_search' => false,
)
);
register_post_status(
'request-failed', array(
'label' => _x( 'Failed', 'request status' ),
'internal' => true,
'_builtin' => true, /* internal use only. */
'exclude_from_search' => false,
)
);
register_post_status(
'request-completed', array(
'label' => _x( 'Completed', 'request status' ),
'internal' => true,
'_builtin' => true, /* internal use only. */
'exclude_from_search' => false,
)
);
}
/**
@@ -782,6 +850,22 @@ function get_page_statuses() {
return $status;
}
/**
* Return statuses for privacy requests.
*
* @since 5.0.0
*
* @return array
*/
function _wp_privacy_statuses() {
return array(
'request-pending' => __( 'Pending' ), // Pending confirmation from user.
'request-confirmed' => __( 'Confirmed' ), // User has confirmed the action.
'request-failed' => __( 'Failed' ), // User failed to confirm the action.
'request-completed' => __( 'Completed' ), // Admin has handled the request.
);
}
/**
* Register a post status. Do not use before init.
*

View File

@@ -2810,12 +2810,79 @@ function new_user_email_admin_notice() {
}
}
/**
* Get all user privacy request types.
*
* @since 5.0.0
* @access private
*
* @return array
*/
function _wp_privacy_action_request_types() {
return array(
'user_export_request',
'user_remove_request',
);
}
/**
* Update log when privacy request is confirmed.
*
* @since 5.0.0
* @access private
*
* @param array $result Result of the request from the user.
*/
function _wp_privacy_account_request_confirmed( $result ) {
if ( isset( $result['action'], $result['request_data'], $result['request_data']['privacy_request_id'] ) && in_array( $result['action'], _wp_privacy_action_request_types(), true ) ) {
$privacy_request_id = absint( $result['request_data']['privacy_request_id'] );
$privacy_request = get_post( $privacy_request_id );
if ( ! $privacy_request || ! in_array( $privacy_request->post_type, _wp_privacy_action_request_types(), true ) ) {
return;
}
update_post_meta( $privacy_request_id, '_confirmed_timestamp', time() );
wp_update_post( array(
'ID' => $privacy_request_id,
'post_status' => 'request-confirmed',
) );
}
}
add_action( 'account_action_confirmed', '_wp_privacy_account_request_confirmed' );
/**
* Update log when privacy request fails.
*
* @since 5.0.0
* @access private
*
* @param array $result Result of the request from the user.
*/
function _wp_privacy_account_request_failed( $result ) {
if ( isset( $result['action'], $result['request_data'], $result['request_data']['privacy_request_id'] ) &&
in_array( $result['action'], _wp_privacy_action_request_types(), true ) ) {
$privacy_request_id = absint( $result['request_data']['privacy_request_id'] );
$privacy_request = get_post( $privacy_request_id );
if ( ! $privacy_request || ! in_array( $privacy_request->post_type, _wp_privacy_action_request_types(), true ) ) {
return;
}
wp_update_post( array(
'ID' => $privacy_request_id,
'post_status' => 'request-failed',
) );
}
}
/**
* Send a confirmation request email to confirm an action.
*
* @since 5.0.0
*
* @param string $email User email address. This can be the address of a registered or non-registered user. Defaults to logged in user email address.
* @param string $email User email address. This can be the address of a registered or non-registered user. Defaults to logged in user email address.
* @param string $action_name Name of the action that is being confirmed. Defaults to 'confirm_email'.
* @param string $action_description User facing description of the action they will be confirming. Defaults to "confirm your email address".
* @param array $request_data Misc data you want to send with the verification request and pass to the actions once the request is confirmed.
@@ -2917,7 +2984,7 @@ All at ###SITENAME###
* ###SITEURL### The URL to the site.
*
* @since 5.0.0
*
*
* @param string $email_text Text in the email.
* @param array $email_data {
* Data relating to the account action email.
@@ -3039,14 +3106,14 @@ function wp_check_account_verification_key( $key, $uid, $action_name ) {
$raw_data = get_user_meta( $user->ID, '_verify_action_' . $action_name, true );
$email = $user->user_email;
if ( false !== strpos( $confirm_action_data, ':' ) ) {
list( $key_request_time, $saved_key ) = explode( ':', $confirm_action_data, 2 );
if ( false !== strpos( $raw_data, ':' ) ) {
list( $key_request_time, $saved_key ) = explode( ':', $raw_data, 2 );
}
} else {
$raw_data = get_site_option( '_verify_action_' . $action_name . '_' . $uid, '' );
if ( false !== strpos( $confirm_action_data, ':' ) ) {
list( $key_request_time, $saved_key, $email ) = explode( ':', $confirm_action_data, 3 );
if ( false !== strpos( $raw_data, ':' ) ) {
list( $key_request_time, $saved_key, $email ) = explode( ':', $raw_data, 3 );
}
}
@@ -3068,7 +3135,7 @@ function wp_check_account_verification_key( $key, $uid, $action_name ) {
* Filters the expiration time of confirm keys.
*
* @since 5.0.0
*
*
* @param int $expiration The expiration time in seconds.
*/
$expiration_duration = apply_filters( 'account_verification_expiration', DAY_IN_SECONDS );
@@ -3096,4 +3163,4 @@ function wp_check_account_verification_key( $key, $uid, $action_name ) {
}
return $return;
}
}