Commit Graph

6809 Commits

Author SHA1 Message Date
iandunn 7f23a920d2 Privacy: Reposition pointer to ensure dismiss link is always visible.
r43158 introduced a new admin pointer for the privacy tools added in 4.9.6. With the previous positioning, though, sometimes the `Dismiss` link would be fixed off screen, making it impossible for the user to dismiss the pointer. This happened when there were enough extra menu items, or when the viewport height was short enough.

This commit repositions the pointer to work around that problem. One down side of this workaround is that the arrow will not always be positioned next to the `Tools` menu, where it should be. That's an acceptable compromise given the current time constraints, though. A long term solution would be to make `WP_Pointer` robust enough to handle this use case.

Props imath, audrasjb, desrosj.
Fixes #44045.

Built from https://develop.svn.wordpress.org/trunk@43246


git-svn-id: http://core.svn.wordpress.org/trunk@43075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-12 17:29:21 +00:00
Andrew Ozz 1b1cc0b371 Privacy: make creating a privacy policy page on install multisite compatible.
See #43491.
Built from https://develop.svn.wordpress.org/trunk@43243


git-svn-id: http://core.svn.wordpress.org/trunk@43072 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-11 15:44:21 +00:00
Andrew Ozz 5c5a527d96 Privacy: exclude the wrapper from the default policy content.
Fixes #44048.
Built from https://develop.svn.wordpress.org/trunk@43242


git-svn-id: http://core.svn.wordpress.org/trunk@43071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-11 15:07:21 +00:00
Sergey Biryukov 0a9de1ef2e Privacy: Normalize file paths in `wp_privacy_generate_personal_data_export_file()` to make sure Windows paths don't have their backslashes stripped.
Props xkon, pmbaldha.
Fixes #43908.
Built from https://develop.svn.wordpress.org/trunk@43234


git-svn-id: http://core.svn.wordpress.org/trunk@43063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:11:23 +00:00
Sergey Biryukov bed52dda40 Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.
Props desrosj, allendav, garrett-eclipse.
Fixes #43973.
Built from https://develop.svn.wordpress.org/trunk@43230


git-svn-id: http://core.svn.wordpress.org/trunk@43059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:43:22 +00:00
Sergey Biryukov 699cccd86e Privacy: Avoid a PHP notice in `wp_ajax_wp_privacy_erase_personal_data()`, make sure `$eraser_key` is always defined.
Props allendav.
Fixes #44040.
Built from https://develop.svn.wordpress.org/trunk@43228


git-svn-id: http://core.svn.wordpress.org/trunk@43057 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:24:23 +00:00
iandunn 8af721fff8 Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue. 

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Fixes #43954. See #43953.

Built from https://develop.svn.wordpress.org/trunk@43223


git-svn-id: http://core.svn.wordpress.org/trunk@43052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 19:52:21 +00:00
Andrew Ozz 7d9265e5c5 Privacy: cleanup of the "Export Personal Data" and "Erase Personal Data" screens.
Props desrosj, xkon.
See #43929.
Built from https://develop.svn.wordpress.org/trunk@43212


git-svn-id: http://core.svn.wordpress.org/trunk@43041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 10:01:21 +00:00
iandunn 107b52191b Privacy: Reposition admin pointer to avoid covering collapsed menu.
Previously the pointer overlapped the menu in order to draw attention to the fact that it applies to both the `Tools` and `Settings` menus. That caused a conflict if the menu was collapsed, though, because the icons were covered by the pointer and therefore inaccessible.

Additionally, minor tweaks were made to the text order and formatting. The order of the two sections was swapped in the title and paragraph, in order to match the order of the corresponding menu items. The spacing around headings and paragraphs was tweaked to remove extraneous whitespace.

Props littler.chicken, desrosj, ianbelanger, melchoyce.
Fixes #43961.

Built from https://develop.svn.wordpress.org/trunk@43210


git-svn-id: http://core.svn.wordpress.org/trunk@43039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 03:03:20 +00:00
Sergey Biryukov 760ab78ff9 Privacy: Pass export request ID to `wp_privacy_personal_data_export_file_created` filter.
Props thomasplevy.
Fixes #44031.
Built from https://develop.svn.wordpress.org/trunk@43208


git-svn-id: http://core.svn.wordpress.org/trunk@43037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:18:22 +00:00
Sergey Biryukov 47e6c2f9ec Privacy: Make the help hint for Privacy Policy page more translatable and accessible.
Props tobifjellner.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43206


git-svn-id: http://core.svn.wordpress.org/trunk@43035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 23:12:21 +00:00
Andrew Ozz 35d5911ae8 Privacy: fixes for the privacy policy guide and suggested content:
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43203


git-svn-id: http://core.svn.wordpress.org/trunk@43032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 20:51:23 +00:00
Sergey Biryukov 367c2e945a Privacy: Add `id` attribute to `WP_Privacy_Requests_Table` and `WP_Privacy_Data_Export_Requests_Table` rows, for consistency with other post list tables.
Props desrosj.
Fixes #44015.
Built from https://develop.svn.wordpress.org/trunk@43191


git-svn-id: http://core.svn.wordpress.org/trunk@43020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 15:06:22 +00:00
iandunn 4467a9226c Privacy: Mark erasure requests as completed after processing.
r42986 introduced the beginnings of an Ajax handler for processing requests to erase personal data. At the time, a method for marking requests as completed was planned, but had not yet been created. This commit introduces that mechanism, bringing the erasure process closer to completion.

Props coreymckrill, allendav.
Fixes #43922.

Built from https://develop.svn.wordpress.org/trunk@43185


git-svn-id: http://core.svn.wordpress.org/trunk@43014 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 01:02:22 +00:00
Andrew Ozz 3099f4d9ed Privacy: outputting the privacy policy guide and suggested content to a new page instead of a postbox.
Props melchoyce, azaozz.
See #43980.
Built from https://develop.svn.wordpress.org/trunk@43184


git-svn-id: http://core.svn.wordpress.org/trunk@43013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 23:45:21 +00:00
iandunn 76efbf47da Privacy: Mark processed requests as completed instead of confirmed.
r43008 refactored the request flow to make several improvements, but accidentally marked `completed` requests as `confirmed`. This commit restores the intended statuses, so that the data and corresponding UI reflect reality.

Props allendav, birgire.
Fixes #43913.

Built from https://develop.svn.wordpress.org/trunk@43183


git-svn-id: http://core.svn.wordpress.org/trunk@43012 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 23:29:20 +00:00
iandunn 798e3dc84d Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Fixes #43905.

Built from https://develop.svn.wordpress.org/trunk@43180


git-svn-id: http://core.svn.wordpress.org/trunk@43009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-08 00:52:21 +00:00
John Blackbourn bfba73995c Plugins: Correct another instance of incorrect parameter ordering when displaying plugins with more than one million active installations.
See #43193

Built from https://develop.svn.wordpress.org/trunk@43179


git-svn-id: http://core.svn.wordpress.org/trunk@43008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 21:43:20 +00:00
John Blackbourn 930c98b7d8 Plugins: Correct the parameters used when displaying plugins with more than one million active installations.
Fixes #43193

Built from https://develop.svn.wordpress.org/trunk@43178


git-svn-id: http://core.svn.wordpress.org/trunk@43007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 21:30:23 +00:00
John Blackbourn 8b34c79cec Docs: Update and correct various inline documentation.
See #42505, #41756

Built from https://develop.svn.wordpress.org/trunk@43177


git-svn-id: http://core.svn.wordpress.org/trunk@43006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 17:20:22 +00:00
Sergey Biryukov 8bc4e6d94f Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data.
Props allendav.
Fixes #43920.
Built from https://develop.svn.wordpress.org/trunk@43175


git-svn-id: http://core.svn.wordpress.org/trunk@43004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 16:45:22 +00:00
Sergey Biryukov cd4c960a6c Administration: Change all the occurrences of "(opens in a new window)" to "(opens in a new tab)".
Props chetan200891, ianbelanger, afercia.
Fixes #43803.
Built from https://develop.svn.wordpress.org/trunk@43174


git-svn-id: http://core.svn.wordpress.org/trunk@43003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-05 09:45:22 +00:00
Sergey Biryukov daacd57fd4 Privacy: Change "Email Data" link text on "Export Personal Data" screen to "Send Export Link" for clarity.
Props birgire, ianbelanger.
Fixes #43964.
Built from https://develop.svn.wordpress.org/trunk@43172


git-svn-id: http://core.svn.wordpress.org/trunk@43001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-05 09:17:21 +00:00
Sergey Biryukov f055261a05 Privacy: Remove stray closing tag in `WP_Privacy_Policy_Content::get_default_content()`, fix typo in `@return` tag.
Props dlh, tobifjellner.
Fixes #43951.
Built from https://develop.svn.wordpress.org/trunk@43170


git-svn-id: http://core.svn.wordpress.org/trunk@42999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:56:22 +00:00
Sergey Biryukov abb666a812 Docs: Add missing duplicate hook comment for `user_request_key_expiration` filter.
Props birgire, desrosj.
Fixes #43934.
Built from https://develop.svn.wordpress.org/trunk@43168


git-svn-id: http://core.svn.wordpress.org/trunk@42997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-04 01:49:22 +00:00
iandunn 30b5cad03d Privacy: Add an admin pointer for new privacy features in 4.9.6.
The new features are very important for some users, because of their GDPR obligations. They're also spread across multiple top-level menus, making them less discoverable. An admin pointer will help to ensure that users are aware of the new tools and how to find them.

Props desrosj, andreamiddleton, allendav, xkon. 
Fixes #43942.

Built from https://develop.svn.wordpress.org/trunk@43158


git-svn-id: http://core.svn.wordpress.org/trunk@42987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:45:21 +00:00
iandunn 3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00
Andrew Ozz 58b2e6e143 Privacy: use `sprintf()` in translations.
Props birgire.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43150


git-svn-id: http://core.svn.wordpress.org/trunk@42979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 18:25:21 +00:00
Andrew Ozz 7d4429b2c8 Privacy: fix typos and inconsistencies in the default suggested text.
Props macbookandrew.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43148


git-svn-id: http://core.svn.wordpress.org/trunk@42977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:42:22 +00:00
Andrew Ozz c5d13c5934 Privacy: change how the default text for privacy policy is added:
- Insert both the text and tutorial in new policy pages and highlight is brightly in the editor.
- Show only the suggested text in the policy postbox.

Props melchoyce, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43146


git-svn-id: http://core.svn.wordpress.org/trunk@42975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 17:13:21 +00:00
Andrew Ozz 0d2eb27a5d Privacy: do not fold a single section in the privacy policy poxtbox.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43126


git-svn-id: http://core.svn.wordpress.org/trunk@42955 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 22:10:21 +00:00
Andrew Ozz dd68722112 Privacy: fix typo.
Props casiepa.
Fixes #43939.
Built from https://develop.svn.wordpress.org/trunk@43121


git-svn-id: http://core.svn.wordpress.org/trunk@42950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 20:07:22 +00:00
Andrew Ozz 3a43a64c20 Privacy: fix inconsistencies in new strings.
Props audrasjb.
Fixes #43925.
Built from https://develop.svn.wordpress.org/trunk@43118


git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:42:21 +00:00
Sergey Biryukov 6145ef6dea Docs: Correct DocBlock formatting for `wp_privacy_personal_data_erasers` filter.
See #43637.
Built from https://develop.svn.wordpress.org/trunk@43104


git-svn-id: http://core.svn.wordpress.org/trunk@42933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 03:14:21 +00:00
Sergey Biryukov eca2bf8545 I18N: Correct translator comment in `wp_privacy_generate_personal_data_export_file()`.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43089


git-svn-id: http://core.svn.wordpress.org/trunk@42918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:52:22 +00:00
Sergey Biryukov 14ab38be27 I18N: Use consistent pattern for placeholder references in translator comments in `wp_ajax_wp_privacy_erase_personal_data()`.
See #43438.
Built from https://develop.svn.wordpress.org/trunk@43088


git-svn-id: http://core.svn.wordpress.org/trunk@42917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:39:21 +00:00
iandunn 93a90a9aa4 Privacy: Limit export and erasure to super admins on Multisite.
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.

Props allendav, jeremyfelt, iandunn.
Fixes #43919.

Built from https://develop.svn.wordpress.org/trunk@43085


git-svn-id: http://core.svn.wordpress.org/trunk@42914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 01:07:22 +00:00
Sergey Biryukov 8e01f9f99b Privacy: Move "Mine" filter for media items above "Trash".
See #43820.
Built from https://develop.svn.wordpress.org/trunk@43063


git-svn-id: http://core.svn.wordpress.org/trunk@42892 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 21:47:21 +00:00
Sergey Biryukov 6c2470a091 I18N: Add context for "Mine" string added in [43056].
See #43820.
Built from https://develop.svn.wordpress.org/trunk@43062


git-svn-id: http://core.svn.wordpress.org/trunk@42891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 21:37:23 +00:00
Andrew Ozz 2f321e234e Privacy: improve `wp_privacy_erase_personal_data()`, return boolean values.
Props ericdaams.
See #43602.
Built from https://develop.svn.wordpress.org/trunk@43061


git-svn-id: http://core.svn.wordpress.org/trunk@42890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 19:27:22 +00:00
Andrew Ozz f376b6b0c9 Privacy: translate error messages, some fixes and improvements for the AJAX actions for exporting and erasing user data.
Props desrosj, birgire.
See #43438.
Built from https://develop.svn.wordpress.org/trunk@43060


git-svn-id: http://core.svn.wordpress.org/trunk@42889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 19:00:20 +00:00
Andrew Ozz 2aa8414d09 Privacy: make the emails in export and erasure list-tables clickable.
Props birgire.
See #43911.
Built from https://develop.svn.wordpress.org/trunk@43057


git-svn-id: http://core.svn.wordpress.org/trunk@42886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 17:12:22 +00:00
Andrew Ozz 3266b10d04 Privacy: add "Mine" filter for media similarly to posts and comments.
Props audrasjb.
See #43820.
Built from https://develop.svn.wordpress.org/trunk@43056


git-svn-id: http://core.svn.wordpress.org/trunk@42885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 15:43:22 +00:00
Andrew Ozz c77a8ed2fc Privacy: add attachments to the personal data export file.
Props allendav.
See #43883.
Built from https://develop.svn.wordpress.org/trunk@43054


git-svn-id: http://core.svn.wordpress.org/trunk@42883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 13:45:21 +00:00
Andrew Ozz 237df3367b Privacy: only fold the sections in the privacy policy poxtbox when more than one.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43052


git-svn-id: http://core.svn.wordpress.org/trunk@42881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 09:48:21 +00:00
Andrew Ozz d1ab641d16 Privacy: edits and improvements for the default text for a privacy policy.
Props idea15, allendav.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43048


git-svn-id: http://core.svn.wordpress.org/trunk@42877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 21:06:21 +00:00
iandunn 9abc0fe73e Privacy: Add `wp_privacy_personal_data_export_file_created` filter.
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.

See #43546.

Built from https://develop.svn.wordpress.org/trunk@43047


git-svn-id: http://core.svn.wordpress.org/trunk@42876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 21:04:22 +00:00
iandunn 23bf0c7535 Privacy: Add cron to delete expired export files to protect privacy.
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.

`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.

This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.

`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.

Props iandunn, desrosj.
See #43546.

Built from https://develop.svn.wordpress.org/trunk@43046


git-svn-id: http://core.svn.wordpress.org/trunk@42875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 20:09:23 +00:00
iandunn 5b4aa26436 Privacy: Use a CSPRNG in export filenames for more security.
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.

See #43546.

Built from https://develop.svn.wordpress.org/trunk@43045


git-svn-id: http://core.svn.wordpress.org/trunk@42874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 18:53:25 +00:00
Andrew Ozz c21c4e25b3 Privacy: add default text for a privacy policy. First run.
Props xkon, idea15, allendav, azaozz.
See #43473.
Built from https://develop.svn.wordpress.org/trunk@43044


git-svn-id: http://core.svn.wordpress.org/trunk@42873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-30 14:47:21 +00:00