Ticket #51351: 51351.diff
File 51351.diff, 14.7 KB (added by , 4 years ago) |
---|
-
src/wp-admin/erase-personal-data.php
10 10 require_once __DIR__ . '/admin.php'; 11 11 12 12 if ( ! current_user_can( 'erase_others_personal_data' ) || ! current_user_can( 'delete_users' ) ) { 13 wp_die( __( 'Sorry, you are not allowed to erase data on this site.' ) );13 wp_die( __( 'Sorry, you are not allowed to erase personal data on this site.' ) ); 14 14 } 15 15 16 16 // Handle list table actions. -
src/wp-admin/includes/privacy-tools.php
20 20 $request = get_post( $request_id ); 21 21 22 22 if ( ! $request || 'user_request' !== $request->post_type ) { 23 return new WP_Error( 'privacy_request_error', __( 'Invalid request.' ) );23 return new WP_Error( 'privacy_request_error', __( 'Invalid user privacy request.' ) ); 24 24 } 25 25 26 26 $result = wp_send_user_request( $request_id ); … … 28 28 if ( is_wp_error( $result ) ) { 29 29 return $result; 30 30 } elseif ( ! $result ) { 31 return new WP_Error( 'privacy_request_error', __( 'Unable to initiate confirmation request.' ) );31 return new WP_Error( 'privacy_request_error', __( 'Unable to initiate user privacy confirmation request.' ) ); 32 32 } 33 33 34 34 return true; … … 49 49 $request = wp_get_user_request( $request_id ); 50 50 51 51 if ( ! $request ) { 52 return new WP_Error( 'privacy_request_error', __( 'Invalid request.' ) );52 return new WP_Error( 'privacy_request_error', __( 'Invalid user privacy request.' ) ); 53 53 } 54 54 55 55 update_post_meta( $request_id, '_wp_user_request_completed_timestamp', time() ); … … 104 104 add_settings_error( 105 105 'action_type', 106 106 'action_type', 107 __( 'Invalid action.' ),107 __( 'Invalid user privacy action.' ), 108 108 'error' 109 109 ); 110 110 } … … 116 116 add_settings_error( 117 117 'action_type', 118 118 'action_type', 119 __( 'Invalid action.' ),119 __( 'Invalid user privacy action.' ), 120 120 'error' 121 121 ); 122 122 } … … 297 297 */ 298 298 function wp_privacy_generate_personal_data_export_file( $request_id ) { 299 299 if ( ! class_exists( 'ZipArchive' ) ) { 300 wp_send_json_error( __( 'Unable to generate export file. ZipArchive not available.' ) );300 wp_send_json_error( __( 'Unable to generate user privacy export file. ZipArchive not available.' ) ); 301 301 } 302 302 303 303 // Get the request. … … 304 304 $request = wp_get_user_request( $request_id ); 305 305 306 306 if ( ! $request || 'export_personal_data' !== $request->action_name ) { 307 wp_send_json_error( __( 'Invalid request ID when generating export file.' ) );307 wp_send_json_error( __( 'Invalid request ID when generating user privacy export file.' ) ); 308 308 } 309 309 310 310 $email_address = $request->email; 311 311 312 312 if ( ! is_email( $email_address ) ) { 313 wp_send_json_error( __( 'Invalid email address when generating export file.' ) );313 wp_send_json_error( __( 'Invalid email address when generating user privacy export file.' ) ); 314 314 } 315 315 316 316 // Create the exports folder if needed. … … 318 318 $exports_url = wp_privacy_exports_url(); 319 319 320 320 if ( ! wp_mkdir_p( $exports_dir ) ) { 321 wp_send_json_error( __( 'Unable to create export folder.' ) );321 wp_send_json_error( __( 'Unable to create user privacy export folder.' ) ); 322 322 } 323 323 324 324 // Protect export folder from browsing. … … 326 326 if ( ! file_exists( $index_pathname ) ) { 327 327 $file = fopen( $index_pathname, 'w' ); 328 328 if ( false === $file ) { 329 wp_send_json_error( __( 'Unable to protect export folder from browsing.' ) );329 wp_send_json_error( __( 'Unable to protect user privacy export folder from browsing.' ) ); 330 330 } 331 331 fwrite( $file, '<!-- Silence is golden. -->' ); 332 332 fclose( $file ); … … 395 395 $file = fopen( $json_report_pathname, 'w' ); 396 396 397 397 if ( false === $file ) { 398 wp_send_json_error( __( 'Unable to open export file (JSON report) for writing.' ) );398 wp_send_json_error( __( 'Unable to open user privacy export file (JSON report) for writing.' ) ); 399 399 } 400 400 401 401 fwrite( $file, '{' ); … … 410 410 $file = fopen( $html_report_pathname, 'w' ); 411 411 412 412 if ( false === $file ) { 413 wp_send_json_error( __( 'Unable to open export file (HTML report) for writing.' ) );413 wp_send_json_error( __( 'Unable to open user privacy export file (HTML report) for writing.' ) ); 414 414 } 415 415 416 416 fwrite( $file, "<!DOCTYPE html>\n" ); … … 504 504 $zip = new ZipArchive; 505 505 if ( true === $zip->open( $archive_pathname, ZipArchive::CREATE ) ) { 506 506 if ( ! $zip->addFile( $json_report_pathname, 'export.json' ) ) { 507 $error = __( 'Unable to add data to JSON file.' );507 $error = __( 'Unable to add data to user privacy export file (JSON format).' ); 508 508 } 509 509 510 510 if ( ! $zip->addFile( $html_report_pathname, 'index.html' ) ) { 511 $error = __( 'Unable to add data to HTML file.' );511 $error = __( 'Unable to add data to user privacy export file (HTML format).' ); 512 512 } 513 513 514 514 $zip->close(); … … 529 529 do_action( 'wp_privacy_personal_data_export_file_created', $archive_pathname, $archive_url, $html_report_pathname, $request_id, $json_report_pathname ); 530 530 } 531 531 } else { 532 $error = __( 'Unable to open export file (archive) for writing.' );532 $error = __( 'Unable to open user privacy export file (archive) for writing.' ); 533 533 } 534 534 535 535 // Remove the JSON file. … … 758 758 $request = wp_get_user_request( $request_id ); 759 759 760 760 if ( ! $request || 'export_personal_data' !== $request->action_name ) { 761 wp_send_json_error( __( 'Invalid request ID when merging exporter data.' ) );761 wp_send_json_error( __( 'Invalid request ID when merging user privacy exporter data.' ) ); 762 762 } 763 763 764 764 $export_data = array(); … … 905 905 $request = wp_get_user_request( $request_id ); 906 906 907 907 if ( ! $request || 'remove_personal_data' !== $request->action_name ) { 908 wp_send_json_error( __( 'Invalid request ID when processing eraser data.' ) );908 wp_send_json_error( __( 'Invalid request ID when processing user privacy eraser data.' ) ); 909 909 } 910 910 911 911 /** This filter is documented in wp-admin/includes/ajax-actions.php */ -
src/wp-admin/options-privacy.php
10 10 require_once __DIR__ . '/admin.php'; 11 11 12 12 if ( ! current_user_can( 'manage_privacy_options' ) ) { 13 wp_die( __( 'Sorry, you are not allowed to manage privacy o n this site.' ) );13 wp_die( __( 'Sorry, you are not allowed to manage privacy options on this site.' ) ); 14 14 } 15 15 16 16 $action = isset( $_POST['action'] ) ? $_POST['action'] : ''; -
src/wp-admin/privacy-policy-guide.php
10 10 require_once __DIR__ . '/admin.php'; 11 11 12 12 if ( ! current_user_can( 'manage_privacy_options' ) ) { 13 wp_die( __( 'Sorry, you are not allowed to manage privacy o n this site.' ) );13 wp_die( __( 'Sorry, you are not allowed to manage privacy options on this site.' ) ); 14 14 } 15 15 16 16 if ( ! class_exists( 'WP_Privacy_Policy_Content' ) ) { -
src/wp-includes/user.php
3608 3608 ); 3609 3609 3610 3610 if ( $requests_query->found_posts ) { 3611 return new WP_Error( 'duplicate_request', __( 'An incomplete request for this email address already exists.' ) );3611 return new WP_Error( 'duplicate_request', __( 'An incomplete user privacy request for this email address already exists.' ) ); 3612 3612 } 3613 3613 3614 3614 $request_id = wp_insert_post( … … 3676 3676 $request = wp_get_user_request( $request_id ); 3677 3677 3678 3678 if ( ! $request ) { 3679 return new WP_Error( 'invalid_request', __( 'Invalid user request.' ) );3679 return new WP_Error( 'invalid_request', __( 'Invalid user privacy request.' ) ); 3680 3680 } 3681 3681 3682 3682 // Localize message content for user; fallback to site default for visitors. … … 3858 3858 function wp_validate_user_request_key( $request_id, $key ) { 3859 3859 global $wp_hasher; 3860 3860 3861 $request_id = absint( $request_id ); 3862 $request = wp_get_user_request( $request_id ); 3861 $request_id = absint( $request_id ); 3862 $request = wp_get_user_request( $request_id ); 3863 $saved_key = $request->confirm_key; 3864 $key_request_time = $request->modified_timestamp; 3863 3865 3864 if ( ! $request ) {3865 return new WP_Error( 'invalid_request', __( 'Invalid request.' ) );3866 if ( ! $request || ! $saved_key || ! $key_request_time ) { 3867 return new WP_Error( 'invalid_request', __( 'Invalid user privacy request.' ) ); 3866 3868 } 3867 3869 3868 3870 if ( ! in_array( $request->status, array( 'request-pending', 'request-failed' ), true ) ) { 3869 return new WP_Error( 'expired_ link', __( 'This linkhas expired.' ) );3871 return new WP_Error( 'expired_request', __( 'This user privacy request has expired.' ) ); 3870 3872 } 3871 3873 3872 3874 if ( empty( $key ) ) { 3873 return new WP_Error( 'missing_key', __( ' Missing confirmkey.' ) );3875 return new WP_Error( 'missing_key', __( 'This user privacy request is missing the confirmation key.' ) ); 3874 3876 } 3875 3877 3876 3878 if ( empty( $wp_hasher ) ) { … … 3878 3880 $wp_hasher = new PasswordHash( 8, true ); 3879 3881 } 3880 3882 3881 $key_request_time = $request->modified_timestamp;3882 $saved_key = $request->confirm_key;3883 3884 if ( ! $saved_key ) {3885 return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );3886 }3887 3888 if ( ! $key_request_time ) {3889 return new WP_Error( 'invalid_key', __( 'Invalid action.' ) );3890 }3891 3892 3883 /** 3893 3884 * Filters the expiration time of confirm keys. 3894 3885 * … … 3900 3891 $expiration_time = $key_request_time + $expiration_duration; 3901 3892 3902 3893 if ( ! $wp_hasher->CheckPassword( $key, $saved_key ) ) { 3903 return new WP_Error( 'invalid_key', __( ' Invalid key.' ) );3894 return new WP_Error( 'invalid_key', __( 'This user privacy request confirmation key is invalid.' ) ); 3904 3895 } 3905 3896 3906 3897 if ( ! $expiration_time || time() > $expiration_time ) { 3907 return new WP_Error( 'expired_key', __( 'Th e confirmation emailhas expired.' ) );3898 return new WP_Error( 'expired_key', __( 'This user privacy request confirmation key has expired.' ) ); 3908 3899 } 3909 3900 3910 3901 return true; -
tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php
164 164 $request_id = wp_create_user_request( 'removal-requester@example.com', 'remove_personal_data' ); 165 165 166 166 $this->expectException( 'WPDieException' ); 167 $this->expectOutputString( '{"success":false,"data":"Invalid request ID when generating export file."}' );167 $this->expectOutputString( '{"success":false,"data":"Invalid request ID when generating user privacy export file."}' ); 168 168 wp_privacy_generate_personal_data_export_file( $request_id ); 169 169 } 170 170 … … 175 175 */ 176 176 public function test_invalid_request_id() { 177 177 $this->expectException( 'WPDieException' ); 178 $this->expectOutputString( '{"success":false,"data":"Invalid request ID when generating export file."}' );178 $this->expectOutputString( '{"success":false,"data":"Invalid request ID when generating user privacy export file."}' ); 179 179 wp_privacy_generate_personal_data_export_file( 123456789 ); 180 180 } 181 181 … … 195 195 ); 196 196 197 197 $this->expectException( 'WPDieException' ); 198 $this->expectOutputString( '{"success":false,"data":"Invalid email address when generating export file."}' );198 $this->expectOutputString( '{"success":false,"data":"Invalid email address when generating user privacy export file."}' ); 199 199 wp_privacy_generate_personal_data_export_file( $request_id ); 200 200 } 201 201 … … 209 209 touch( untrailingslashit( self::$exports_dir ) ); 210 210 211 211 $this->expectException( 'WPDieException' ); 212 $this->expectOutputString( '{"success":false,"data":"Unable to create export folder."}' );212 $this->expectOutputString( '{"success":false,"data":"Unable to create user privacy export folder."}' ); 213 213 wp_privacy_generate_personal_data_export_file( self::$export_request_id ); 214 214 } 215 215 -
tests/phpunit/tests/privacy/wpPrivacyProcessPersonalDataExportPage.php
367 367 $invalid_request_id = 0; 368 368 369 369 // Process data, given the last exporter, on the last page and send as email. 370 $this->_setup_expected_failure( '{"success":false,"data":"Invalid request ID when merging exporter data."}' );370 $this->_setup_expected_failure( '{"success":false,"data":"Invalid request ID when merging user privacy exporter data."}' ); 371 371 372 372 wp_privacy_process_personal_data_export_page( 373 373 $response, … … 399 399 $request_id = wp_create_user_request( self::$requester_email, 'remove_personal_data' ); 400 400 401 401 // Process data, given the last exporter, on the last page and send as email. 402 $this->_setup_expected_failure( '{"success":false,"data":"Invalid request ID when merging exporter data."}' );402 $this->_setup_expected_failure( '{"success":false,"data":"Invalid request ID when merging user privacy exporter data."}' ); 403 403 404 404 wp_privacy_process_personal_data_export_page( 405 405 $response, -
tests/qunit/fixtures/wp-api-generated.js
4469 4469 "attributes": { 4470 4470 "required": false, 4471 4471 "default": [], 4472 "description": "Attributes for the block ",4472 "description": "Attributes for the block.", 4473 4473 "type": "object" 4474 4474 }, 4475 4475 "post_id": { … … 4563 4563 "args": { 4564 4564 "name": { 4565 4565 "required": false, 4566 "description": "Block name ",4566 "description": "Block name.", 4567 4567 "type": "string" 4568 4568 }, 4569 4569 "namespace": { 4570 4570 "required": false, 4571 "description": "Block namespace ",4571 "description": "Block namespace.", 4572 4572 "type": "string" 4573 4573 }, 4574 4574 "context": {