Changeset 43080

Timestamp:

05/02/2018 12:20:31 AM (7 years ago)

Author:

SergeyBiryukov

Message:

Privacy: add functionality to anonymize commenters.

Props xkon, fclaussen, allendav, birgire, azaozz.
Merges [42994] to the 4.9 branch.
See #43442.

Location:

branches/4.9

Files:

• . (modified) (1 prop)
• src/wp-admin/js/xfn.js (modified) (2 diffs)
• src/wp-includes/comment.php (modified) (1 diff)
• src/wp-includes/default-filters.php (modified) (1 diff)
• tests/phpunit/tests/comment.php (modified) (1 diff)

branches/4.9/src/wp-admin/js/xfn.js

@@ -68 +68 @@
             var summaryMessage = strings.noDataFound;
             var classes = 'notice-success';
-            if ( 0 == removedCount ) {
-                if ( 0 == retainedCount ) {
+            if ( 0 === removedCount ) {
+                if ( 0 === retainedCount ) {
                     summaryMessage = strings.noDataFound;
                 } else {
@@ -76 +76 @@
                 }
             } else {
-                if ( 0 == retainedCount ) {
+                if ( 0 === retainedCount ) {
                     summaryMessage = strings.foundAndRemoved;
                 } else {

branches/4.9/src/wp-includes/comment.php

@@ -3250 +3250 @@
     );
 }
+
+/**
+ * Registers the personal data eraser for comments.
+ *
+ * @since 4.9.6
+ *
+ * @param  array $erasers An array of personal data erasers.
+ * @return array $erasers An array of personal data erasers.
+ */
+function wp_register_comment_personal_data_eraser( $erasers ) {
+    $erasers[] = array(
+        'eraser_friendly_name' => __( 'WordPress Comments' ),
+        'callback'             => 'wp_comments_personal_data_eraser',
+    );
+
+    return $erasers;
+}
+
+/**
+ * Erases personal data associated with an email address from the comments table.
+ *
+ * @since 4.9.6
+ *
+ * @param  string $email_address The comment author email address.
+ * @param  int    $page          Comment page.
+ * @return array
+ */
+function wp_comments_personal_data_eraser( $email_address, $page = 1 ) {
+    global $wpdb;
+
+    if ( empty( $email_address ) ) {
+        return array(
+            'num_items_removed'  => 0,
+            'num_items_retained' => 0,
+            'messages'           => array(),
+            'done'               => true,
+        );
+    }
+
+    // Limit us to 500 comments at a time to avoid timing out.
+    $number            = 500;
+    $page              = (int) $page;
+    $num_items_removed = 0;
+
+    $comments = get_comments(
+        array(
+            'author_email'       => $email_address,
+            'number'             => $number,
+            'paged'              => $page,
+            'order_by'           => 'comment_ID',
+            'order'              => 'ASC',
+            'include_unapproved' => true,
+        )
+    );
+
+    $anon_author = __( 'Anonymous' );
+    $messages    = array();
+
+    foreach ( (array) $comments as $comment ) {
+        $anonymized_comment                         = array();
+        $anonymized_comment['comment_agent']        = '';
+        $anonymized_comment['comment_author']       = $anon_author;
+        $anonymized_comment['comment_author_email'] = wp_privacy_anonymize_data( 'email', $comment->comment_author_email );
+        $anonymized_comment['comment_author_IP']    = wp_privacy_anonymize_data( 'ip', $comment->comment_author_IP );
+        $anonymized_comment['comment_author_url']   = wp_privacy_anonymize_data( 'url', $comment->comment_author_url );
+        $anonymized_comment['user_id']              = 0;
+
+        $comment_id = (int) $comment->comment_ID;
+
+        /**
+         * Filters whether to anonymize the comment.
+         *
+         * @since 4.9.6
+         *
+         * @param bool|string                    Whether to apply the comment anonymization (bool).
+         *                                       Custom prevention message (string). Default true.
+         * @param WP_Comment $comment            WP_Comment object.
+         * @param array      $anonymized_comment Anonymized comment data.
+         */
+        $anon_message = apply_filters( 'wp_anonymize_comment', true, $comment, $anonymized_comment );
+
+        if ( true !== $anon_message ) {
+            if ( $anon_message && is_string( $anon_message ) ) {
+                $messages[] = esc_html( $anon_message );
+            } else {
+                /* translators: %d: Comment ID */
+                $messages[] = sprintf( __( 'Comment %d contains personal data but could not be anonymized.' ), $comment_id );
+            }
+
+            continue;
+        }
+
+        $args = array(
+            'comment_ID' => $comment_id,
+        );
+
+        $updated = $wpdb->update( $wpdb->comments, $anonymized_comment, $args );
+
+        if ( $updated ) {
+            $num_items_removed++;
+            clean_comment_cache( $comment_id );
+        }
+    }
+
+    $done = count( $comments ) < $number;
+
+    return array(
+        'num_items_removed'  => $num_items_removed,
+        'num_items_retained' => count( $comments ) - $num_items_removed,
+        'messages'           => $messages,
+        'done'               => $done,
+    );
+}

branches/4.9/src/wp-includes/default-filters.php

@@ -303 +303 @@
 add_action( 'set_comment_cookies',        'wp_set_comment_cookies',                  10, 2 );
 add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_comment_personal_data_exporter', 10 );
+add_filter( 'wp_privacy_personal_data_erasers', 'wp_register_comment_personal_data_eraser', 10 );
 add_action( 'sanitize_comment_cookies',   'sanitize_comment_cookies'                       );
 add_action( 'admin_print_scripts',        'print_emoji_detection_script'                   );

branches/4.9/tests/phpunit/tests/comment.php

@@ -701 +701 @@
     }
 
+    /**
+     * The `wp_comments_personal_data_eraser()` function should erase user's comments.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_comments_personal_data_eraser() {
+
+        $post_id = self::factory()->post->create();
+        $user_id = self::factory()->user->create();
+
+        $args       = array(
+            'user_id'              => $user_id,
+            'comment_post_ID'      => $post_id,
+            'comment_author'       => 'Comment Author',
+            'comment_author_email' => 'personal@local.host',
+            'comment_author_url'   => 'https://local.host/',
+            'comment_author_IP'    => '192.168.0.1',
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_agent'        => 'COMMENT_AGENT',
+            'comment_content'      => 'Comment Content',
+        );
+        $comment_id = self::factory()->comment->create( $args );
+
+        wp_comments_personal_data_eraser( $args['comment_author_email'] );
+
+        $comment = get_comment( $comment_id );
+
+        $actual = array(
+            'comment_ID'           => $comment->comment_ID,
+            'user_id'              => $comment->user_id,
+            'comment_author'       => $comment->comment_author,
+            'comment_author_email' => $comment->comment_author_email,
+            'comment_author_url'   => $comment->comment_author_url,
+            'comment_author_IP'    => $comment->comment_author_IP,
+            'comment_date'         => $comment->comment_date,
+            'comment_date_gmt'     => $comment->comment_date_gmt,
+            'comment_agent'        => $comment->comment_agent,
+            'comment_content'      => $comment->comment_content,
+        );
+
+        $expected = array(
+            'comment_ID'           => (string) $comment_id,
+            'user_id'              => '0', // Anonymized.
+            'comment_author'       => 'Anonymous', // Anonymized.
+            'comment_author_email' => 'deleted@site.invalid', // Anonymized.
+            'comment_author_url'   => 'https://site.invalid', // Anonymized.
+            'comment_author_IP'    => '192.168.0.0', // Anonymized.
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_date_gmt'     => '2018-04-14 17:20:00',
+            'comment_agent'        => '', // Anonymized.
+            'comment_content'      => 'Comment Content',
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Testing the `wp_comments_personal_data_eraser()` function's output on an empty first page.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_comments_personal_data_eraser_empty_first_page_output() {
+
+        $actual   = wp_comments_personal_data_eraser( 'nocommentsfound@local.host' );
+        $expected = array(
+            'num_items_removed'  => 0,
+            'num_items_retained' => 0,
+            'messages'           => array(),
+            'done'               => true,
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Testing the `wp_comments_personal_data_eraser()` function's output, for the non-empty first page.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_comments_personal_data_eraser_non_empty_first_page_output() {
+
+        $post_id = self::factory()->post->create();
+        $args    = array(
+            'comment_post_ID'      => $post_id,
+            'comment_author'       => 'Comment Author',
+            'comment_author_email' => 'personal@local.host',
+            'comment_author_url'   => 'https://local.host/',
+            'comment_author_IP'    => '192.168.0.1',
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_agent'        => 'COMMENT_AGENT',
+            'comment_content'      => 'Comment Content',
+        );
+        self::factory()->comment->create( $args );
+
+        $actual   = wp_comments_personal_data_eraser( $args['comment_author_email'] );
+        $expected = array(
+            'num_items_removed'  => 1,
+            'num_items_retained' => 0,
+            'messages'           => array(),
+            'done'               => true,
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Testing the `wp_comments_personal_data_eraser()` function's output, for an empty second page.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_comments_personal_data_eraser_empty_second_page_output() {
+
+        $post_id = self::factory()->post->create();
+        $args    = array(
+            'comment_post_ID'      => $post_id,
+            'comment_author'       => 'Comment Author',
+            'comment_author_email' => 'personal@local.host',
+            'comment_author_url'   => 'https://local.host/',
+            'comment_author_IP'    => '192.168.0.1',
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_agent'        => 'COMMENT_AGENT',
+            'comment_content'      => 'Comment Content',
+        );
+        self::factory()->comment->create( $args );
+
+        $actual   = wp_comments_personal_data_eraser( $args['comment_author_email'], 2 );
+        $expected = array(
+            'num_items_removed'  => 0,
+            'num_items_retained' => 0,
+            'messages'           => array(),
+            'done'               => true,
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Testing the `wp_anonymize_comment` filter, to prevent comment anonymization.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_anonymize_comment_filter_to_prevent_comment_anonymization() {
+
+        $post_id    = self::factory()->post->create();
+        $args       = array(
+            'comment_post_ID'      => $post_id,
+            'comment_author'       => 'Comment Author',
+            'comment_author_email' => 'personal@local.host',
+            'comment_author_url'   => 'https://local.host/',
+            'comment_author_IP'    => '192.168.0.1',
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_agent'        => 'COMMENT_AGENT',
+            'comment_content'      => 'Comment Content',
+        );
+        $comment_id = self::factory()->comment->create( $args );
+
+        add_filter( 'wp_anonymize_comment', '__return_false' );
+        $actual = wp_comments_personal_data_eraser( $args['comment_author_email'] );
+        remove_filter( 'wp_anonymize_comment', '__return_false' );
+
+        $message = sprintf( 'Comment %d contains personal data but could not be anonymized.', $comment_id );
+
+        $expected = array(
+            'num_items_removed'  => 0,
+            'num_items_retained' => 1,
+            'messages'           => array( $message ),
+            'done'               => true,
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Testing the `wp_anonymize_comment` filter, to prevent comment anonymization, with a custom message.
+     *
+     * @ticket 43442
+     */
+    public function test_wp_anonymize_comment_filter_to_prevent_comment_anonymization_with_custom_message() {
+
+        $post_id    = self::factory()->post->create();
+        $args       = array(
+            'comment_post_ID'      => $post_id,
+            'comment_author'       => 'Comment Author',
+            'comment_author_email' => 'personal@local.host',
+            'comment_author_url'   => 'https://local.host/',
+            'comment_author_IP'    => '192.168.0.1',
+            'comment_date'         => '2018-04-14 17:20:00',
+            'comment_agent'        => 'COMMENT_AGENT',
+            'comment_content'      => 'Comment Content',
+        );
+        $comment_id = self::factory()->comment->create( $args );
+
+        add_filter( 'wp_anonymize_comment', array( $this, 'wp_anonymize_comment_custom_message' ), 10, 3 );
+        $actual = wp_comments_personal_data_eraser( $args['comment_author_email'] );
+        remove_filter( 'wp_anonymize_comment', array( $this, 'wp_anonymize_comment_custom_message' ) );
+
+        $message = sprintf( 'Some custom message for comment %d.', $comment_id );
+
+        $expected = array(
+            'num_items_removed'  => 0,
+            'num_items_retained' => 1,
+            'messages'           => array( $message ),
+            'done'               => true,
+        );
+
+        $this->assertSame( $expected, $actual );
+    }
+
+    /**
+     * Callback for the `wp_anonymize_comment` filter.
+     *
+     * @param  bool|string $anonymize          Whether to apply the comment anonymization (bool).
+     *                                         Custom prevention message (string). Default true.
+     * @param  WP_Comment  $comment            WP_Comment object.
+     * @param  array       $anonymized_comment Anonymized comment data.
+     * @return string
+     */
+    public function wp_anonymize_comment_custom_message( $anonymize, $comment, $anonymized_comment ) {
+        return sprintf( 'Some custom message for comment %d.', $comment->comment_ID );
+    }
+
     public function test_update_should_invalidate_comment_cache() {
         global $wpdb;