Make WordPress Core

Changeset 43211


Ignore:
Timestamp:
05/10/2018 04:59:48 AM (7 years ago)
Author:
iandunn
Message:

Privacy: Notify admin via email when a request is confirmed.

Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
See #43967.

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/default-filters.php

    r43195 r43211  
    350350// Privacy
    351351add_action( 'user_request_action_confirmed', '_wp_privacy_account_request_confirmed' );
     352add_action( 'user_request_action_confirmed', '_wp_privacy_send_request_confirmation_notification', 12 ); // After request marked as completed.
    352353add_filter( 'user_request_action_confirmed_message', '_wp_privacy_account_request_confirmed_message', 10, 2 );
    353354add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_comment_personal_data_exporter' );
  • trunk/src/wp-includes/user.php

    r43199 r43211  
    29522952
    29532953/**
     2954 * Notify the site administrator via email when a request is confirmed.
     2955 *
     2956 * Without this, the admin would have to manually check the site to see if any
     2957 * action was needed on their part yet.
     2958 *
     2959 * @since 4.9.6
     2960 *
     2961 * @param int $request_id The ID of the request.
     2962 */
     2963function _wp_privacy_send_request_confirmation_notification( $request_id ) {
     2964    $request_data = wp_get_user_request_data( $request_id );
     2965
     2966    if ( ! is_a( $request_data, 'WP_User_Request' ) || 'request-confirmed' !== $request_data->status ) {
     2967        return;
     2968    }
     2969
     2970    $already_notified = (bool) get_post_meta( $request_id, '_wp_admin_notified', true );
     2971
     2972    if ( $already_notified ) {
     2973        return;
     2974    }
     2975
     2976    $subject = sprintf(
     2977        /* translators: %s Site name. */
     2978        __( '[%s] Action Confirmed' ),
     2979        wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES )
     2980    );
     2981
     2982    $manage_url = add_query_arg( 'page', $request_data->action_name, admin_url( 'tools.php' ) );
     2983
     2984    /**
     2985     * Filters the recipient of the data request confirmation notification.
     2986     *
     2987     * In a Multisite environment, this will default to the email address of the
     2988     * network admin because, by default, single site admins do not have the
     2989     * capabilities required to process requests. Some networks may wish to
     2990     * delegate those capabilities to a single-site admin, or a dedicated person
     2991     * responsible for managing privacy requests.
     2992     *
     2993     * @since 4.9.6
     2994     *
     2995     * @param string          $admin_email  The email address of the notification recipient.
     2996     * @param WP_User_Request $request_data The request that is initiating the notification.
     2997     */
     2998    $admin_email = apply_filters( 'user_request_confirmed_email_to', get_site_option( 'admin_email' ), $request_data );
     2999
     3000    $email_data = array(
     3001        'request'     => $request_data,
     3002        'user_email'  => $request_data->email,
     3003        'description' => wp_user_request_action_description( $request_data->action_name ),
     3004        'manage_url'  => $manage_url,
     3005        'sitename'    => get_option( 'blogname' ),
     3006        'siteurl'     => home_url(),
     3007        'admin_email' => $admin_email,
     3008    );
     3009
     3010    /* translators: Do not translate SITENAME, USER_EMAIL, DESCRIPTION, MANAGE_URL, SITEURL; those are placeholders. */
     3011    $email_text = __(
     3012        'Howdy,
     3013
     3014A user data privacy request has been confirmed on ###SITENAME###:
     3015
     3016User: ###USER_EMAIL###
     3017Request: ###DESCRIPTION###
     3018
     3019You can view and manage these data privacy requests here:
     3020
     3021###MANAGE_URL###
     3022
     3023Regards,
     3024All at ###SITENAME###
     3025###SITEURL###'
     3026    );
     3027
     3028    /**
     3029     * Filters the body of the user request confirmation email.
     3030     *
     3031     * The email is sent to an administrator when an user request is confirmed.
     3032     * The following strings have a special meaning and will get replaced dynamically:
     3033     *
     3034     * ###SITENAME###    The name of the site.
     3035     * ###USER_EMAIL###  The user email for the request.
     3036     * ###DESCRIPTION### Description of the action being performed so the user knows what the email is for.
     3037     * ###MANAGE_URL###  The URL to manage requests.
     3038     * ###SITEURL###     The URL to the site.
     3039     *
     3040     * @since 4.9.6
     3041     *
     3042     * @param string $email_text Text in the email.
     3043     * @param array  $email_data {
     3044     *     Data relating to the account action email.
     3045     *
     3046     *     @type WP_User_Request $request     User request object.
     3047     *     @type string          $user_email  The email address confirming a request
     3048     *     @type string          $description Description of the action being performed so the user knows what the email is for.
     3049     *     @type string          $manage_url  The link to click manage privacy requests of this type.
     3050     *     @type string          $sitename    The site name sending the mail.
     3051     *     @type string          $siteurl     The site URL sending the mail.
     3052     * }
     3053     */
     3054    $content = apply_filters( 'user_confirmed_action_email_content', $email_text, $email_data );
     3055
     3056    $content = str_replace( '###SITENAME###', wp_specialchars_decode( $email_data['sitename'], ENT_QUOTES ), $content );
     3057    $content = str_replace( '###USER_EMAIL###', $email_data['user_email'], $content );
     3058    $content = str_replace( '###DESCRIPTION###', $email_data['description'], $content );
     3059    $content = str_replace( '###MANAGE_URL###', esc_url_raw( $email_data['manage_url'] ), $content );
     3060    $content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );
     3061
     3062    $email_sent = wp_mail( $email_data['admin_email'], $subject, $content );
     3063
     3064    if ( $email_sent ) {
     3065        update_post_meta( $request_id, '_wp_admin_notified', true );
     3066    }
     3067}
     3068
     3069/**
    29543070 * Return request confirmation message HTML.
    29553071 *
Note: See TracChangeset for help on using the changeset viewer.