WordPress.org

Make WordPress Core

Changeset 43215


Ignore:
Timestamp:
05/10/2018 03:55:51 PM (6 weeks ago)
Author:
SergeyBiryukov
Message:

Privacy: Notify admin via email when a request is confirmed.

Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
Merges [43211] to the 4.9 branch.
See #43967.

Location:
branches/4.9
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-includes/default-filters.php

    r43196 r43215  
    323323// Privacy
    324324add_action( 'user_request_action_confirmed', '_wp_privacy_account_request_confirmed' );
     325add_action( 'user_request_action_confirmed', '_wp_privacy_send_request_confirmation_notification', 12 ); // After request marked as completed.
    325326add_filter( 'user_request_action_confirmed_message', '_wp_privacy_account_request_confirmed_message', 10, 2 );
    326327add_filter( 'wp_privacy_personal_data_exporters', 'wp_register_comment_personal_data_exporter' );
  • branches/4.9/src/wp-includes/user.php

    r43213 r43215  
    28742874
    28752875/**
     2876 * Notify the site administrator via email when a request is confirmed.
     2877 *
     2878 * Without this, the admin would have to manually check the site to see if any
     2879 * action was needed on their part yet.
     2880 *
     2881 * @since 4.9.6
     2882 *
     2883 * @param int $request_id The ID of the request.
     2884 */
     2885function _wp_privacy_send_request_confirmation_notification( $request_id ) {
     2886    $request_data = wp_get_user_request_data( $request_id );
     2887
     2888    if ( ! is_a( $request_data, 'WP_User_Request' ) || 'request-confirmed' !== $request_data->status ) {
     2889        return;
     2890    }
     2891
     2892    $already_notified = (bool) get_post_meta( $request_id, '_wp_admin_notified', true );
     2893
     2894    if ( $already_notified ) {
     2895        return;
     2896    }
     2897
     2898    $subject = sprintf(
     2899        /* translators: %s Site name. */
     2900        __( '[%s] Action Confirmed' ),
     2901        wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES )
     2902    );
     2903
     2904    $manage_url = add_query_arg( 'page', $request_data->action_name, admin_url( 'tools.php' ) );
     2905
     2906    /**
     2907     * Filters the recipient of the data request confirmation notification.
     2908     *
     2909     * In a Multisite environment, this will default to the email address of the
     2910     * network admin because, by default, single site admins do not have the
     2911     * capabilities required to process requests. Some networks may wish to
     2912     * delegate those capabilities to a single-site admin, or a dedicated person
     2913     * responsible for managing privacy requests.
     2914     *
     2915     * @since 4.9.6
     2916     *
     2917     * @param string          $admin_email  The email address of the notification recipient.
     2918     * @param WP_User_Request $request_data The request that is initiating the notification.
     2919     */
     2920    $admin_email = apply_filters( 'user_request_confirmed_email_to', get_site_option( 'admin_email' ), $request_data );
     2921
     2922    $email_data = array(
     2923        'request'     => $request_data,
     2924        'user_email'  => $request_data->email,
     2925        'description' => wp_user_request_action_description( $request_data->action_name ),
     2926        'manage_url'  => $manage_url,
     2927        'sitename'    => get_option( 'blogname' ),
     2928        'siteurl'     => home_url(),
     2929        'admin_email' => $admin_email,
     2930    );
     2931
     2932    /* translators: Do not translate SITENAME, USER_EMAIL, DESCRIPTION, MANAGE_URL, SITEURL; those are placeholders. */
     2933    $email_text = __(
     2934        'Howdy,
     2935
     2936A user data privacy request has been confirmed on ###SITENAME###:
     2937
     2938User: ###USER_EMAIL###
     2939Request: ###DESCRIPTION###
     2940
     2941You can view and manage these data privacy requests here:
     2942
     2943###MANAGE_URL###
     2944
     2945Regards,
     2946All at ###SITENAME###
     2947###SITEURL###'
     2948    );
     2949
     2950    /**
     2951     * Filters the body of the user request confirmation email.
     2952     *
     2953     * The email is sent to an administrator when an user request is confirmed.
     2954     * The following strings have a special meaning and will get replaced dynamically:
     2955     *
     2956     * ###SITENAME###    The name of the site.
     2957     * ###USER_EMAIL###  The user email for the request.
     2958     * ###DESCRIPTION### Description of the action being performed so the user knows what the email is for.
     2959     * ###MANAGE_URL###  The URL to manage requests.
     2960     * ###SITEURL###     The URL to the site.
     2961     *
     2962     * @since 4.9.6
     2963     *
     2964     * @param string $email_text Text in the email.
     2965     * @param array  $email_data {
     2966     *     Data relating to the account action email.
     2967     *
     2968     *     @type WP_User_Request $request     User request object.
     2969     *     @type string          $user_email  The email address confirming a request
     2970     *     @type string          $description Description of the action being performed so the user knows what the email is for.
     2971     *     @type string          $manage_url  The link to click manage privacy requests of this type.
     2972     *     @type string          $sitename    The site name sending the mail.
     2973     *     @type string          $siteurl     The site URL sending the mail.
     2974     * }
     2975     */
     2976    $content = apply_filters( 'user_confirmed_action_email_content', $email_text, $email_data );
     2977
     2978    $content = str_replace( '###SITENAME###', wp_specialchars_decode( $email_data['sitename'], ENT_QUOTES ), $content );
     2979    $content = str_replace( '###USER_EMAIL###', $email_data['user_email'], $content );
     2980    $content = str_replace( '###DESCRIPTION###', $email_data['description'], $content );
     2981    $content = str_replace( '###MANAGE_URL###', esc_url_raw( $email_data['manage_url'] ), $content );
     2982    $content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );
     2983
     2984    $email_sent = wp_mail( $email_data['admin_email'], $subject, $content );
     2985
     2986    if ( $email_sent ) {
     2987        update_post_meta( $request_id, '_wp_admin_notified', true );
     2988    }
     2989}
     2990
     2991/**
    28762992 * Return request confirmation message HTML.
    28772993 *
Note: See TracChangeset for help on using the changeset viewer.