Make WordPress Core

Changeset 43231


Ignore:
Timestamp:
05/10/2018 08:43:39 PM (5 years ago)
Author:
SergeyBiryukov
Message:

Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.

Props desrosj, allendav, garrett-eclipse.
Merges [43230] to the 4.9 branch.
Fixes #43973.

Location:
branches/4.9
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/4.9

  • branches/4.9/src/wp-admin/includes/admin-filters.php

    r43225 r43231  
    137137add_filter( 'wp_privacy_personal_data_export_page', 'wp_privacy_process_personal_data_export_page', 10, 7 );
    138138add_action( 'wp_privacy_personal_data_export_file', 'wp_privacy_generate_personal_data_export_file', 10 );
     139add_action( 'wp_privacy_personal_data_erased', '_wp_privacy_send_erasure_fulfillment_notification', 10 );
    139140
    140141// Privacy policy text changes check.
  • branches/4.9/src/wp-admin/includes/user.php

    r43213 r43231  
    941941    _wp_privacy_completed_request( $request_id );
    942942
     943    /**
     944     * Fires immediately after a personal data erasure request has been marked completed.
     945     *
     946     * @since 4.9.6
     947     *
     948     * @param int $request_id The privacy request post ID associated with this request.
     949     */
     950    do_action( 'wp_privacy_personal_data_erased', $request_id );
     951
    943952    return $response;
    944953}
  • branches/4.9/src/wp-includes/user.php

    r43215 r43231  
    29902990
    29912991/**
     2992 * Notify the user when their erasure request is fulfilled.
     2993 *
     2994 * Without this, the user would never know if their data was actually erased.
     2995 *
     2996 * @since 4.9.6
     2997 *
     2998 * @param int $request_id The privacy request post ID associated with this request.
     2999 */
     3000function _wp_privacy_send_erasure_fulfillment_notification( $request_id ) {
     3001    $request_data = wp_get_user_request_data( $request_id );
     3002
     3003    if ( ! is_a( $request_data, 'WP_User_Request' ) || 'request-completed' !== $request_data->status ) {
     3004        return;
     3005    }
     3006
     3007    $already_notified = (bool) get_post_meta( $request_id, '_wp_user_notified', true );
     3008
     3009    if ( $already_notified ) {
     3010        return;
     3011    }
     3012
     3013    $subject = sprintf(
     3014        /* translators: %s Site name. */
     3015        __( '[%s] Erasure Request Fulfilled' ),
     3016        wp_specialchars_decode( get_option( 'blogname' ), ENT_QUOTES )
     3017    );
     3018
     3019    /**
     3020     * Filters the recipient of the data erasure fulfillment notification.
     3021     *
     3022     * @since 4.9.6
     3023     *
     3024     * @param string          $user_email   The email address of the notification recipient.
     3025     * @param WP_User_Request $request_data The request that is initiating the notification.
     3026     */
     3027    $user_email = apply_filters( 'user_erasure_fulfillment_email_to', $request_data->email, $request_data );
     3028
     3029    $email_data = array(
     3030        'request'            => $request_data,
     3031        'user_email'         => $request_data->email,
     3032        'privacy_policy_url' => get_privacy_policy_url(),
     3033        'sitename'           => get_option( 'blogname' ),
     3034        'siteurl'            => home_url(),
     3035    );
     3036
     3037    if ( empty( $email_data['privacy_policy_url'] ) ) {
     3038        /* translators: Do not translate SITENAME, SITEURL; those are placeholders. */
     3039        $email_text = __(
     3040            'Howdy,
     3041
     3042Your request to erase your personal data on ###SITENAME### has been completed.
     3043
     3044If you have any follow-up questions or concerns, please contact the site administrator.
     3045
     3046Regards,
     3047All at ###SITENAME###
     3048###SITEURL###'
     3049        );
     3050    } else {
     3051        /* translators: Do not translate SITENAME, SITEURL, PRIVACY_POLICY_URL; those are placeholders. */
     3052        $email_text = __(
     3053            'Howdy,
     3054
     3055Your request to erase your personal data on ###SITENAME### has been completed.
     3056
     3057If you have any follow-up questions or concerns, please contact the site administrator.
     3058
     3059For more information, you can also read our privacy policy: ###PRIVACY_POLICY_URL###
     3060
     3061Regards,
     3062All at ###SITENAME###
     3063###SITEURL###'
     3064        );
     3065    }
     3066
     3067    /**
     3068     * Filters the body of the data erasure fulfillment notification.
     3069     *
     3070     * The email is sent to a user when a their data erasure request is fulfilled
     3071     * by an administrator.
     3072     *
     3073     * The following strings have a special meaning and will get replaced dynamically:
     3074     *
     3075     * ###SITENAME###           The name of the site.
     3076     * ###PRIVACY_POLICY_URL### Privacy policy page URL.
     3077     * ###SITEURL###            The URL to the site.
     3078     *
     3079     * @since 4.9.6
     3080     *
     3081     * @param string $email_text Text in the email.
     3082     * @param array  $email_data {
     3083     *     Data relating to the account action email.
     3084     *
     3085     *     @type WP_User_Request $request            User request object.
     3086     *     @type string          $user_email         The email address confirming a request.
     3087     *     @type string          $privacy_policy_url Privacy policy URL.
     3088     *     @type string          $sitename           The site name sending the mail.
     3089     *     @type string          $siteurl            The site URL sending the mail.
     3090     * }
     3091     */
     3092    $content = apply_filters( 'user_confirmed_action_email_content', $email_text, $email_data );
     3093
     3094    $content = str_replace( '###SITENAME###', wp_specialchars_decode( $email_data['sitename'], ENT_QUOTES ), $content );
     3095    $content = str_replace( '###PRIVACY_POLICY_URL###', $email_data['privacy_policy_url'], $content );
     3096    $content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );
     3097
     3098    $email_sent = wp_mail( $user_email, $subject, $content );
     3099
     3100    if ( $email_sent ) {
     3101        update_post_meta( $request_id, '_wp_user_notified', true );
     3102    }
     3103}
     3104
     3105/**
    29923106 * Return request confirmation message HTML.
    29933107 *
Note: See TracChangeset for help on using the changeset viewer.