WordPress.org
Get WordPress

Make WordPress Core


Ignore:
Timestamp:
02/10/2020 05:42:52 AM (6 years ago)
Author:
SergeyBiryukov
Message:

Privacy: Include session tokens in Personal Data Export.

Session tokens contain an IP address and user agent.

Props garrett-eclipse, nickylimjj, lakenh, xkon, rconde.
Fixes #45889.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/tests/phpunit/tests/user.php

    r47236 r47237  
    17521752
    17531753    }
     1754
     1755    /**
     1756     * Testing the `wp_user_personal_data_exporter()` function
     1757     * with Session Tokens data.
     1758     *
     1759     * @ticket 45889
     1760     */
     1761    function test_wp_session_tokens_personal_data_exporter() {
     1762        $test_user = new WP_User( self::$contrib_id );
     1763
     1764        $session_tokens_data = array(
     1765            'yft87y56457687sfd897867545fg76ds78iyuhgjyui7865' => array(
     1766                'expiration' => 1580461981,
     1767                'ip'         => '0.0.0.0',
     1768                'ua'         => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
     1769                'login'      => 1580289181,
     1770            ),
     1771        );
     1772        update_user_option( $test_user->ID, 'session_tokens', $session_tokens_data, true );
     1773
     1774        $actual = wp_user_personal_data_exporter( $test_user->user_email );
     1775
     1776        $this->assertTrue( $actual['done'] );
     1777
     1778        // Contains Session Tokens.
     1779        $this->assertEquals( 'Session Tokens', $actual['data'][1]['group_label'] );
     1780
     1781        // Contains Expiration.
     1782        $this->assertEquals( 'Expiration', $actual['data'][1]['data'][0]['name'] );
     1783        $this->assertEquals( 'January 31, 2020 09:13 AM', $actual['data'][1]['data'][0]['value'] );
     1784
     1785        // Contains IP.
     1786        $this->assertEquals( 'IP', $actual['data'][1]['data'][1]['name'] );
     1787        $this->assertEquals( '0.0.0.0', $actual['data'][1]['data'][1]['value'] );
     1788
     1789        // Contains IP.
     1790        $this->assertEquals( 'User Agent', $actual['data'][1]['data'][2]['name'] );
     1791        $this->assertEquals( 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36', $actual['data'][1]['data'][2]['value'] );
     1792
     1793        // Contains IP.
     1794        $this->assertEquals( 'Last Login', $actual['data'][1]['data'][3]['name'] );
     1795        $this->assertEquals( 'January 29, 2020 09:13 AM', $actual['data'][1]['data'][3]['value'] );
     1796    }
    17541797}
Note: See TracChangeset for help on using the changeset viewer.