Make WordPress Core

Changeset 50713


Ignore:
Timestamp:
04/14/2021 09:26:58 PM (4 years ago)
Author:
davidbaumwald
Message:

Privacy: Ensure "Export Personal Data" does not generate invalid JSON.

Previously, when exporting personal data, if the JSON encoding of the data failed, the invalid JSON was still written to export.json. This change captures the JSON encoding failure and adds a notice to the UI.

Props hellofromTonya, jrf, SergeyBiryukov.
Fixes #52892.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/privacy-tools.php

    r50613 r50713  
    414414    $groups_json = wp_json_encode( $groups );
    415415
     416    if ( false === $groups_json ) {
     417        $error_message = sprintf(
     418            /* translators: %s: Error message. */
     419            __( 'Unable to encode the personal data for export. Error: %s' ),
     420            json_last_error_msg()
     421        );
     422
     423        wp_send_json_error( $error_message );
     424    }
     425
    416426    /*
    417427     * Handle the JSON export.
  • trunk/tests/phpunit/tests/privacy/wpPrivacyGeneratePersonalDataExportFile.php

    r50616 r50713  
    632632        );
    633633    }
     634
     635    /**
     636     * Test should generate JSON error when JSON encoding fails.
     637     *
     638     * @ticket 52892
     639     */
     640    public function test_should_generate_json_error_when_json_encoding_fails() {
     641        add_filter( 'get_post_metadata', array( $this, 'filter_export_data_grouped_metadata' ), 10, 3 );
     642
     643        // Validate JSON encoding fails and returns `false`.
     644        $metadata = get_post_meta( self::$export_request_id, '_export_data_grouped', true );
     645        $this->assertFalse( wp_json_encode( $metadata ) );
     646
     647        $this->expectException( 'WPDieException' );
     648        $this->expectOutputString( '{"success":false,"data":"Unable to encode the personal data for export. Error: Type is not supported"}' );
     649        wp_privacy_generate_personal_data_export_file( self::$export_request_id );
     650    }
     651
     652    public function filter_export_data_grouped_metadata( $value, $object_id, $meta_key ) {
     653        if ( $object_id !== self::$export_request_id ) {
     654            return $value;
     655        }
     656
     657        if ( '_export_data_grouped' !== $meta_key ) {
     658            return $value;
     659        }
     660
     661        $file = fopen( __FILE__, 'r' );
     662
     663        $value = array(
     664            'user' => array(
     665                'group_label'       => 'User',
     666                'group_description' => 'User’s profile data.',
     667                'items'             => array(),
     668                'resource'          => $file,
     669            ),
     670        );
     671
     672        fclose( $file );
     673
     674        return array( $value );
     675    }
    634676}
Note: See TracChangeset for help on using the changeset viewer.