Make WordPress Core

Opened 8 weeks ago

Last modified 3 weeks ago

#43890 new enhancement

Allow Admin to Skip e-mail confirmation for Export/Anonymization

Reported by: xkon Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Privacy Keywords: gdpr has-patch needs-design ui-feedback
Focuses: Cc:


We thought that it might be good to allow admins the option to avoid a user's e-mail confirmation.

We've talked a bit about it with @allendav and @mikejolley and 1 way was adding a drop down menu for the Admin to select if they want to skip it or not.

Attachments (2)

43890_preview.gif (302.1 KB) - added by xkon 8 weeks ago.
43890.diff (7.5 KB) - added by xkon 8 weeks ago.

Download all attachments as: .zip

Change History (17)

8 weeks ago

8 weeks ago

#1 @xkon
8 weeks ago

This first patch gives a try on skipping confirmation e-mails completely.

As far as my tests go on the Admin side everything works as supposed to but do take a good look please as I'm not sure if there's anything else hooked up that I missed :D .

Patch 43890.diff :

  • Adds a dropdown menu with 2 options With Confirmation / Without Confirmation
  • Add a new post_status of request-skipped - Confirmation Skipped
  • Adds new buttons on the Next Steps column that allow you to download / erase data from scratch
  • Avoids the request-confirmed update after every action to keep the same status

as seen in 43890_preview.gif

This ticket was mentioned in Slack in #gdpr-compliance by xkon. View the logs.

8 weeks ago

#3 @xkon
8 weeks ago

  • Keywords has-patch added

#4 @azaozz
8 weeks ago

I'm thinking this would be good for v2 perhaps? Also, why add a "user request" at all, admins can export any data at any time and as many times as they want. We can add the entry forms for the email address on the Tools => Privacy screen (that was the original intention anyway).

#5 @xkon
8 weeks ago

Yes v2 sounds good as it still needs stuff fixing and a full check at this point will be not worth the time.

On the Tools -> Privacy screen you mention. That page was named 'Tools' when it was hosting everything under it, there's nothing in there at the moment except the Privacy Page settings (see #43894 suggestion) but I think that keeping them in the actual Export/Erasure lists makes more sense as that's what they are about and you can easily find it (+ you can keep the logs and such as well in your list since they are kept there for the time being).

#6 @TZ Media
7 weeks ago

For our clients, we'll need the possibility to skip the confirmation completely. They have data in multiple systems and have confirmed the request before a request is entered into WordPress. So they need a way to export all user data for a given email address without any confirmation emails.

#7 @xkon
7 weeks ago

Well if we decide 'were to put' (I still think that under the respective tools is better) these 2 actions all the base code from the patch above works as I've tested. We can skip adding them to the tables as @azaozz mentions and just use the functions solely for an instant export/anonymization.

If you think it will absolutely help for v1 ( note that nobody says how soon a next version will be - that's what I gathered from the last core chat ) I can squeeze some time and maybe rework on it today if we can catch the deadline as well of course.

#8 @TZ Media
7 weeks ago

If I remember correctly I can still hook into the confirmation request email before it is sent and change the email address to prevent it from being sent to the user.

I would definitely like to see it in 4.9.6, but it is not the highest priority for me.

Instant export would also be great.

BTW: I'd also need an "instant erase" without confirmation email (again because confirmation happened already outside of WordPress. Should this go into a separate ticket? I can use the same workaround as above for now with our clients, though.

#9 @iandunn
5 weeks ago

Related: #44066

#10 @desrosj
5 weeks ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

#11 @iprg
4 weeks ago

#44066 was marked as a duplicate.

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.

3 weeks ago

#13 @allendav
3 weeks ago

I also think we should also consider giving a box for the admin to give a reason for skipping confirmation - that will be useful in the logs eventually

#14 @allendav
3 weeks ago

Idea: instead of a dropdown, perhaps the no-confirmation flow could be started with a link next to the "primary" confirmation-flow button

#15 @desrosj
3 weeks ago

  • Keywords needs-design ui-feedback added
Note: See TracTickets for help on using tickets.