#43905 closed defect (bug) (fixed)
Personal data export link does not work
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 4.9.6 | Priority: | normal |
| Severity: | normal | Version: | 5.1 |
| Component: | Privacy | Keywords: | gdpr fixed-major |
| Focuses: | Cc: |
Description
After taking the following actions, a personal data export file is inaccessible:
- Initiate a personal data export request.
- Confirm the request by clicking the link in the confirmation email.
- As an admin, click the "Email Data" button.
- Click "Download Personal Data" in the admin by hovering over the list table item for that user.
- Click the link in the email.
You will see that the export file does not exist.
Attachments (2)
Change History (20)
This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.
7 years ago
#2
in reply to:
↑ description
@
7 years ago
#3
@
7 years ago
- Keywords 2nd-opinion added
I can confirm the bug itself (local install of trunk without patches).
What I believe happens is that every time a new file is generated, the old file is deleted.
- On clicking "Email Data", a file is generated and a link to that file is sent to the user.
- On clicking "Download Personal Data", that original file is replaced with a new file (with a different name).
- When the user tries to download the first file, it does not exists anymore.
If my thoughts are correct, then this is broken by design, as the direct download in the backend invalidates the link sent via email. Question is: Is this a bug, or a feature?
#4
@
7 years ago
@TZ Media - that is certainly a way to get the problem to occur. I hadn't anticipated the Email flow would be followed by a Download flow. I'll change the download flow to use the file generated for the email flow if it is present instead of regenerating it.
Patch forthcoming
This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.
7 years ago
#6
@
7 years ago
- Keywords has-patch added
To test: Follow the steps in the original description of this ticket and verify you are able to download the file via the email link even after using the download flow. (The filename should not change even as the file gets re-generated.)
This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.
7 years ago
This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.
7 years ago
This ticket was mentioned in Slack in #core by desrosj. View the logs.
7 years ago
#13
@
7 years ago
- Owner set to iandunn
- Resolution set to fixed
- Status changed from new to closed
In 43180:
#14
@
7 years ago
- Keywords fixed-major added; has-patch removed
- Resolution fixed deleted
- Status changed from closed to reopened
- Version set to trunk
Reopening for backport to 4.9.
#15
@
7 years ago
FYI: I left out the bit from 43905.2.diff where the existing unlink() was changed to wp_delete_file(). It's good to change that, but it's not a bug, so I think it should wait until after 4.9.6.
Replying to desrosj:
I just tested this again and again but with no luck breaking it. I have a total of 23 exported .zip files (3 different emails as well) split in Download/Email and the files are all there + mails do work as supposed to ofc.
-So!-
Note 1: Every time you press either Email or Download a new zip is created so the link doesn't make sense
notto work. Maybe the.zipdidn't got generated on your end at all for some reason?Note 2: The e-mail is in
plain-textso the actual URL of the file is not enclosed in tags or anything. Since I'm not sure 'how' you're reading your sent e-mail, might that link just got broken since it gets on auto href from the client? ( I know silly note but sometimes happens :D ) .