#43921 closed enhancement (fixed)
Include community-events-location user meta value in Personal Data Export
Reported by: | coreymckrill | Owned by: | garrett-eclipse |
---|---|---|---|
Milestone: | 5.4 | Priority: | normal |
Severity: | normal | Version: | 4.9.6 |
Component: | Privacy | Keywords: | has-patch has-screenshots has-unit-tests commit has-dev-note |
Focuses: | Cc: |
Description
Any user who visits the Dashboard screen will have a row in the usermeta
table with location information, which is used by the WordPress Events and News widget to show relevant WP community events. The location information may include an IP address, location description, and/or lat/lon coordinates. This seems like personally identifiable information that should be included in a Personal Data Export.
Attachments (9)
Change History (26)
#2
@
7 years ago
- Keywords has-patch 2nd-opinion added; needs-patch removed
In 43921.diff:
- Add a case in the exporter function to grab the value of the
community-events-location
key for the given user and convert the array into a human-readable string. - Update the unit test for the data exporter function. It was already failing with an incorrect number of exported user properties. This adds the location data so that every possible piece of exportable data is included for the test.
Given that the comment exporter includes the Commenter IP value, I decided to go ahead and include it here along with the other possible location values, even though it's already partially anonymized.
The function that converts the exported user data into HTML doesn't handle values that are arrays, which is why this converts it to a string.
This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.
7 years ago
This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.
7 years ago
#5
@
7 years ago
- Component changed from General to Administration
- Milestone changed from Awaiting Review to 4.9.7
- Status changed from new to assigned
- Version set to trunk
#6
@
7 years ago
- Milestone changed from 4.9.7 to Future Release
Moving gdpr
tickets that are not bugs to Future Release
until the next steps can be properly evaluated.
#7
@
7 years ago
- Component changed from Administration to Privacy
Moving to the new Privacy component.
#8
@
6 years ago
- Keywords gdpr removed
Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.
#9
@
6 years ago
- Keywords changed from has-patch, 2nd-opinion to has-patch 2nd-opinion
- Owner set to garrett-eclipse
- Status changed from assigned to reviewing
- Version changed from trunk to 4.9.6
Thanks for the patch @coreymckrill this sounds like a great idea and was recently re-raised in our #core-privacy office hours. As this ticket already has a patch we'll continue the work here so I've owned it to review when I can. The other related ticket #45889 recently raised I've updated to have it handle just the Session data.
#10
@
6 years ago
Just for my personal reference while reviewing there is a Community Events Privacy plugin, which specifically prevents the Events Widget from sending the user's IP address:
https://wordpress.org/plugins/community-events-privacy/
*And fancy that... looks like it's even your plugin Corey ;)
@
5 years ago
Updated patch to isolate the Community Events Location data to it's own section. Also introduced Unit Test coverage.
#11
@
5 years ago
- Keywords needs-testing has-screenshots has-unit-tests added; 2nd-opinion removed
- Milestone changed from Future Release to 5.4
- Status changed from reviewing to accepted
Thanks again for the patch @coreymckrill sorry for the delay getting back around to this.
I've tested the 43921.diff patch successfully but found when the data contains multiple location attributes it can be convoluted on one line as well the description of 'Users profile data' leads one to believe that all information listed is available from the profile. Due to this I felt it would benefit to be split out into it's own section.
I've uploaded 43921.2.diff to switch to a dedicated group and introduce unit tests specific to this. Screenshots uploaded.
*Note: To my knowledge, there will only ever be one community event location per user? If this is incorrect we can loop the data to present it similar to when there's multiple comments.
Please review and let me know what you think? I feel we can probably land this in 5.4 if we're able to get some testing done here.
@
5 years ago
Oops forgot files needed to end in new lines. Same patch but with a newline on the user.php test suite
@
5 years ago
Minor refresh to update the properties to export arrays to use props instead of prop as they're plural sets
@
5 years ago
Minor update to fix Test Case descriptions that reference wp_user_personal_data_exporter_no_user
when wp_user_personal_data_exporter
was the function being tested.
#12
@
5 years ago
@garrett-eclipse the updated patch looks great, thanks! I agree it's much cleaner to have this data broken out into its own section.
This ticket was mentioned in Slack in #core-privacy by xkon. View the logs.
5 years ago
@
5 years ago
Refresh from slack meeting discussion. Updated Description > City as only cities are supported and Description is confusing. Clarified the grouping with a more verbose group description.
#14
@
5 years ago
Thanks @coreymckrill after some discussions in our office hours today I refreshed in 43921.6.diff to clarify things by changing 'Description' to 'City' and making the group description more verbose to indicate it's the users location data and how it's used.
I feel we're good to go but will leave for another to test and mark to commit. Feel free to do so if you have time @coreymckrill
#15
@
5 years ago
- Keywords commit added; needs-testing removed
I've tested this today and everything looked good on my end also. Thanks for bringing this up @coreymckrill and for the patches @garrett-eclipse !
Marking this for commit :-).
As noted here, the IP address is partially anonymized already, so it may not be completely necessary in the data export. However, if the user customizes the location in the widget UI, the database value will contain a location description (city name) and lat/lon, which is potentially much more specific than the IP.