WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 9 months ago

Last modified 8 months ago

#43921 closed enhancement (fixed)

Include community-events-location user meta value in Personal Data Export

Reported by: coreymckrill Owned by: garrett-eclipse
Milestone: 5.4 Priority: normal
Severity: normal Version: 4.9.6
Component: Privacy Keywords: has-patch has-screenshots has-unit-tests commit has-dev-note
Focuses: Cc:

Description

Any user who visits the Dashboard screen will have a row in the usermeta table with location information, which is used by the WordPress Events and News widget to show relevant WP community events. The location information may include an IP address, location description, and/or lat/lon coordinates. This seems like personally identifiable information that should be included in a Personal Data Export.

Attachments (9)

43921.diff (2.0 KB) - added by coreymckrill 2 years ago.
Add community-events-location to exported data, update unit test
43921.2.diff (4.1 KB) - added by garrett-eclipse 9 months ago.
Updated patch to isolate the Community Events Location data to it's own section. Also introduced Unit Test coverage.
Screen Shot 2020-01-28 at 9.38.31 PM.png (52.2 KB) - added by garrett-eclipse 9 months ago.
Community Events Location export grouping when City information is set for the user.
Screen Shot 2020-01-28 at 9.38.51 PM.png (25.3 KB) - added by garrett-eclipse 9 months ago.
Community Event Location grouping w/ just IP.
43921.3.diff (4.1 KB) - added by garrett-eclipse 9 months ago.
Oops forgot files needed to end in new lines. Same patch but with a newline on the user.php test suite
43921.4.diff (4.6 KB) - added by garrett-eclipse 9 months ago.
Minor refresh to update the properties to export arrays to use props instead of prop as they're plural sets
43921.5.diff (5.0 KB) - added by garrett-eclipse 9 months ago.
Minor update to fix Test Case descriptions that reference wp_user_personal_data_exporter_no_user when wp_user_personal_data_exporter was the function being tested.
43921.6.diff (5.1 KB) - added by garrett-eclipse 9 months ago.
Refresh from slack meeting discussion. Updated Description > City as only cities are supported and Description is confusing. Clarified the grouping with a more verbose group description.
Screen Shot 2020-01-29 at 2.32.44 PM.png (25.5 KB) - added by garrett-eclipse 9 months ago.
Screen showing updated description and City label

Download all attachments as: .zip

Change History (26)

#1 @coreymckrill
2 years ago

As noted here, the IP address is partially anonymized already, so it may not be completely necessary in the data export. However, if the user customizes the location in the widget UI, the database value will contain a location description (city name) and lat/lon, which is potentially much more specific than the IP.

@coreymckrill
2 years ago

Add community-events-location to exported data, update unit test

#2 @coreymckrill
2 years ago

  • Keywords has-patch 2nd-opinion added; needs-patch removed

In 43921.diff:

  • Add a case in the exporter function to grab the value of the community-events-location key for the given user and convert the array into a human-readable string.
  • Update the unit test for the data exporter function. It was already failing with an incorrect number of exported user properties. This adds the location data so that every possible piece of exportable data is included for the test.

Given that the comment exporter includes the Commenter IP value, I decided to go ahead and include it here along with the other possible location values, even though it's already partially anonymized.

The function that converts the exported user data into HTML doesn't handle values that are arrays, which is why this converts it to a string.

This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.


2 years ago

This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.


2 years ago

#5 @iandunn
2 years ago

  • Component changed from General to Administration
  • Milestone changed from Awaiting Review to 4.9.7
  • Status changed from new to assigned
  • Version set to trunk

#6 @desrosj
2 years ago

  • Milestone changed from 4.9.7 to Future Release

Moving gdpr tickets that are not bugs to Future Release until the next steps can be properly evaluated.

#7 @desrosj
2 years ago

  • Component changed from Administration to Privacy

Moving to the new Privacy component.

#8 @desrosj
2 years ago

  • Keywords gdpr removed

Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.

#9 @garrett-eclipse
22 months ago

  • Keywords changed from has-patch, 2nd-opinion to has-patch 2nd-opinion
  • Owner set to garrett-eclipse
  • Status changed from assigned to reviewing
  • Version changed from trunk to 4.9.6

Thanks for the patch @coreymckrill this sounds like a great idea and was recently re-raised in our #core-privacy office hours. As this ticket already has a patch we'll continue the work here so I've owned it to review when I can. The other related ticket #45889 recently raised I've updated to have it handle just the Session data.

#10 @garrett-eclipse
22 months ago

Just for my personal reference while reviewing there is a Community Events Privacy plugin, which specifically prevents the Events Widget from sending the user's IP address:
https://wordpress.org/plugins/community-events-privacy/
*And fancy that... looks like it's even your plugin Corey ;)

@garrett-eclipse
9 months ago

Updated patch to isolate the Community Events Location data to it's own section. Also introduced Unit Test coverage.

@garrett-eclipse
9 months ago

Community Events Location export grouping when City information is set for the user.

@garrett-eclipse
9 months ago

Community Event Location grouping w/ just IP.

#11 @garrett-eclipse
9 months ago

  • Keywords needs-testing has-screenshots has-unit-tests added; 2nd-opinion removed
  • Milestone changed from Future Release to 5.4
  • Status changed from reviewing to accepted

Thanks again for the patch @coreymckrill sorry for the delay getting back around to this.

I've tested the 43921.diff patch successfully but found when the data contains multiple location attributes it can be convoluted on one line as well the description of 'Users profile data' leads one to believe that all information listed is available from the profile. Due to this I felt it would benefit to be split out into it's own section.

I've uploaded 43921.2.diff to switch to a dedicated group and introduce unit tests specific to this. Screenshots uploaded.
*Note: To my knowledge, there will only ever be one community event location per user? If this is incorrect we can loop the data to present it similar to when there's multiple comments.

Please review and let me know what you think? I feel we can probably land this in 5.4 if we're able to get some testing done here.

@garrett-eclipse
9 months ago

Oops forgot files needed to end in new lines. Same patch but with a newline on the user.php test suite

@garrett-eclipse
9 months ago

Minor refresh to update the properties to export arrays to use props instead of prop as they're plural sets

@garrett-eclipse
9 months ago

Minor update to fix Test Case descriptions that reference wp_user_personal_data_exporter_no_user when wp_user_personal_data_exporter was the function being tested.

#12 @coreymckrill
9 months ago

@garrett-eclipse the updated patch looks great, thanks! I agree it's much cleaner to have this data broken out into its own section.

This ticket was mentioned in Slack in #core-privacy by xkon. View the logs.


9 months ago

@garrett-eclipse
9 months ago

Refresh from slack meeting discussion. Updated Description > City as only cities are supported and Description is confusing. Clarified the grouping with a more verbose group description.

@garrett-eclipse
9 months ago

Screen showing updated description and City label

#14 @garrett-eclipse
9 months ago

Thanks @coreymckrill after some discussions in our office hours today I refreshed in 43921.6.diff to clarify things by changing 'Description' to 'City' and making the group description more verbose to indicate it's the users location data and how it's used.

I feel we're good to go but will leave for another to test and mark to commit. Feel free to do so if you have time @coreymckrill

#15 @xkon
9 months ago

  • Keywords commit added; needs-testing removed

I've tested this today and everything looked good on my end also. Thanks for bringing this up @coreymckrill and for the patches @garrett-eclipse !

Marking this for commit :-).

#16 @SergeyBiryukov
9 months ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 47236:

Privacy: Include community-events-location user meta value in Personal Data Export.

The value is used by the WordPress Events and News widget to show relevant WP community events.

The location information may include an IP address, location description, and latitude/longitude coordinates.

Props garrett-eclipse, coreymckrill, xkon.
Fixes #43921.

Note: See TracTickets for help on using tickets.