WordPress.org

Make WordPress Core

Opened 22 months ago

Closed 2 weeks ago

#43921 closed enhancement (fixed)

Include community-events-location user meta value in Personal Data Export

Reported by: coreymckrill Owned by: garrett-eclipse
Milestone: 5.4 Priority: normal
Severity: normal Version: 4.9.6
Component: Privacy Keywords: has-patch has-screenshots has-unit-tests commit
Focuses: Cc:

Description

Any user who visits the Dashboard screen will have a row in the usermeta table with location information, which is used by the WordPress Events and News widget to show relevant WP community events. The location information may include an IP address, location description, and/or lat/lon coordinates. This seems like personally identifiable information that should be included in a Personal Data Export.

Attachments (9)

43921.diff (2.0 KB) - added by coreymckrill 22 months ago.
Add community-events-location to exported data, update unit test
43921.2.diff (4.1 KB) - added by garrett-eclipse 4 weeks ago.
Updated patch to isolate the Community Events Location data to it's own section. Also introduced Unit Test coverage.
Screen Shot 2020-01-28 at 9.38.31 PM.png (52.2 KB) - added by garrett-eclipse 4 weeks ago.
Community Events Location export grouping when City information is set for the user.
Screen Shot 2020-01-28 at 9.38.51 PM.png (25.3 KB) - added by garrett-eclipse 4 weeks ago.
Community Event Location grouping w/ just IP.
43921.3.diff (4.1 KB) - added by garrett-eclipse 4 weeks ago.
Oops forgot files needed to end in new lines. Same patch but with a newline on the user.php test suite
43921.4.diff (4.6 KB) - added by garrett-eclipse 4 weeks ago.
Minor refresh to update the properties to export arrays to use props instead of prop as they're plural sets
43921.5.diff (5.0 KB) - added by garrett-eclipse 4 weeks ago.
Minor update to fix Test Case descriptions that reference wp_user_personal_data_exporter_no_user when wp_user_personal_data_exporter was the function being tested.
43921.6.diff (5.1 KB) - added by garrett-eclipse 4 weeks ago.
Refresh from slack meeting discussion. Updated Description > City as only cities are supported and Description is confusing. Clarified the grouping with a more verbose group description.
Screen Shot 2020-01-29 at 2.32.44 PM.png (25.5 KB) - added by garrett-eclipse 4 weeks ago.
Screen showing updated description and City label

Download all attachments as: .zip

Change History (25)

#1 @coreymckrill
22 months ago

As noted here, the IP address is partially anonymized already, so it may not be completely necessary in the data export. However, if the user customizes the location in the widget UI, the database value will contain a location description (city name) and lat/lon, which is potentially much more specific than the IP.

@coreymckrill
22 months ago

Add community-events-location to exported data, update unit test

#2 @coreymckrill
22 months ago

  • Keywords has-patch 2nd-opinion added; needs-patch removed

In 43921.diff:

  • Add a case in the exporter function to grab the value of the community-events-location key for the given user and convert the array into a human-readable string.
  • Update the unit test for the data exporter function. It was already failing with an incorrect number of exported user properties. This adds the location data so that every possible piece of exportable data is included for the test.

Given that the comment exporter includes the Commenter IP value, I decided to go ahead and include it here along with the other possible location values, even though it's already partially anonymized.

The function that converts the exported user data into HTML doesn't handle values that are arrays, which is why this converts it to a string.

This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.


22 months ago

This ticket was mentioned in Slack in #gdpr-compliance by coreymckrill. View the logs.


22 months ago

#5 @iandunn
22 months ago

  • Component changed from General to Administration
  • Milestone changed from Awaiting Review to 4.9.7
  • Status changed from new to assigned
  • Version set to trunk

#6 @desrosj
22 months ago

  • Milestone changed from 4.9.7 to Future Release

Moving gdpr tickets that are not bugs to Future Release until the next steps can be properly evaluated.

#7 @desrosj
22 months ago

  • Component changed from Administration to Privacy

Moving to the new Privacy component.

#8 @desrosj
20 months ago

  • Keywords gdpr removed

Removing the GDPR keyword. This has been replaced by the new Privacy component and privacy focuses in Trac.

#9 @garrett-eclipse
13 months ago

  • Keywords changed from has-patch, 2nd-opinion to has-patch 2nd-opinion
  • Owner set to garrett-eclipse
  • Status changed from assigned to reviewing
  • Version changed from trunk to 4.9.6

Thanks for the patch @coreymckrill this sounds like a great idea and was recently re-raised in our #core-privacy office hours. As this ticket already has a patch we'll continue the work here so I've owned it to review when I can. The other related ticket #45889 recently raised I've updated to have it handle just the Session data.

#10 @garrett-eclipse
13 months ago

Just for my personal reference while reviewing there is a Community Events Privacy plugin, which specifically prevents the Events Widget from sending the user's IP address:
https://wordpress.org/plugins/community-events-privacy/
*And fancy that... looks like it's even your plugin Corey ;)

@garrett-eclipse
4 weeks ago

Updated patch to isolate the Community Events Location data to it's own section. Also introduced Unit Test coverage.

@garrett-eclipse
4 weeks ago

Community Events Location export grouping when City information is set for the user.

@garrett-eclipse
4 weeks ago

Community Event Location grouping w/ just IP.

#11 @garrett-eclipse
4 weeks ago

  • Keywords needs-testing has-screenshots has-unit-tests added; 2nd-opinion removed
  • Milestone changed from Future Release to 5.4
  • Status changed from reviewing to accepted

Thanks again for the patch @coreymckrill sorry for the delay getting back around to this.

I've tested the 43921.diff patch successfully but found when the data contains multiple location attributes it can be convoluted on one line as well the description of 'Users profile data' leads one to believe that all information listed is available from the profile. Due to this I felt it would benefit to be split out into it's own section.

I've uploaded 43921.2.diff to switch to a dedicated group and introduce unit tests specific to this. Screenshots uploaded.
*Note: To my knowledge, there will only ever be one community event location per user? If this is incorrect we can loop the data to present it similar to when there's multiple comments.

Please review and let me know what you think? I feel we can probably land this in 5.4 if we're able to get some testing done here.

@garrett-eclipse
4 weeks ago

Oops forgot files needed to end in new lines. Same patch but with a newline on the user.php test suite

@garrett-eclipse
4 weeks ago

Minor refresh to update the properties to export arrays to use props instead of prop as they're plural sets

@garrett-eclipse
4 weeks ago

Minor update to fix Test Case descriptions that reference wp_user_personal_data_exporter_no_user when wp_user_personal_data_exporter was the function being tested.

#12 @coreymckrill
4 weeks ago

@garrett-eclipse the updated patch looks great, thanks! I agree it's much cleaner to have this data broken out into its own section.

This ticket was mentioned in Slack in #core-privacy by xkon. View the logs.


4 weeks ago

@garrett-eclipse
4 weeks ago

Refresh from slack meeting discussion. Updated Description > City as only cities are supported and Description is confusing. Clarified the grouping with a more verbose group description.

@garrett-eclipse
4 weeks ago

Screen showing updated description and City label

#14 @garrett-eclipse
4 weeks ago

Thanks @coreymckrill after some discussions in our office hours today I refreshed in 43921.6.diff to clarify things by changing 'Description' to 'City' and making the group description more verbose to indicate it's the users location data and how it's used.

I feel we're good to go but will leave for another to test and mark to commit. Feel free to do so if you have time @coreymckrill

#15 @xkon
3 weeks ago

  • Keywords commit added; needs-testing removed

I've tested this today and everything looked good on my end also. Thanks for bringing this up @coreymckrill and for the patches @garrett-eclipse !

Marking this for commit :-).

#16 @SergeyBiryukov
2 weeks ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 47236:

Privacy: Include community-events-location user meta value in Personal Data Export.

The value is used by the WordPress Events and News widget to show relevant WP community events.

The location information may include an IP address, location description, and latitude/longitude coordinates.

Props garrett-eclipse, coreymckrill, xkon.
Fixes #43921.

Note: See TracTickets for help on using tickets.