WordPress.org

Make WordPress Core

Opened 3 weeks ago

Closed 13 days ago

Last modified 7 days ago

#43973 closed defect (bug) (fixed)

Email user once removal request completed - GDPR

Reported by: garrett-eclipse Owned by: SergeyBiryukov
Milestone: 4.9.6 Priority: normal
Severity: normal Version: trunk
Component: Privacy Keywords: gdpr has-patch commit
Focuses: Cc:

Description

Hello,

With the GDPR requests the export request generates an email for the confirmation w/ link to the export, however the removal requests don't generate a completed email so the user is never notified or aware that their request was completed.

Please add a completed email sent to the user once the removal request was complete similar to the one for export requests (screen to be attached).

Thanks

Attachments (4)

Screen Shot 2018-05-04 at 11.36.24 AM.png (25.7 KB) - added by garrett-eclipse 3 weeks ago.
Completion Email for Export Requests
43973.diff (6.2 KB) - added by desrosj 13 days ago.
43973.2.diff (5.8 KB) - added by desrosj 13 days ago.
43973.3.diff (5.8 KB) - added by desrosj 13 days ago.
Fixes array alignment.

Download all attachments as: .zip

Change History (23)

@garrett-eclipse
3 weeks ago

Completion Email for Export Requests

#1 @xkon
3 weeks ago

  • Keywords gdpr added

#2 @johnbillion
2 weeks ago

  • Focuses administration removed
  • Milestone changed from Awaiting Review to 4.9.6

There is some misleading text that's shown to the user when they confirm their data export action.

The site administrator has been notified and will fulfill your request as soon as possible.

Either this text should be changed, or the confirmation email should be sent to the site administrator (or ideally the requestor too).

Moving to 4.9.6 for visibility.

#3 @desrosj
2 weeks ago

  • Keywords needs-patch added

#4 @allendav
2 weeks ago

  • Keywords needs-design added

I like this idea - sending an email to the user after their data has been erased - we will want to consider how to handle any exception messages that surface during the erasure.

This ticket was mentioned in Slack in #core by desrosj. View the logs.


2 weeks ago

This ticket was mentioned in Slack in #gdpr-compliance by allendav. View the logs.


2 weeks ago

#7 @allendav
2 weeks ago

Hey @johnbillion - we have #43967 which will send an email to the admin prompting them to complete the request - this ticket is about notifying the user after the admin has completed the request.

Its a great idea, but not necessary i think for 4.9.6. Let's keep this for a subsequent release, ok?

https://wordpress.slack.com/archives/C9695RJBW/p1525883484000643

This ticket was mentioned in Slack in #core by iandunn. View the logs.


13 days ago

@desrosj
13 days ago

#9 @desrosj
13 days ago

  • Keywords has-patch needs-testing added; needs-patch removed

43973.diff introduces an email notification to a user when an administrator completes their data erasure request. It introduces the wp_privacy_personal_data_erased action, which fires after the erasure request completes successfully.

The patch also has two separate email bodies: one for when a site has a published privacy policy, and one for when a site does not.

This ticket was mentioned in Slack in #gdpr-compliance by desrosj. View the logs.


13 days ago

#11 @allendav
13 days ago

@desrosj - this works nicely - I tried it with and without a published privacy policy and got both texts. I also tried successive ones and verified only the first erase for a given request generated an email.

I think we should hook this differently though. The wp_privacy_personal_data_erased do_action you've added to wp_ajax_wp_privacy_erase_personal_data will actually fire on every eraser and every page.

Instead, I recommend you 1) add the do_action to wp_privacy_process_personal_data_erasure_page in user.php instead (e.g. near the call to _wp_privacy_completed_request) and 2) don't bother with passing the $response to the action - the $request_id should be sufficient.

Lastly, there is inconsistent alignment in the email data array construction that i think violates WP coding standards, but otherwise this is good to go from my perspective.

@desrosj
13 days ago

#12 @desrosj
13 days ago

Thanks, @allendav. Adjustments made in 43973.2.diff.

#13 @allendav
13 days ago

Looks good, tests well. Thanks for making the change. Just needs that array alignment cleaned up and then it is good to go.

@desrosj
13 days ago

Fixes array alignment.

#14 @desrosj
13 days ago

  • Keywords commit added; needs-design needs-testing removed

#15 @SergeyBiryukov
13 days ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 43230:

Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.

Props desrosj, allendav, garrett-eclipse.
Fixes #43973.

#16 @SergeyBiryukov
13 days ago

In 43231:

Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.

Props desrosj, allendav, garrett-eclipse.
Merges [43230] to the 4.9 branch.
Fixes #43973.

#17 @iandunn
13 days ago

In 43236:

Privacy: Expose erasure notification recipient to filter callbacks.

The previous user_email value was redundant, because it always matched $request_data->email. That value might be different from where the message is sent, though, if the user_erasure_fulfillment_email_to filter is used. If they are different, then callbacks for the user_confirmed_action_email_content filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
See #43973.

#18 @SergeyBiryukov
13 days ago

In 43237:

Privacy: Expose erasure notification recipient to filter callbacks.

The previous user_email value was redundant, because it always matched $request_data->email. That value might be different from where the message is sent, though, if the user_erasure_fulfillment_email_to filter is used. If they are different, then callbacks for the user_confirmed_action_email_content filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
Merges [43236] to the 4.9 branch.
See #43973.

#19 @desrosj
7 days ago

  • Component changed from General to Privacy

Moving to the new Privacy component.

Note: See TracTickets for help on using tickets.