WordPress.org

Make WordPress Core

Opened 6 months ago

Last modified 4 months ago

#44644 new defect (bug)

Personal data export request status changed to completed by admin download

Reported by: knutsp Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 4.9.7
Component: Privacy Keywords: needs-patch ux-feedback ui-feedback
Focuses: administration Cc:

Description

Steps to reproduce:

  1. Create an export request (for yourself, an email will be sent to user, do not confirm)
  2. Click download action on the request, now in waiting status
  3. Refresh page

Result: Request is marked as completed, and "Next step" is "Remove"

Expected: No change, since it was done only to inspect the export file, since the status was waiting.

As it is, if just downloading the export file, no longer possible to:

  1. Email the file to the requester/user
  2. See if the requester/user later approves the request

Change History (13)

#1 @knutsp
6 months ago

  • Keywords needs-patch 2nd-opinion added
  • Type changed from enhancement to defect (bug)

#2 @SergeyBiryukov
6 months ago

  • Summary changed from Peronal data export request status changed to completed by admin download to Personal data export request status changed to completed by admin download

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


6 months ago

#4 @garrett-eclipse
6 months ago

  • Milestone changed from Awaiting Review to 4.9.9

Discussing this in Slack and reviewing the issue some more this is quite a frustrating limitation as in some cases it requires you making a second confirmation request to restart the workflow.

In the code it seems both the download and email actions trigger the same ajax workflow but the email has $send_as_email set to true. We should probably move the _wp_privacy_completed_request() call found in wp_privacy_process_personal_data_export_page within the conditional if ( $send_as_email ) here;
https://github.com/WordPress/WordPress/blob/d9df5dec117ca01211c02b90cb88e015e697d68e/wp-admin/includes/file.php#L2369
*This would only trigger the complete when the email is sent

As well to support the case where admin wants to download the export and craft their own email we should introduce a 'Mark Completed' list action to the rows that are currently in Confirmed state so they can still push the request through the workflow but avoid the autogenerated email.

I've marked this for 4.9.9 as it would be nice to rectify this asap

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


6 months ago

#6 @desrosj
5 months ago

  • Keywords ux-feedback ui-feedback added; 2nd-opinion removed

I think these suggestions make sense. An administrator downloading an export file does not necessarily mean the request should be completed. I also like a way to manually mark a request Completed.

@joshuawold would love some feedback here from a UX standpoint, and your suggestions for UI.

Related: #44233 (Unit tests for the changes here should go in the test class introduced in #44233).

#7 @JoshuaWold
5 months ago

Happy to give feedback! @desrosj is there a way for me to see the current state and know what I should be giving feedback on?

#8 @desrosj
5 months ago

@JoshuaWold The behavior that changes are being proposed to is present in any trunk or 4.9.8 install. To reproduce:

  1. Go to the Tools > Export Personal Data page.
  2. Create a data export request for a user.
  3. Before clicking the confirmation link in the email, hover over the request in the table and click the "Download Personal Data" action link.
  4. Refresh the page.

You'll see that the request is marked as completed and the button at the end of the row becomes "Remove request".

In summary, the suggested flow changes so far are:

  1. Do not mark the request as completed when the administrator clicks the download link. This would leave the request waiting for the user to click the confirmation link in the email. When they do, the request would be confirmed, and the "Email Data" button would appear.
  2. Introduce a way to manually mark a request as completed for instances where an administrator downloads the user's data and emails it separately. I was thinking of another action link near the download link, and maybe a bulk action.

If you could evaluate the current flow and give any feedback on (or expand upon) the suggested changes, that would be great!

#9 @desrosj
5 months ago

  • Focuses administration added; privacy removed

#10 @JoshuaWold
4 months ago

Thank you @desrosj, that's really helpful!

Do not mark the request as completed when the administrator clicks the download link. This would leave the request waiting for the user to click the confirmation link in the email. When they do, the request would be confirmed, and the "Email Data" button would appear.

I agree with that suggestion. In this case I'm guessing we'd just indefinitely allow them to "Resend email" if the user doesn't click the confirmation link.

Introduce a way to manually mark a request as completed for instances where an administrator downloads the user's data and emails it separately. I was thinking of another action link near the download link, and maybe a bulk action.

I like the idea of giving them a way to complete the request. I just want to make sure I understand the user need here. What is the typical scenario for this kind of a request to happen? Does a user ask for it and then the admin needs to supply it?

Either way, having "Mark as completed" as part of the bulk actions makes sense. Especially since I'm assuming we could move it back to "Pending" if the admin made a mistake or something changed. At the moment (unless there's something I'm missing about the admin needs here, and they will be doing this action often) I don't think adding another button, apart from the bulk actions, makes sense; seems like it'd be making it more busy.

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.


4 months ago

#12 @pento
4 months ago

  • Milestone changed from 4.9.9 to Future Release

This ticket was mentioned in Slack in #core-privacy by webdevlaw. View the logs.


4 months ago

Note: See TracTickets for help on using tickets.