WordPress.org

Make WordPress Core

Opened 19 months ago

Last modified 9 months ago

#49602 new enhancement

New design for Privacy settings page and hooks

Reported by: arena Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Privacy Keywords: has-patch dev-feedback needs-testing has-screenshots settings-api
Focuses: Cc:

Description

I proposed a year ago some changes on privacy settings page

Hereattached are the updated screenshots

Can it be possible to add a hook on this page for plugins to add some simple settings.

Thank you

Attachments (10)

screenshota.PNG (40.9 KB) - added by arena 19 months ago.
existing privacy settings page
screenshotc.PNG (33.0 KB) - added by arena 19 months ago.
privacy settings page help (a)
screenshote.PNG (40.4 KB) - added by arena 19 months ago.
privacy settings page help (b)
#49602.patch (6.6 KB) - added by arena 18 months ago.
first patch
#49302-1.PNG (24.1 KB) - added by arena 18 months ago.
with help (privacy policy guide link on the right)
#49302-2.PNG (35.2 KB) - added by arena 18 months ago.
Policy page help
#49602_(2).patch (14.0 KB) - added by arena 18 months ago.
new patch with help + one form + settings api (settings_fields, do_settings ) + changed create and update messages + code review and indent to fit with look and feel of other setting pages
#49302_(2)-1.PNG (25.3 KB) - added by arena 18 months ago.
Screenshot of patch #49302_(2)
#49602_(2)-1.PNG (25.3 KB) - added by arena 18 months ago.
ooops ! 49602 not 302 …
#49602_(3).patch (14.0 KB) - added by arena 18 months ago.
almost done !

Download all attachments as: .zip

Change History (26)

@arena
19 months ago

existing privacy settings page

@arena
19 months ago

privacy settings page help (a)

@arena
19 months ago

privacy settings page help (b)

#1 @carike
19 months ago

It does not seem like your updated screenshots were attached.
Would it be possible for you to attach them now?

#2 @carike
19 months ago

I can see the screenshots now, thank you.

Would you please describe what sort of function you envisage a hook on this page being used for?
It would be much easier to discuss a couple of examples, than the abstract :)

#3 follow-up: @arena
18 months ago

@carike

related ticket : #49627 point 6
privacy option : remove one or all "popular" embedders

related ticket : #49627 point 7
privacy option : embedding from "fully intrusive" to "not intrusive"

related ticket : #49661
privacy option : options on "log all mails" from group privacy/ "log all events" from privacy ... for legal purpose ( in case of conflict, in front of a court, for a trial, the dpo will have to bring some evidence that he (or his/her company) did everything "by the book". This would be a plugin mixing the plugins attached in the related ticket : logphpmailer and wp_mailer_filter.
The mails (and related events : confirmation links activated, archives loaded (have to see if the url provided is filterable but as of today the zip is accessible with a direct link) would be logged in a specific table with external user anonymized (e.g. md5($email) ) and only accessible through admin screen to a new wp role to be created : equivalent of a dpo, i call it the "cop" for "Chief Of Privacy" ... ;-) The "cop" (and of course the admin) would be the only one to have access to privacy options and specific gdpr or local laws specific admin screens.

Last edited 18 months ago by arena (previous) (diff)

#4 @arena
18 months ago

Another example : that is a more ambitious one ...

related ticket : #49592
privacy option : have no idea as of today of a specific setting but the related plugin would try to give information to the dpo in order to maintain or set up the famous "Records of Processing Activities" (Chapter IV, article 30 of GDPR) listing all software components (core, external libraries, themes, plugins, ... ) and extracting from their respective readme.txt a new section called ===Privacy===, as well as all web services (oembed providers (#49627), emojis image links (s.w.org), use of gravatar, ...) etc ...

For the record here is the Privacy section i inserted in some of my plugins :

MailPress

== Privacy ==

This plugin is using the following external softwares :
1. Swiftmailer "Free Feature-rich PHP Mailer" (https://swiftmailer.symfony.com/)
	2. doctrine/lexer "Base library for a lexer" (https://github.com/doctrine/lexer)
	2. egulias/EmailValidator "PHP Email validator" (https://github.com/egulias/EmailValidator)
1. [Import Addon] Excel parsing library (http://code.google.com/p/php-excel-reader/) modified for php7 compatibility
1. [Import Addon] CSV parsing library   (https://github.com/parsecsv/parsecsv-for-php)  modified for php7 compatibility

This plugin is using - depending on your settings - the following external services & softwares
1. [Maps] Bing maps (https://www.microsoft.com/en-us/maps) (javascript and REST api)
1. [Maps] Google maps (https://cloud.google.com/maps-platform/?hl=en) (javascript and REST api) 
1. [Maps] Here maps (https://www.here.com/) (javascript and REST api) 
1. [Maps] Mapbox GL JS (https://docs.mapbox.com/mapbox-gl-js/api/) (javascript and REST api) 
1. [Maps] OpenStreetMaps and Leaflet (https://www.openstreetmap.org & https://leafletjs.com/) (javascript and REST api) 

This plugin is using - randomly - the following external services (ip adress transmitted)
1. [Ip Geocoding] https://extreme-ip-lookup.com/ (REST Api)
1. [Ip Geocoding] http://www.geoplugin.net/ (REST Api) 
1. [Ip Geocoding] https://ipapi.co (REST Api) 
1. [Ip Geocoding] http://ip-api.com/ (REST Api) 
1. [Ip Geocoding] http://ipinfo.io/ (REST Api) 
1. [Ip Geocoding] https://ipstack.com/ (REST Api) 

This plugin is storing data
1. [core] Subscribers
1. [core] Mails and recipients informations
1. [Comment addon] Subscriptions
1. [Mailinglist addon] Subscriptions
1. [Newsletter addon] Subscriptions
1. [Tracking addon] any activity on sent mails when clicking on mail links

This plugin authorize data export in csv format [Import addon]

This plugin is compliant with WordPress Export/Erase Personnal Data process (Privacy)

PoKeMoJiS

This plugin :
* is not storing data
* is not using any external software or web services

As a reminder, title of Chapter IV of GDPR is : Controller and processor

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3022-1-1

Last edited 18 months ago by arena (previous) (diff)

#5 @arena
18 months ago

to discard this feature

3) 1/3rd of the internet can now add custom maps in a few clicks

https://blog.mapbox.com/wordpress-adds-map-block-74a75dbcb22d

https://core.trac.wordpress.org/ticket/49592#comment:8

i developped a year ago for plugin purpose a little workbench on several map providers (Google, Bing, Here, Mapbox and OpenStreetMap) available here :
https://blog.mailpress.org/maps/

IP geolocalisation is a very lucrative business ... me not doing any. If you visit the above page : your ip is collected to try to geolocalise it and the result (success or fail) is memorized in a cache file that will be deleted in the future.

the related post on my blog
https://blog.mailpress.org/2019/02/22/map-api-review-an-alternative-to-google-maps

Last edited 18 months ago by arena (previous) (diff)

#6 @arena
18 months ago

For the start, this is just an amuse-bouche ! (see first patch attached below)

@arena
18 months ago

first patch

#7 @arena
18 months ago

  • Keywords has-patch added

@arena
18 months ago

with help (privacy policy guide link on the right)

@arena
18 months ago

Policy page help

#8 @arena
18 months ago

I have to deal with the two forms (which is ugly !) and the css modifications are currently inline
Waiting for some (tech and design) advice. Do i continue ?

Last edited 18 months ago by arena (previous) (diff)

@arena
18 months ago

new patch with help + one form + settings api (settings_fields, do_settings ) + changed create and update messages + code review and indent to fit with look and feel of other setting pages

#9 @arena
18 months ago

  • Keywords dev-feedback needs-testing added

new patch with
+ help
+ one form
+ settings api (settings_fields, do_settings )
+ changed create and update messages
+ code review and indent to fit with look and feel of other setting pages

and done some tests, looks good for me.

enjoy your day !

@arena
18 months ago

Screenshot of patch #49302_(2)

#10 @arena
18 months ago

  • Keywords has-screenshots added

@arena
18 months ago

ooops ! 49602 not 302 ...

@arena
18 months ago

almost done !

#11 in reply to: ↑ 3 @arena
18 months ago

Related #43713

Replying to arena:

@carike

related ticket : #49627 point 6
privacy option : remove one or all "popular" embedders

related ticket : #49627 point 7
privacy option : embedding from "fully intrusive" to "not intrusive"

related ticket : #49661
privacy option : options on "log all mails" from group privacy/ "log all events" from privacy ... for legal purpose ( in case of conflict, in front of a court, for a trial, the dpo will have to bring some evidence that he (or his/her company) did everything "by the book". This would be a plugin mixing the plugins attached in the related ticket : logphpmailer and wp_mailer_filter.
The mails (and related events : confirmation links activated, archives loaded (have to see if the url provided is filterable but as of today the zip is accessible with a direct link) would be logged in a specific table with external user anonymized (e.g. md5($email) ) and only accessible through admin screen to a new wp role to be created : equivalent of a dpo, i call it the "cop" for "Chief Of Privacy" ... ;-) The "cop" (and of course the admin) would be the only one to have access to privacy options and specific gdpr or local laws specific admin screens.

This ticket was mentioned in Slack in #core-privacy by burtrw. View the logs.


16 months ago

This ticket was mentioned in Slack in #design by garrett-eclipse. View the logs.


13 months ago

#14 @garrett-eclipse
12 months ago

  • Keywords settings-api added

#15 @garrett-eclipse
11 months ago

  • Focuses privacy removed

Dropping privacy focus as it's already in the Privacy component.

#16 @audrasjb
9 months ago

#52085 was marked as a duplicate.

Note: See TracTickets for help on using tickets.