Make WordPress Core

Opened 5 years ago

Last modified 4 years ago

#49602 new enhancement

New design for Privacy settings page and hooks

Reported by: arena's profile arena Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Privacy Keywords: has-patch dev-feedback needs-testing has-screenshots settings-api
Focuses: Cc:

Description

I proposed a year ago some changes on privacy settings page

Hereattached are the updated screenshots

Can it be possible to add a hook on this page for plugins to add some simple settings.

Thank you

Attachments (10)

screenshota.PNG (40.9 KB) - added by arena 5 years ago.
existing privacy settings page
screenshotc.PNG (33.0 KB) - added by arena 5 years ago.
privacy settings page help (a)
screenshote.PNG (40.4 KB) - added by arena 5 years ago.
privacy settings page help (b)
#49602.patch (6.6 KB) - added by arena 5 years ago.
first patch
#49302-1.PNG (24.1 KB) - added by arena 5 years ago.
with help (privacy policy guide link on the right)
#49302-2.PNG (35.2 KB) - added by arena 5 years ago.
Policy page help
#49602_(2).patch (14.0 KB) - added by arena 5 years ago.
new patch with help + one form + settings api (settings_fields, do_settings ) + changed create and update messages + code review and indent to fit with look and feel of other setting pages
#49302_(2)-1.PNG (25.3 KB) - added by arena 5 years ago.
Screenshot of patch #49302_(2)
#49602_(2)-1.PNG (25.3 KB) - added by arena 5 years ago.
ooops ! 49602 not 302 …
#49602_(3).patch (14.0 KB) - added by arena 5 years ago.
almost done !

Download all attachments as: .zip

Change History (26)

@arena
5 years ago

existing privacy settings page

@arena
5 years ago

privacy settings page help (a)

@arena
5 years ago

privacy settings page help (b)

#1 @carike
5 years ago

It does not seem like your updated screenshots were attached.
Would it be possible for you to attach them now?

#2 @carike
5 years ago

I can see the screenshots now, thank you.

Would you please describe what sort of function you envisage a hook on this page being used for?
It would be much easier to discuss a couple of examples, than the abstract :)

#3 follow-up: @arena
5 years ago

@carike

related ticket : #49627 point 6
privacy option : remove one or all "popular" embedders

related ticket : #49627 point 7
privacy option : embedding from "fully intrusive" to "not intrusive"

related ticket : #49661
privacy option : options on "log all mails" from group privacy/ "log all events" from privacy ... for legal purpose ( in case of conflict, in front of a court, for a trial, the dpo will have to bring some evidence that he (or his/her company) did everything "by the book". This would be a plugin mixing the plugins attached in the related ticket : logphpmailer and wp_mailer_filter.
The mails (and related events : confirmation links activated, archives loaded (have to see if the url provided is filterable but as of today the zip is accessible with a direct link) would be logged in a specific table with external user anonymized (e.g. md5($email) ) and only accessible through admin screen to a new wp role to be created : equivalent of a dpo, i call it the "cop" for "Chief Of Privacy" ... ;-) The "cop" (and of course the admin) would be the only one to have access to privacy options and specific gdpr or local laws specific admin screens.

Last edited 5 years ago by arena (previous) (diff)

#4 @arena
5 years ago

Another example : that is a more ambitious one ...

related ticket : #49592
privacy option : have no idea as of today of a specific setting but the related plugin would try to give information to the dpo in order to maintain or set up the famous "Records of Processing Activities" (Chapter IV, article 30 of GDPR) listing all software components (core, external libraries, themes, plugins, ... ) and extracting from their respective readme.txt a new section called ===Privacy===, as well as all web services (oembed providers (#49627), emojis image links (s.w.org), use of gravatar, ...) etc ...

For the record here is the Privacy section i inserted in some of my plugins :

MailPress

== Privacy ==

This plugin is using the following external softwares :
1. Swiftmailer "Free Feature-rich PHP Mailer" (https://swiftmailer.symfony.com/)
	2. doctrine/lexer "Base library for a lexer" (https://github.com/doctrine/lexer)
	2. egulias/EmailValidator "PHP Email validator" (https://github.com/egulias/EmailValidator)
1. [Import Addon] Excel parsing library (http://code.google.com/p/php-excel-reader/) modified for php7 compatibility
1. [Import Addon] CSV parsing library   (https://github.com/parsecsv/parsecsv-for-php)  modified for php7 compatibility

This plugin is using - depending on your settings - the following external services & softwares
1. [Maps] Bing maps (https://www.microsoft.com/en-us/maps) (javascript and REST api)
1. [Maps] Google maps (https://cloud.google.com/maps-platform/?hl=en) (javascript and REST api) 
1. [Maps] Here maps (https://www.here.com/) (javascript and REST api) 
1. [Maps] Mapbox GL JS (https://docs.mapbox.com/mapbox-gl-js/api/) (javascript and REST api) 
1. [Maps] OpenStreetMaps and Leaflet (https://www.openstreetmap.org & https://leafletjs.com/) (javascript and REST api) 

This plugin is using - randomly - the following external services (ip adress transmitted)
1. [Ip Geocoding] https://extreme-ip-lookup.com/ (REST Api)
1. [Ip Geocoding] http://www.geoplugin.net/ (REST Api) 
1. [Ip Geocoding] https://ipapi.co (REST Api) 
1. [Ip Geocoding] http://ip-api.com/ (REST Api) 
1. [Ip Geocoding] http://ipinfo.io/ (REST Api) 
1. [Ip Geocoding] https://ipstack.com/ (REST Api) 

This plugin is storing data
1. [core] Subscribers
1. [core] Mails and recipients informations
1. [Comment addon] Subscriptions
1. [Mailinglist addon] Subscriptions
1. [Newsletter addon] Subscriptions
1. [Tracking addon] any activity on sent mails when clicking on mail links

This plugin authorize data export in csv format [Import addon]

This plugin is compliant with WordPress Export/Erase Personnal Data process (Privacy)

PoKeMoJiS

This plugin :
* is not storing data
* is not using any external software or web services

As a reminder, title of Chapter IV of GDPR is : Controller and processor

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3022-1-1

Last edited 5 years ago by arena (previous) (diff)

#5 @arena
5 years ago

to discard this feature

3) 1/3rd of the internet can now add custom maps in a few clicks

https://blog.mapbox.com/wordpress-adds-map-block-74a75dbcb22d

https://core.trac.wordpress.org/ticket/49592#comment:8

i developped a year ago for plugin purpose a little workbench on several map providers (Google, Bing, Here, Mapbox and OpenStreetMap) available here :
https://blog.mailpress.org/maps/

IP geolocalisation is a very lucrative business ... me not doing any. If you visit the above page : your ip is collected to try to geolocalise it and the result (success or fail) is memorized in a cache file that will be deleted in the future.

the related post on my blog
https://blog.mailpress.org/2019/02/22/map-api-review-an-alternative-to-google-maps

Last edited 5 years ago by arena (previous) (diff)

#6 @arena
5 years ago

For the start, this is just an amuse-bouche ! (see first patch attached below)

@arena
5 years ago

first patch

#7 @arena
5 years ago

  • Keywords has-patch added

@arena
5 years ago

with help (privacy policy guide link on the right)

@arena
5 years ago

Policy page help

#8 @arena
5 years ago

I have to deal with the two forms (which is ugly !) and the css modifications are currently inline
Waiting for some (tech and design) advice. Do i continue ?

Last edited 5 years ago by arena (previous) (diff)

@arena
5 years ago

new patch with help + one form + settings api (settings_fields, do_settings ) + changed create and update messages + code review and indent to fit with look and feel of other setting pages

#9 @arena
5 years ago

  • Keywords dev-feedback needs-testing added

new patch with
+ help
+ one form
+ settings api (settings_fields, do_settings )
+ changed create and update messages
+ code review and indent to fit with look and feel of other setting pages

and done some tests, looks good for me.

enjoy your day !

@arena
5 years ago

Screenshot of patch #49302_(2)

#10 @arena
5 years ago

  • Keywords has-screenshots added

@arena
5 years ago

ooops ! 49602 not 302 ...

@arena
5 years ago

almost done !

#11 in reply to: ↑ 3 @arena
5 years ago

Related #43713

Replying to arena:

@carike

related ticket : #49627 point 6
privacy option : remove one or all "popular" embedders

related ticket : #49627 point 7
privacy option : embedding from "fully intrusive" to "not intrusive"

related ticket : #49661
privacy option : options on "log all mails" from group privacy/ "log all events" from privacy ... for legal purpose ( in case of conflict, in front of a court, for a trial, the dpo will have to bring some evidence that he (or his/her company) did everything "by the book". This would be a plugin mixing the plugins attached in the related ticket : logphpmailer and wp_mailer_filter.
The mails (and related events : confirmation links activated, archives loaded (have to see if the url provided is filterable but as of today the zip is accessible with a direct link) would be logged in a specific table with external user anonymized (e.g. md5($email) ) and only accessible through admin screen to a new wp role to be created : equivalent of a dpo, i call it the "cop" for "Chief Of Privacy" ... ;-) The "cop" (and of course the admin) would be the only one to have access to privacy options and specific gdpr or local laws specific admin screens.

This ticket was mentioned in Slack in #core-privacy by burtrw. View the logs.


4 years ago

This ticket was mentioned in Slack in #design by garrett-eclipse. View the logs.


4 years ago

#14 @garrett-eclipse
4 years ago

  • Keywords settings-api added

#15 @garrett-eclipse
4 years ago

  • Focuses privacy removed

Dropping privacy focus as it's already in the Privacy component.

#16 @audrasjb
4 years ago

#52085 was marked as a duplicate.

Note: See TracTickets for help on using tickets.