Skip to:
Content

BuddyPress.org

Ticket #7826: 7826.05.patch

File 7826.05.patch, 19.2 KB (added by boonebgorges, 3 years ago)
  • new file src/bp-settings/actions/data.php

    diff --git a/src/bp-settings/actions/data.php b/src/bp-settings/actions/data.php
    new file mode 100644
    index 000000000..80664ac24
    - +  
     1<?php
     2/**
     3 * Settings: Data management action handler
     4 *
     5 * @package BuddyPress
     6 * @subpackage SettingsActions
     7 * @since 4.0.0
     8 */
     9
     10/**
     11 * Data export request handler.
     12 *
     13 * @since 4.0.0
     14 */
     15add_action( 'bp_actions', function() {
     16        if ( ! bp_is_post_request() || ! bp_displayed_user_id() || empty( $_POST['bp-data-export-nonce'] ) ) {
     17                return;
     18        }
     19
     20        // Nonce check.
     21        check_admin_referer( 'bp-data-export', 'bp-data-export-nonce' );
     22
     23        // Delete existing request if available.
     24        if ( ! empty( $_POST['bp-data-export-delete-request-nonce'] ) && wp_verify_nonce( $_POST['bp-data-export-delete-request-nonce'], 'bp-data-export-delete-request' ) ) {
     25                $existing = bp_settings_get_personal_data_request();
     26                if ( ! empty( $existing->ID ) ) {
     27                        wp_delete_post( $existing->ID, true );
     28                }
     29        }
     30
     31        // Create the user request.
     32        $request_id = wp_create_user_request( buddypress()->displayed_user->userdata->user_email, 'export_personal_data' );
     33
     34        $success = true;
     35        if ( is_wp_error( $request_id ) ) {
     36                $success = false;
     37                $message = $request_id->get_error_message();
     38        } elseif ( ! $request_id ) {
     39                $success = false;
     40                $message = __( 'We were unable to generate the data export request.', 'buddypress' );
     41        }
     42
     43        /*
     44         * Auto-confirm the user request since the user already consented by
     45         * submitting our form.
     46         */
     47        if ( $success ) {
     48                /** This hook is documented in /wp-login.php */
     49                do_action( 'user_request_action_confirmed', $request_id );
     50
     51                $message = __( 'Data export request successfully created', 'buddypress' );
     52        }
     53
     54        /**
     55         * Fires after a user has created a data export request.
     56         *
     57         * This hook can be used to intervene in the data export request process.
     58         *
     59         * @since 4.0.0
     60         *
     61         * @param int  $request_id ID of the request.
     62         * @param bool $success    Whether the request was successfully created by WordPress.
     63         */
     64        do_action( 'bp_user_data_export_requested', $request_id, $success );
     65
     66        bp_core_add_message( $message, $success ? 'success' : 'error' );
     67        bp_core_redirect( bp_get_requested_url() );
     68} );
  • src/bp-settings/bp-settings-functions.php

    diff --git a/src/bp-settings/bp-settings-functions.php b/src/bp-settings/bp-settings-functions.php
    index c792d9126..7b7ad2528 100644
    a b function bp_settings_personal_data_exporter( $email_address, $page ) { 
    215215                'done' => true,
    216216        );
    217217}
     218
     219/**
     220 * Fetches a user's personal data request.
     221 *
     222 * @since 4.0.0
     223 *
     224 * @param int WP user ID.
     225 * @return WP_User_Request|false WP_User_Request object on success, boolean false on failure.
     226 */
     227function bp_settings_get_personal_data_request( $user_id = 0 ) {
     228        if ( empty( $user_id ) ) {
     229                $user_id = bp_displayed_user_id();
     230        }
     231
     232        if ( empty( $user_id ) ) {
     233                return false;
     234        }
     235
     236        $user = get_userdata( $user_id );
     237        if ( empty( $user ) ) {
     238                return false;
     239        }
     240
     241        $query = new WP_Query( array(
     242                'author'        => (int) $user_id,
     243                'post_type'     => 'user_request',
     244                'post_status'   => 'any',
     245                'post_name__in' => array(
     246                        'export_personal_data',
     247                ),
     248        ) );
     249
     250        if ( ! empty( $query->post ) ) {
     251                return wp_get_user_request_data( $query->post->ID );
     252        } else {
     253                return false;
     254        }
     255}
     256
     257/**
     258 * Fetches the expiration date for when a user request expires.
     259 *
     260 * @since 4.0.0
     261 *
     262 * @param WP_User_Request $request User request object.
     263 * @return string Formatted date.
     264 */
     265function bp_settings_get_personal_data_expiration_date( WP_User_Request $request ) {
     266        /** This filter is documented in wp-admin/includes/file.php */
     267        $expiration = apply_filters( 'wp_privacy_export_expiration', 3 * DAY_IN_SECONDS );
     268
     269        return bp_format_time( $request->completed_timestamp + $expiration, true );
     270}
     271
     272/**
     273 * Fetches the confirmation date for a user request object.
     274 *
     275 * @since 4.0.0
     276 *
     277 * @param WP_User_Request $request User request object.
     278 * @return string Formatted date for the confirmation date.
     279 */
     280function bp_settings_get_personal_data_confirmation_date( WP_User_Request $request ) {
     281        return bp_format_time( $request->confirmed_timestamp, true );
     282}
     283
     284function bp_settings_get_personal_data_export_url( WP_User_Request $request ) {
     285        return get_post_meta( $request->ID, '_export_file_url', true );
     286}
     287
     288/**
     289 * Check if the generated data export file still exists or not.
     290 *
     291 * @since 4.0.0
     292 *
     293 * @param  WP_User_Request $request User request object.
     294 * @return bool
     295 */
     296function bp_settings_personal_data_export_exists( WP_User_Request $request ) {
     297        $file = get_post_meta( $request->ID, '_export_file_path', true );
     298        if ( file_exists( $file ) ) {
     299                return true;
     300        } else {
     301                return false;
     302        }
     303}
     304
     305/**
     306 * Template tag to output a list of data exporter items.
     307 *
     308 * Piggybacks off of the 'wp_privacy_personal_data_exporters' filter and the
     309 * 'exporter_friendly_name' key, which is meant for the admin area.
     310 *
     311 * @todo We should look for a custom key like 'exporter_frontend_name' if available.
     312 *
     313 * @since 4.0.0
     314 */
     315function bp_settings_data_exporter_items() {
     316        /** This filter is documented in /wp-admin/includes/ajax-actions.php */
     317        $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() );
     318
     319?>
     320        <ul>
     321        <?php foreach ( $exporters as $exporter => $data ) :
     322                /**
     323                 * Filters the data exporter name for display on the "Settings > Data" page.
     324                 *
     325                 * @since 4.0.0
     326                 *
     327                 * @param string $name     Data exporter friendly name.
     328                 * @param string $exporter Internal exporter name.
     329                 */
     330                $item = apply_filters( 'bp_settings_data_exporter_name', esc_html( $data['exporter_friendly_name'] ), $exporter );
     331        ?>
     332
     333                <li><?php echo $item; ?></li>
     334
     335        <?php endforeach; ?>
     336        </ul>
     337
     338<?php
     339}
  • src/bp-settings/classes/class-bp-settings-component.php

    diff --git a/src/bp-settings/classes/class-bp-settings-component.php b/src/bp-settings/classes/class-bp-settings-component.php
    index 4176aa4e2..dda4a928d 100644
    a b class BP_Settings_Component extends BP_Component { 
    6666                        return;
    6767                }
    6868
    69                 $actions = array( 'notifications', 'capabilities', 'delete-account' );
     69                $actions = array( 'notifications', 'capabilities', 'data', 'delete-account' );
    7070
    7171                // Authenticated actions.
    7272                if ( is_user_logged_in() ) {
    class BP_Settings_Component extends BP_Component { 
    183183                        );
    184184                }
    185185
     186                /**
     187                 * Filter whether the site should show the "Settings > Data" page.
     188                 *
     189                 * @since 4.0.0
     190                 *
     191                 * @param bool $show Defaults to true.
     192                 */
     193                $show_data_page = apply_filters( 'bp_settings_show_user_data_page', true );
     194
     195                // Export Data - only available for WP 4.9.6+.
     196                if ( true === $show_data_page && version_compare( $GLOBALS['wp_version'], '4.9.6', '>=' ) ) {
     197                        $sub_nav[] = array(
     198                                'name'            => __( 'Export Data', 'buddypress' ),
     199                                'slug'            => 'data',
     200                                'parent_url'      => $settings_link,
     201                                'parent_slug'     => $slug,
     202                                'screen_function' => 'bp_settings_screen_data',
     203                                'position'        => 89,
     204                                'user_has_access' => $access,
     205                        );
     206                }
     207
    186208                // Add Delete Account nav item.
    187209                if ( ( ! bp_disable_account_deletion() && bp_is_my_profile() ) || bp_current_user_can( 'delete_users' ) ) {
    188210                        $sub_nav[] = array(
    class BP_Settings_Component extends BP_Component { 
    242264                                );
    243265                        }
    244266
     267                        /** This filter is documented in bp-settings/classes/class-bp-settings-component.php */
     268                        $show_data_page = apply_filters( 'bp_settings_show_user_data_page', true );
     269
     270                        // Export Data.
     271                        if ( true === $show_data_page && version_compare( $GLOBALS['wp_version'], '4.9.6', '>=' ) ) {
     272                                $wp_admin_nav[] = array(
     273                                        'parent'   => 'my-account-' . $this->id,
     274                                        'id'       => 'my-account-' . $this->id . '-data',
     275                                        'title'    => __( 'Export Data', 'buddypress' ),
     276                                        'href'     => trailingslashit( $settings_link . 'data' ),
     277                                        'position' => 89,
     278                                );
     279                        }
     280
    245281                        // Delete Account
    246282                        if ( !bp_current_user_can( 'bp_moderate' ) && ! bp_core_get_root_option( 'bp-disable-account-deletion' ) ) {
    247283                                $wp_admin_nav[] = array(
  • new file src/bp-settings/screens/data.php

    diff --git a/src/bp-settings/screens/data.php b/src/bp-settings/screens/data.php
    new file mode 100644
    index 000000000..73383d15a
    - +  
     1<?php
     2/**
     3 * Settings: User's "Settings > Export Data" screen handler
     4 *
     5 * @package BuddyPress
     6 * @subpackage SettingsScreens
     7 * @since 4.0.0
     8 */
     9
     10/**
     11 * Show the data settings template.
     12 *
     13 * @since 4.0.0
     14 */
     15function bp_settings_screen_data() {
     16        if ( bp_action_variables() ) {
     17                bp_do_404();
     18                return;
     19        }
     20
     21        /**
     22         * Filters the template file path to use for the data settings screen.
     23         *
     24         * @since 4.0.0
     25         *
     26         * @param string $value Directory path to look in for the template file.
     27         */
     28        bp_core_load_template( apply_filters( 'bp_settings_screen_data', 'members/single/settings/data' ) );
     29}
  • src/bp-templates/bp-legacy/buddypress/members/single/settings.php

    diff --git a/src/bp-templates/bp-legacy/buddypress/members/single/settings.php b/src/bp-templates/bp-legacy/buddypress/members/single/settings.php
    index 17eaf9fdb..81166e484 100644
    a b switch ( bp_current_action() ) : 
    3737        case 'profile'        :
    3838                bp_get_template_part( 'members/single/settings/profile'        );
    3939                break;
     40        case 'data'           :
     41                bp_get_template_part( 'members/single/settings/data'           );
    4042        default:
    4143                bp_get_template_part( 'members/single/plugins'                 );
    4244                break;
  • new file src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php

    diff --git a/src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php b/src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php
    new file mode 100644
    index 000000000..b89416faa
    - +  
     1<?php
     2/**
     3 * BuddyPress - Members Settings Data
     4 *
     5 * @package BuddyPress
     6 * @subpackage bp-legacy
     7 * @version 4.0.0
     8 */
     9
     10/** This action is documented in bp-templates/bp-legacy/buddypress/members/single/settings/profile.php */
     11do_action( 'bp_before_member_settings_template' ); ?>
     12
     13<h2><?php _e( 'Data Export', 'buddypress' );?></h2>
     14
     15<?php $request = bp_settings_get_personal_data_request(); ?>
     16
     17<?php if ( $request ) : ?>
     18
     19        <?php if ( 'request-completed' === $request->status ) : ?>
     20
     21                <?php if ( bp_settings_personal_data_export_exists( $request ) ) : ?>
     22
     23                        <p><?php esc_html_e( 'Your request for an export of personal data has been completed.', 'buddypress' ); ?></p>
     24                        <p><?php printf( esc_html__( 'You may download your personal data by clicking on the link below. For privacy and security, we will automatically delete the file on %s, so please download it before then.', 'buddypress' ), bp_settings_get_personal_data_expiration_date( $request ) ); ?></p>
     25
     26                        <p><strong><?php printf( '<a href="%1$s">%2$s</a>', bp_settings_get_personal_data_export_url( $request ), esc_html__( 'Download personal data', 'buddypress' ) ); ?></strong></p>
     27
     28                <?php else : ?>
     29
     30                        <p><?php esc_html_e( 'Your previous request for an export of personal data has expired.', 'buddypress' ); ?></p>
     31                        <p><?php esc_html_e( 'Please click on the button below to make a new request.', 'buddypress' ); ?></p>
     32
     33                        <form id="bp-data-export" method="post">
     34                                <input type="hidden" name="bp-data-export-delete-request-nonce" value="<?php echo wp_create_nonce( 'bp-data-export-delete-request' ); ?>" />
     35                                <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request new data export', 'buddypress' ); ?></button>
     36                        </form>
     37
     38                <?php endif; ?>
     39
     40        <?php elseif ( 'request-confirmed' === $request->status ) : ?>
     41
     42                <p><?php printf( esc_html__( 'You previously requested an export of your personal data on %s.', 'buddypress' ), bp_settings_get_personal_data_confirmation_date( $request ) ); ?></p>
     43                <p><?php esc_html_e( 'You will receive a link to download your export via email once we are able to fulfill your request.', 'buddypress' ); ?></p>
     44
     45        <?php endif; ?>
     46
     47<?php else : ?>
     48
     49        <p><?php esc_html_e( 'You can request an export of your personal data, containing the following items if applicable:', 'buddypress' ); ?></p>
     50
     51        <?php bp_settings_data_exporter_items(); ?>
     52
     53        <p><?php esc_html_e( 'If you want to make a request, please click on the button below:', 'buddypress' ); ?></p>
     54
     55        <form id="bp-data-export" method="post">
     56                <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request personal data export', 'buddypress' ); ?></button>
     57        </form>
     58
     59<?php endif; ?>
     60
     61<!--
     62<h2 class="bp-screen-reader-text"><?php
     63        /* translators: accessibility text */
     64        _e( 'Data Erase', 'buddypress' );
     65?></h2>
     66
     67<p>You can make a request to erase the following type of data from the site:</p>
     68
     69<p>If you want to make a request, please click on the button below:</p>
     70
     71        <form id="bp-data-erase" method="post">
     72                <button type="submit" name="bp-data-erase-nonce" value="<?php echo wp_create_nonce( 'bp-data-erase' ); ?>">Request data erasure</button>
     73        </form>
     74-->
     75
     76<?php
     77
     78/** This action is documented in bp-templates/bp-legacy/buddypress/members/single/settings/profile.php */
     79do_action( 'bp_after_member_settings_template' );
  • src/bp-templates/bp-nouveau/buddypress/members/single/settings.php

    diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings.php
    index bacded04f..2776bbef6 100644
    a b  
    22/**
    33 * BuddyPress - Users Settings
    44 *
    5  * @version 3.0.0
     5 * @version 4.0.0
    66 */
    77
    88?>
    switch ( bp_current_action() ) : 
    3939        case 'invites':
    4040                bp_get_template_part( 'members/single/settings/group-invites' );
    4141                break;
     42        case 'data':
     43                bp_get_template_part( 'members/single/settings/data' );
     44                break;
    4245        default:
    4346                bp_get_template_part( 'members/single/plugins' );
    4447                break;
  • new file src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php

    diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php
    new file mode 100644
    index 000000000..0202ede61
    - +  
     1<?php
     2/**
     3 * BuddyPress - Members Settings (Export Data)
     4 *
     5 * @since 3.1.0
     6 * @version 3.1.0
     7 */
     8
     9bp_nouveau_member_hook( 'before', 'settings_template' ); ?>
     10
     11<h2 class="screen-heading data-settings-screen">
     12        <?php esc_html_e( 'Data Export', 'buddypress' ); ?>
     13</h2>
     14
     15<?php $request = bp_settings_get_personal_data_request(); ?>
     16
     17<?php if ( $request ) : ?>
     18
     19        <?php if ( 'request-completed' === $request->status ) : ?>
     20
     21                <?php if ( bp_settings_personal_data_export_exists( $request ) ) : ?>
     22
     23                        <p><?php esc_html_e( 'Your request for an export of personal data has been completed.', 'buddypress' ); ?></p>
     24                        <p><?php printf( esc_html__( 'You may download your personal data by clicking on the link below. For privacy and security, we will automatically delete the file on %s, so please download it before then.', 'buddypress' ), bp_settings_get_personal_data_expiration_date( $request ) ); ?></p>
     25
     26                        <p><strong><?php printf( '<a href="%1$s">%2$s</a>', bp_settings_get_personal_data_export_url( $request ), esc_html__( 'Download personal data', 'buddypress' ) ); ?></strong></p>
     27
     28                <?php else : ?>
     29
     30                        <p><?php esc_html_e( 'Your previous request for an export of personal data has expired.', 'buddypress' ); ?></p>
     31                        <p><?php esc_html_e( 'Please click on the button below to make a new request.', 'buddypress' ); ?></p>
     32
     33                        <form id="bp-data-export" method="post">
     34                                <input type="hidden" name="bp-data-export-delete-request-nonce" value="<?php echo wp_create_nonce( 'bp-data-export-delete-request' ); ?>" />
     35                                <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request new data export', 'buddypress' ); ?></button>
     36                        </form>
     37
     38                <?php endif; ?>
     39
     40        <?php elseif ( 'request-confirmed' === $request->status ) : ?>
     41
     42                <p><?php printf( esc_html__( 'You previously requested an export of your personal data on %s.', 'buddypress' ), bp_settings_get_personal_data_confirmation_date( $request ) ); ?></p>
     43                <p><?php esc_html_e( 'You will receive a link to download your export via email once we are able to fulfill your request.', 'buddypress' ); ?></p>
     44
     45        <?php endif; ?>
     46
     47<?php else : ?>
     48
     49        <p><?php esc_html_e( 'You can request an export of your personal data, containing the following items if applicable:', 'buddypress' ); ?></p>
     50
     51        <?php bp_settings_data_exporter_items(); ?>
     52
     53        <p><?php esc_html_e( 'If you want to make a request, please click on the button below:', 'buddypress' ); ?></p>
     54
     55        <form id="bp-data-export" method="post">
     56                <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request personal data export', 'buddypress' ); ?></button>
     57        </form>
     58
     59<?php endif; ?>
     60
     61<h2 class="screen-heading data-settings-screen">
     62        <?php esc_html_e( 'Data Erase', 'buddypress' ); ?>
     63</h2>
     64
     65<?php /* translators: Link to Delete Account Settings page */ ?>
     66<p><?php esc_html_e( 'To erase all data associated with your account, your user account must be completely deleted.', 'buddypress' ); ?> <?php if ( bp_disable_account_deletion() ) : ?><?php esc_html_e( 'Please contact the site administrator to request account deletion.', 'buddypress' ); ?><?php else : ?><?php printf( esc_html__( 'You may delete your account by visiting the %s page.', 'buddypress' ), sprintf( '<a href="%s">%s</a>', bp_displayed_user_domain() . bp_get_settings_slug() . '/delete-account/', esc_html__( 'Delete Account', 'buddypress' ) ) ); ?><?php endif; ?></p>
     67
     68<?php
     69bp_nouveau_member_hook( 'after', 'settings_template' );
  • src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php

    diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php
    index 7c50b0176..11dc5e15a 100644
    a b  
    33 * BuddyPress - Members Settings ( Delete Account )
    44 *
    55 * @since 3.0.0
    6  * @version 3.1.0
     6 * @version 4.0.0
    77 */
    88
    99bp_nouveau_member_hook( 'before', 'settings_template' ); ?>
    bp_nouveau_member_hook( 'before', 'settings_template' ); ?> 
    1616
    1717<form action="<?php echo esc_url( bp_displayed_user_domain() . bp_get_settings_slug() . '/delete-account' ); ?>" name="account-delete-form" id="#account-delete-form" class="standard-form" method="post">
    1818
    19         <label class="warn" for="delete-account-understand">
    20                 <input id="delete-account-understand" class="disabled" type="checkbox" name="delete-account-understand" value="1" data-bp-disable-input="#delete-account-button" />
     19        <label id="delete-account-understand" class="warn" for="delete-account-understand">
     20                <input class="disabled" type="checkbox" name="delete-account-understand" value="1" data-bp-disable-input="#delete-account-button" />
    2121                <?php esc_html_e( 'I understand the consequences.', 'buddypress' ); ?>
    2222        </label>
    2323