Ticket #7826: 7826.05.patch
File 7826.05.patch, 19.2 KB (added by , 6 years ago) |
---|
-
new file src/bp-settings/actions/data.php
diff --git a/src/bp-settings/actions/data.php b/src/bp-settings/actions/data.php new file mode 100644 index 000000000..80664ac24
- + 1 <?php 2 /** 3 * Settings: Data management action handler 4 * 5 * @package BuddyPress 6 * @subpackage SettingsActions 7 * @since 4.0.0 8 */ 9 10 /** 11 * Data export request handler. 12 * 13 * @since 4.0.0 14 */ 15 add_action( 'bp_actions', function() { 16 if ( ! bp_is_post_request() || ! bp_displayed_user_id() || empty( $_POST['bp-data-export-nonce'] ) ) { 17 return; 18 } 19 20 // Nonce check. 21 check_admin_referer( 'bp-data-export', 'bp-data-export-nonce' ); 22 23 // Delete existing request if available. 24 if ( ! empty( $_POST['bp-data-export-delete-request-nonce'] ) && wp_verify_nonce( $_POST['bp-data-export-delete-request-nonce'], 'bp-data-export-delete-request' ) ) { 25 $existing = bp_settings_get_personal_data_request(); 26 if ( ! empty( $existing->ID ) ) { 27 wp_delete_post( $existing->ID, true ); 28 } 29 } 30 31 // Create the user request. 32 $request_id = wp_create_user_request( buddypress()->displayed_user->userdata->user_email, 'export_personal_data' ); 33 34 $success = true; 35 if ( is_wp_error( $request_id ) ) { 36 $success = false; 37 $message = $request_id->get_error_message(); 38 } elseif ( ! $request_id ) { 39 $success = false; 40 $message = __( 'We were unable to generate the data export request.', 'buddypress' ); 41 } 42 43 /* 44 * Auto-confirm the user request since the user already consented by 45 * submitting our form. 46 */ 47 if ( $success ) { 48 /** This hook is documented in /wp-login.php */ 49 do_action( 'user_request_action_confirmed', $request_id ); 50 51 $message = __( 'Data export request successfully created', 'buddypress' ); 52 } 53 54 /** 55 * Fires after a user has created a data export request. 56 * 57 * This hook can be used to intervene in the data export request process. 58 * 59 * @since 4.0.0 60 * 61 * @param int $request_id ID of the request. 62 * @param bool $success Whether the request was successfully created by WordPress. 63 */ 64 do_action( 'bp_user_data_export_requested', $request_id, $success ); 65 66 bp_core_add_message( $message, $success ? 'success' : 'error' ); 67 bp_core_redirect( bp_get_requested_url() ); 68 } ); -
src/bp-settings/bp-settings-functions.php
diff --git a/src/bp-settings/bp-settings-functions.php b/src/bp-settings/bp-settings-functions.php index c792d9126..7b7ad2528 100644
a b function bp_settings_personal_data_exporter( $email_address, $page ) { 215 215 'done' => true, 216 216 ); 217 217 } 218 219 /** 220 * Fetches a user's personal data request. 221 * 222 * @since 4.0.0 223 * 224 * @param int WP user ID. 225 * @return WP_User_Request|false WP_User_Request object on success, boolean false on failure. 226 */ 227 function bp_settings_get_personal_data_request( $user_id = 0 ) { 228 if ( empty( $user_id ) ) { 229 $user_id = bp_displayed_user_id(); 230 } 231 232 if ( empty( $user_id ) ) { 233 return false; 234 } 235 236 $user = get_userdata( $user_id ); 237 if ( empty( $user ) ) { 238 return false; 239 } 240 241 $query = new WP_Query( array( 242 'author' => (int) $user_id, 243 'post_type' => 'user_request', 244 'post_status' => 'any', 245 'post_name__in' => array( 246 'export_personal_data', 247 ), 248 ) ); 249 250 if ( ! empty( $query->post ) ) { 251 return wp_get_user_request_data( $query->post->ID ); 252 } else { 253 return false; 254 } 255 } 256 257 /** 258 * Fetches the expiration date for when a user request expires. 259 * 260 * @since 4.0.0 261 * 262 * @param WP_User_Request $request User request object. 263 * @return string Formatted date. 264 */ 265 function bp_settings_get_personal_data_expiration_date( WP_User_Request $request ) { 266 /** This filter is documented in wp-admin/includes/file.php */ 267 $expiration = apply_filters( 'wp_privacy_export_expiration', 3 * DAY_IN_SECONDS ); 268 269 return bp_format_time( $request->completed_timestamp + $expiration, true ); 270 } 271 272 /** 273 * Fetches the confirmation date for a user request object. 274 * 275 * @since 4.0.0 276 * 277 * @param WP_User_Request $request User request object. 278 * @return string Formatted date for the confirmation date. 279 */ 280 function bp_settings_get_personal_data_confirmation_date( WP_User_Request $request ) { 281 return bp_format_time( $request->confirmed_timestamp, true ); 282 } 283 284 function bp_settings_get_personal_data_export_url( WP_User_Request $request ) { 285 return get_post_meta( $request->ID, '_export_file_url', true ); 286 } 287 288 /** 289 * Check if the generated data export file still exists or not. 290 * 291 * @since 4.0.0 292 * 293 * @param WP_User_Request $request User request object. 294 * @return bool 295 */ 296 function bp_settings_personal_data_export_exists( WP_User_Request $request ) { 297 $file = get_post_meta( $request->ID, '_export_file_path', true ); 298 if ( file_exists( $file ) ) { 299 return true; 300 } else { 301 return false; 302 } 303 } 304 305 /** 306 * Template tag to output a list of data exporter items. 307 * 308 * Piggybacks off of the 'wp_privacy_personal_data_exporters' filter and the 309 * 'exporter_friendly_name' key, which is meant for the admin area. 310 * 311 * @todo We should look for a custom key like 'exporter_frontend_name' if available. 312 * 313 * @since 4.0.0 314 */ 315 function bp_settings_data_exporter_items() { 316 /** This filter is documented in /wp-admin/includes/ajax-actions.php */ 317 $exporters = apply_filters( 'wp_privacy_personal_data_exporters', array() ); 318 319 ?> 320 <ul> 321 <?php foreach ( $exporters as $exporter => $data ) : 322 /** 323 * Filters the data exporter name for display on the "Settings > Data" page. 324 * 325 * @since 4.0.0 326 * 327 * @param string $name Data exporter friendly name. 328 * @param string $exporter Internal exporter name. 329 */ 330 $item = apply_filters( 'bp_settings_data_exporter_name', esc_html( $data['exporter_friendly_name'] ), $exporter ); 331 ?> 332 333 <li><?php echo $item; ?></li> 334 335 <?php endforeach; ?> 336 </ul> 337 338 <?php 339 } -
src/bp-settings/classes/class-bp-settings-component.php
diff --git a/src/bp-settings/classes/class-bp-settings-component.php b/src/bp-settings/classes/class-bp-settings-component.php index 4176aa4e2..dda4a928d 100644
a b class BP_Settings_Component extends BP_Component { 66 66 return; 67 67 } 68 68 69 $actions = array( 'notifications', 'capabilities', 'd elete-account' );69 $actions = array( 'notifications', 'capabilities', 'data', 'delete-account' ); 70 70 71 71 // Authenticated actions. 72 72 if ( is_user_logged_in() ) { … … class BP_Settings_Component extends BP_Component { 183 183 ); 184 184 } 185 185 186 /** 187 * Filter whether the site should show the "Settings > Data" page. 188 * 189 * @since 4.0.0 190 * 191 * @param bool $show Defaults to true. 192 */ 193 $show_data_page = apply_filters( 'bp_settings_show_user_data_page', true ); 194 195 // Export Data - only available for WP 4.9.6+. 196 if ( true === $show_data_page && version_compare( $GLOBALS['wp_version'], '4.9.6', '>=' ) ) { 197 $sub_nav[] = array( 198 'name' => __( 'Export Data', 'buddypress' ), 199 'slug' => 'data', 200 'parent_url' => $settings_link, 201 'parent_slug' => $slug, 202 'screen_function' => 'bp_settings_screen_data', 203 'position' => 89, 204 'user_has_access' => $access, 205 ); 206 } 207 186 208 // Add Delete Account nav item. 187 209 if ( ( ! bp_disable_account_deletion() && bp_is_my_profile() ) || bp_current_user_can( 'delete_users' ) ) { 188 210 $sub_nav[] = array( … … class BP_Settings_Component extends BP_Component { 242 264 ); 243 265 } 244 266 267 /** This filter is documented in bp-settings/classes/class-bp-settings-component.php */ 268 $show_data_page = apply_filters( 'bp_settings_show_user_data_page', true ); 269 270 // Export Data. 271 if ( true === $show_data_page && version_compare( $GLOBALS['wp_version'], '4.9.6', '>=' ) ) { 272 $wp_admin_nav[] = array( 273 'parent' => 'my-account-' . $this->id, 274 'id' => 'my-account-' . $this->id . '-data', 275 'title' => __( 'Export Data', 'buddypress' ), 276 'href' => trailingslashit( $settings_link . 'data' ), 277 'position' => 89, 278 ); 279 } 280 245 281 // Delete Account 246 282 if ( !bp_current_user_can( 'bp_moderate' ) && ! bp_core_get_root_option( 'bp-disable-account-deletion' ) ) { 247 283 $wp_admin_nav[] = array( -
new file src/bp-settings/screens/data.php
diff --git a/src/bp-settings/screens/data.php b/src/bp-settings/screens/data.php new file mode 100644 index 000000000..73383d15a
- + 1 <?php 2 /** 3 * Settings: User's "Settings > Export Data" screen handler 4 * 5 * @package BuddyPress 6 * @subpackage SettingsScreens 7 * @since 4.0.0 8 */ 9 10 /** 11 * Show the data settings template. 12 * 13 * @since 4.0.0 14 */ 15 function bp_settings_screen_data() { 16 if ( bp_action_variables() ) { 17 bp_do_404(); 18 return; 19 } 20 21 /** 22 * Filters the template file path to use for the data settings screen. 23 * 24 * @since 4.0.0 25 * 26 * @param string $value Directory path to look in for the template file. 27 */ 28 bp_core_load_template( apply_filters( 'bp_settings_screen_data', 'members/single/settings/data' ) ); 29 } -
src/bp-templates/bp-legacy/buddypress/members/single/settings.php
diff --git a/src/bp-templates/bp-legacy/buddypress/members/single/settings.php b/src/bp-templates/bp-legacy/buddypress/members/single/settings.php index 17eaf9fdb..81166e484 100644
a b switch ( bp_current_action() ) : 37 37 case 'profile' : 38 38 bp_get_template_part( 'members/single/settings/profile' ); 39 39 break; 40 case 'data' : 41 bp_get_template_part( 'members/single/settings/data' ); 40 42 default: 41 43 bp_get_template_part( 'members/single/plugins' ); 42 44 break; -
new file src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php
diff --git a/src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php b/src/bp-templates/bp-legacy/buddypress/members/single/settings/data.php new file mode 100644 index 000000000..b89416faa
- + 1 <?php 2 /** 3 * BuddyPress - Members Settings Data 4 * 5 * @package BuddyPress 6 * @subpackage bp-legacy 7 * @version 4.0.0 8 */ 9 10 /** This action is documented in bp-templates/bp-legacy/buddypress/members/single/settings/profile.php */ 11 do_action( 'bp_before_member_settings_template' ); ?> 12 13 <h2><?php _e( 'Data Export', 'buddypress' );?></h2> 14 15 <?php $request = bp_settings_get_personal_data_request(); ?> 16 17 <?php if ( $request ) : ?> 18 19 <?php if ( 'request-completed' === $request->status ) : ?> 20 21 <?php if ( bp_settings_personal_data_export_exists( $request ) ) : ?> 22 23 <p><?php esc_html_e( 'Your request for an export of personal data has been completed.', 'buddypress' ); ?></p> 24 <p><?php printf( esc_html__( 'You may download your personal data by clicking on the link below. For privacy and security, we will automatically delete the file on %s, so please download it before then.', 'buddypress' ), bp_settings_get_personal_data_expiration_date( $request ) ); ?></p> 25 26 <p><strong><?php printf( '<a href="%1$s">%2$s</a>', bp_settings_get_personal_data_export_url( $request ), esc_html__( 'Download personal data', 'buddypress' ) ); ?></strong></p> 27 28 <?php else : ?> 29 30 <p><?php esc_html_e( 'Your previous request for an export of personal data has expired.', 'buddypress' ); ?></p> 31 <p><?php esc_html_e( 'Please click on the button below to make a new request.', 'buddypress' ); ?></p> 32 33 <form id="bp-data-export" method="post"> 34 <input type="hidden" name="bp-data-export-delete-request-nonce" value="<?php echo wp_create_nonce( 'bp-data-export-delete-request' ); ?>" /> 35 <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request new data export', 'buddypress' ); ?></button> 36 </form> 37 38 <?php endif; ?> 39 40 <?php elseif ( 'request-confirmed' === $request->status ) : ?> 41 42 <p><?php printf( esc_html__( 'You previously requested an export of your personal data on %s.', 'buddypress' ), bp_settings_get_personal_data_confirmation_date( $request ) ); ?></p> 43 <p><?php esc_html_e( 'You will receive a link to download your export via email once we are able to fulfill your request.', 'buddypress' ); ?></p> 44 45 <?php endif; ?> 46 47 <?php else : ?> 48 49 <p><?php esc_html_e( 'You can request an export of your personal data, containing the following items if applicable:', 'buddypress' ); ?></p> 50 51 <?php bp_settings_data_exporter_items(); ?> 52 53 <p><?php esc_html_e( 'If you want to make a request, please click on the button below:', 'buddypress' ); ?></p> 54 55 <form id="bp-data-export" method="post"> 56 <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request personal data export', 'buddypress' ); ?></button> 57 </form> 58 59 <?php endif; ?> 60 61 <!-- 62 <h2 class="bp-screen-reader-text"><?php 63 /* translators: accessibility text */ 64 _e( 'Data Erase', 'buddypress' ); 65 ?></h2> 66 67 <p>You can make a request to erase the following type of data from the site:</p> 68 69 <p>If you want to make a request, please click on the button below:</p> 70 71 <form id="bp-data-erase" method="post"> 72 <button type="submit" name="bp-data-erase-nonce" value="<?php echo wp_create_nonce( 'bp-data-erase' ); ?>">Request data erasure</button> 73 </form> 74 --> 75 76 <?php 77 78 /** This action is documented in bp-templates/bp-legacy/buddypress/members/single/settings/profile.php */ 79 do_action( 'bp_after_member_settings_template' ); -
src/bp-templates/bp-nouveau/buddypress/members/single/settings.php
diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings.php index bacded04f..2776bbef6 100644
a b 2 2 /** 3 3 * BuddyPress - Users Settings 4 4 * 5 * @version 3.0.05 * @version 4.0.0 6 6 */ 7 7 8 8 ?> … … switch ( bp_current_action() ) : 39 39 case 'invites': 40 40 bp_get_template_part( 'members/single/settings/group-invites' ); 41 41 break; 42 case 'data': 43 bp_get_template_part( 'members/single/settings/data' ); 44 break; 42 45 default: 43 46 bp_get_template_part( 'members/single/plugins' ); 44 47 break; -
new file src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php
diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings/data.php new file mode 100644 index 000000000..0202ede61
- + 1 <?php 2 /** 3 * BuddyPress - Members Settings (Export Data) 4 * 5 * @since 3.1.0 6 * @version 3.1.0 7 */ 8 9 bp_nouveau_member_hook( 'before', 'settings_template' ); ?> 10 11 <h2 class="screen-heading data-settings-screen"> 12 <?php esc_html_e( 'Data Export', 'buddypress' ); ?> 13 </h2> 14 15 <?php $request = bp_settings_get_personal_data_request(); ?> 16 17 <?php if ( $request ) : ?> 18 19 <?php if ( 'request-completed' === $request->status ) : ?> 20 21 <?php if ( bp_settings_personal_data_export_exists( $request ) ) : ?> 22 23 <p><?php esc_html_e( 'Your request for an export of personal data has been completed.', 'buddypress' ); ?></p> 24 <p><?php printf( esc_html__( 'You may download your personal data by clicking on the link below. For privacy and security, we will automatically delete the file on %s, so please download it before then.', 'buddypress' ), bp_settings_get_personal_data_expiration_date( $request ) ); ?></p> 25 26 <p><strong><?php printf( '<a href="%1$s">%2$s</a>', bp_settings_get_personal_data_export_url( $request ), esc_html__( 'Download personal data', 'buddypress' ) ); ?></strong></p> 27 28 <?php else : ?> 29 30 <p><?php esc_html_e( 'Your previous request for an export of personal data has expired.', 'buddypress' ); ?></p> 31 <p><?php esc_html_e( 'Please click on the button below to make a new request.', 'buddypress' ); ?></p> 32 33 <form id="bp-data-export" method="post"> 34 <input type="hidden" name="bp-data-export-delete-request-nonce" value="<?php echo wp_create_nonce( 'bp-data-export-delete-request' ); ?>" /> 35 <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request new data export', 'buddypress' ); ?></button> 36 </form> 37 38 <?php endif; ?> 39 40 <?php elseif ( 'request-confirmed' === $request->status ) : ?> 41 42 <p><?php printf( esc_html__( 'You previously requested an export of your personal data on %s.', 'buddypress' ), bp_settings_get_personal_data_confirmation_date( $request ) ); ?></p> 43 <p><?php esc_html_e( 'You will receive a link to download your export via email once we are able to fulfill your request.', 'buddypress' ); ?></p> 44 45 <?php endif; ?> 46 47 <?php else : ?> 48 49 <p><?php esc_html_e( 'You can request an export of your personal data, containing the following items if applicable:', 'buddypress' ); ?></p> 50 51 <?php bp_settings_data_exporter_items(); ?> 52 53 <p><?php esc_html_e( 'If you want to make a request, please click on the button below:', 'buddypress' ); ?></p> 54 55 <form id="bp-data-export" method="post"> 56 <button type="submit" name="bp-data-export-nonce" value="<?php echo wp_create_nonce( 'bp-data-export' ); ?>"><?php esc_html_e( 'Request personal data export', 'buddypress' ); ?></button> 57 </form> 58 59 <?php endif; ?> 60 61 <h2 class="screen-heading data-settings-screen"> 62 <?php esc_html_e( 'Data Erase', 'buddypress' ); ?> 63 </h2> 64 65 <?php /* translators: Link to Delete Account Settings page */ ?> 66 <p><?php esc_html_e( 'To erase all data associated with your account, your user account must be completely deleted.', 'buddypress' ); ?> <?php if ( bp_disable_account_deletion() ) : ?><?php esc_html_e( 'Please contact the site administrator to request account deletion.', 'buddypress' ); ?><?php else : ?><?php printf( esc_html__( 'You may delete your account by visiting the %s page.', 'buddypress' ), sprintf( '<a href="%s">%s</a>', bp_displayed_user_domain() . bp_get_settings_slug() . '/delete-account/', esc_html__( 'Delete Account', 'buddypress' ) ) ); ?><?php endif; ?></p> 67 68 <?php 69 bp_nouveau_member_hook( 'after', 'settings_template' ); -
src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php
diff --git a/src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php b/src/bp-templates/bp-nouveau/buddypress/members/single/settings/delete-account.php index 7c50b0176..11dc5e15a 100644
a b 3 3 * BuddyPress - Members Settings ( Delete Account ) 4 4 * 5 5 * @since 3.0.0 6 * @version 3.1.06 * @version 4.0.0 7 7 */ 8 8 9 9 bp_nouveau_member_hook( 'before', 'settings_template' ); ?> … … bp_nouveau_member_hook( 'before', 'settings_template' ); ?> 16 16 17 17 <form action="<?php echo esc_url( bp_displayed_user_domain() . bp_get_settings_slug() . '/delete-account' ); ?>" name="account-delete-form" id="#account-delete-form" class="standard-form" method="post"> 18 18 19 <label class="warn" for="delete-account-understand">20 <input id="delete-account-understand"class="disabled" type="checkbox" name="delete-account-understand" value="1" data-bp-disable-input="#delete-account-button" />19 <label id="delete-account-understand" class="warn" for="delete-account-understand"> 20 <input class="disabled" type="checkbox" name="delete-account-understand" value="1" data-bp-disable-input="#delete-account-button" /> 21 21 <?php esc_html_e( 'I understand the consequences.', 'buddypress' ); ?> 22 22 </label> 23 23