Privacy: Introduce filters for the headers of all the privacy-related e-mails:

* `wp_privacy_personal_data_email_headers` * `user_request_confirmed_email_headers` * `user_erasure_complete_email_headers` * `user_request_action_email_headers` Props xkon, garrett-eclipse, zaffarn, desrosj. Fixes #44501. git-svn-id: https://develop.svn.wordpress.org/trunk@47279 602fd350-edb4-49c9-b593-d223f7449a82
2020-02-11 21:41:26 +00:00 · 2020-02-11 21:41:26 +00:00 · 1106d82f93
parent b8e935b2f2
commit 1106d82f93
7 changed files with 247 additions and 4 deletions
--- a/src/wp-admin/includes/privacy-tools.php
+++ b/src/wp-admin/includes/privacy-tools.php
@ -658,7 +658,34 @@ All at ###SITENAME###
 	$content = str_replace( '###SITENAME###', $site_name, $content );
 	$content = str_replace( '###SITEURL###', esc_url_raw( $site_url ), $content );

-	$mail_success = wp_mail( $request_email, $subject, $content );
+	$headers = '';
+
+	/**
+	 * Filters the headers of the email sent with a personal data export file.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers    The email headers.
+	 * @param string       $subject    The email subject.
+	 * @param string       $content    The email content.
+	 * @param int          $request_id The request ID.
+	 * @param array        $email_data {
+	 *     Data relating to the account action email.
+	 *
+	 *     @type WP_User_Request $request           User request object.
+	 *     @type int             $expiration        The time in seconds until the export file expires.
+	 *     @type string          $expiration_date   The localized date and time when the export file expires.
+	 *     @type string          $message_recipient The address that the email will be sent to. Defaults
+	 *                                              to the value of `$request->email`, but can be changed
+	 *                                              by the `wp_privacy_personal_data_email_to` filter.
+	 *     @type string          $export_file_url   The export file URL.
+	 *     @type string          $sitename          The site name sending the mail.
+	 *     @type string          $siteurl           The site URL sending the mail.
+	 * }
+	 */
+	$headers = apply_filters( 'wp_privacy_personal_data_email_headers', $headers, $subject, $content, $request_id, $email_data );
+
+	$mail_success = wp_mail( $request_email, $subject, $content, $headers );

 	if ( $switched_locale ) {
 		restore_previous_locale();
--- a/src/wp-includes/user.php
+++ b/src/wp-includes/user.php
@ -3294,7 +3294,32 @@ All at ###SITENAME###
 	 */
 	$subject = apply_filters( 'user_request_confirmed_email_subject', $subject, $email_data['sitename'], $email_data );

-	$email_sent = wp_mail( $email_data['admin_email'], $subject, $content );
+	$headers = '';
+
+	/**
+	 * Filters the headers of the user request confirmation email.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers    The email headers.
+	 * @param string       $subject    The email subject.
+	 * @param string       $content    The email content.
+	 * @param int          $request_id The request ID.
+	 * @param array        $email_data {
+	 *     Data relating to the account action email.
+	 *
+	 *     @type WP_User_Request $request     User request object.
+	 *     @type string          $user_email  The email address confirming a request
+	 *     @type string          $description Description of the action being performed so the user knows what the email is for.
+	 *     @type string          $manage_url  The link to click manage privacy requests of this type.
+	 *     @type string          $sitename    The site name sending the mail.
+	 *     @type string          $siteurl     The site URL sending the mail.
+	 *     @type string          $admin_email The administrator email receiving the mail.
+	 * }
+	 */
+	$headers = apply_filters( 'user_request_confirmed_email_headers', $headers, $subject, $content, $request_id, $email_data );
+
+	$email_sent = wp_mail( $email_data['admin_email'], $subject, $content, $headers );

 	if ( $email_sent ) {
 		update_post_meta( $request_id, '_wp_admin_notified', true );
@ -3440,7 +3465,32 @@ All at ###SITENAME###
 	$content = str_replace( '###PRIVACY_POLICY_URL###', $email_data['privacy_policy_url'], $content );
 	$content = str_replace( '###SITEURL###', esc_url_raw( $email_data['siteurl'] ), $content );

-	$email_sent = wp_mail( $user_email, $subject, $content );
+	$headers = '';
+
+	/**
+	 * Filters the headers of the data erasure fulfillment notification.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers    The email headers.
+	 * @param string       $subject    The email subject.
+	 * @param string       $content    The email content.
+	 * @param int          $request_id The request ID.
+	 * @param array        $email_data {
+	 *     Data relating to the account action email.
+	 *
+	 *     @type WP_User_Request $request            User request object.
+	 *     @type string          $message_recipient  The address that the email will be sent to. Defaults
+	 *                                               to the value of `$request->email`, but can be changed
+	 *                                               by the `user_erasure_fulfillment_email_to` filter.
+	 *     @type string          $privacy_policy_url Privacy policy URL.
+	 *     @type string          $sitename           The site name sending the mail.
+	 *     @type string          $siteurl            The site URL sending the mail.
+	 * }
+	 */
+	$headers = apply_filters( 'user_erasure_complete_email_headers', $headers, $subject, $content, $request_id, $email_data );
+
+	$email_sent = wp_mail( $user_email, $subject, $content, $headers );

 	if ( $switched_locale ) {
 		restore_previous_locale();
@ -3702,7 +3752,31 @@ All at ###SITENAME###
 	 */
 	$subject = apply_filters( 'user_request_action_email_subject', $subject, $email_data['sitename'], $email_data );

-	$email_sent = wp_mail( $email_data['email'], $subject, $content );
+	$headers = '';
+
+	/**
+	 * Filters the headers of the email sent when an account action is attempted.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers    The email headers.
+	 * @param string       $subject    The email subject.
+	 * @param string       $content    The email content.
+	 * @param int          $request_id The request ID.
+	 * @param array        $email_data {
+	 *     Data relating to the account action email.
+	 *
+	 *     @type WP_User_Request $request     User request object.
+	 *     @type string          $email       The email address this is being sent to.
+	 *     @type string          $description Description of the action being performed so the user knows what the email is for.
+	 *     @type string          $confirm_url The link to click on to confirm the account action.
+	 *     @type string          $sitename    The site name sending the mail.
+	 *     @type string          $siteurl     The site URL sending the mail.
+	 * }
+	 */
+	$headers = apply_filters( 'user_request_action_email_headers', $headers, $subject, $content, $request_id, $email_data );
+
+	$email_sent = wp_mail( $email_data['email'], $subject, $content, $headers );

 	if ( $switched_locale ) {
 		restore_previous_locale();
--- a/tests/phpunit/tests/privacy/wpPrivacySendErasureFulfillmentNotification.php
+++ b/tests/phpunit/tests/privacy/wpPrivacySendErasureFulfillmentNotification.php
@ -256,6 +256,38 @@ class Tests_Privacy_WpPrivacySendErasureFulfillmentNotification extends WP_UnitT
 		return 'Modified text';
 	}

+	/**
+	 * The email headers of the fulfillment notification should be filterable.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @ticket 44501
+	 */
+	public function test_email_headers_should_be_filterable() {
+		add_filter( 'user_erasure_complete_email_headers', array( $this, 'modify_email_headers' ) );
+		_wp_privacy_send_erasure_fulfillment_notification( self::$request_id );
+
+		$mailer = tests_retrieve_phpmailer_instance();
+
+		$this->assertContains( 'From: Tester <tester@example.com>', $mailer->get_sent()->header );
+	}
+
+	/**
+	 * Filter callback that modifies the email headers of the data erasure fulfillment notification.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers The email headers.
+	 * @return array       $headers The new email headers.
+	 */
+	public function modify_email_headers( $headers ) {
+		$headers = array(
+			'From: Tester <tester@example.com>',
+		);
+
+		return $headers;
+	}
+
 	/**
 	 * The function should not send an email when the request ID does not exist.
 	 *
--- a/tests/phpunit/tests/privacy/wpPrivacySendPersonalDataExportEmail.php
+++ b/tests/phpunit/tests/privacy/wpPrivacySendPersonalDataExportEmail.php
@ -252,6 +252,38 @@ class Tests_Privacy_WpPrivacySendPersonalDataExportEmail extends WP_UnitTestCase
 		return 'Custom content for request ID: ' . $request_id;
 	}

+	/**
+	 * The email headers should be filterable.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @ticket 44501
+	 */
+	public function test_email_headers_should_be_filterable() {
+		add_filter( 'wp_privacy_personal_data_email_headers', array( $this, 'modify_email_headers' ) );
+		wp_privacy_send_personal_data_export_email( self::$request_id );
+
+		$mailer = tests_retrieve_phpmailer_instance();
+
+		$this->assertContains( 'From: Tester <tester@example.com>', $mailer->get_sent()->header );
+	}
+
+	/**
+	 * Filter callback to modify the headers of the email sent with a personal data export file.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers The email headers.
+	 * @return array       $headers The new email headers.
+	 */
+	public function modify_email_headers( $headers ) {
+		$headers = array(
+			'From: Tester <tester@example.com>',
+		);
+
+		return $headers;
+	}
+
 	/**
 	 * The email content should be filterable using the $email_data
 	 *
--- a/tests/phpunit/tests/privacy/wpPrivacySendRequestConfirmationNotification.php
+++ b/tests/phpunit/tests/privacy/wpPrivacySendRequestConfirmationNotification.php
@ -207,4 +207,42 @@ class Tests_User_WpPrivacySendRequestConfirmationNotification extends WP_UnitTes
 		return $email_text;
 	}

+	/**
+	 * The email headers should be filterable.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @ticket 44501
+	 */
+	public function test_email_headers_should_be_filterable() {
+		$email      = 'export.request.from.unregistered.user@example.com';
+		$request_id = wp_create_user_request( $email, 'export_personal_data' );
+
+		_wp_privacy_account_request_confirmed( $request_id );
+
+		add_filter( 'user_request_confirmed_email_headers', array( $this, 'modify_email_headers' ) );
+		_wp_privacy_send_request_confirmation_notification( $request_id );
+		remove_filter( 'user_request_confirmed_email_headers', array( $this, 'modify_email_headers' ) );
+
+		$mailer = tests_retrieve_phpmailer_instance();
+
+		$this->assertContains( 'From: Tester <tester@example.com>', $mailer->get_sent()->header );
+	}
+
+	/**
+	 * Filter callback that modifies the headers of the user request confirmation email.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers The email headers.
+	 * @return array       $headers The new email headers.
+	 */
+	public function modify_email_headers( $headers ) {
+		$headers = array(
+			'From: Tester <tester@example.com>',
+		);
+
+		return $headers;
+	}
+
 }
--- a/tests/phpunit/tests/user.php
+++ b/tests/phpunit/tests/user.php
@ -1798,6 +1798,8 @@ class Tests_User extends WP_UnitTestCase {
 	/**
 	 * Testing the `wp_privacy_additional_user_profile_data` filter works.
 	 *
+	 * @since 5.4.0
+	 *
 	 * @ticket 47509
 	 */
 	function test_filter_wp_privacy_additional_user_profile_data() {
@ -1881,6 +1883,8 @@ class Tests_User extends WP_UnitTestCase {
 	/**
 	 * Filter callback to add additional profile data to the User Group on Export Requests.
 	 *
+	 * @since 5.4.0
+	 *
 	 * @ticket 47509
 	 *
 	 * @return array $additional_profile_data The additional user data.
@ -1902,6 +1906,8 @@ class Tests_User extends WP_UnitTestCase {
 	 *
 	 * This callback should generate a `_doing_it_wrong()`.
 	 *
+	 * @since 5.4.0
+	 *
 	 * @ticket 47509
 	 *
 	 * @return array $additional_profile_data The additional user data.
--- a/tests/phpunit/tests/user/wpSendUserRequest.php
+++ b/tests/phpunit/tests/user/wpSendUserRequest.php
@ -228,6 +228,40 @@ class Tests_User_WpSendUserRequest extends WP_UnitTestCase {
 		return 'Custom Email Content.';
 	}

+	/**
+	 * The email headers should be filterable.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @ticket 44501
+	 */
+	public function test_email_headers_should_be_filterable() {
+		$request_id = wp_create_user_request( self::$test_user->user_email, 'remove_personal_data' );
+
+		add_filter( 'user_request_action_email_headers', array( $this, 'modify_email_headers' ) );
+		$result = wp_send_user_request( $request_id );
+
+		$mailer = tests_retrieve_phpmailer_instance();
+
+		$this->assertContains( 'From: Tester <tester@example.com>', $mailer->get_sent()->header );
+	}
+
+	/**
+	 * Filter callback to modify the headers of the email sent when an account action is attempted.
+	 *
+	 * @since 5.4.0
+	 *
+	 * @param string|array $headers The email headers.
+	 * @return array       $headers The new email headers.
+	 */
+	public function modify_email_headers( $headers ) {
+		$headers = array(
+			'From: Tester <tester@example.com>',
+		);
+
+		return $headers;
+	}
+
 	/**
 	 * The function should error when the email was not sent.
 	 *