Privacy: Include session tokens in Personal Data Export.
Session tokens contain an IP address and user agent. Props garrett-eclipse, nickylimjj, lakenh, xkon, rconde. Fixes #45889. git-svn-id: https://develop.svn.wordpress.org/trunk@47237 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
parent
8fef1b28a9
commit
5b0be97e7c
|
|
@ -2939,6 +2939,8 @@ function wp_register_user_personal_data_exporter( $exporters ) {
|
|||
* Finds and exports personal data associated with an email address from the user and user_meta table.
|
||||
*
|
||||
* @since 4.9.6
|
||||
* @since 5.4.0 Added 'Community Events Location' group to the export data.
|
||||
* @since 5.4.0 Added 'Session Tokens' group to the export data.
|
||||
*
|
||||
* @param string $email_address The users email address.
|
||||
* @return array An array of personal data.
|
||||
|
|
@ -3012,11 +3014,6 @@ function wp_user_personal_data_exporter( $email_address ) {
|
|||
'data' => $user_data_to_export,
|
||||
);
|
||||
|
||||
/**
|
||||
* Introduce any Community Events Location data that is available.
|
||||
*
|
||||
* @since 5.4.0
|
||||
*/
|
||||
if ( isset( $user_meta['community-events-location'] ) ) {
|
||||
$location = maybe_unserialize( $user_meta['community-events-location'][0] );
|
||||
|
||||
|
|
@ -3048,6 +3045,42 @@ function wp_user_personal_data_exporter( $email_address ) {
|
|||
);
|
||||
}
|
||||
|
||||
if ( isset( $user_meta['session_tokens'] ) ) {
|
||||
$session_tokens = maybe_unserialize( $user_meta['session_tokens'][0] );
|
||||
|
||||
$session_tokens_props_to_export = array(
|
||||
'expiration' => __( 'Expiration' ),
|
||||
'ip' => __( 'IP' ),
|
||||
'ua' => __( 'User Agent' ),
|
||||
'login' => __( 'Last Login' ),
|
||||
);
|
||||
|
||||
foreach ( $session_tokens as $token_key => $session_token ) {
|
||||
$session_tokens_data_to_export = array();
|
||||
|
||||
foreach ( $session_tokens_props_to_export as $key => $name ) {
|
||||
if ( ! empty( $session_token[ $key ] ) ) {
|
||||
$value = $session_token[ $key ];
|
||||
if ( in_array( $key, array( 'expiration', 'login' ) ) ) {
|
||||
$value = date_i18n( 'F d, Y H:i A', $value );
|
||||
}
|
||||
$session_tokens_data_to_export[] = array(
|
||||
'name' => $name,
|
||||
'value' => $value,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
$data_to_export[] = array(
|
||||
'group_id' => 'session-tokens',
|
||||
'group_label' => __( 'Session Tokens' ),
|
||||
'group_description' => __( 'User’s Session Tokens data.' ),
|
||||
'item_id' => "session-tokens-{$user->ID}-{$token_key}",
|
||||
'data' => $session_tokens_data_to_export,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
return array(
|
||||
'data' => $data_to_export,
|
||||
'done' => true,
|
||||
|
|
|
|||
|
|
@ -1751,4 +1751,47 @@ class Tests_User extends WP_UnitTestCase {
|
|||
$this->assertEquals( '-84.5143900', $actual['data'][1]['data'][3]['value'] );
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Testing the `wp_user_personal_data_exporter()` function
|
||||
* with Session Tokens data.
|
||||
*
|
||||
* @ticket 45889
|
||||
*/
|
||||
function test_wp_session_tokens_personal_data_exporter() {
|
||||
$test_user = new WP_User( self::$contrib_id );
|
||||
|
||||
$session_tokens_data = array(
|
||||
'yft87y56457687sfd897867545fg76ds78iyuhgjyui7865' => array(
|
||||
'expiration' => 1580461981,
|
||||
'ip' => '0.0.0.0',
|
||||
'ua' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36',
|
||||
'login' => 1580289181,
|
||||
),
|
||||
);
|
||||
update_user_option( $test_user->ID, 'session_tokens', $session_tokens_data, true );
|
||||
|
||||
$actual = wp_user_personal_data_exporter( $test_user->user_email );
|
||||
|
||||
$this->assertTrue( $actual['done'] );
|
||||
|
||||
// Contains Session Tokens.
|
||||
$this->assertEquals( 'Session Tokens', $actual['data'][1]['group_label'] );
|
||||
|
||||
// Contains Expiration.
|
||||
$this->assertEquals( 'Expiration', $actual['data'][1]['data'][0]['name'] );
|
||||
$this->assertEquals( 'January 31, 2020 09:13 AM', $actual['data'][1]['data'][0]['value'] );
|
||||
|
||||
// Contains IP.
|
||||
$this->assertEquals( 'IP', $actual['data'][1]['data'][1]['name'] );
|
||||
$this->assertEquals( '0.0.0.0', $actual['data'][1]['data'][1]['value'] );
|
||||
|
||||
// Contains IP.
|
||||
$this->assertEquals( 'User Agent', $actual['data'][1]['data'][2]['name'] );
|
||||
$this->assertEquals( 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36', $actual['data'][1]['data'][2]['value'] );
|
||||
|
||||
// Contains IP.
|
||||
$this->assertEquals( 'Last Login', $actual['data'][1]['data'][3]['name'] );
|
||||
$this->assertEquals( 'January 29, 2020 09:13 AM', $actual['data'][1]['data'][3]['value'] );
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue