Commit Graph

38335 Commits

Author SHA1 Message Date
Andrew Ozz 155f8fd99a Privacy: require `manage_privacy_options` capability for showing `WP_Privacy_Policy_Content::notice()`.
Props ocean90.
Fixes #44055.

git-svn-id: https://develop.svn.wordpress.org/trunk@43248 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-13 11:03:57 +00:00
Sergey Biryukov b4a1fc692d Docs: Correct type for `WP_Taxonomy::$cap`.
Props dlh.
Fixes #44061.

git-svn-id: https://develop.svn.wordpress.org/trunk@43247 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-13 10:30:19 +00:00
Ian Dunn 4773a48012 Privacy: Reposition pointer to ensure dismiss link is always visible.
r43158 introduced a new admin pointer for the privacy tools added in 4.9.6. With the previous positioning, though, sometimes the `Dismiss` link would be fixed off screen, making it impossible for the user to dismiss the pointer. This happened when there were enough extra menu items, or when the viewport height was short enough.

This commit repositions the pointer to work around that problem. One down side of this workaround is that the arrow will not always be positioned next to the `Tools` menu, where it should be. That's an acceptable compromise given the current time constraints, though. A long term solution would be to make `WP_Pointer` robust enough to handle this use case.

Props imath, audrasjb, desrosj.
Fixes #44045.


git-svn-id: https://develop.svn.wordpress.org/trunk@43246 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-12 17:28:30 +00:00
Ian Dunn 239471ade4 Privacy: Escape comment URLs in personal export file to prevent XSS.
There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.

Props birgire.
Fixes #44054.


git-svn-id: https://develop.svn.wordpress.org/trunk@43245 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-12 15:55:36 +00:00
Weston Ruter 5e9a39baa7 Customize: Hide expansion arrows in Customizer's available widgets list.
Fixes regression introduced by [42794].

Props dlh.
See #40677.
Fixes #43983.


git-svn-id: https://develop.svn.wordpress.org/trunk@43244 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-11 17:34:40 +00:00
Andrew Ozz 6508ab45cd Privacy: make creating a privacy policy page on install multisite compatible.
See #43491.

git-svn-id: https://develop.svn.wordpress.org/trunk@43243 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-11 15:43:36 +00:00
Andrew Ozz d7e8ec62c5 Privacy: exclude the wrapper from the default policy content.
Fixes #44048.

git-svn-id: https://develop.svn.wordpress.org/trunk@43242 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-11 15:07:00 +00:00
Sergey Biryukov 2dbb76084d Privacy: On Privacy Settings screen, check if any pages exist before displaying the page selector.
Props abdullahramzan, desrosj, melchoyce.
Fixes #43940.

git-svn-id: https://develop.svn.wordpress.org/trunk@43238 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 21:38:45 +00:00
Ian Dunn 70fd932c25 Privacy: Expose erasure notification recipient to filter callbacks.
The previous `user_email` value was redundant, because it always matched `$request_data->email`. That value might be different from where the message is sent, though, if the `user_erasure_fulfillment_email_to` filter is used. If they are different, then callbacks for the `user_confirmed_action_email_content` filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
See #43973.


git-svn-id: https://develop.svn.wordpress.org/trunk@43236 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 21:19:27 +00:00
Sergey Biryukov 33b742f7d1 Privacy: Normalize file paths in `wp_privacy_generate_personal_data_export_file()` to make sure Windows paths don't have their backslashes stripped.
Props xkon, pmbaldha.
Fixes #43908.

git-svn-id: https://develop.svn.wordpress.org/trunk@43234 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 21:11:00 +00:00
Sergey Biryukov 0a56b67b52 Privacy: Update request confirmation notice text for clarity.
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970.

git-svn-id: https://develop.svn.wordpress.org/trunk@43232 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 20:52:54 +00:00
Sergey Biryukov bc5ecec3fc Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.
Props desrosj, allendav, garrett-eclipse.
Fixes #43973.

git-svn-id: https://develop.svn.wordpress.org/trunk@43230 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 20:42:15 +00:00
Sergey Biryukov 8adbf40bc2 Privacy: Avoid a PHP notice in `wp_ajax_wp_privacy_erase_personal_data()`, make sure `$eraser_key` is always defined.
Props allendav.
Fixes #44040.

git-svn-id: https://develop.svn.wordpress.org/trunk@43228 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 20:23:33 +00:00
Sergey Biryukov 34931cf8c3 General: Skip `test_is_countable_ResourceBundle()` on PHP 5.3 and below.
`ResourceBundle` is only countable in PHP 5.4+, which can be considered an acceptable edge case for WordPress core purposes.

Props jrf, ayeshrajans.
Fixes #43583.

git-svn-id: https://develop.svn.wordpress.org/trunk@43226 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 20:15:18 +00:00
Ian Dunn 6d4c88a057 Privacy: Replace intrusive policy update notice with menu bubbles.
Previously, when a plugin updated its suggested privacy policy text, an admin notice was shown on all screens in the Administration Panels. That was done in order to make sure that administrators were aware of it, so that they could update their policy if needed. That was a very heavy-handed and intrusive approach, though, which leads to a poor user experience, and notice fatigue. 

An alternative approach is to use bubble notifications in the menu, similar to when plugins have updates that need to be installed. That still makes it obvious that something needs the administrator's attention, but is not as distracting as a notice.

The notice will still appear on the Privacy page, though, since it is relevant to that screen, and provides an explanation of why the bubble is appearing.

Props azaozz, xkon, iandunn.
Fixes #43954. See #43953.


git-svn-id: https://develop.svn.wordpress.org/trunk@43223 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 19:51:58 +00:00
Andrew Ozz 29a63fe774 TinyMCE: switch off concatenation when a custom TinyMCE theme is used. Prevents conflict with the default theme as it loads first.
Props programmin, azaozz.
Fixes #43969.

git-svn-id: https://develop.svn.wordpress.org/trunk@43222 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 19:49:32 +00:00
Sergey Biryukov 07feb01a80 General: In the `is_countable()` polyfill, if the provided object implements `SimpleXMLElement` or `ResourceBundle`, consider it countable.
Props ayeshrajans, jrf, desrosj.
Fixes #43583.

git-svn-id: https://develop.svn.wordpress.org/trunk@43220 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 17:57:38 +00:00
Sergey Biryukov a322b9479d Privacy: Tweak Privacy Policy page intro text for clarity.
Props macbookandrew, allendav.
See #43933.

git-svn-id: https://develop.svn.wordpress.org/trunk@43218 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 16:11:38 +00:00
Andrew Ozz 512fe2b90f Privacy: fix styling on personal data tables.
Props melchoyce, allendav.
Fixes #43909.

git-svn-id: https://develop.svn.wordpress.org/trunk@43216 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 16:01:50 +00:00
Andrew Ozz 56079a45fd Privacy: cleanup of the "Export Personal Data" and "Erase Personal Data" screens.
Props desrosj, xkon.
See #43929.

git-svn-id: https://develop.svn.wordpress.org/trunk@43212 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 10:00:19 +00:00
Ian Dunn dd4322535b Privacy: Notify admin via email when a request is confirmed.
Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
See #43967.


git-svn-id: https://develop.svn.wordpress.org/trunk@43211 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 04:59:48 +00:00
Ian Dunn 59e58199e5 Privacy: Reposition admin pointer to avoid covering collapsed menu.
Previously the pointer overlapped the menu in order to draw attention to the fact that it applies to both the `Tools` and `Settings` menus. That caused a conflict if the menu was collapsed, though, because the icons were covered by the pointer and therefore inaccessible.

Additionally, minor tweaks were made to the text order and formatting. The order of the two sections was swapped in the title and paragraph, in order to match the order of the corresponding menu items. The spacing around headings and paragraphs was tweaked to remove extraneous whitespace.

Props littler.chicken, desrosj, ianbelanger, melchoyce.
Fixes #43961.


git-svn-id: https://develop.svn.wordpress.org/trunk@43210 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-10 03:02:03 +00:00
Sergey Biryukov 6d4bb2c508 Privacy: Pass export request ID to `wp_privacy_personal_data_export_file_created` filter.
Props thomasplevy.
Fixes #44031.

git-svn-id: https://develop.svn.wordpress.org/trunk@43208 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 23:17:03 +00:00
Sergey Biryukov de1fbae529 Privacy: Make the help hint for Privacy Policy page more translatable and accessible.
Props tobifjellner.
See #43980.

git-svn-id: https://develop.svn.wordpress.org/trunk@43206 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 23:11:29 +00:00
John Blackbourn 2fd58a997f Upgrade/Install: Correctly internationalise error messages during config setup.
Fixes #43997


git-svn-id: https://develop.svn.wordpress.org/trunk@43205 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 22:51:37 +00:00
Andrew Ozz 80333a91e2 Privacy: fixes for the privacy policy guide and suggested content:
- Separate the guide text form the suggested policy text.
- Add table of content for easier navigation.
- Move the content to tools.php (prevents the settings menu of being open).
- Add a link to the guide from the Privacy settings screen.

Props melchoyce, azaozz.
See #43980.

git-svn-id: https://develop.svn.wordpress.org/trunk@43203 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 20:50:54 +00:00
Andrew Ozz da40024f7f Privacy: remove the help tab from Settings => Privacy until we have something helpful to say :)
Props allendav.
See #44023.

git-svn-id: https://develop.svn.wordpress.org/trunk@43201 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 18:11:56 +00:00
Andrew Ozz 998fcc3f65 Privacy: remove leftover comment after [43197].
See #43968.

git-svn-id: https://develop.svn.wordpress.org/trunk@43199 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 17:56:37 +00:00
Andrew Ozz a0e67e1331 Privacy: add request type and filter to the subject of request confirmation emails for GDPR.
Props desrosj, azaozz.
See #43968.

git-svn-id: https://develop.svn.wordpress.org/trunk@43197 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 17:50:56 +00:00
Andrew Ozz 2abb60c7dd Privacy: increase filter priority of the User group in Personal Data Exports.
Props allendav desrosj.
See #43966.

git-svn-id: https://develop.svn.wordpress.org/trunk@43195 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 17:11:11 +00:00
Andrew Ozz 21a18a15e1 Privacy: fix spacing on small screens for the Use This Page button in Privacy Tools.
Props PressTigers, desrosj.
Fixes #43852.

git-svn-id: https://develop.svn.wordpress.org/trunk@43193 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 16:12:37 +00:00
Sergey Biryukov ed966ccb53 Privacy: Add `id` attribute to `WP_Privacy_Requests_Table` and `WP_Privacy_Data_Export_Requests_Table` rows, for consistency with other post list tables.
Props desrosj.
Fixes #44015.

git-svn-id: https://develop.svn.wordpress.org/trunk@43191 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 15:05:15 +00:00
Sergey Biryukov 665c214dbb Docs: Remove unused `###USERNAME###` placeholder reference from `user_request_action_email_content` filter documentation.
Props desrosj.
Fixes #44016.

git-svn-id: https://develop.svn.wordpress.org/trunk@43189 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 14:37:44 +00:00
Ian Dunn f3787b2c90 Privacy: Mark erasure requests as completed after processing.
r42986 introduced the beginnings of an Ajax handler for processing requests to erase personal data. At the time, a method for marking requests as completed was planned, but had not yet been created. This commit introduces that mechanism, bringing the erasure process closer to completion.

Props coreymckrill, allendav.
Fixes #43922.


git-svn-id: https://develop.svn.wordpress.org/trunk@43185 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-09 01:01:12 +00:00
Andrew Ozz a885a5ac06 Privacy: outputting the privacy policy guide and suggested content to a new page instead of a postbox.
Props melchoyce, azaozz.
See #43980.

git-svn-id: https://develop.svn.wordpress.org/trunk@43184 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-08 23:44:57 +00:00
Ian Dunn a583f61558 Privacy: Mark processed requests as completed instead of confirmed.
r43008 refactored the request flow to make several improvements, but accidentally marked `completed` requests as `confirmed`. This commit restores the intended statuses, so that the data and corresponding UI reflect reality.

Props allendav, birgire.
Fixes #43913.


git-svn-id: https://develop.svn.wordpress.org/trunk@43183 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-08 23:28:47 +00:00
Andrew Ozz d4676a426c TinyMCE: fix setting of zIndex on the dialogs.
Props subrataemfluence, azaozz.
See #43984.

git-svn-id: https://develop.svn.wordpress.org/trunk@43181 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-08 20:53:12 +00:00
Ian Dunn a631c2378d Privacy: Reuse existing archive filenames to maintain URLs.
Whenever an admin initiates a download or email of a personal data export, a fresh copy of the file is generated. Previously, a new filename was used each time, which could lead to situations where a URL that was emailed to a data subject is broken.

That can be avoided by reusing the same filename when building fresh archives.

Props desrosj, tz-media, allendav.
Fixes #43905.


git-svn-id: https://develop.svn.wordpress.org/trunk@43180 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-08 00:51:59 +00:00
John Blackbourn a131758bf5 Plugins: Correct another instance of incorrect parameter ordering when displaying plugins with more than one million active installations.
See #43193


git-svn-id: https://develop.svn.wordpress.org/trunk@43179 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-07 21:42:47 +00:00
John Blackbourn 287be5420c Plugins: Correct the parameters used when displaying plugins with more than one million active installations.
Fixes #43193


git-svn-id: https://develop.svn.wordpress.org/trunk@43178 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-07 21:29:49 +00:00
John Blackbourn 1decf42f3a Docs: Update and correct various inline documentation.
See #42505, #41756


git-svn-id: https://develop.svn.wordpress.org/trunk@43177 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-07 17:19:48 +00:00
Sergey Biryukov 9ca9b27110 Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data.
Props allendav.
Fixes #43920.

git-svn-id: https://develop.svn.wordpress.org/trunk@43175 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-07 16:44:15 +00:00
Sergey Biryukov 6d2bcaa9b3 Administration: Change all the occurrences of "(opens in a new window)" to "(opens in a new tab)".
Props chetan200891, ianbelanger, afercia.
Fixes #43803.

git-svn-id: https://develop.svn.wordpress.org/trunk@43174 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-05 09:44:21 +00:00
Sergey Biryukov b7f30ca067 Privacy: Change "Email Data" link text on "Export Personal Data" screen to "Send Export Link" for clarity.
Props birgire, ianbelanger.
Fixes #43964.

git-svn-id: https://develop.svn.wordpress.org/trunk@43172 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-05 09:16:32 +00:00
Sergey Biryukov 977f7eba24 Privacy: Remove stray closing tag in `WP_Privacy_Policy_Content::get_default_content()`, fix typo in `@return` tag.
Props dlh, tobifjellner.
Fixes #43951.

git-svn-id: https://develop.svn.wordpress.org/trunk@43170 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-04 01:55:41 +00:00
Sergey Biryukov 1d6e7f0421 Docs: Add missing duplicate hook comment for `user_request_key_expiration` filter.
Props birgire, desrosj.
Fixes #43934.

git-svn-id: https://develop.svn.wordpress.org/trunk@43168 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-04 01:48:03 +00:00
Sergey Biryukov d21652cb93 Customize: Correct closing tag in `WP_Customize_Theme_Control::content_template()`.
Props itowhid06.
Fixes #43945.

git-svn-id: https://develop.svn.wordpress.org/trunk@43166 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-04 01:02:06 +00:00
Ian Dunn 53b5112ca2 Privacy: Return before scheduling cron during install to avoid error.
r43046 introduced `wp_schedule_delete_old_privacy_export_files()` to schedule the `wp_privacy_delete_old_export_files` cron job, but it did not check to make sure it wasn't running in the context of the install process. When it did run in that context, it created a database error, because the necessary database tables don't exist at that point.

Checking the current context and returning early during the installation phase avoids that issue.

Props helen, timothyblynjacobs, iandunn.
Fixes #43952.


git-svn-id: https://develop.svn.wordpress.org/trunk@43162 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-03 21:11:00 +00:00
Ian Dunn 83618c29c0 Privacy: Redirect to newly created Privacy Policy page to improve UX.
Previously the user was shown a message that the page was created, but might not understand that they still need to visit the page and publish it. Redirecting them to the page makes it more obvious that additional steps are involved.

Props Clorith, xkon, azaozz.
Fixes #43926.


git-svn-id: https://develop.svn.wordpress.org/trunk@43160 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-03 20:05:14 +00:00
Ian Dunn 97eeed489d Privacy: Add an admin pointer for new privacy features in 4.9.6.
The new features are very important for some users, because of their GDPR obligations. They're also spread across multiple top-level menus, making them less discoverable. An admin pointer will help to ensure that users are aware of the new tools and how to find them.

Props desrosj, andreamiddleton, allendav, xkon. 
Fixes #43942.


git-svn-id: https://develop.svn.wordpress.org/trunk@43158 602fd350-edb4-49c9-b593-d223f7449a82
2018-05-03 19:44:36 +00:00