Personal data collection is more likely for registered users than casual visitors, and the privacy policy might have been updated since a user last logged in. Those changes could impact the collection of personal data from registered users, so it makes sense to provide a link to the policy before users log in.
Props voneff, xkon, melchoyce, chetan200891, desrosj.
Merges [43120] to the 4.9 branch.
Fixes#43721.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43124 602fd350-edb4-49c9-b593-d223f7449a82
Multisite networks have a variety of use cases, and in many of them single-site administrators are not trusted to take actions that affect the whole network, require making decisions about legal compliance, etc. By default, those actions should require super admin capabilities. Plugins can be used to override that behavior if a particular site's use case calls for it.
Props allendav, jeremyfelt, iandunn.
Merges [43085] to the 4.9 branch.
Fixes#43919.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43111 602fd350-edb4-49c9-b593-d223f7449a82
This introduces the `get_the_privacy_policy_link()` and `the_privacy_policy_link()` functions, as well as the `privacy_policy_url` filter.
A new `tests/url/` folder was added to better organize tests related to `get_*_url()` functions. Previously, those tests were placed in `tests/url.php` and `tests/link/`, but neither of those locations are optimal. Placing tests in `tests/url.php` violates the guideline of creating separate files/classes for each function under test, and using `tests/link/` conflates two distinct -- albeit related -- groups of functions. Over time, URL-related tests can be migrated to the new folder.
Props birgire, xkon, azaozz, iandunn.
Merges [43002] to the 4.9 branch.
See #43850.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43109 602fd350-edb4-49c9-b593-d223f7449a82
`list_files()` is defined in `wp-admin/includes/file.php`, which is not included by `wp-cron.php`, so it needs to be included by the caller in order to avoid a fatal PHP error.
This bug was not detected during testing because the file _is_ included when executing jobs via `wp cron event run`.
Props mikejolley, iandunn.
Merges [43059] to the 4.9 branch.
See #43546.
See https://wordpress.slack.com/archives/C9695RJBW/p1525190405000860.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43097 602fd350-edb4-49c9-b593-d223f7449a82
This runs immediately after the data export file has been successfully created, allowing plugins to introduce some workflow customizations. For example, a plugin could password-protect the export file, for peace of mind, even though the CSPRN in the filename makes brute force attacks nearly impossible.
Props iandunn.
Merges [43047] to the 4.9 branch.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43096 602fd350-edb4-49c9-b593-d223f7449a82
The primary means of protecting the files is the CSPRN appended to the filename, but there is no reason to keep the files after the data subject has downloaded them, so deleting them provides an additional layer of protection. Previously this was done from `wp_privacy_generate_personal_data_export_file()`, but that does not guarantee that it will be run regularly, and on smaller sites that could result in export files being exposed for much longer than necessary.
`wp_privacy_delete_old_export_files()` was moved to a front end file, so that it can be called from `cron.php`.
This introduces the `wp_privacy_export_expiration` filter, which allows plugins to customize how long the exports are kept before being deleted.
`index.html` was added to the `$exclusions` parameter of `list_files()` to make sure that it isn't deleted. If it were, then poorly-configured servers would allow the directory to be traversed, exposing all of the exported files.
Props iandunn, desrosj.
Merges [43046] to the 4.9 branch.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43095 602fd350-edb4-49c9-b593-d223f7449a82
`rand()` is deterministic and therefore offers much less protection in this context. `wp_generate_password()` is a convenient wrapper around `wp_rand()`, which uses `random_int()` to generate cryptographically-secure psuedorandom numbers.
Props iandunn.
Merges [43045] to the 4.9 branch.
See #43546.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43094 602fd350-edb4-49c9-b593-d223f7449a82
[42967] included new post statii, but didn't add them to the REST API tests.
Props pento.
Merges [42972] to the 4.9 branch.
See #43481.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43072 602fd350-edb4-49c9-b593-d223f7449a82
- Improve function and variable names.
- Allow extra data to be passed with the request.
- Make the option/user meta names more consistent.
- Adds an inline comment explaining use of hash.
Props mikejolley.
Merges [42964] to the 4.9 branch.
See #43443.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43070 602fd350-edb4-49c9-b593-d223f7449a82
Any WordPress user who can `edit_posts` of a post type with `show_in_rest=true` can query for authors. This maps to current WordPress behavior where a WordPress user who can view the Manage Posts view for a post type can see any WordPress user assigned to a post (whether published or draft).
This implementation, over restricting `who=authors` to users with `list_users`, gives us future flexibility in displaying lists of posts. It still respects more restrictive permissions for `context=edit`.
Props danielbachhuber.
Merges [43001] to the 4.9 branch.
Fixes#42202.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43067 602fd350-edb4-49c9-b593-d223f7449a82
See [41174] for `wp_get_themes()` and `get_raw_theme_root()`.
Props burlingtonbytes, teddytime, lbenicio, desrosj.
Merges [43039] to the 4.9 branch.
Fixes#43374. See #40109.
git-svn-id: https://develop.svn.wordpress.org/branches/4.9@43040 602fd350-edb4-49c9-b593-d223f7449a82
