Privacy: Allow Admin to Skip e-mail confirmation for Export.

This adds a form option to skip the admin email alert when exporting personal data. Props xkon, azaozz, TZ-Media, iandunn, desrosj, iprg, allendav, wesselvandenberg, karmatosed, birgire, davidbaumwald, estelaris, paaljoachim, hellofromTonya. Fixes #43890. Built from https://develop.svn.wordpress.org/trunk@50159 git-svn-id: http://core.svn.wordpress.org/trunk@49838 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-20 11:54:58 +02:00 · 2021-02-02 19:45:03 +00:00 · 2021-02-02 19:45:03 +00:00 · 64bb29d087
commit 64bb29d087
parent 2896790d57
9 changed files with 73 additions and 35 deletions
--- a/wp-admin/css/forms-rtl.css
+++ b/wp-admin/css/forms-rtl.css
@ -1331,13 +1331,6 @@ table.form-table td .updated p {
 	margin: 1.5em 0;
 }

-.wp-privacy-request-form label {
-	font-weight: 600;
-	line-height: 1.5;
-	padding-bottom: .5em;
-	display: block;
-}
-
 .wp-privacy-request-form input {
 	margin: 0;
 }
--- a/wp-admin/css/forms-rtl.min.css
+++ b/wp-admin/css/forms-rtl.min.css
--- a/wp-admin/css/forms.css
+++ b/wp-admin/css/forms.css
@ -1330,13 +1330,6 @@ table.form-table td .updated p {
 	margin: 1.5em 0;
 }

-.wp-privacy-request-form label {
-	font-weight: 600;
-	line-height: 1.5;
-	padding-bottom: .5em;
-	display: block;
-}
-
 .wp-privacy-request-form input {
 	margin: 0;
 }
--- a/wp-admin/css/forms.min.css
+++ b/wp-admin/css/forms.min.css
--- a/wp-admin/erase-personal-data.php
+++ b/wp-admin/erase-personal-data.php
@ -109,12 +109,31 @@ require_once ABSPATH . 'wp-admin/admin-header.php';

 	<form action="<?php echo esc_url( admin_url( 'erase-personal-data.php' ) ); ?>" method="post" class="wp-privacy-request-form">
 		<h2><?php esc_html_e( 'Add Data Erasure Request' ); ?></h2>
-		<p><?php esc_html_e( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?></p>
-
 		<div class="wp-privacy-request-form-field">
-			<label for="username_or_email_for_privacy_request"><?php esc_html_e( 'Username or email address' ); ?></label>
-			<input type="text" required class="regular-text ltr" id="username_or_email_for_privacy_request" name="username_or_email_for_privacy_request" />
-			<?php submit_button( __( 'Send Request' ), 'secondary', 'submit', false ); ?>
+			<table class="form-table">
+				<tr>
+					<th scope="row">
+						<label for="username_or_email_for_privacy_request"><?php esc_html_e( 'Username or email address' ); ?></label>
+					</th>
+					<td>
+						<input type="text" required class="regular-text ltr" id="username_or_email_for_privacy_request" name="username_or_email_for_privacy_request" />
+					</td>
+				</tr>
+				<tr>
+					<th scope="row">
+						<?php _e( 'Confirmation email' ); ?>
+					</th>
+					<td>
+						<label for="send_confirmation_email">
+							<input type="checkbox" name="send_confirmation_email" id="send_confirmation_email" value="1" checked="checked" />
+							<?php _e( 'Send personal data erasure confirmation email.' ); ?>
+						</label>
+					</td>
+				</tr>
+			</table>
+			<p class="submit">
+				<?php submit_button( __( 'Send Request' ), 'secondary', 'submit', false ); ?>
+			</p>
 		</div>
 		<?php wp_nonce_field( 'personal-data-request' ); ?>
 		<input type="hidden" name="action" value="add_remove_personal_data_request" />
--- a/wp-admin/export-personal-data.php
+++ b/wp-admin/export-personal-data.php
@ -109,12 +109,31 @@ require_once ABSPATH . 'wp-admin/admin-header.php';

 	<form action="<?php echo esc_url( admin_url( 'export-personal-data.php' ) ); ?>" method="post" class="wp-privacy-request-form">
 		<h2><?php esc_html_e( 'Add Data Export Request' ); ?></h2>
-		<p><?php esc_html_e( 'An email will be sent to the user at this email address asking them to verify the request.' ); ?></p>
-
 		<div class="wp-privacy-request-form-field">
-			<label for="username_or_email_for_privacy_request"><?php esc_html_e( 'Username or email address' ); ?></label>
-			<input type="text" required class="regular-text ltr" id="username_or_email_for_privacy_request" name="username_or_email_for_privacy_request" />
-			<?php submit_button( __( 'Send Request' ), 'secondary', 'submit', false ); ?>
+		<table class="form-table">
+				<tr>
+					<th scope="row">
+						<label for="username_or_email_for_privacy_request"><?php esc_html_e( 'Username or email address' ); ?></label>
+					</th>
+					<td>
+						<input type="text" required class="regular-text ltr" id="username_or_email_for_privacy_request" name="username_or_email_for_privacy_request" />
+					</td>
+				</tr>
+				<tr>
+					<th scope="row">
+						<?php _e( 'Confirmation email' ); ?>
+					</th>
+					<td>
+						<label for="send_confirmation_email">
+							<input type="checkbox" name="send_confirmation_email" id="send_confirmation_email" value="1" checked="checked" />
+							<?php _e( 'Send personal data export confirmation email.' ); ?>
+						</label>
+					</td>
+				</tr>
+			</table>
+			<p class="submit">
+				<?php submit_button( __( 'Send Request' ), 'secondary', 'submit', false ); ?>
+			</p>
 		</div>
 		<?php wp_nonce_field( 'personal-data-request' ); ?>
 		<input type="hidden" name="action" value="add_export_personal_data_request" />
--- a/wp-admin/includes/privacy-tools.php
+++ b/wp-admin/includes/privacy-tools.php
@ -111,6 +111,11 @@ function _wp_personal_data_handle_actions() {
 				$action_type               = sanitize_text_field( wp_unslash( $_POST['type_of_action'] ) );
 				$username_or_email_address = sanitize_text_field( wp_unslash( $_POST['username_or_email_for_privacy_request'] ) );
 				$email_address             = '';
+				$send_confirmation_email   = true;
+
+				if ( ! isset( $_POST['send_confirmation_email'] ) ) {
+					$send_confirmation_email   = false;
+				}

 				if ( ! in_array( $action_type, _wp_privacy_action_request_types(), true ) ) {
 					add_settings_error(
@ -141,7 +146,7 @@ function _wp_personal_data_handle_actions() {
 					break;
 				}

-				$request_id = wp_create_user_request( $email_address, $action_type );
+				$request_id = wp_create_user_request( $email_address, $action_type, array(), $send_confirmation_email );

 				if ( is_wp_error( $request_id ) ) {
 					add_settings_error(
@ -161,7 +166,9 @@ function _wp_personal_data_handle_actions() {
 					break;
 				}

-				wp_send_user_request( $request_id );
+				if ( $send_confirmation_email ) {
+					wp_send_user_request( $request_id );
+				}

 				add_settings_error(
 					'username_or_email_for_privacy_request',
--- a/wp-includes/user.php
+++ b/wp-includes/user.php
@ -3937,12 +3937,13 @@ function _wp_privacy_account_request_confirmed_message( $request_id ) {
 *
 * @since 4.9.6
 *
- * @param string $email_address User email address. This can be the address of a registered or non-registered user.
- * @param string $action_name   Name of the action that is being confirmed. Required.
- * @param array  $request_data  Misc data you want to send with the verification request and pass to the actions once the request is confirmed.
- * @return int|WP_Error Returns the request ID if successful, or a WP_Error object on failure.
+ * @param string $email_address           User email address. This can be the address of a registered or non-registered user.
+ * @param string $action_name             Name of the action that is being confirmed. Required.
+ * @param array  $request_data            Misc data you want to send with the verification request and pass to the actions once the request is confirmed.
+ * @param bool   $send_confirmation_email Optional. True by default, if false is passed the request status is set to Completed directly.
+ * @return int|WP_Error                   Returns the request ID if successful, or a WP_Error object on failure.
 */
-function wp_create_user_request( $email_address = '', $action_name = '', $request_data = array() ) {
+function wp_create_user_request( $email_address = '', $action_name = '', $request_data = array(), $send_confirmation_email = true ) {
 	$email_address = sanitize_email( $email_address );
 	$action_name   = sanitize_key( $action_name );

@ -3975,13 +3976,19 @@ function wp_create_user_request( $email_address = '', $action_name = '', $reques
 		return new WP_Error( 'duplicate_request', __( 'An incomplete personal data request for this email address already exists.' ) );
 	}

+	if ( false !== $send_confirmation_email ) {
+		$status = 'request-pending';
+	} else {
+		$status = 'request-completed';
+	}
+
 	$request_id = wp_insert_post(
 		array(
 			'post_author'   => $user_id,
 			'post_name'     => $action_name,
 			'post_title'    => $email_address,
 			'post_content'  => wp_json_encode( $request_data ),
-			'post_status'   => 'request-pending',
+			'post_status'   => $status,
 			'post_type'     => 'user_request',
 			'post_date'     => current_time( 'mysql', false ),
 			'post_date_gmt' => current_time( 'mysql', true ),
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -13,7 +13,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '5.7-alpha-50158';
+$wp_version = '5.7-alpha-50159';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.