Set to lowerCamelCase acronym GDPR #254
This commit is contained in:
bscheshirwork
committed by
Lorenzo Milesi
Lorenzo Milesi
parent
1e4a001d8a
commit
76f6b056ba
@ -17,6 +17,7 @@
|
|||||||
- Enh: Add controller module class reference (TonisOrmisson)
|
- Enh: Add controller module class reference (TonisOrmisson)
|
||||||
- Enh: Replace the deprecated InvalidParamException in ClassMapHelper (TonisOrmisson)
|
- Enh: Replace the deprecated InvalidParamException in ClassMapHelper (TonisOrmisson)
|
||||||
- Fix #242: Add POST filter for `admin/force-password-change` action (bscheshirwork)
|
- Fix #242: Add POST filter for `admin/force-password-change` action (bscheshirwork)
|
||||||
|
- Fix #254: Rename `GDPR` properties to `lowerCamelCase` style (bscheshirwork)
|
||||||
|
|
||||||
## 1.1.4 - February 19, 2018
|
## 1.1.4 - February 19, 2018
|
||||||
- Enh: Check enableEmailConfirmation on registration (faenir)
|
- Enh: Check enableEmailConfirmation on registration (faenir)
|
||||||
|
|||||||
@ -5,8 +5,8 @@ The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in E
|
|||||||
|
|
||||||
## Enable GDPR
|
## Enable GDPR
|
||||||
|
|
||||||
To enable support in yii2-usuario set `enableGDPRcompliance` to `true` and set
|
To enable support in yii2-usuario set `enableGdprCompliance` to `true` and set
|
||||||
`GDPRprivacyPolicyUrl` with an url pointing to your privacy policy.
|
`gdprPrivacyPolicyUrl` with an url pointing to your privacy policy.
|
||||||
|
|
||||||
### At this moment a few measures apply to your app:
|
### At this moment a few measures apply to your app:
|
||||||
|
|
||||||
@ -27,7 +27,7 @@ GDPR says: [Article 20](https://gdpr.algolia.com/gdpr-article-20)
|
|||||||
Users now have a privacy page in their account settings where they can export his/her personal data
|
Users now have a privacy page in their account settings where they can export his/her personal data
|
||||||
in a csv file.
|
in a csv file.
|
||||||
If you collect additional personal information you can to export by adding to
|
If you collect additional personal information you can to export by adding to
|
||||||
`GDPRexportProperties`.
|
`gdprExportProperties`.
|
||||||
> Export use `ArrayHelper::getValue()` to extract information, so you can use links to relations.
|
> Export use `ArrayHelper::getValue()` to extract information, so you can use links to relations.
|
||||||
|
|
||||||
|
|
||||||
@ -41,7 +41,7 @@ The behavior differs depending module configuration.
|
|||||||
|
|
||||||
If `$allowAccountDelete` is set to `true` the account will be fully deleted when clicking *Delete* button,
|
If `$allowAccountDelete` is set to `true` the account will be fully deleted when clicking *Delete* button,
|
||||||
while when if that setting is set to `false` the module will remove social network connections and
|
while when if that setting is set to `false` the module will remove social network connections and
|
||||||
replace the personal data with a custom alias defined in `$GDPRanonymPrefix`.
|
replace the personal data with a custom alias defined in `$gdprAnonymizePrefix`.
|
||||||
|
|
||||||
The account will be blocked and marked as `gdpr_deleted`.
|
The account will be blocked and marked as `gdpr_deleted`.
|
||||||
|
|
||||||
|
|||||||
@ -12,14 +12,14 @@ Setting this attribute will allow users to configure their login process with tw
|
|||||||
By default, Google Authenticator App for two-factor authentication cycles in periods of 30 seconds. In order to allow
|
By default, Google Authenticator App for two-factor authentication cycles in periods of 30 seconds. In order to allow
|
||||||
a bigger period so to avoid out of sync issues.
|
a bigger period so to avoid out of sync issues.
|
||||||
|
|
||||||
#### enableGDPRcompliance (type: `boolean`, default: `false`)
|
#### enableGdprCompliance (type: `boolean`, default: `false`)
|
||||||
|
|
||||||
Setting this attribute enables a serie of measures to comply with EU GDPR regulation, like data consent, right to be forgotten and data portability.
|
Setting this attribute enables a serie of measures to comply with EU GDPR regulation, like data consent, right to be forgotten and data portability.
|
||||||
|
|
||||||
#### GDPRprivacyPolicyUrl (type: `array`, default: null)
|
#### gdprPrivacyPolicyUrl (type: `array`, default: null)
|
||||||
The link to privacy policy. This will be used on registration form as "read our pivacy policy". It must follow the same format as `yii\helpers\Url::to`
|
The link to privacy policy. This will be used on registration form as "read our pivacy policy". It must follow the same format as `yii\helpers\Url::to`
|
||||||
|
|
||||||
#### GDPRexportProperties (type: `array`)
|
#### gdprExportProperties (type: `array`)
|
||||||
|
|
||||||
An array with the name of the user identity properties to be included when user request download of his data.
|
An array with the name of the user identity properties to be included when user request download of his data.
|
||||||
Names can include relations like `profile.name`.
|
Names can include relations like `profile.name`.
|
||||||
@ -39,7 +39,7 @@ Defaults to:
|
|||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
#### GDPRanonymPrefix (type: `string`, default: `GDPR`)
|
#### gdprAnonymizePrefix (type: `string`, default: `GDPR`)
|
||||||
Prefix to be used as a replacement when user requeste deletion of his data
|
Prefix to be used as a replacement when user requeste deletion of his data
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -159,7 +159,7 @@ class SettingsController extends Controller
|
|||||||
|
|
||||||
public function actionPrivacy()
|
public function actionPrivacy()
|
||||||
{
|
{
|
||||||
if (!$this->module->enableGDPRcompliance)
|
if (!$this->module->enableGdprCompliance)
|
||||||
throw new NotFoundHttpException();
|
throw new NotFoundHttpException();
|
||||||
|
|
||||||
return $this->render('privacy', [
|
return $this->render('privacy', [
|
||||||
@ -169,7 +169,7 @@ class SettingsController extends Controller
|
|||||||
|
|
||||||
public function actionGdprdelete()
|
public function actionGdprdelete()
|
||||||
{
|
{
|
||||||
if (!$this->module->enableGDPRcompliance)
|
if (!$this->module->enableGdprCompliance)
|
||||||
throw new NotFoundHttpException();
|
throw new NotFoundHttpException();
|
||||||
|
|
||||||
/** @var GdprDeleteForm $form */
|
/** @var GdprDeleteForm $form */
|
||||||
@ -192,7 +192,7 @@ class SettingsController extends Controller
|
|||||||
|
|
||||||
/* @var $security SecurityHelper */
|
/* @var $security SecurityHelper */
|
||||||
$security = $this->make(SecurityHelper::class);
|
$security = $this->make(SecurityHelper::class);
|
||||||
$anonymReplacement = $this->module->GDPRanonymPrefix . $user->id;
|
$anonymReplacement = $this->module->gdprAnonymizePrefix . $user->id;
|
||||||
|
|
||||||
$user->updateAttributes([
|
$user->updateAttributes([
|
||||||
'email' => $anonymReplacement . "@example.com",
|
'email' => $anonymReplacement . "@example.com",
|
||||||
@ -260,11 +260,11 @@ class SettingsController extends Controller
|
|||||||
*/
|
*/
|
||||||
public function actionExport()
|
public function actionExport()
|
||||||
{
|
{
|
||||||
if (!$this->module->enableGDPRcompliance)
|
if (!$this->module->enableGdprCompliance)
|
||||||
throw new NotFoundHttpException();
|
throw new NotFoundHttpException();
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$properties = $this->module->GDPRexportProperties;
|
$properties = $this->module->gdprExportProperties;
|
||||||
$user = Yii::$app->user->identity;
|
$user = Yii::$app->user->identity;
|
||||||
$data = [$properties, []];
|
$data = [$properties, []];
|
||||||
|
|
||||||
|
|||||||
@ -82,7 +82,7 @@ class RegistrationForm extends Model
|
|||||||
'compareValue' => true,
|
'compareValue' => true,
|
||||||
'message' => Yii::t('usuario', 'Your consent is required to register'),
|
'message' => Yii::t('usuario', 'Your consent is required to register'),
|
||||||
'when' => function () {
|
'when' => function () {
|
||||||
return $this->module->enableGDPRcompliance;
|
return $this->module->enableGdprCompliance;
|
||||||
}]
|
}]
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
@ -106,7 +106,7 @@ class RegistrationForm extends Model
|
|||||||
'gdpr_consent' => Yii::t('usuario', 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}',
|
'gdpr_consent' => Yii::t('usuario', 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}',
|
||||||
[
|
[
|
||||||
'privacyPolicy' => Html::a(Yii::t('usuario', 'privacy policy'),
|
'privacyPolicy' => Html::a(Yii::t('usuario', 'privacy policy'),
|
||||||
$this->module->GDPRprivacyPolicyUrl,
|
$this->module->gdprPrivacyPolicyUrl,
|
||||||
['target' => '_blank']
|
['target' => '_blank']
|
||||||
)
|
)
|
||||||
])
|
])
|
||||||
|
|||||||
@ -164,7 +164,7 @@ class User extends ActiveRecord implements IdentityInterface
|
|||||||
TimestampBehavior::class,
|
TimestampBehavior::class,
|
||||||
];
|
];
|
||||||
|
|
||||||
if ($this->module->enableGDPRcompliance) {
|
if ($this->module->enableGdprCompliance) {
|
||||||
$behaviors['GDPR'] = [
|
$behaviors['GDPR'] = [
|
||||||
'class' => TimestampBehavior::class,
|
'class' => TimestampBehavior::class,
|
||||||
'createdAtAttribute' => 'gdpr_consent_date',
|
'createdAtAttribute' => 'gdpr_consent_date',
|
||||||
|
|||||||
@ -29,12 +29,12 @@ class Module extends BaseModule
|
|||||||
* - Forgot me button in profile view.
|
* - Forgot me button in profile view.
|
||||||
* - Download my data button in profile
|
* - Download my data button in profile
|
||||||
*/
|
*/
|
||||||
public $enableGDPRcompliance = false;
|
public $enableGdprCompliance = false;
|
||||||
/**
|
/**
|
||||||
* @var null|array|string with the url to privacy policy.
|
* @var null|array|string with the url to privacy policy.
|
||||||
* Must be in the same format as yii/helpers/Url::to requires.
|
* Must be in the same format as yii/helpers/Url::to requires.
|
||||||
*/
|
*/
|
||||||
public $GDPRprivacyPolicyUrl = null;
|
public $gdprPrivacyPolicyUrl = null;
|
||||||
/**
|
/**
|
||||||
* @var array with the name of the user identity properties to be included when user request download of his data.
|
* @var array with the name of the user identity properties to be included when user request download of his data.
|
||||||
* Names can include relations like `profile.name`.
|
* Names can include relations like `profile.name`.
|
||||||
@ -42,7 +42,7 @@ class Module extends BaseModule
|
|||||||
* > The data subject shall have the right to receive the personal data concerning him or her, which he
|
* > The data subject shall have the right to receive the personal data concerning him or her, which he
|
||||||
* > or she has provided to a controller, in a structured, commonly used and machine-readable format
|
* > or she has provided to a controller, in a structured, commonly used and machine-readable format
|
||||||
*/
|
*/
|
||||||
public $GDPRexportProperties = [
|
public $gdprExportProperties = [
|
||||||
'email',
|
'email',
|
||||||
'username',
|
'username',
|
||||||
'profile.public_email',
|
'profile.public_email',
|
||||||
@ -55,7 +55,7 @@ class Module extends BaseModule
|
|||||||
/**
|
/**
|
||||||
* @var string prefix to be used as a replacement when user requests deletion of his data.
|
* @var string prefix to be used as a replacement when user requests deletion of his data.
|
||||||
*/
|
*/
|
||||||
public $GDPRanonymPrefix = 'GDPR';
|
public $gdprAnonymizePrefix = 'GDPR';
|
||||||
/**
|
/**
|
||||||
* @var bool whether to enable two factor authentication or not
|
* @var bool whether to enable two factor authentication or not
|
||||||
*/
|
*/
|
||||||
|
|||||||
@ -45,7 +45,7 @@ $this->params['breadcrumbs'][] = $this->title;
|
|||||||
<?= $form->field($model, 'password')->passwordInput() ?>
|
<?= $form->field($model, 'password')->passwordInput() ?>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
<?php if ($module->enableGDPRcompliance): ?>
|
<?php if ($module->enableGdprCompliance): ?>
|
||||||
<?= $form->field($model, 'gdpr_consent')->checkbox(['value' => 1]) ?>
|
<?= $form->field($model, 'gdpr_consent')->checkbox(['value' => 1]) ?>
|
||||||
<?php endif ?>
|
<?php endif ?>
|
||||||
|
|
||||||
|
|||||||
@ -43,7 +43,7 @@ $networksVisible = count(Yii::$app->authClientCollection->clients) > 0;
|
|||||||
['label' => Yii::t('usuario', 'Account'), 'url' => ['/user/settings/account']],
|
['label' => Yii::t('usuario', 'Account'), 'url' => ['/user/settings/account']],
|
||||||
['label' => Yii::t('usuario', 'Privacy'),
|
['label' => Yii::t('usuario', 'Privacy'),
|
||||||
'url' => ['/user/settings/privacy'],
|
'url' => ['/user/settings/privacy'],
|
||||||
'visible' => $module->enableGDPRcompliance
|
'visible' => $module->enableGdprCompliance
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
'label' => Yii::t('usuario', 'Networks'),
|
'label' => Yii::t('usuario', 'Networks'),
|
||||||
|
|||||||
@ -68,7 +68,7 @@ class GdprCest
|
|||||||
$module = Yii::$app->getModule('user');
|
$module = Yii::$app->getModule('user');
|
||||||
$module->enableEmailConfirmation = $emailConfirmation;
|
$module->enableEmailConfirmation = $emailConfirmation;
|
||||||
$module->generatePasswords = $generatePasswords;
|
$module->generatePasswords = $generatePasswords;
|
||||||
$module->enableGDPRcompliance = $enableGdpr;
|
$module->enableGdprCompliance = $enableGdpr;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function register(FunctionalTester $I, $email, $username = null, $password = null, $gdpr_consent = true)
|
protected function register(FunctionalTester $I, $email, $username = null, $password = null, $gdpr_consent = true)
|
||||||
|
|||||||
Reference in New Issue
Block a user