[wp-trac] [WordPress Trac] #44500: Mark data requests failed when an expired link is clicked

WordPress Trac noreply at wordpress.org
Wed Aug 1 20:05:20 UTC 2018 

#44500: Mark data requests failed when an expired link is clicked
-------------------------------------------------+-------------------------
 Reporter:  desrosj                              |       Owner:  (none)
     Type:  enhancement                          |      Status:  new
 Priority:  normal                               |   Milestone:  Future
                                                 |  Release
Component:  Privacy                              |     Version:  4.9.6
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch needs-testing has-unit-    |     Focuses:
  tests                                          |  administration
-------------------------------------------------+-------------------------

Comment (by garrett-eclipse):

 Thanks @desrosj

 First a few notes on 44500.2.diff;
 1. An extraneous string made its way into line 1131 of wp-
 admin/includes/user.php;
 'he specified post is not a user_requ'
 2. I feel we can improve the language used on the user_request post-type
 check in wp_mark_user_request_failed to make it concise like the invalid
 request id one;
 'Invalid request post type.'

 I also took a look at wp_validate_user_request_key and the check that
 request status isn't request-pending or request-failed and wonder if it
 should live here as calling the function on a request-confirmed or
 request-completed would throw an error but even in those states the user
 request key is valid. This could cause confusion for plugin devs, etc as
 they may use it to check the validity of confirmed/completed request keys.
 So i wonder if that check should be moved from the function and called
 directly in the specific cases where that check is needed such as in the
 confirmaction check. That check could be made into it's own function. And
 just thinking of a core case where this may be an issue would be if the
 wp_ajax_wp_privacy_export_personal_data was updated to use
 wp_validate_user_request_key then it would fail to export as the request
 would be in the completed state.

 And I tend to agree with the check for completed added to
 wp_mark_user_request_failed while not checking the confirmed as I feel
 your explained use case is valid.

 Cheers

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44500#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list