Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[3.9] Privacy Tool Suite #20800
This pull request is the result of a combined effort for introducing a privacy tool suite into Joomla in response to laws and regulations such as GDPR. Introduced with this pull request are several new extensions and new capabilities in existing APIs to support this work.
New API Features
XMLDocument Supports Downloaded Documents
com_messages Send Message to All Super Users
We have introduced some notifications with the tool suite that called for sending messages to all super users. We elected to use the capabilities present in com_messages to support this, and we have added
Action Logging System
This is the finalization of the "Recording Action Logs" project from GSoC 2016, this system provides an infrastructure to create an audit log of activity performed on a website and can be fine tuned to the site admin's preferences. Extensions are able to hook into this system to add custom messages or have the system process standard CRUD actions. Work in progress documentation can be found at https://docs.joomla.org/J3.x:User_Action_Logs.
Action Logs Component
The component allows site admins to review the action log, export it, and purge entries.
Action Logs Plugin
The "Action Log - Joomla" plugin is used to log CRUD actions for supported content related extensions and miscellaneous actions such as extension management.
Latest Actions Module
An admin module showing the latest logged actions is available.
This is the heart of law and regulation related capabilities and provides several subsystems. Note that this system on its own does NOT make your website compliant with any laws and regulations but is a tool to assist site owners with compliancy. Work in progress documentation can be found at https://docs.joomla.org/J3.x:Privacy.
The main interaction point for privacy actions and management. The component offers several functions to help site owners with privacy related matters.
To assist with informing site owners of privacy related capability concerns and data collection, a capabilities screen will display information reported by extensions through a dedicated plugin event. Unlike other events which are generally targeted to single plugin groups, the model here explicitly imports plugins from several different plugin groups which commonly collect or process data (such as the captcha group as the Google reCAPTCHA integration processes a client's IP address).
Rights given under GDPR and similar privacy regulations include the right to access your data and the right to be forgotten. The information requests system is used to track and act on these requests. A request can be created in two ways:
Once the request is confirmed, the site admin will have action buttons appropriate to the request available to them to act upon the request. Processing for requests is plugin driven, all actions are performed by plugins to allow maximum flexibility and configuration for each affected extension.
Confirm Consent Plugin
Terms and Conditions Plugin
When enabled, the plugin can be used to require newly registering users to agree to the site's terms and conditions (defined in the plugin).
Privacy Dashboard Module
An admin module showing a summary of the information request data is available.
Urgent Requests Notification
A quickicon plugin is available which can be used to alert the site admin to requests which are considered urgent (confirmed and older than the age configured in the component settings, default to 14 days).
Log Rotation Plugin
When enabled, this implements a log rotation capability to log files created through the
If needed, pull requests with changes for this branch should be made against the
Fully built "release" packages are available from https://developer.joomla.org/privacy-pack/
This PR is sitting here since more than 2 months. It has been tested by many users, no major issues or release blockers has been reported AFAIK.
This is a PR that has a sub-project with its own issue tracker and in the 2 months a lot of issues have come up and have been fixed: https://github.com/joomla-projects/privacy-framework/issues
Rest assured that Michael would not delay the release of 3.9 if not necessary.
I’m not delaying anything, but I’m not going to personally merge a PR that I oversaw a lot of the project effort on without adequate testing and feedback. And for a while, that bit has been missing. For me merging this triggers the release cycle. Unlike fields or routing or 4.0 features which got time to mature in a dev branch, this is basically merge it and beta starts. For me, it’s stable enough to do that. Others may have different opinions. I don’t want to shove my opinion down the throat of others. And I don’t want to ship something that has only been reviewed by those who built it (with a few notable exceptions beyond that). I’m one of a handful with merge rights. And not one who is technically a leader within production right now. There are plenty of others IMO who could/should provide feedback or make an informed decision.
On Sat, Aug 25, 2018 at 2:30 PM Hannes Papenberg ***@***.***> wrote: This is a PR that has a sub-project with its own issue tracker and in the 2 months a lot of issues have come up and have been fixed: https://github.com/joomla-projects/privacy-framework/issues Rest assured that Michael would not delay the release of 3.9 if not necessary. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#20800 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAWfoenKKowaza_FfzTy9McZv-Fts7Kwks5uUaXEgaJpZM4Uuc0u> .
-- - Michael Please pardon any errors, this message was sent from my iPhone.
@infograf768 can you open a new issue on https://github.com/joomla-projects/privacy-framework
Aug 27, 2018
This was referenced
Aug 27, 2018
@laoneo , @mbabker