WIP: New Wine GDPR review by yanniboi · Pull Request #9 · FreelyGive/gdpr

yanniboi · 2018-04-30T14:04:34Z

No description provided.

…covery and traversal.

…views integration.

andrewbelcher · 2018-04-30T15:42:17Z

modules/gdpr_consent/gdpr_consent.install

+        'default' => NULL,
+        'description' => 'The ID of consent agreement\'s default revision.',
+      ),
+      'title' => array(


Presumably title should be revisionable also?

andrewbelcher · 2018-04-30T15:45:19Z

modules/gdpr_consent/gdpr_consent.module

+      'title' => t('Grant Any Consent'),
+    ),
+    'grant own consent' => array(
+      'title' => t('Grant Own Consent'),


Why does this need to be a permission? Presumably all users should be able to grant their own consent?

andrewbelcher · 2018-04-30T15:57:47Z

modules/gdpr_consent/gdpr_consent.module

+  $info = array();
+  $properties = &$info['gdpr_consent_agreement']['properties'];
+
+  $properties['id'] = array(


Should revision_id also be exposed?

andrewbelcher · 2018-04-30T16:06:27Z

modules/gdpr_consent/gdpr_consent.module

+        $element[$delta] = array(
+          '#type' => 'html_tag',
+          '#tag' => 'p',
+          '#value' => t('User Consent ID: @entity', array('@entity' => $item['target_id'])),


Do we want a second formatter that includes who registered the consent + notes etc?

andrewbelcher · 2018-04-30T16:08:11Z

modules/gdpr_consent/gdpr_consent.module

+        '#default_value' => $notes,
+        '#weight' => 10,
+        '#description' => '',
+        '#access' => user_access('grant any consent', $user),


Should this also check the target user isn't themselves?

andrewbelcher · 2018-04-30T16:37:32Z

modules/gdpr_dump/plugins/gdpr_sanitizer/GDPRSanitizerText.class.php

+      $rand = new GDPRUtilRandom();
+      $value = "anon_" . $rand->string(4);
+      // If the value is too long, tirm it.
+      if (isset($max_length) && strlen($value) > $max_length) {


Surely $max_length should be passed into $rand->string()?

andrewbelcher · 2018-04-30T16:40:35Z

modules/gdpr_dump/plugins/gdpr_sanitizer/gdpr_sanitizer_password.inc

+ */
+$plugin = array(
+  'handler' => array(
+    'class' => 'GDPRSanitizerDefault',


A 4 character random password is not a good idea...

andrewbelcher · 2018-04-30T16:43:28Z

modules/gdpr_dump/src/GDPRUtilRandom.php

+/**
+ * Defines a utility class for creating random data.
+ */
+class GDPRUtilRandom {


It's a shame Drupal 8's components aren't available separately :(

andrewbelcher · 2018-04-30T16:44:26Z

modules/gdpr_dump/src/Plugins/GDPRSanitizerDefault.php

+/**
+ * Class for storing GDPR default sanitizer definition.
+ */
+class GDPRSanitizerDefault {


abstract?

andrewbelcher · 2018-04-30T16:45:16Z

modules/gdpr_dump/src/Plugins/GDPRSanitizerDefault.php

+   *   The sanitized input.
+   */
+  public function sanitize($input, $field = NULL) {
+    return $input;


This should probably be either an abstract or throw an exception? Returning the input is probably dangerous for mis-configuration...

yanniboi added 20 commits April 30, 2018 14:48

By yanniboi: Started building out task entities.

72d2bbf

By yanniboi: Task entity ui with bundles.

6a3a09a

By yanniboi: Central GDPR menu item for all features.

3bca9a4

By yanniboi: GDPR Dump module with data sanitizers.

6385e69

By yanniboi: GDPR Fields module for ctools plugins for field data dis…

a786470

…covery and traversal.

By yanniboi: Added task processing for removal and export as well as …

b4b7a18

…views integration.

By yanniboi: Added default field exports for some user fields.

3d94b41

By yanniboi: Added export log module to track gdpr views data exports.

3f762d5

By yanniboi: Fix php coding standard.

9d4e8e0

By yanniboi: Various updates.

c091173

By yanniboi: Fix field list with fieldsets.

209ecd2

By zserno: Added consent module.

c4fb122

By yanniboi: Updated consent UI controller.

c14b121

By yanniboi: Updated fields list page with better entity filter.

3db79f6

By yanniboi: Make consent agreements exportable.

8643732

By yanniboi: Updated some sanitizers.

b9d1d7e

By yanniboi: Remove non newwine specific modules for now.

bab3c68

By yanniboi: Remove duplicate plugin data.

9152485

By yanniboi: Fix faulty rebase.

7831a2a

By yanniboi: PHPCS review.

5f19c9d

yanniboi changed the title ~~New Wine GDPR review~~ WIP: New Wine GDPR review Apr 30, 2018

andrewbelcher reviewed Apr 30, 2018

View reviewed changes

By zserno: Revisioning updates.

40eba48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WIP: New Wine GDPR review#9

WIP: New Wine GDPR review#9
yanniboi wants to merge 21 commits intoclient/newwinefrom
client/newwine-dev

yanniboi commented Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

andrewbelcher Apr 30, 2018

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

yanniboi commented Apr 30, 2018

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants