From 525dfe85627b2ebcb3fb1fb15f73ffb182e5ac1a Mon Sep 17 00:00:00 2001 From: Michael Babker Date: Thu, 24 May 2018 20:45:43 -0500 Subject: [PATCH] [Feature] Report Privacy Related Capabilities in Admin (#37) * Begin the capabilities reporting screen, list some core capabilities * Add the plugin reporting hook to capability collection * Add notes about hashed cookie name * Import installer plugin group to capabilities to be able to include install from web without needing a second plugin * Add info about core communications to joomla.org due to conflicting opinions/guidance on handling of IP addresses --- .../com_privacy/helpers/privacy.php | 6 ++ .../com_privacy/models/capabilities.php | 101 ++++++++++++++++++ .../views/capabilities/tmpl/default.php | 54 ++++++++++ .../views/capabilities/view.html.php | 86 +++++++++++++++ .../language/en-GB/en-GB.com_privacy.ini | 12 +++ .../en-GB/en-GB.plg_authentication_cookie.ini | 1 + .../en-GB/en-GB.plg_captcha_recaptcha.ini | 2 + .../en-GB/en-GB.plg_system_languagefilter.ini | 1 + plugins/authentication/cookie/cookie.php | 18 ++++ plugins/captcha/recaptcha/recaptcha.php | 18 ++++ .../system/languagefilter/languagefilter.php | 18 ++++ 11 files changed, 317 insertions(+) create mode 100644 administrator/components/com_privacy/models/capabilities.php create mode 100644 administrator/components/com_privacy/views/capabilities/tmpl/default.php create mode 100644 administrator/components/com_privacy/views/capabilities/view.html.php diff --git a/administrator/components/com_privacy/helpers/privacy.php b/administrator/components/com_privacy/helpers/privacy.php index 6c56b2483e8e2..98aa232e37aa3 100644 --- a/administrator/components/com_privacy/helpers/privacy.php +++ b/administrator/components/com_privacy/helpers/privacy.php @@ -32,5 +32,11 @@ public static function addSubmenu($vName) 'index.php?option=com_privacy', $vName === 'requests' ); + + JHtmlSidebar::addEntry( + JText::_('COM_PRIVACY_SUBMENU_CAPABILITIES'), + 'index.php?option=com_privacy&view=capabilities', + $vName === 'capabilities' + ); } } diff --git a/administrator/components/com_privacy/models/capabilities.php b/administrator/components/com_privacy/models/capabilities.php new file mode 100644 index 0000000000000..e6c90c29953b4 --- /dev/null +++ b/administrator/components/com_privacy/models/capabilities.php @@ -0,0 +1,101 @@ + array( + JText::_('COM_PRIVACY_CORE_CAPABILITY_SESSION_IP_ADDRESS_AND_COOKIE'), + JText::sprintf('COM_PRIVACY_CORE_CAPABILITY_LOGGING_IP_ADDRESS', $app->get('log_path', JPATH_ADMINISTRATOR . '/logs')), + JText::_('COM_PRIVACY_CORE_CAPABILITY_COMMUNICATION_WITH_JOOMLA_ORG'), + ) + ); + + /* + * We will search for capabilities from the following plugin groups: + * + * - Authentication: These plugins by design process user information and may have capabilities such as creating cookies + * - Captcha: These plugins may communicate information to third party systems + * - Installer: These plugins can add additional install capabilities to the Extension Manager, such as the Install from Web service + * - Privacy: These plugins are the primary integration point into this component + * - User: These plugins are intended to extend the user management system + * + * This is in addition to plugin groups which are imported before this method is triggered, generally this is the system group. + */ + + JPluginHelper::importPlugin('authentication'); + JPluginHelper::importPlugin('captcha'); + JPluginHelper::importPlugin('installer'); + JPluginHelper::importPlugin('privacy'); + JPluginHelper::importPlugin('user'); + + $pluginResults = $app->triggerEvent('onPrivacyCollectAdminCapabilities'); + + // We are going to "cheat" here and include this component's capabilities without using a plugin + $extensionCapabilities = array( + JText::_('COM_PRIVACY') => array( + JText::_('COM_PRIVACY_EXTENSION_CAPABILITY_PERSONAL_INFO'), + ) + ); + + foreach ($pluginResults as $pluginResult) + { + $extensionCapabilities += $pluginResult; + } + + // Sort the extension list alphabetically + ksort($extensionCapabilities); + + // Always prepend the core capabilities to the array + return $coreCapabilities + $extensionCapabilities; + } + + /** + * Method to auto-populate the model state. + * + * @return void + * + * @since __DEPLOY_VERSION__ + */ + protected function populateState() + { + // Load the parameters. + $this->setState('params', JComponentHelper::getParams('com_privacy')); + } +} diff --git a/administrator/components/com_privacy/views/capabilities/tmpl/default.php b/administrator/components/com_privacy/views/capabilities/tmpl/default.php new file mode 100644 index 0000000000000..4f0e03e27e1a9 --- /dev/null +++ b/administrator/components/com_privacy/views/capabilities/tmpl/default.php @@ -0,0 +1,54 @@ + +sidebar)) : ?> +
+ sidebar; ?> +
+
+ +
+ +
+

+ +
+ capabilities)) : ?> +
+ +
+ + + 'slide-0')); ?> + + capabilities as $extension => $capabilities) : ?> + + +
+ +
+ +
    + +
  • + +
+ + + + + + + +
diff --git a/administrator/components/com_privacy/views/capabilities/view.html.php b/administrator/components/com_privacy/views/capabilities/view.html.php new file mode 100644 index 0000000000000..91532075f39c4 --- /dev/null +++ b/administrator/components/com_privacy/views/capabilities/view.html.php @@ -0,0 +1,86 @@ +capabilities = $this->get('Capabilities'); + $this->state = $this->get('State'); + + // Check for errors. + if (count($errors = $this->get('Errors'))) + { + throw new Exception(implode("\n", $errors), 500); + } + + $this->addToolbar(); + + $this->sidebar = JHtmlSidebar::render(); + + return parent::display($tpl); + } + + /** + * Add the page title and toolbar. + * + * @return void + * + * @since __DEPLOY_VERSION__ + */ + protected function addToolbar() + { + JToolbarHelper::title(JText::_('COM_PRIVACY_VIEW_CAPABILITIES'), 'dashboard'); + + JToolbarHelper::preferences('com_privacy'); + } +} diff --git a/administrator/language/en-GB/en-GB.com_privacy.ini b/administrator/language/en-GB/en-GB.com_privacy.ini index 95c32c8c72337..9977faebccdee 100644 --- a/administrator/language/en-GB/en-GB.com_privacy.ini +++ b/administrator/language/en-GB/en-GB.com_privacy.ini @@ -6,6 +6,11 @@ COM_PRIVACY="Privacy" COM_PRIVACY_ACTION_VIEW="View Request" COM_PRIVACY_CONFIGURATION="Privacy: Options" +COM_PRIVACY_CORE_CAPABILITY_COMMUNICATION_WITH_JOOMLA_ORG="When a network connection is available, a Joomla installation will attempt to communicate with the joomla.org servers for various capabilities, to include:As with all HTTP requests, the IP address of your server will be transmitted as part of the request. For information on how Joomla processes data on its servers, please review our privacy policy." +; The placeholder for this key is the configured log path for the site. +COM_PRIVACY_CORE_CAPABILITY_LOGGING_IP_ADDRESS="Joomla's logging system records the IP address of the visitor which led to a message being written to its log files. These log files are used to record various activity on a Joomla site, including information related to core updates, invalid login attempts, unhandled errors, and development information such as the use of deprecated APIs. The format of these log files may be customised by any extension which configures a logger, therefore you are encouraged to download and review the log files for your website which may be found at `%s`." +COM_PRIVACY_CORE_CAPABILITY_SESSION_IP_ADDRESS_AND_COOKIE="All requests to a Joomla website start a session which stores the IP address in the session data and creates a session cookie in the user's browser. The IP address is used as a security measure to help protect against potential session hijacking attacks and this information is deleted once the session has expired and its data purged. The session cookie's name is based on a randomly generated hash and therefore does not have a constant identifier. The session cookie is destroyed once the session has expired or the user has exited their browser." +COM_PRIVACY_EXTENSION_CAPABILITY_PERSONAL_INFO="In order to process information requests, information about the user must be collected and logged for the purposes of retaining an audit log. The request system is based on an individual's email address which will be used to link the request to an existing site user if able." ; You can use the following merge codes for all COM_PRIVACY_EMAIL strings: ; [SITENAME] Site name, as set in Global Configuration. ; [URL] URL of the site's frontend page. @@ -28,6 +33,7 @@ COM_PRIVACY_FIELD_STATUS_DESC="The status of the information request." COM_PRIVACY_FIELD_USER_ID_DESC="The user account for the individual owning the information being requested, if one exists." COM_PRIVACY_FIELD_USER_ID_LABEL="Associated User" COM_PRIVACY_FILTER_SEARCH_LABEL="Search Requests" +COM_PRIVACY_HEADING_CORE_CAPABILITIES="Joomla Core Capabilities" COM_PRIVACY_HEADING_EMAIL_ASC="Email ascending" COM_PRIVACY_HEADING_EMAIL_DESC="Email descending" COM_PRIVACY_HEADING_REQUEST_TYPE="Request Type" @@ -40,7 +46,11 @@ COM_PRIVACY_HEADING_REQUESTED_AT_ASC="Requested ascending" COM_PRIVACY_HEADING_REQUESTED_AT_DESC="Requested descending" COM_PRIVACY_HEADING_STATUS_ASC="Status ascending" COM_PRIVACY_HEADING_STATUS_DESC="Status descending" +COM_PRIVACY_MSG_CAPABILITIES_ABOUT_THIS_INFORMATION="About This Information" +COM_PRIVACY_MSG_CAPABILITIES_INTRODUCTION="The information on this screen is collected from extensions which report their privacy related capabilities to this system. It is intended to help site owners be aware of the capabilities of installed extensions and provide information to help owners create local site policies such as a privacy policy. As this screen requires extensions to support its reporting system, and only displays information from enabled extensions, this should not be considered a complete list and you are encouraged to consult each extension's documentation for more information." +COM_PRIVACY_MSG_CAPABILITIES_NO_CAPABILITIES="There are no reported extension capabilities." COM_PRIVACY_MSG_CONFIRM_EMAIL_SENT_TO_USER="A confirmation email for this request has been sent to the user." +COM_PRIVACY_MSG_EXTENSION_NO_CAPABILITIES="This extension does not report any capabilities." COM_PRIVACY_MSG_REQUESTS_NO_REQUESTS="There are no information requests matching your query." COM_PRIVACY_REQUEST_COMPLETED="The request has been completed." COM_PRIVACY_REQUEST_INVALIDATED="The request has been invalidated." @@ -50,11 +60,13 @@ COM_PRIVACY_STATUS_CONFIRMED="Confirmed" COM_PRIVACY_STATUS_INVALID="Invalid" COM_PRIVACY_STATUS_PENDING="Pending" COM_PRIVACY_SEARCH_IN_EMAIL="Search in requestor email address. Prefix with ID: to search for a request ID." +COM_PRIVACY_SUBMENU_CAPABILITIES="Capabilities" COM_PRIVACY_SUBMENU_REQUESTS="Requests" COM_PRIVACY_TOOLBAR_COMPLETE="Complete" COM_PRIVACY_TOOLBAR_INVALIDATE="Invalidate" COM_PRIVACY_USER_FIELD_EMAIL_DESC="The email address of the individual owning the information being requested." COM_PRIVACY_VIEW_REQUEST_ADD_REQUEST="Privacy: New Information Request" COM_PRIVACY_VIEW_REQUEST_SHOW_REQUEST="Privacy: Review Information Request" +COM_PRIVACY_VIEW_CAPABILITIES="Privacy: Extension Capabilities" COM_PRIVACY_VIEW_REQUESTS="Privacy: Information Requests" COM_PRIVACY_XML_DESCRIPTION="Component for managing privacy related actions." diff --git a/administrator/language/en-GB/en-GB.plg_authentication_cookie.ini b/administrator/language/en-GB/en-GB.plg_authentication_cookie.ini index 8d02e7fe9fbf7..114cea9dd3da1 100644 --- a/administrator/language/en-GB/en-GB.plg_authentication_cookie.ini +++ b/administrator/language/en-GB/en-GB.plg_authentication_cookie.ini @@ -9,5 +9,6 @@ PLG_AUTH_COOKIE_FIELD_COOKIE_LIFETIME_DESC="The number of days until the authent PLG_AUTH_COOKIE_FIELD_COOKIE_LIFETIME_LABEL="Cookie Lifetime" PLG_AUTH_COOKIE_FIELD_KEY_LENGTH_DESC="The length of the key to use to encrypt the cookie. Longer lengths are more secure, but they will slow performance." PLG_AUTH_COOKIE_FIELD_KEY_LENGTH_LABEL="Key Length" +PLG_AUTH_COOKIE_PRIVACY_CAPABILITY_COOKIE="In conjunction with a plugin which supports a \"Remember Me\" feature, such as the \"System - Remember Me\" plugin, this plugin creates a cookie on the user's client if a \"Remember Me\" checkbox is selected when logging into the website. This cookie can be identified with the prefix `joomla_remember_me` and is used to automatically log users into the website when they visit and are not already logged in." PLG_AUTH_COOKIE_XML_DESCRIPTION="Handles Joomla's cookie User authentication.
Warning! You must have at least one other authentication plugin enabled.
You will also need a plugin such as the System - Remember Me plugin to implement cookie login." PLG_AUTHENTICATION_COOKIE="Authentication - Cookie" diff --git a/administrator/language/en-GB/en-GB.plg_captcha_recaptcha.ini b/administrator/language/en-GB/en-GB.plg_captcha_recaptcha.ini index 29821c12ebe7c..8a501818501b4 100644 --- a/administrator/language/en-GB/en-GB.plg_captcha_recaptcha.ini +++ b/administrator/language/en-GB/en-GB.plg_captcha_recaptcha.ini @@ -50,6 +50,8 @@ PLG_RECAPTCHA_ERROR_VERIFY_PARAMS_INCORRECT="The parameters to verify were incor PLG_RECAPTCHA_ERROR_INVALID_REFERRER="reCAPTCHA API keys are tied to a specific domain name for security reasons." PLG_RECAPTCHA_ERROR_RECAPTCHA_NOT_REACHABLE="Unable to contact the reCAPTCHA verify server." +PLG_RECAPTCHA_PRIVACY_CAPABILITY_IP_ADDRESS="The reCAPTCHA plugin integrates with Google's reCAPTCHA system as a spam protection service. As part of this service, the IP of the user who is answering the captcha challenge is transmitted to Google." + ; Uncomment(remove the ";" from the beginning of the line) the following lines if reCAPTCHA is not available in your language ; When uncommenting, do NOT translate PLG_RECAPTCHA_CUSTOM_LANG ; As of 01/01/2012, the following languages do not need translation: en, nl, fr, de, pt, ru, es, tr diff --git a/administrator/language/en-GB/en-GB.plg_system_languagefilter.ini b/administrator/language/en-GB/en-GB.plg_system_languagefilter.ini index 9d957af004674..bd4c481bad64e 100644 --- a/administrator/language/en-GB/en-GB.plg_system_languagefilter.ini +++ b/administrator/language/en-GB/en-GB.plg_system_languagefilter.ini @@ -24,5 +24,6 @@ PLG_SYSTEM_LANGUAGEFILTER_FIELD_REMOVE_DEFAULT_PREFIX_DESC="Remove the defined U PLG_SYSTEM_LANGUAGEFILTER_FIELD_REMOVE_DEFAULT_PREFIX_LABEL="Remove URL Language Code" PLG_SYSTEM_LANGUAGEFILTER_OPTION_SESSION="Session" PLG_SYSTEM_LANGUAGEFILTER_OPTION_YEAR="Year" +PLG_SYSTEM_LANGUAGEFILTER_PRIVACY_CAPABILITY_LANGUAGE_COOKIE="On a site which supports multiple languages, this plugin can be configured to set a cookie on the user's browser which remembers their language preference. This cookie is used to redirect users to their preferred language when visiting the site and creating a new session. The cookie's name is based on a randomly generated hash and therefore does not have a constant identifier." PLG_SYSTEM_LANGUAGEFILTER_SITE_LANGUAGE="Site Language" PLG_SYSTEM_LANGUAGEFILTER_XML_DESCRIPTION="This plugin filters the displayed content depending on language.
This plugin is to be enabled only when the Language Switcher module is published.
If this plugin is activated, it is recommended to also publish the Administrator multilingual status module." diff --git a/plugins/authentication/cookie/cookie.php b/plugins/authentication/cookie/cookie.php index 9a2effc87ff71..7d86105aa54f7 100644 --- a/plugins/authentication/cookie/cookie.php +++ b/plugins/authentication/cookie/cookie.php @@ -34,6 +34,24 @@ class PlgAuthenticationCookie extends JPlugin */ protected $db; + /** + * Reports the privacy related capabilities for this plugin to site administrators. + * + * @return array + * + * @since __DEPLOY_VERSION__ + */ + public function onPrivacyCollectAdminCapabilities() + { + $this->loadLanguage(); + + return array( + JText::_('PLG_AUTHENTICATION_COOKIE') => array( + JText::_('PLG_AUTH_COOKIE_PRIVACY_CAPABILITY_COOKIE'), + ) + ); + } + /** * This method should handle any authentication and report back to the subject * diff --git a/plugins/captcha/recaptcha/recaptcha.php b/plugins/captcha/recaptcha/recaptcha.php index 6aae275f18ddf..213879d281a07 100644 --- a/plugins/captcha/recaptcha/recaptcha.php +++ b/plugins/captcha/recaptcha/recaptcha.php @@ -25,6 +25,24 @@ class PlgCaptchaRecaptcha extends JPlugin */ protected $autoloadLanguage = true; + /** + * Reports the privacy related capabilities for this plugin to site administrators. + * + * @return array + * + * @since __DEPLOY_VERSION__ + */ + public function onPrivacyCollectAdminCapabilities() + { + $this->loadLanguage(); + + return array( + JText::_('PLG_CAPTCHA_RECAPTCHA') => array( + JText::_('PLG_RECAPTCHA_PRIVACY_CAPABILITY_IP_ADDRESS'), + ) + ); + } + /** * Initialise the captcha * diff --git a/plugins/system/languagefilter/languagefilter.php b/plugins/system/languagefilter/languagefilter.php index a04d7c4791a69..57b854e444fa5 100644 --- a/plugins/system/languagefilter/languagefilter.php +++ b/plugins/system/languagefilter/languagefilter.php @@ -518,6 +518,24 @@ public function parseRule(&$router, &$uri) return $array; } + /** + * Reports the privacy related capabilities for this plugin to site administrators. + * + * @return array + * + * @since __DEPLOY_VERSION__ + */ + public function onPrivacyCollectAdminCapabilities() + { + $this->loadLanguage(); + + return array( + JText::_('PLG_SYSTEM_LANGUAGEFILTER') => array( + JText::_('PLG_SYSTEM_LANGUAGEFILTER_PRIVACY_CAPABILITY_LANGUAGE_COOKIE'), + ) + ); + } + /** * Before store user method. *