Jump to content

[4.7.11] Usergroup setting removes options to request pii data and account deletion


MMXII
Go to solution Solved by Stuart Silvester,

Recommended Posts

This seems to be a bug or at least unwanted behavior: The new options to request pii data and account deletion do not show up in the frontend, if the usergroup setting the "Can login anonymously?" is set to "Disallowed". Then the menu entry "Security and Privacy" does not show up at all.

Link to comment
Share on other sites

10 hours ago, Stuart Silvester said:

we're preparing a patch

Once the patch has been released, if I download 4.7.11 from the client area again, will the patch be included in the download package too, or do I have to wait until 4.7.12 until the files available from the client area will be updated?

Link to comment
Share on other sites

4 hours ago, Stuart Silvester said:

At this time, it's available to all members.

This is something I just cannot understand. All the bugs aside these two features introduce a whole new workflow of having to deal with requests, approvals and rejections. Who thought it's a good idea to release this without an option to opt-out? Not every community needs this and not everybody is ready. Communities that aren't ready to handle this are basically forced to stay on an older version and miss out on all other improvements. Both of those features should be configurable.

I looked into disabling it via code hooks and things get even worse. While hooking \IPS\Member::canUseAccountDeletion does the trick for account deletion (proper backend checks + removes it from UI), same route just doesn't work for PII.

\IPS\Member\PrivacyAction::canRequestPiiData/canDownloadPiiData can be hooked but UI elements will stay because of settingsPrivacy template. Buttons will be gone but whole div, header and description will stay.

For account deletion whole div is wrapped properly:

{{if \IPS\Member::loggedIn()->canUseAccountDeletion() }}
...
{{endif}}

Why same thing wasn't done for PII? This would do the trick:

{{if \IPS\Member\PrivacyAction::canRequestPiiData() }}
...
{{endif}}

Now it's impossible to remove this without excessive trickery. Theme hooks won't really do the job as there is no way to select that specific div as it doesn't have a unique identifier (it's a generic div.ipsPadding). Documentation states that "you can use any of the selectors supported by jQuery" and that's simply wrong, actually not even a tiny fraction of selectors used by jQuery are supported. Only the most basic CSS selectors can be used and those don't allow to select e.g. parent elements.

I didn't expect that a monthly update will turn into such a headache that a simple ACP option could easily fix.

tl;dr Please make those features optional.

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...