PART A - Basic setup Ensure that your admin account has a working email address. Create a new test account (or use existing). I'll refer to it as test1. This should also have a working email address which should not be the same as the admin one. As admin, go to site admin > Users > Privacy and policies > Privacy settings, and ensure 'Contact Data Protection Officer' is turned on. PART B - Request by user (no change) Log in as test1 and go to their profile. Click 'Data requests'. Click 'New request', and save changes. Log in as admin (or use a different browser) and run cron or wait for cron to run naturally. EXPECTED (no change): Admin should get a 'You have received a data request' email. Go to site admin > Users > Privacy and policies > Data requests. The request should be in 'Awaiting approval' status. Click Actions > Approve request, and confirm the dialog. Run cron or wait for cron to run naturally. EXPECTED (no change): The test1 user should receive an email to say their data is ready. Log in as test1 and follow the link in the email. EXPECTED (no change): The test1 user should download the zip file. PART C - Request setup by admin, user cannot download Login as admin and go to site admin > Users > Permissions > Define roles. Edit the 'Authenticated user' role and remove (untick) the tool/dataprivacy:downloadownrequest capability, then save changes. Go to site admin > Users > Privacy and policies > Data requests. Click 'New request' and type in the test user's name into 'Requesting for'; save changes. Run cron or wait for it to run itself. EXPECTED (no change): Admin should get a 'You have received a data request' email. Reload the data requests page, then approve the request as before. Run cron or wait for it to run itself. EXPECTED: Admin user ( not the test user like before) should receive an email saying the export is ready. Reload the data requests page EXPECTED: Admin user should now have a Download option under Actions Click the download option. EXPECTED: The zip file should download.