Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-63009

Data requests should note site of origin in email notifications

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Note: This testing requires the ability for your dev Moodle site to send email, and for you to be able to read the contents of the email. MailCatcher (software) can be used for this purpose if you don't have a system set up already in your dev environment.

      Setup:

      1. Login as your test Moodle site's admin user.
      2. ENSURE you site is set up to send GDPR requests: Navigate to 'Site administration' > Users > Privacy settings, and CONFIRM 'Contact the privacy officer' is checked. If it isn't, check it, and click 'Save changes'.
      3. ENSURE your admin user is set up to receive email notifications for data requests: Click the user dropdown at the top right of the screen, click Preferences, click 'Notification preferences', scroll down to the 'Data privacy' section, and ENSURE on the 'Data requests' row, the Online and Offline options are all set to 'On' for email.
      4. If you require software to intercept email messages (eg MailCatcher), ensure it is running.
      5. Note down your site's full name, as is displayed on the site's homepage.

      Testing:

      1. Log in as any user and navigate to the user's Profile page.
      2. Under 'Privacy and policies', click Data requests.
      3. CONFIRM the user has no existing requests with the status 'Awaiting approval' (if they do, click Actions > Cancel request > Cancel request on the request's row, so that you are able to submit a new request for this test).
      4. Click 'New request'.
      5. Enter Type = 'Export all of my personal data', Comments = 'Testing MDL-63009' and click 'Save changes'.
      6. CONFIRM you can see this new request in the list of data requests that loads, with the pending status.
      7. Run your site's cron (either through the user interface, or through command line).
      8. CONFIRM you have received the email notification for the request.
      9. Open the email, and CONFIRM there is now a row in the table with the heading 'Request origin', and a value that matches your site's full name, as observed during the setup steps above.
      10. Click on the site name next to the 'Request origin' heading in the email, and CONFIRM it opens your test Moodle site's homepage.
      11. CONFIRM the information and formatting within the email is still sending correctly, similar to the following screenshot:

      Show
      Note: This testing requires the ability for your dev Moodle site to send email, and for you to be able to read the contents of the email. MailCatcher (software) can be used for this purpose if you don't have a system set up already in your dev environment. Setup: Login as your test Moodle site's admin user. ENSURE you site is set up to send GDPR requests: Navigate to 'Site administration' > Users > Privacy settings, and CONFIRM 'Contact the privacy officer' is checked. If it isn't, check it, and click 'Save changes'. ENSURE your admin user is set up to receive email notifications for data requests: Click the user dropdown at the top right of the screen, click Preferences, click 'Notification preferences', scroll down to the 'Data privacy' section, and ENSURE on the 'Data requests' row, the Online and Offline options are all set to 'On' for email. If you require software to intercept email messages (eg MailCatcher), ensure it is running. Note down your site's full name, as is displayed on the site's homepage. Testing: Log in as any user and navigate to the user's Profile page. Under 'Privacy and policies', click Data requests. CONFIRM the user has no existing requests with the status 'Awaiting approval' (if they do, click Actions > Cancel request > Cancel request on the request's row, so that you are able to submit a new request for this test). Click 'New request'. Enter Type = 'Export all of my personal data', Comments = 'Testing MDL-63009 ' and click 'Save changes'. CONFIRM you can see this new request in the list of data requests that loads, with the pending status. Run your site's cron (either through the user interface, or through command line). CONFIRM you have received the email notification for the request. Open the email, and CONFIRM there is now a row in the table with the heading 'Request origin', and a value that matches your site's full name, as observed during the setup steps above. Click on the site name next to the 'Request origin' heading in the email, and CONFIRM it opens your test Moodle site's homepage. CONFIRM the information and formatting within the email is still sending correctly, similar to the following screenshot:
    • Affected Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • Fixed Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
    • Epic Link:
    • Pull 3.4 Branch:
    • Pull 3.5 Branch:
    • Pull Master Branch:
      MDL-63009-master
    • Sprint:
      GDPR Followup Sprint 1

      Description

      Data request emails should identify the site of origin, as this is not currently included, except as part of the "from" address. This will help avoid confusion for privacy officers who manage multiple sites.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                12/Nov/18

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 40 minutes
                40m