Latest revision as of 09:50, 7 June 2024

Extension: BlueSpicePrivacy

Overview
Description:	Management page for user privacy settings
State:	stable	Dependency:	BlueSpice
Developer:	HalloWelt	License:	GPL-3.0-only
Type:	BlueSpice	Category:	Security
Edition:	BlueSpice pro, BlueSpice farm, BlueSpice cloud	Version:	4.1+
View user help page

Features

Note:This extension is no longer bundled with BlueSpice free starting v. 4.2.

The extension Privacy allows users to maintain their privacy and enables site maintainers to comply with the GDPR.

Users can:

Request anonymization: The requests are directed to a site administrator for approval. If approved, the user is anonymized by the system.
Request removal: The requests are directed to a site administrator for approval. If approved, the user is deleted from the system with all their data.
Retrieve all data stored about them in the system.
Give and revoke consent to the privacy policy.

It allows site administrators to:

Manage anonymisation and deletion requests.
Get an overview of the privacy policy and cookie consent of all users.

User for automated tests

For the special test user NoConsentWikiSysop, the privacy consent requirement is bypassed, allowing automated test access to the wiki.

Technical Information

Technical details for BlueSpice cloud can differ in some cases.

Requirements

MediaWiki: 1.43.0

BlueSpiceFoundation: 5.0.0
OOJSPlus: 3.0.0

Integrates into

BlueSpicePrivacy

NotifyMe

Special pages

PrivacyAdmin
PrivacyCenter
PrivacyConsent
PrivacyPages

Permissions

Name	Description	Role
bs-privacy-admin	Execute Privacy administrative action	admin, accountmanager

Configuration

Name	Value
PrivacyConsentTypes	array ( 'privacy-policy' => 'bs-privacy-prefs-consent-privacy-policy', 'terms-of-service' => 'bs-privacy-prefs-consent-tos', )
PrivacyCookieAcceptMandatory	true
PrivacyCookieConsentProvider	'native-mw'
PrivacyDeleteUsername	'DeletedUser'
PrivacyEnableRequests	true
PrivacyPrivacyPolicyLink	''
PrivacyPrivacyPolicyMandatory	false
PrivacyPrivacyPolicyOnLogin	true
PrivacyRequestDeadline	30
PrivacyTermsOfServiceLink	''

API Modules

bs-privacy
bs-privacy-get-requests

Hooks

Composer requirements

all-packages	mwstake/mediawiki-component-events

Notifications

Name	Buckets
bs-privacy-anonymization-done	personal
bs-privacy-anonymization-rejected	personal
bs-privacy-deletion-rejected	personal
bs-privacy-deletion-failed	personal
bs-privacy-request-submitted	personal

Cookie settings overview

COOKIE NAME	DESCRIPTION	TYPE
MediaWiki
$wgCookiePrefixBlockID	This is usually the block ID concatenated with an HMAC in order to avoid spoofing (T152951), but if wgSecretKey is not set will just be the block ID.	necessary, if block exists
$wgCookiePrefixUseDC	A cookie to tell all CDN edge nodes to "stick" the user to the DC that handles this POST request (e.g. the "master" data center).	necessary, if in use
$wgCookiePrefixUseCDNCache	Have the user briefly bypass CDN so ChronologyProtector works for cacheable URLs.	comfort
$wgCookiePrefixUserID	ID of the logged in user ( only for logged in users )	necessary
$wgCookiePrefixUserName	Username of logged in user ( only for logged in users )	necessary
$wgCookiePrefix_session	Session ID for the current session	necessary
$wgCookiePrefixmwuser-sessionId	Client-side session ID	necessary
$wgCookiePrefixforceHTTPS	Force HTTPS for logins	necessary
$wgCookiePrefixLoggedOut	Force HTTPS for logins	comfort
$wgCookiePrefixnotificationFlag	Used for Echo notifications	comfort
BlueSpice
$wgCookiePrefix_MWCookieConsent	State of the user's cookie consent	necessary
$wgCookiePrefixVEE	Visual editor - user preference - VisualMode or wikitext	comfort
$wgCookiePrefixBlueSpiceDiscovery	State of various stateful components in the skin	comfort

Accessibility

Test status:	2-testing complete
Checked for:	Web, Authoring tool
Last test date:	2022-08-08
WCAG level:	AA
WCAG support:	partially supports (workaround: no)
Comments:	Login step: checkboxes to confirm privacy policies do not receive initial focus. erm: 29401 Special:Privacy_Center page: check icons are not labelled erm:31373
Extension type:	core
Extension focus:	reader

To submit feedback about this documentation, visit our community forum.

@@ Line 3: / Line 3: @@
 |developer=HalloWelt
 |type=BlueSpice
-|edition=BlueSpice Cloud, BlueSpice free (deactivated), BlueSpice pro (deactivated), BlueSpice Farm (deactivated)
+|edition=BlueSpice pro, BlueSpice farm, BlueSpice cloud
 |compatible=BlueSpice
 |category=Security
-|features=The extension '''Privacy'''  allows users to maintain their privacy and enables site maintainers to comply with the GDPR.
+|features={{Messagebox|boxtype=note|icon=|Note text=This extension is no longer bundled with BlueSpice free starting v. 4.2.}}
+The extension '''Privacy'''  allows users to maintain their privacy and enables site maintainers to comply with the GDPR.
 Users can:
@@ Line 19: / Line 20: @@
 *Manage anonymisation and deletion requests.
 *Get an overview of the privacy policy and cookie consent of all users.
+== User for automated tests ==
+For the special test user <code>NoConsentWikiSysop</code>, the privacy consent requirement is bypassed, allowing automated test access to the wiki.
+}}
+==Cookie settings overview==
+{| class="wikitable" style=""
+|-
+!COOKIE NAME
+!DESCRIPTION
+!TYPE
+|-
+| colspan="3" style="border-left-style:none;border-right-style:none;border-top-style:solid;border-bottom-style:solid;" data-ve-attributes="{&quot;style&quot;:&quot;border-left-style:none;border-right-style:none;border-top-style:solid;border-bottom-style:solid;&quot;}" |'''MediaWiki'''
+|-
+|$wgCookiePrefixBlockID
+|This is usually the block ID concatenated with an HMAC in order to avoid spoofing (T152951), but if wgSecretKey is not set will just be the block ID.
+|necessary, if block exists
+|-
+|$wgCookiePrefixUseDC
+|A cookie to tell all CDN edge nodes to "stick" the user to the DC that handles this POST request (e.g. the "master" data center).
+|necessary, if in use
+|-
+|$wgCookiePrefixUseCDNCache
+|Have the user briefly bypass CDN so ChronologyProtector works for cacheable URLs.
+|comfort
+|-
+|$wgCookiePrefixUserID
+|ID of the logged in user ( only for logged in users )
+|necessary
+|-
+|$wgCookiePrefixUserName
+|Username of logged in user ( only for logged in users )
+|necessary
+|-
+|$wgCookiePrefix_session
+|Session ID for the current session
+|necessary
+|-
+|<span style="color: rgb(4, 30, 73)">$wgCookiePrefixmwuser-sessionId</span>
+|<span style="color: rgb(4, 30, 73)">Client-side session ID</span>
+|necessary
+|-
+|$wgCookiePrefixforceHTTPS
+|Force HTTPS for logins
+|necessary
+|-
+|$wgCookiePrefixLoggedOut
+|Force HTTPS for logins
+|comfort
+|-
+|$wgCookiePrefixnotificationFlag
+|Used for Echo notifications
+|comfort
+|-
+| colspan="3" style="border-left-style:none;border-right-style:none;border-top-style:solid;border-bottom-style:solid;" data-ve-attributes="{&quot;style&quot;:&quot;border-left-style:none;border-right-style:none;border-top-style:solid;border-bottom-style:solid;&quot;}" |'''BlueSpice'''
+|-
+|$wgCookiePrefix_MWCookieConsent
+|State of the user's cookie consent
+|necessary
+|-
+|$wgCookiePrefixVEE
+|Visual editor - user preference - VisualMode or wikitext
+|comfort
+|-
+|<span style="color: rgb(4, 30, 73)">$wgCookiePrefixBlueSpiceDiscovery</span>
+|<span style="color: rgb(4, 30, 73)">State of various stateful components in the skin</span>
+|<span style="color: rgb(4, 30, 73)">comfort</span>
+|}
+{{wcagCheck
+|wcagStatus=2-testing complete
+|wcagCheckedfor=Web, Authoring tool
+|wcagTestdate=2022-08-08
+|wcagLevel=AA
+|wcagSupport=partially supports
+|wcagWorkaround=no
+|wcagComments=* Login step: checkboxes to confirm privacy policies do not receive initial focus. [https://support.hallowelt.com/issues/29401 erm: 29401]
+Special:Privacy_Center page: check icons are not labelled  [https://support.hallowelt.com/issues/31373 erm:31373]
+|extensionType=core
+|extensionFocus=reader
 }}

Reference:BlueSpicePrivacy: Difference between revisions