Extension: BlueSpicePrivacy
Overview | |||
---|---|---|---|
Description: |
Management page for user privacy settings | ||
State: | stable | Dependency: | BlueSpice |
Developer: | HalloWelt | License: | GPL-3.0-only |
Type: | BlueSpice | Category: | Security |
Edition: | BlueSpice pro, BlueSpice Farm, BlueSpice Cloud | ||
Features
The extension Privacy allows users to maintain their privacy and enables site maintainers to comply with the GDPR.
Users can:
- Request anonymization: The requests are directed to a site administrator for approval. If approved, the user is anonymized by the system.
- Request removal: The requests are directed to a site administrator for approval. If approved, the user is deleted from the system with all their data.
- Retrieve all data stored about them in the system.
- Give and revoke consent to the privacy policy.
It allows site administrators to:
- Manage anonymisation and deletion requests.
- Get an overview of the privacy policy and cookie consent of all users.
User for automated tests
For the special test user NoConsentWikiSysop
, the privacy consent requirement is bypassed, allowing automated test access to the wiki.
Technical Information[edit source]
This information applies to BlueSpice 4. Technical details for BlueSpice Cloud can differ in some cases.
Requirements[edit source]
- MediaWiki: 1.35.0
- BlueSpiceFoundation: 4.0
Integrates into[edit source]
- BlueSpicePrivacy
Special pages[edit source]
- PrivacyAdmin
- PrivacyCenter
- PrivacyConsent
Permissions[edit source]
Name | Description | Role |
---|---|---|
bs-privacy-admin | Execute Privacy administrative action | admin, accountmanager |
Configuration[edit source]
Name | Value |
---|---|
PrivacyConsentTypes | array ( 'privacy-policy' => 'bs-privacy-prefs-consent-privacy-policy', 'terms-of-service' => 'bs-privacy-prefs-consent-tos', ) |
PrivacyCookieAcceptMandatory | true |
PrivacyCookieConsentProvider | 'native-mw' |
PrivacyDeleteUsername | 'DeletedUser' |
PrivacyEnableRequests | true |
PrivacyPrivacyPolicyMandatory | false |
PrivacyRequestDeadline | 30 |
API Modules[edit source]
- bs-privacy
- bs-privacy-get-all-consents
- bs-privacy-get-requests
Hooks[edit source]
Cookie settings overview[edit | edit source]
COOKIE NAME | DESCRIPTION | TYPE |
---|---|---|
MediaWiki | ||
$wgCookiePrefixBlockID | This is usually the block ID concatenated with an HMAC in order to avoid spoofing (T152951), but if wgSecretKey is not set will just be the block ID. | necessary, if block exists |
$wgCookiePrefixUseDC | A cookie to tell all CDN edge nodes to "stick" the user to the DC that handles this POST request (e.g. the "master" data center). | necessary, if in use |
$wgCookiePrefixUseCDNCache | Have the user briefly bypass CDN so ChronologyProtector works for cacheable URLs. | comfort |
$wgCookiePrefixUserID | ID of the logged in user ( only for logged in users ) | necessary |
$wgCookiePrefixUserName | Username of logged in user ( only for logged in users ) | necessary |
$wgCookiePrefix_session | Session ID for the current session | necessary |
$wgCookiePrefixmwuser-sessionId | Client-side session ID | necessary |
$wgCookiePrefixforceHTTPS | Force HTTPS for logins | necessary |
$wgCookiePrefixLoggedOut | Force HTTPS for logins | comfort |
$wgCookiePrefixnotificationFlag | Used for Echo notifications | comfort |
BlueSpice | ||
$wgCookiePrefix_MWCookieConsent | State of the user's cookie consent | necessary |
$wgCookiePrefixVEE | Visual editor - user preference - VisualMode or wikitext | comfort |
$wgCookiePrefixBlueSpiceDiscovery | State of various stateful components in the skin | comfort |
Accessibility
Test status: | 2-testing complete |
---|---|
Checked for: | Web, Authoring tool |
Last test date: | 2022-08-08 |
WCAG level: | AA |
WCAG support: | partially supports (workaround: no) |
Comments: |
Special:Privacy_Center page: check icons are not labelled erm:31373 |
Extension type: | core |
Extension focus: | reader |