flarum / gdpr
Features for GDPR, PII management
Fund package maintenance!
flarum
Open Collective
Installs: 2 724
Dependents: 11
Suggesters: 0
Security: 0
Stars: 11
Watchers: 10
Forks: 5
Open Issues: 2
Type:flarum-extension
Requires
- flarum/core: ^2.0.0-beta.1
- nelexa/zip: ^4.0.2
Requires (Dev)
- flarum/nicknames: ^2.0.0
- flarum/phpstan: *
- flarum/testing: ^2.0.0
Replaces
- dev-main
- 2.x-dev
- v2.0.0-beta.1
- 1.0.0-beta.3
- 1.0.0-beta.2
- 1.0.0-beta.1
- 0.1.0-beta.20
- 0.1.0-beta.19
- 0.1.0-beta.18
- 0.1.0-beta.17
- 0.1.0-beta.16
- 0.1.0-beta.15
- 0.1.0-beta.14
- 0.1.0-beta.13
- 0.1.0-beta.12
- 0.1.0-beta.11
- 0.1.0-beta.10
- 0.1.0-beta.9
- 0.1.0-beta.8
- 0.1.0-beta.7
- 0.1.0-beta.6
- 0.1.0-beta.5
- 0.1.0-beta.4
- 0.1.0-beta.3
- 0.1.0-beta.2
- 0.1.0-beta.1
- dev-master
This package is auto-updated.
Last update: 2024-12-11 17:16:38 UTC
README
This extension allows users increasing control over their data.
Requirements
flarum/core
-v2.0
or higherPHP
-8.2
or higher
Installation or update
Install manually with composer:
composer require flarum/gdpr:^2.0.0
Use
All forum users now have a Personal Data
section within their account settings page:
From here, users may self-service export their data from the forum, or start an erasure request. Erasure requests are queued up for admins/moderators to process. Any unprocessed requests that are still pending after 30 days will be processed automatically using the configured default method (Deletion or Anonymization).
Specifying which queue to use
If your forum runs multiple queues, ie low
and high
, you may specify which queue jobs for this extension are run on in your skeleton's extend.php
file:
Blomstra\Gdpr\Jobs\GdprJob::$onQueue = 'low'; return [ ... your current extenders, ];
For developers
You can easily register a new Data type, remove an existing Data type, or exclude specific columns from the user table during export by leveraging the Flarum\Gdpr\Extend\UserData
extender. Ensure that you wrap the GDPR extender in a conditional extend, so that forum owners can choose if they want to enable GDPR functionality or not. This functionality requires flarum/core
v2.0
or higher, so that should be set as your extension's minimum requirement.
Registering a new Data Type:
Your data type class should implement the Blomstra\Gdpr\Contracts\DataType
:
<?php use Blomstra\Gdpr\Extend\UserData; use Blomstra\Extend; return [ (new Extend\Conditional()) ->whenExtensionEnabled('flarum-gdpr', fn () => [ (new UserData()) ->addType(Your\Own\DataType::class), ... other conditional extenders as required ... ]), ];
The implementation you create needs a export method, it will receive a ZipArchive resource. You can use that to add any strings or actual files to the archive. Make sure to properly name the file and always prefix it with your extension slug (flarum-something-filename).
Removing a Data Type:
If for any reason you want to exclude a certain DataType from the export:
use Blomstra\Gdpr\Extend\UserData; use Blomstra\Extend; return [ (new Extend\Conditional()) ->whenExtensionEnabled('flarum-gdpr', fn () => [ (new UserData()) ->removeType(Your\Own\DataType::class), ... other conditional extenders as required ... ]), ];
Exclude specific columns from the user table during export:
use Blomstra\Gdpr\Extend\UserData; return [ (new Extend\Conditional()) ->whenExtensionEnabled('flarum-gdpr', fn () => [ (new UserData()) ->removeUserColumn('column_name') // For a single column ->removeUserColumns(['column1', 'column2']), // For multiple columns ... other conditional extenders as required ... ]), ];
Flarum extensions
These are the known extensions which offer GDPR data integration with this extension. Don't see a required extension listed? Contact the author to request it
- 2FA, since
2.0
- Boring Avatars, since
2.0
- FoF Ban IPs, since
2.0
- FoF Drafts, since
2.0
- FoF Follow Tags, since
2.0
- FoF Terms, since
2.0
- FoF Upload, since
2.0
- FoF User Bio, since
2.0
- Follow Users, since
2.0
FAQ & Recommendations
- Generating the zip archive can be pushed to queue functionality. This is exceptionally important on larger communities and with more extensions that work with the gdpr extension to allow data exports.