Details
-
Type:
Improvement
-
Status: Done/Fixed
-
Priority:
Trivial
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.7.19
-
Fix Version/s: 4.7.25
-
Component/s: Core CiviCRM
-
Labels:
-
Versioning Impact:Patch (backwards-compatible bug fixes)
-
Documentation Required?:None
-
Funding Source:Needs Funding
-
Verified?:No
Description
Now that Custom Groups have an "is_public" setting (merged for 4.7.19 - https://issues.civicrm.org/jira/browse/CRM-20318) it seems wise to also adjust the email templates to not mail/disclose information that is configured to be not-public.
Example: a custom group of fields attached to event participants can now be configured to be a backend-only field by setting the is_public to 0 (see attachment).
The now 'secret' group of fields will now still be included in the emails when registering someone offline.
It would be good to not have Custom Groups with is_public = 0 included in these emails.
In https://github.com/civicrm/civicrm-core/pull/10028 Eleen asked me to open this issue to be assigned to @jitendrapurohit
Attachments
Issue Links
Activity
Richard I've added a PR https://github.com/civicrm/civicrm-core/pull/10661 which only allows public custom groups to be included in participant mails. Can you confirm if it works fine on your end ?
Thanks.
Hi Jitendra,
I tried the PR on my 4.7.22 install. We have a custom field group attached to participant.
I filled one of the fields in the group with "highly sensitive" as a test, while doing an offline ('backend') registration.
Still the fields of the group were emailed to the registrant, thus our admin only sensitive info was as well.
Happy to help thinking along and testing different sceraios!
Richard I just re-tested this with the PR and it does worked correctly for me. The non-public groups were not displayed in the mails received. Note that the custom group you created should have "Is this Custom Group Public?" checkbox as disabled on the settings page.
Hi Jitendra, can you confirm you tested a backend (offline) registration by an admin?
And can you confirm it should work with a custom field group attached to participant?
I can confirm the custom (participant) group has the public setting to disabled.
Yes I did tested the participant custom group and also with backend registration with one public custom group and one non-public custom group. When I checked the mail log - fields for only public custom group was displayed.
I will re-check, thanks Jitendra.
Richard I just tested this PR and it worked as expected – participant custom data marked not public was not included in the email. Would be good if you tested again and confirmed.
I also can confirm it works now! Just to doublecheck I want to raise the question if there are more places that might still leak participant custom info that is non-public to the participant. Or is this on a deep enough level to prevent inclusion in emails also in different scenarios?
Also: Can non-public contribution/membership/activity/etcetera custom data be 'protected' in the same way?
This patch is not at a deep level so I think you need to test to be sure about leakage
only just seen this comment about assigning to Jitendra Purohit so am doing so but not sure how relevant this still is