Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/spatie/laravel-personal-data-export
Create zip files containing personal data
https://github.com/spatie/laravel-personal-data-export
download gdpr personal zip
Last synced: about 1 month ago
JSON representation
Create zip files containing personal data
- Host: GitHub
- URL: https://github.com/spatie/laravel-personal-data-export
- Owner: spatie
- License: mit
- Created: 2019-03-07T12:18:40.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2024-02-28T10:07:34.000Z (7 months ago)
- Last Synced: 2024-07-19T03:51:30.140Z (about 2 months ago)
- Topics: download, gdpr, personal, zip
- Language: PHP
- Homepage: https://freek.dev/1290-a-package-to-create-personal-data-exports
- Size: 234 KB
- Stars: 535
- Watchers: 10
- Forks: 29
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Funding: .github/FUNDING.yml
- License: LICENSE.md
Awesome Lists containing this project
README
# Create zip files containing personal data
[](https://packagist.org/packages/spatie/laravel-personal-data-export)
[](https://github.com/spatie/laravel-personal-data-export/actions/workflows/run-tests.yml)
[](https://packagist.org/packages/spatie/laravel-personal-data-export)
This package makes it easy to let a user download an export containing all the personal data. Such an export consists of a zip file containing all the user properties and related info.
You can create and mail such a zip by dispatching the `CreatePersonalDataExportJob` job:
```php
// somewhere in your app
use Spatie\PersonalDataExport\Jobs\CreatePersonalDataExportJob;
// ...
dispatch(new CreatePersonalDataExportJob(auth()->user()));
```
The package will create a zip containing all the personal data. When the zip has been created, a link to it will be mailed to the user. By default, the zips are saved in a non-public location, and the user should be logged in to be able to download the zip.
You can configure which data will be exported in the `selectPersonalData` method on the `user`.
```php
// in your User model
public function selectPersonalData(PersonalDataSelection $personalDataSelection): void {
$personalDataSelection
->add('user.json', ['name' => $this->name, 'email' => $this->email])
->addFile(storage_path("avatars/{$this->id}.jpg"))
->addFile('other-user-data.xml', 's3');
}
```
You can store files in a directory of the archive. For this, add the directory path as the third parameter.
```php
public function selectPersonalData(PersonalDataSelection $personalDataSelection): void {
$personalDataSelection
->addFile(storage_path("avatars/{$this->id}.jpg"), directory: 'avatars');
}
```
This package also offers an artisan command to remove old zip files.
## Support us
[
](https://spatie.be/github-ad-click/laravel-personal-data-export)
We invest a lot of resources into creating [best in class open source packages](https://spatie.be/open-source). You can support us by [buying one of our paid products](https://spatie.be/open-source/support-us).
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on [our contact page](https://spatie.be/about-us). We publish all received postcards on [our virtual postcard wall](https://spatie.be/open-source/postcards).
## Installation
You can install the package via composer:
```bash
composer require spatie/laravel-personal-data-export
```
You need to use this macro in your routes file. It'll register a route where users can download their personal data exports.
```php
// in your routes file
Route::personalDataExports('personal-data-exports');
```
You must add a disk named `personal-data-exports` to `config/filesystems` (the name of the disk can be configured in `config/personal-data-export`). You can use any driver that you want. We recommend that your disk is not publicly accessible. If you're using the `local` driver, make sure you use a path that is not inside the public path of your app.
```php
// in config/filesystems.php
// ...
'disks' => [
'personal-data-exports' => [
'driver' => 'local',
'root' => storage_path('app/personal-data-exports'),
],
// ...
```
To automatically clean up older personal data exports, you can schedule this command in your console kernel:
```php
// app/Console/Kernel.php
protected function schedule(Schedule $schedule)
{
$schedule->command('personal-data-export:clean')->daily();
}
```
Optionally, you can publish the config file with:
```php
php artisan vendor:publish --provider="Spatie\PersonalDataExport\PersonalDataExportServiceProvider" --tag="personal-data-export-config"
```
This is the content of the config file, which will be published at `config/personal-data-export.php`:
```php
return [
/*
* The disk where the exports will be stored by default.
*/
'disk' => 'personal-data-exports',
/*
* The amount of days the exports will be available.
*/
'delete_after_days' => 5,
/*
* Determines whether the user should be logged in to be able
* to access the export.
*/
'authentication_required' => true,
/*
* The notification which will be sent to the user when the export
* has been created.
*/
'notification' => \Spatie\PersonalDataExport\Notifications\PersonalDataExportedNotification::class,
/*
* Configure the queue and connection used by `CreatePersonalDataExportJob`
* which will create the export.
*/
'job' => [
'queue' => null,
'connection' => null,
],
];
```
## Usage
### Selecting personal data
First, you'll have to prepare your user model. You should let your model implement the `Spatie\PersonalDataExport\ExportsPersonalData` interface. This is what that interface looks like:
```php
namespace Spatie\PersonalDataExport;
interface ExportsPersonalData
{
public function selectPersonalData(PersonalDataSelection $personalDataSelection): void;
public function personalDataExportName(): string;
}
```
The `selectPersonalData` is used to determine the content of the personal download. Here's an example implementation:
```php
// in your user model
public function selectPersonalData(PersonalDataSelection $personalDataSelection): void {
$personalDataSelection
->add('user.json', ['name' => $this->name, 'email' => $this->email])
->addFile(storage_path("avatars/{$this->id}.jpg"))
->addFile('other-user-data.xml', 's3');
}
```
`$personalData` is used to determine the content of the zip file that the user will be able to download. You can call these methods on it:
- `add`: the first parameter is the name of the file in the inside the zip file. The second parameter is the content that should go in that file. If you pass an array here, we will encode it to JSON.
- `addFile`: the first parameter is a path to a file which will be copied to the zip. You can also add a disk name as the second parameter.
The name of the export itself can be set using the `personalDataExportName` on the user. This will only affect the name of the download that will be sent as a response to the user, not the name of the zip stored on disk.
```php
// on your user
public function personalDataExportName(): string {
$userName = Str::slug($this->name);
return "personal-data-{$userName}.zip";
}
```
### Creating an export
You can create a personal data export by executing this job somewhere in your application:
```php
// somewhere in your app
use Spatie\PersonalDataExport\Jobs\CreatePersonalDataExportJob;
// ...
dispatch(new CreatePersonalDataExportJob(auth()->user()));
```
By default, this job is queued. It will copy all files and content you selected in the `selectPersonalData` on your user to a temporary directory. Next, that temporary directory will be zipped and copied over to the `personal-data-exports` disk. A link to this zip will be mailed to the user.
### Securing the export
We recommend that the `personal-data-exports` disk is not publicly accessible. If you're using the `local` driver for this disk, make sure you use a path that is not inside the public path of your app.
When the user clicks the download link in the mail that gets sent after creating the export, a request will be sent to underlying `PersonalDataExportController`. This controller will check if there is a user logged in and if the request personal data zip belongs to the user. If this is the case, that controller will stream the zip to the user.
If you don't want to enforce that a user should be logged in to able to download a personal data export, you can set the `authentication_required` config value to `false`. Setting the value to `false` is less secure because anybody with a link to a zip file will be able to download it, but because the name of the zip file contains many random characters, it will be hard to guess it.
### Translating the notification
You need to publish the translations:
```bash
php artisan vendor:publish --provider="Spatie\PersonalDataExport\PersonalDataExportServiceProvider" --tag="personal-data-export-translations"
```
### Customizing the mail
You can customize the mailable itself by creating your own mailable that extends `Spatie\PersonalDataExport\Notifications\PersonalDataExportedNotification` and register the class name of your mailable in the `mailable` config key of `config/personal-data-export.php`.
Here is an example:
```php
use Spatie\PersonalDataExport\Notifications\PersonalDataExportedNotification as SpatiePersonalDataExportedNotification;
class PersonalDataExportedNotification extends SpatiePersonalDataExportedNotification
{
public function via($notifiable)
{
return ['mail'];
}
public function toMail($notifiable)
{
$downloadUrl = route('personal-data-exports', $this->zipFilename);
if (static::$toMailCallback) {
return call_user_func(static::$toMailCallback, $notifiable, $downloadUrl);
}
return (new MailMessage)
->subject(trans('personal-data-exports.notifications.subject'))
->line(trans('personal-data-exports.notifications.instructions'))
->action(trans('personal-data-exports.notifications.action'), $downloadUrl)
->line(trans('personal-data-exports.notifications.deletion_message', ['date' => $this->deletionDatetime->format('Y-m-d H:i:s')]));
}
}
```
Then register the class name of your mailable in the `mailable` config key of `config/personal-data-export.php`
```php
/*
* Something like that
*/
'notification' => \App\Notifications\PersonalDataExportedNotification::class,
```
### Customizing the queue
You can customize the job that creates the zip file and mails it by extending the `Spatie\PersonalDataExport\Jobs\CreatePersonalDataExportJob` and dispatching your own custom job class.
```php
use Spatie\PersonalDataExport\Jobs\CreatePersonalDataExportJob;
class MyCustomJobClass extends CreatePersonalDataExportJob
{
public $queue = 'my-custom-queue';
}
```
```php
dispatch(new MyCustomJobClass(auth()->user()));
```
### Events
#### PersonalDataSelected
This event will be fired after the personal data has been selected. It has two public properties:
- `$personalData`: an instance of `PersonalData`. In your listeners you can call the `add`, `addFile` methods on this object to add extra content to the zip.
- `$user`: the user for which this personal data has been selected.
#### PersonalDataExportCreated
This event will be fired after the personal data zip has been created. It has two public properties:
- `$zipFilename`: the name of the zip filename.
- `$user`: the user for which this zip has been created.
#### PersonalDataExportDownloaded
This event will be fired after the export has been download. It has two public properties:
- `$zipFilename`: the name of the zip filename.
- `$user`: the user for which this zip has been created.
You could use this event to immediately clean up the downloaded zip.
## Testing
You can run all tests by issuing this command:
``` bash
composer test
```
## Changelog
Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.
## Contributing
Please see [CONTRIBUTING](https://github.com/spatie/.github/blob/main/CONTRIBUTING.md) for details.
## Security
If you've found a bug regarding security please mail [[email protected]](mailto:[email protected]) instead of using the issue tracker.
## Credits
- [Freek Van der Herten](https://github.com/freekmurze)
- [All Contributors](../../contributors)
## License
The MIT License (MIT). Please see [License File](LICENSE.md) for more information.