coregrade/CoreGradeLearning
1
0
Fork 0
Code Issues Pull Requests Releases Activity

first commit

Browse Source
This commit is contained in:
CHIEFSOFT\ameye
2024-09-30 18:11:26 -04:00
commit e592ca6823
27270 changed files with 5002257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin/tool/dataprivacy/classes/api.php
+1676
View File
File diff suppressed because it is too large Load Diff
admin/tool/dataprivacy/classes/category.php
+91
View File
@@ -0,0 +1,91 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing data categories from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Class for loading/storing data categories from the DB.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class category extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_category';
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return array(
'name' => array(
'type' => PARAM_TEXT,
'description' => 'The category name.',
),
'description' => array(
'type' => PARAM_RAW,
'description' => 'The category description.',
'null' => NULL_ALLOWED,
'default' => '',
),
'descriptionformat' => array(
'choices' => array(FORMAT_HTML, FORMAT_MOODLE, FORMAT_PLAIN, FORMAT_MARKDOWN),
'type' => PARAM_INT,
'default' => FORMAT_HTML
),
);
}
/**
* Is this category used?.
*
* @return null
*/
public function is_used() {
if (\tool_dataprivacy\contextlevel::is_category_used($this->get('id')) ||
\tool_dataprivacy\context_instance::is_category_used($this->get('id'))) {
return true;
}
$pluginconfig = get_config('tool_dataprivacy');
$levels = \context_helper::get_all_levels();
foreach ($levels as $level => $classname) {
list($unused, $categoryvar) = \tool_dataprivacy\data_registry::var_names_from_context($classname);
if (!empty($pluginconfig->{$categoryvar}) && $pluginconfig->{$categoryvar} == $this->get('id')) {
return true;
}
}
return false;
}
}
admin/tool/dataprivacy/classes/context_instance.php
+116
View File
@@ -0,0 +1,116 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing context instances data from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
/**
* Class for loading/storing context instances data from the DB.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class context_instance extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_ctxinstance';
/**
* Not set value.
*/
const NOTSET = 0;
/**
* Inherit value.
*/
const INHERIT = -1;
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return array(
'contextid' => array(
'type' => PARAM_INT,
'description' => 'The context id.',
),
'purposeid' => array(
'type' => PARAM_INT,
'description' => 'The purpose id.',
'null' => NULL_ALLOWED,
),
'categoryid' => array(
'type' => PARAM_INT,
'description' => 'The category id.',
'null' => NULL_ALLOWED,
),
);
}
/**
* Returns an instance by contextid.
*
* @param mixed $contextid
* @param mixed $exception
* @return null
*/
public static function get_record_by_contextid($contextid, $exception = true) {
global $DB;
if (!$record = $DB->get_record(self::TABLE, array('contextid' => $contextid))) {
if (!$exception) {
return false;
} else {
throw new \dml_missing_record_exception(self::TABLE);
}
}
return new static(0, $record);
}
/**
* Is the provided purpose used by any context instance?
*
* @param int $purposeid
* @return bool
*/
public static function is_purpose_used($purposeid) {
global $DB;
return $DB->record_exists(self::TABLE, array('purposeid' => $purposeid));
}
/**
* Is the provided category used by any context instance?
*
* @param int $categoryid
* @return bool
*/
public static function is_category_used($categoryid) {
global $DB;
return $DB->record_exists(self::TABLE, array('categoryid' => $categoryid));
}
}
admin/tool/dataprivacy/classes/contextlevel.php
+140
View File
@@ -0,0 +1,140 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing context level data from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
/**
* Class for loading/storing context level data from the DB.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class contextlevel extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_ctxlevel';
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return array(
'contextlevel' => array(
'type' => PARAM_INT,
'description' => 'The context level.',
),
'purposeid' => array(
'type' => PARAM_INT,
'description' => 'The purpose id.',
),
'categoryid' => array(
'type' => PARAM_INT,
'description' => 'The category id.',
),
);
}
/**
* Returns an instance by contextlevel.
*
* @param mixed $contextlevel
* @param mixed $exception
* @return null
*/
public static function get_record_by_contextlevel($contextlevel, $exception = true) {
global $DB;
$cache = \cache::make('tool_dataprivacy', 'contextlevel');
if ($data = $cache->get($contextlevel)) {
return new static(0, $data);
}
if (!$record = $DB->get_record(self::TABLE, array('contextlevel' => $contextlevel))) {
if (!$exception) {
return false;
} else {
throw new \dml_missing_record_exception(self::TABLE);
}
}
return new static(0, $record);
}
/**
* Is the provided purpose used by any contextlevel?
*
* @param int $purposeid
* @return bool
*/
public static function is_purpose_used($purposeid) {
global $DB;
return $DB->record_exists(self::TABLE, array('purposeid' => $purposeid));
}
/**
* Is the provided category used by any contextlevel?
*
* @param int $categoryid
* @return bool
*/
public static function is_category_used($categoryid) {
global $DB;
return $DB->record_exists(self::TABLE, array('categoryid' => $categoryid));
}
/**
* Adds the new record to the cache.
*
* @return null
*/
protected function after_create() {
$cache = \cache::make('tool_dataprivacy', 'contextlevel');
$cache->set($this->get('contextlevel'), $this->to_record());
}
/**
* Updates the cache record.
*
* @param bool $result
* @return null
*/
protected function after_update($result) {
$cache = \cache::make('tool_dataprivacy', 'contextlevel');
$cache->set($this->get('contextlevel'), $this->to_record());
}
/**
* Removes unnecessary stuff from db.
*
* @return null
*/
protected function before_delete() {
$cache = \cache::make('tool_dataprivacy', 'contextlevel');
$cache->delete($this->get('contextlevel'));
}
}
admin/tool/dataprivacy/classes/contextlist_context.php
+67
View File
@@ -0,0 +1,67 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy;
use core\persistent;
/**
* The contextlist_context persistent.
*
* @package tool_dataprivacy
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.3
*/
class contextlist_context extends persistent {
/** The table name this persistent object maps to. */
const TABLE = 'tool_dataprivacy_ctxlst_ctx';
/** This context is pending approval. */
const STATUS_PENDING = 0;
/** This context has been approved. */
const STATUS_APPROVED = 1;
/** This context has been rejected. */
const STATUS_REJECTED = 2;
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties(): array {
return [
'contextid' => [
'type' => PARAM_INT
],
'contextlistid' => [
'type' => PARAM_INT
],
'status' => [
'choices' => [
self::STATUS_PENDING,
self::STATUS_APPROVED,
self::STATUS_REJECTED,
],
'default' => self::STATUS_PENDING,
'type' => PARAM_INT,
],
];
}
}
admin/tool/dataprivacy/classes/data_registry.php
+361
View File
@@ -0,0 +1,361 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Data registry business logic methods. Mostly internal stuff.
*
* All methods should be considered part of the internal tool_dataprivacy API
* unless something different is specified.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use coding_exception;
use core\persistent;
defined('MOODLE_INTERNAL') || die();
/**
* Data registry business logic methods. Mostly internal stuff.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_registry {
/**
* Returns purpose and category var names from a context class name
*
* @param string $classname The context level's class.
* @param string $pluginname The name of the plugin associated with the context level.
* @return string[]
*/
public static function var_names_from_context($classname, $pluginname = '') {
// Unfortunately authors of privacy API did not expect that we would be
// on day fixing auto-loading of context classes.
// The best way would have been probably level numbers at the end of vars,
// but it is probably too late to fix it.
$classname = preg_replace('/^[a-z0-9_]+\\\\context\\\\/', 'context_', $classname);
$pluginname = trim($pluginname ?? '');
if (!empty($pluginname)) {
$categoryvar = $classname . '_' . $pluginname . '_category';
$purposevar = $classname . '_' . $pluginname . '_purpose';
} else {
$categoryvar = $classname . '_category';
$purposevar = $classname . '_purpose';
}
return [
$purposevar,
$categoryvar
];
}
/**
* Returns the default purpose id and category id for the provided context level.
*
* The caller code is responsible of checking that $contextlevel is an integer.
*
* @param int $contextlevel The context level.
* @param string $pluginname The name of the plugin associated with the context level.
* @return int[]|false[]
*/
public static function get_defaults($contextlevel, $pluginname = '') {
$classname = \context_helper::get_class_for_level($contextlevel);
list($purposevar, $categoryvar) = self::var_names_from_context($classname, $pluginname);
$purposeid = get_config('tool_dataprivacy', $purposevar);
$categoryid = get_config('tool_dataprivacy', $categoryvar);
if (!empty($pluginname)) {
list($purposevar, $categoryvar) = self::var_names_from_context($classname);
// If the plugin-level doesn't have a default purpose set, try the context level.
if ($purposeid == false) {
$purposeid = get_config('tool_dataprivacy', $purposevar);
}
// If the plugin-level doesn't have a default category set, try the context level.
if ($categoryid == false) {
$categoryid = get_config('tool_dataprivacy', $categoryvar);
}
}
if (empty($purposeid)) {
$purposeid = context_instance::NOTSET;
}
if (empty($categoryid)) {
$categoryid = context_instance::NOTSET;
}
return [$purposeid, $categoryid];
}
/**
* Are data registry defaults set?
*
* At least the system defaults need to be set.
*
* @return bool
*/
public static function defaults_set() {
list($purposeid, $categoryid) = self::get_defaults(CONTEXT_SYSTEM);
if (empty($purposeid) || empty($categoryid)) {
return false;
}
return true;
}
/**
* Returns all site categories that are visible to the current user.
*
* @return \core_course_category[]
*/
public static function get_site_categories() {
global $DB;
if (method_exists('\core_course_category', 'get_all')) {
$categories = \core_course_category::get_all(['returnhidden' => true]);
} else {
// Fallback (to be removed once this gets integrated into master).
$ids = $DB->get_fieldset_select('course_categories', 'id', '');
$categories = \core_course_category::get_many($ids);
}
foreach ($categories as $key => $category) {
if (!$category->is_uservisible()) {
unset($categories[$key]);
}
}
return $categories;
}
/**
* Returns the roles assigned to the provided level.
*
* Important to note that it returns course-level assigned roles
* if the provided context level is below course.
*
* @param \context $context
* @return array
*/
public static function get_subject_scope(\context $context) {
if ($contextcourse = $context->get_course_context(false)) {
// Below course level we look at module or block level roles + course-assigned roles.
$courseroles = get_roles_used_in_context($contextcourse, false);
$roles = $courseroles + get_roles_used_in_context($context, false);
} else {
// We list category + system for others (we don't work with user instances so no need to work about them).
$roles = get_roles_used_in_context($context);
}
return array_map(function($role) {
if ($role->name) {
return $role->name;
} else {
return $role->shortname;
}
}, $roles);
}
/**
* Returns the effective value given a context instance
*
* @param \context $context
* @param string $element 'category' or 'purpose'
* @param int|false $forcedvalue Use this value as if this was this context instance value.
* @return persistent|false It return a 'purpose' instance or a 'category' instance, depending on $element
*/
public static function get_effective_context_value(\context $context, $element, $forcedvalue = false) {
global $DB;
if ($element !== 'purpose' && $element !== 'category') {
throw new coding_exception('Only \'purpose\' and \'category\' are supported.');
}
$fieldname = $element . 'id';
if (!empty($forcedvalue) && ($forcedvalue == context_instance::INHERIT)) {
// Do not include the current context when calculating the value.
// This has the effect that an inheritted value is calculated.
$parentcontextids = $context->get_parent_context_ids(false);
} else if (!empty($forcedvalue) && ($forcedvalue != context_instance::NOTSET)) {
return self::get_element_instance($element, $forcedvalue);
} else {
// Fetch all parent contexts, including self.
$parentcontextids = $context->get_parent_context_ids(true);
}
list($insql, $inparams) = $DB->get_in_or_equal($parentcontextids, SQL_PARAMS_NAMED);
$inparams['contextmodule'] = CONTEXT_MODULE;
if ('purpose' === $element) {
$elementjoin = 'LEFT JOIN {tool_dataprivacy_purpose} ele ON ctxins.purposeid = ele.id';
$elementfields = purpose::get_sql_fields('ele', 'ele');
} else {
$elementjoin = 'LEFT JOIN {tool_dataprivacy_category} ele ON ctxins.categoryid = ele.id';
$elementfields = category::get_sql_fields('ele', 'ele');
}
$contextfields = \context_helper::get_preload_record_columns_sql('ctx');
$fields = implode(', ', ['ctx.id', 'm.name AS modname', $contextfields, $elementfields]);
$sql = "SELECT $fields
FROM {context} ctx
LEFT JOIN {tool_dataprivacy_ctxinstance} ctxins ON ctx.id = ctxins.contextid
LEFT JOIN {course_modules} cm ON ctx.contextlevel = :contextmodule AND ctx.instanceid = cm.id
LEFT JOIN {modules} m ON m.id = cm.module
{$elementjoin}
WHERE ctx.id {$insql}
ORDER BY ctx.path DESC";
$contextinstances = $DB->get_records_sql($sql, $inparams);
// Check whether this context is a user context, or a child of a user context.
// All children of a User context share the same context and cannot be set individually.
foreach ($contextinstances as $record) {
\context_helper::preload_from_record($record);
$parent = \context::instance_by_id($record->id, false);
if ($parent->contextlevel == CONTEXT_USER) {
// Use the context level value for the user.
return self::get_effective_contextlevel_value(CONTEXT_USER, $element);
}
}
foreach ($contextinstances as $record) {
$parent = \context::instance_by_id($record->id, false);
$checkcontextlevel = false;
if (empty($record->eleid)) {
$checkcontextlevel = true;
}
if (!empty($forcedvalue) && context_instance::NOTSET == $forcedvalue) {
$checkcontextlevel = true;
}
if ($checkcontextlevel) {
// Check for a value at the contextlevel
$forplugin = empty($record->modname) ? '' : $record->modname;
list($purposeid, $categoryid) = self::get_effective_default_contextlevel_purpose_and_category(
$parent->contextlevel, false, false, $forplugin);
$instancevalue = $$fieldname;
if (context_instance::NOTSET != $instancevalue && context_instance::INHERIT != $instancevalue) {
// There is an actual value. Return it.
return self::get_element_instance($element, $instancevalue);
}
} else {
$elementclass = "\\tool_dataprivacy\\{$element}";
$instance = new $elementclass(null, $elementclass::extract_record($record, 'ele'));
$instance->validate();
return $instance;
}
}
throw new coding_exception('Something went wrong, system defaults should be set and we should already have a value.');
}
/**
* Returns the effective value for a context level.
*
* Note that this is different from the effective default context level
* (see get_effective_default_contextlevel_purpose_and_category) as this is returning
* the value set in the data registry, not in the defaults page.
*
* @param int $contextlevel
* @param string $element 'category' or 'purpose'
* @return \tool_dataprivacy\purpose|false
*/
public static function get_effective_contextlevel_value($contextlevel, $element) {
if ($element !== 'purpose' && $element !== 'category') {
throw new coding_exception('Only \'purpose\' and \'category\' are supported.');
}
$fieldname = $element . 'id';
if ($contextlevel != CONTEXT_SYSTEM && $contextlevel != CONTEXT_USER) {
throw new \coding_exception('Only context_system and context_user values can be retrieved, no other context levels ' .
'have a purpose or a category.');
}
list($purposeid, $categoryid) = self::get_effective_default_contextlevel_purpose_and_category($contextlevel);
// Note: The $$fieldname points to either $purposeid, or $categoryid.
if (context_instance::NOTSET != $$fieldname && context_instance::INHERIT != $$fieldname) {
// There is a specific value set.
return self::get_element_instance($element, $$fieldname);
}
throw new coding_exception('Something went wrong, system defaults should be set and we should already have a value.');
}
/**
* Returns the effective default purpose and category for a context level.
*
* @param int $contextlevel
* @param int|bool $forcedpurposevalue Use this value as if this was this context level purpose.
* @param int|bool $forcedcategoryvalue Use this value as if this was this context level category.
* @param string $component The name of the component to check.
* @return int[]
*/
public static function get_effective_default_contextlevel_purpose_and_category($contextlevel, $forcedpurposevalue = false,
$forcedcategoryvalue = false, $component = '') {
// Get the defaults for this context level.
list($purposeid, $categoryid) = self::get_defaults($contextlevel, $component);
// Honour forced values.
if ($forcedpurposevalue) {
$purposeid = $forcedpurposevalue;
}
if ($forcedcategoryvalue) {
$categoryid = $forcedcategoryvalue;
}
if ($contextlevel == CONTEXT_USER) {
// Only user context levels inherit from a parent context level.
list($parentpurposeid, $parentcategoryid) = self::get_defaults(CONTEXT_SYSTEM);
if (context_instance::INHERIT == $purposeid || context_instance::NOTSET == $purposeid) {
$purposeid = (int)$parentpurposeid;
}
if (context_instance::INHERIT == $categoryid || context_instance::NOTSET == $categoryid) {
$categoryid = $parentcategoryid;
}
}
return [$purposeid, $categoryid];
}
/**
* Returns an instance of the provided element.
*
* @throws \coding_exception
* @param string $element The element name 'purpose' or 'category'
* @param int $id The element id
* @return \core\persistent
*/
private static function get_element_instance($element, $id) {
if ($element !== 'purpose' && $element !== 'category') {
throw new coding_exception('No other elements than purpose and category are allowed');
}
$classname = '\tool_dataprivacy\\' . $element;
return new $classname($id);
}
}
admin/tool/dataprivacy/classes/data_request.php
+310
View File
@@ -0,0 +1,310 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing data requests from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
use lang_string;
use core\persistent;
/**
* Class for loading/storing data requests from the DB.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_request extends persistent {
/** The table name this persistent object maps to. */
const TABLE = 'tool_dataprivacy_request';
/** Data request created manually. */
const DATAREQUEST_CREATION_MANUAL = 0;
/** Data request created automatically. */
const DATAREQUEST_CREATION_AUTO = 1;
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return [
'type' => [
'choices' => [
api::DATAREQUEST_TYPE_EXPORT,
api::DATAREQUEST_TYPE_DELETE,
api::DATAREQUEST_TYPE_OTHERS,
],
'type' => PARAM_INT
],
'comments' => [
'type' => PARAM_TEXT,
'message' => new lang_string('errorinvalidrequestcomments', 'tool_dataprivacy'),
'default' => ''
],
'commentsformat' => [
'choices' => [
FORMAT_HTML,
FORMAT_MOODLE,
FORMAT_PLAIN,
FORMAT_MARKDOWN
],
'type' => PARAM_INT,
'default' => FORMAT_PLAIN
],
'userid' => [
'default' => function() {
global $USER;
return $USER->id;
},
'type' => PARAM_INT
],
'requestedby' => [
'default' => 0,
'type' => PARAM_INT
],
'status' => [
'default' => api::DATAREQUEST_STATUS_AWAITING_APPROVAL,
'choices' => [
api::DATAREQUEST_STATUS_PENDING,
api::DATAREQUEST_STATUS_PREPROCESSING,
api::DATAREQUEST_STATUS_AWAITING_APPROVAL,
api::DATAREQUEST_STATUS_APPROVED,
api::DATAREQUEST_STATUS_PROCESSING,
api::DATAREQUEST_STATUS_COMPLETE,
api::DATAREQUEST_STATUS_CANCELLED,
api::DATAREQUEST_STATUS_REJECTED,
api::DATAREQUEST_STATUS_DOWNLOAD_READY,
api::DATAREQUEST_STATUS_EXPIRED,
api::DATAREQUEST_STATUS_DELETED,
],
'type' => PARAM_INT
],
'dpo' => [
'default' => 0,
'type' => PARAM_INT,
'null' => NULL_ALLOWED
],
'dpocomment' => [
'default' => '',
'type' => PARAM_TEXT,
'null' => NULL_ALLOWED
],
'dpocommentformat' => [
'choices' => [
FORMAT_HTML,
FORMAT_MOODLE,
FORMAT_PLAIN,
FORMAT_MARKDOWN
],
'type' => PARAM_INT,
'default' => FORMAT_PLAIN
],
'systemapproved' => [
'default' => false,
'type' => PARAM_BOOL,
],
'creationmethod' => [
'default' => self::DATAREQUEST_CREATION_MANUAL,
'choices' => [
self::DATAREQUEST_CREATION_MANUAL,
self::DATAREQUEST_CREATION_AUTO
],
'type' => PARAM_INT
],
];
}
/**
* Determines whether a completed data export request has expired.
* The response will be valid regardless of the expiry scheduled task having run.
*
* @param data_request $request the data request object whose expiry will be checked.
* @return bool true if the request has expired.
*/
public static function is_expired(data_request $request) {
$result = false;
// Only export requests expire.
if ($request->get('type') == api::DATAREQUEST_TYPE_EXPORT) {
switch ($request->get('status')) {
// Expired requests are obviously expired.
case api::DATAREQUEST_STATUS_EXPIRED:
$result = true;
break;
// Complete requests are expired if the expiry time is a positive value, and has elapsed.
case api::DATAREQUEST_STATUS_DOWNLOAD_READY:
$expiryseconds = (int) get_config('tool_dataprivacy', 'privacyrequestexpiry');
if ($expiryseconds > 0 && time() >= ($request->get('timemodified') + $expiryseconds)) {
$result = true;
}
break;
}
}
return $result;
}
/**
* Fetch completed data requests which are due to expire.
*
* @param int $userid Optional user ID to filter by.
*
* @return array Details of completed requests which are due to expire.
*/
public static function get_expired_requests($userid = 0) {
global $DB;
// Complete requests are expired if the expiry time is a positive value, and has elapsed.
$expiryseconds = (int) get_config('tool_dataprivacy', 'privacyrequestexpiry');
if ($expiryseconds <= 0) {
return [];
}
$expirytime = strtotime("-{$expiryseconds} second");
$table = self::TABLE;
$sqlwhere = 'type = :export_type AND status = :completestatus AND timemodified <= :expirytime';
$params = array(
'export_type' => api::DATAREQUEST_TYPE_EXPORT,
'completestatus' => api::DATAREQUEST_STATUS_DOWNLOAD_READY,
'expirytime' => $expirytime,
);
$sort = 'id';
$fields = 'id, userid';
// Filter by user ID if specified.
if ($userid > 0) {
$sqlwhere .= ' AND (userid = :userid OR requestedby = :requestedby)';
$params['userid'] = $userid;
$params['requestedby'] = $userid;
}
return $DB->get_records_select_menu($table, $sqlwhere, $params, $sort, $fields, 0, 2000);
}
/**
* Expire a given set of data requests.
* Update request status and delete the files.
*
* @param array $expiredrequests [requestid => userid]
*
* @return void
*/
public static function expire($expiredrequests) {
global $DB;
$ids = array_keys($expiredrequests);
if (count($ids) > 0) {
list($insql, $inparams) = $DB->get_in_or_equal($ids);
$initialparams = array(api::DATAREQUEST_STATUS_EXPIRED, time());
$params = array_merge($initialparams, $inparams);
$update = "UPDATE {" . self::TABLE . "}
SET status = ?, timemodified = ?
WHERE id $insql";
if ($DB->execute($update, $params)) {
$fs = get_file_storage();
foreach ($expiredrequests as $id => $userid) {
$usercontext = \context_user::instance($userid);
$fs->delete_area_files($usercontext->id, 'tool_dataprivacy', 'export', $id);
}
}
}
}
/**
* Whether this request is in a state appropriate for reset/resubmission.
*
* Note: This does not check whether any other completed requests exist for this user.
*
* @return bool
*/
public function is_resettable(): bool {
if (api::DATAREQUEST_TYPE_OTHERS == $this->get('type')) {
// It is not possible to reset 'other' reqeusts.
return false;
}
$resettable = [
api::DATAREQUEST_STATUS_APPROVED => true,
api::DATAREQUEST_STATUS_REJECTED => true,
];
return isset($resettable[$this->get('status')]);
}
/**
* Whether this request is 'active'.
*
* @return bool
*/
public function is_active(): bool {
$active = [
api::DATAREQUEST_STATUS_APPROVED => true,
];
return isset($active[$this->get('status')]);
}
/**
* Reject this request and resubmit it as a fresh request.
*
* Note: This does not check whether any other completed requests exist for this user.
*
* @return self
*/
public function resubmit_request(): data_request {
if ($this->is_active()) {
$this->set('status', api::DATAREQUEST_STATUS_REJECTED)->save();
}
if (!$this->is_resettable()) {
throw new \moodle_exception('cannotreset', 'tool_dataprivacy');
}
$currentdata = $this->to_record();
unset($currentdata->id);
// Clone the original request, but do not notify.
$clone = api::create_data_request(
$this->get('userid'),
$this->get('type'),
$this->get('comments'),
$this->get('creationmethod'),
false
);
$clone->set('comments', $this->get('comments'));
$clone->set('dpo', $this->get('dpo'));
$clone->set('requestedby', $this->get('requestedby'));
$clone->save();
return $clone;
}
}
admin/tool/dataprivacy/classes/dataprivacy_contextlist.php
+57
View File
@@ -0,0 +1,57 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy;
use core\persistent;
/**
* The dataprivacy_contextlist persistent.
*
* @package tool_dataprivacy
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.3
*/
class dataprivacy_contextlist extends persistent {
/** The table name this persistent object maps to. */
const TABLE = 'tool_dataprivacy_contextlist';
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties(): array {
return [
'component' => [
'type' => PARAM_TEXT,
],
];
}
/**
* Create a new contextlist persistent from an instance of \core_privacy\local\request\contextlist.
*
* @param \core_privacy\local\request\contextlist $contextlist the core privacy contextlist.
* @return dataprivacy_contextlist a dataprivacy_contextlist persistent.
*/
public static function from_contextlist(\core_privacy\local\request\contextlist $contextlist): dataprivacy_contextlist {
$contextlistpersistent = new dataprivacy_contextlist();
return $contextlistpersistent->set('component', $contextlist->get_component());
}
}
admin/tool/dataprivacy/classes/event/user_deleted_observer.php
+63
View File
@@ -0,0 +1,63 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Event observers supported by this module.
*
* @package tool_dataprivacy
* @copyright 2018 Mihail Geshoski <mihail@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\event;
use \tool_dataprivacy\api;
use \tool_dataprivacy\data_request;
defined('MOODLE_INTERNAL') || die();
/**
* Event observers supported by this module.
*
* @package tool_dataprivacy
* @copyright 2018 Mihail Geshoski <mihail@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class user_deleted_observer {
/**
* Create user data deletion request when the user is deleted.
*
* @param \core\event\user_deleted $event
*/
public static function create_delete_data_request(\core\event\user_deleted $event) {
// Automatic creation of deletion requests must be enabled.
if (get_config('tool_dataprivacy', 'automaticdeletionrequests')) {
$requesttypes = [api::DATAREQUEST_TYPE_DELETE];
$requeststatuses = [api::DATAREQUEST_STATUS_COMPLETE, api::DATAREQUEST_STATUS_DELETED];
$hasongoingdeleterequests = api::has_ongoing_request($event->objectid, $requesttypes[0]);
$hascompleteddeleterequest = (api::get_data_requests_count($event->objectid, $requeststatuses,
$requesttypes) > 0) ? true : false;
if (!$hasongoingdeleterequests && !$hascompleteddeleterequest) {
api::create_data_request($event->objectid, $requesttypes[0],
get_string('datarequestcreatedupondelete', 'tool_dataprivacy'),
data_request::DATAREQUEST_CREATION_AUTO);
}
}
}
}
admin/tool/dataprivacy/classes/expired_context.php
+378
View File
@@ -0,0 +1,378 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class that represents an expired context.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use dml_exception;
defined('MOODLE_INTERNAL') || die();
/**
* Class that represents an expired context.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class expired_context extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_ctxexpired';
/**
* Expired contexts with no delete action scheduled.
*/
const STATUS_EXPIRED = 0;
/**
* Expired contexts approved for deletion.
*/
const STATUS_APPROVED = 1;
/**
* Already processed expired contexts.
*/
const STATUS_CLEANED = 2;
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return [
'contextid' => [
'type' => PARAM_INT,
'description' => 'The context id.',
],
'defaultexpired' => [
'type' => PARAM_INT,
'description' => 'Whether to default retention period for the purpose has been reached',
'default' => 1,
],
'expiredroles' => [
'type' => PARAM_TEXT,
'description' => 'This list of roles to include during deletion',
'default' => '',
],
'unexpiredroles' => [
'type' => PARAM_TEXT,
'description' => 'This list of roles to exclude during deletion',
'default' => '',
],
'status' => [
'choices' => [
self::STATUS_EXPIRED,
self::STATUS_APPROVED,
self::STATUS_CLEANED,
],
'type' => PARAM_INT,
'description' => 'The deletion status of the context.',
],
];
}
/**
* Returns expired_contexts instances that match the provided level and status.
*
* @param int $contextlevel The context level filter criterion.
* @param bool $status The expired context record's status.
* @param string $sort The sort column. Must match the column name in {tool_dataprivacy_ctxexpired} table
* @param int $offset The query offset.
* @param int $limit The query limit.
* @return expired_context[]
* @throws dml_exception
*/
public static function get_records_by_contextlevel($contextlevel = null, $status = false, $sort = 'timecreated',
$offset = 0, $limit = 0) {
global $DB;
$sql = "SELECT expiredctx.*
FROM {" . self::TABLE . "} expiredctx
JOIN {context} ctx
ON ctx.id = expiredctx.contextid";
$params = [];
$conditions = [];
if (!empty($contextlevel)) {
$conditions[] = "ctx.contextlevel = :contextlevel";
$params['contextlevel'] = intval($contextlevel);
}
if ($status !== false) {
$conditions[] = "expiredctx.status = :status";
$params['status'] = intval($status);
}
if (!empty($conditions)) {
$sql .= ' WHERE ' . implode(' AND ', $conditions);
}
$sql .= " ORDER BY expiredctx.{$sort}";
$records = $DB->get_records_sql($sql, $params, $offset, $limit);
// We return class instances.
$instances = array();
foreach ($records as $key => $record) {
$instances[$key] = new static(0, $record);
}
return $instances;
}
/**
* Returns the number of expired_contexts instances that match the provided level and status.
*
* @param int $contextlevel
* @param bool $status
* @return int
* @throws dml_exception
*/
public static function get_record_count_by_contextlevel($contextlevel = null, $status = false) {
global $DB;
$sql = "SELECT COUNT(1)
FROM {" . self::TABLE . "} expiredctx
JOIN {context} ctx
ON ctx.id = expiredctx.contextid";
$conditions = [];
$params = [];
if (!empty($contextlevel)) {
$conditions[] = "ctx.contextlevel = :contextlevel";
$params['contextlevel'] = intval($contextlevel);
}
if ($status !== false) {
$sql .= " AND expiredctx.status = :status";
$params['status'] = intval($status);
}
if (!empty($conditions)) {
$sql .= ' WHERE ' . implode(' AND ', $conditions);
}
return $DB->count_records_sql($sql, $params);
}
/**
* Set the list of role IDs for either expiredroles, or unexpiredroles.
*
* @param string $field
* @param int[] $roleids
* @return expired_context
*/
protected function set_roleids_for(string $field, array $roleids): expired_context {
$roledata = json_encode($roleids);
$this->raw_set($field, $roledata);
return $this;
}
/**
* Get the list of role IDs for either expiredroles, or unexpiredroles.
*
* @param string $field
* @return int[]
*/
protected function get_roleids_for(string $field) {
$value = $this->raw_get($field);
if (empty($value)) {
return [];
}
return json_decode($value);
}
/**
* Set the list of unexpired role IDs.
*
* @param int[] $roleids
* @return expired_context
*/
protected function set_unexpiredroles(array $roleids): expired_context {
$this->set_roleids_for('unexpiredroles', $roleids);
return $this;
}
/**
* Add a set of role IDs to the list of expired role IDs.
*
* @param int[] $roleids
* @return expired_context
*/
public function add_expiredroles(array $roleids): expired_context {
$existing = $this->get('expiredroles');
$newvalue = array_merge($existing, $roleids);
$this->set('expiredroles', $newvalue);
return $this;
}
/**
* Add a set of role IDs to the list of unexpired role IDs.
*
* @param int[] $roleids
* @return unexpired_context
*/
public function add_unexpiredroles(array $roleids): expired_context {
$existing = $this->get('unexpiredroles');
$newvalue = array_merge($existing, $roleids);
$this->set('unexpiredroles', $newvalue);
return $this;
}
/**
* Set the list of expired role IDs.
*
* @param int[] $roleids
* @return expired_context
*/
protected function set_expiredroles(array $roleids): expired_context {
$this->set_roleids_for('expiredroles', $roleids);
return $this;
}
/**
* Get the list of expired role IDs.
*
* @return int[]
*/
protected function get_expiredroles() {
return $this->get_roleids_for('expiredroles');
}
/**
* Get the list of unexpired role IDs.
*
* @return int[]
*/
protected function get_unexpiredroles() {
return $this->get_roleids_for('unexpiredroles');
}
/**
* Create a new expired_context based on the context, and expiry_info object.
*
* @param \context $context
* @param expiry_info $info
* @param boolean $save
* @return expired_context
*/
public static function create_from_expiry_info(\context $context, expiry_info $info, bool $save = true): expired_context {
$record = (object) [
'contextid' => $context->id,
'status' => self::STATUS_EXPIRED,
'defaultexpired' => (int) $info->is_default_expired(),
];
$expiredcontext = new static(0, $record);
$expiredcontext->set('expiredroles', $info->get_expired_roles());
$expiredcontext->set('unexpiredroles', $info->get_unexpired_roles());
if ($save) {
$expiredcontext->save();
}
return $expiredcontext;
}
/**
* Update the expired_context from an expiry_info object which relates to this context.
*
* @param expiry_info $info
* @return $this
*/
public function update_from_expiry_info(expiry_info $info): expired_context {
$save = false;
// Compare the expiredroles.
$thisexpired = $this->get('expiredroles');
$infoexpired = $info->get_expired_roles();
sort($thisexpired);
sort($infoexpired);
if ($infoexpired != $thisexpired) {
$this->set('expiredroles', $infoexpired);
$save = true;
}
// Compare the unexpiredroles.
$thisunexpired = $this->get('unexpiredroles');
$infounexpired = $info->get_unexpired_roles();
sort($thisunexpired);
sort($infounexpired);
if ($infounexpired != $thisunexpired) {
$this->set('unexpiredroles', $infounexpired);
$save = true;
}
if (empty($this->get('defaultexpired')) == $info->is_default_expired()) {
$this->set('defaultexpired', (int) $info->is_default_expired());
$save = true;
}
if ($save) {
$this->set('status', self::STATUS_EXPIRED);
$this->save();
}
return $this;
}
/**
* Check whether this expired_context record is in a state ready for deletion to actually take place.
*
* @return bool
*/
public function can_process_deletion(): bool {
return ($this->get('status') == self::STATUS_APPROVED);
}
/**
* Check whether this expired_context record has already been cleaned.
*
* @return bool
*/
public function is_complete(): bool {
return ($this->get('status') == self::STATUS_CLEANED);
}
/**
* Whether this context has 'fully' expired.
* That is to say that the default retention period has been reached, and that there are no unexpired roles.
*
* @return bool
*/
public function is_fully_expired(): bool {
return $this->get('defaultexpired') && empty($this->get('unexpiredroles'));
}
}
admin/tool/dataprivacy/classes/expired_contexts_manager.php
+1017
View File
File diff suppressed because it is too large Load Diff
admin/tool/dataprivacy/classes/expiry_info.php
+207
View File
@@ -0,0 +1,207 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Expiry Data.
*
* @package tool_dataprivacy
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use core_privacy\manager;
defined('MOODLE_INTERNAL') || die();
/**
* Expiry Data.
*
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class expiry_info {
/** @var bool Whether this context is fully expired */
protected $fullyexpired = false;
/** @var bool Whether the default expiry value of this purpose has been reached */
protected $defaultexpiryreached = false;
/** @var bool Whether the default purpose is protected */
protected $defaultprotected = false;
/** @var int[] List of expires roles */
protected $expired = [];
/** @var int[] List of unexpires roles */
protected $unexpired = [];
/** @var int[] List of unexpired roles which are also protected */
protected $protectedroles = [];
/**
* Constructor for the expiry_info class.
*
* @param bool $default Whether the default expiry period for this context has been reached.
* @param bool $defaultprotected Whether the default expiry is protected.
* @param int[] $expired A list of roles in this context which have explicitly expired.
* @param int[] $unexpired A list of roles in this context which have not yet expired.
* @param int[] $protectedroles A list of unexpired roles in this context which are protected.
*/
public function __construct(bool $default, bool $defaultprotected, array $expired, array $unexpired, array $protectedroles) {
$this->defaultexpiryreached = $default;
$this->defaultprotected = $defaultprotected;
$this->expired = $expired;
$this->unexpired = $unexpired;
$this->protectedroles = $protectedroles;
}
/**
* Whether this context has 'fully' expired.
* That is to say that the default retention period has been reached, and that there are no unexpired roles.
*
* @return bool
*/
public function is_fully_expired(): bool {
return $this->defaultexpiryreached && empty($this->unexpired);
}
/**
* Whether any part of this context has expired.
*
* @return bool
*/
public function is_any_expired(): bool {
if ($this->is_fully_expired()) {
return true;
}
if (!empty($this->get_expired_roles())) {
return true;
}
if ($this->is_default_expired()) {
return true;
}
return false;
}
/**
* Get the list of explicitly expired role IDs.
* Note: This does not list roles which have been expired via the default retention policy being reached.
*
* @return int[]
*/
public function get_expired_roles(): array {
if ($this->is_default_expired()) {
return [];
}
return $this->expired;
}
/**
* Check whether the specified role is explicitly expired.
* Note: This does not list roles which have been expired via the default retention policy being reached.
*
* @param int $roleid
* @return bool
*/
public function is_role_expired(int $roleid): bool {
return false !== array_search($roleid, $this->expired);
}
/**
* Whether the default retention policy has been reached.
*
* @return bool
*/
public function is_default_expired(): bool {
return $this->defaultexpiryreached;
}
/**
* Whether the default purpose is protected.
*
* @return bool
*/
public function is_default_protected(): bool {
return $this->defaultprotected;
}
/**
* Get the list of unexpired role IDs.
*
* @return int[]
*/
public function get_unexpired_roles(): array {
return $this->unexpired;
}
/**
* Get the list of unexpired protected roles.
*
* @return int[]
*/
public function get_unexpired_protected_roles(): array {
return array_keys(array_filter($this->protectedroles));
}
/**
* Get a list of all overridden roles which are unprotected.
* @return int[]
*/
public function get_unprotected_overridden_roles(): array {
$allroles = array_merge($this->expired, $this->unexpired);
return array_diff($allroles, $this->protectedroles);
}
/**
* Merge this expiry_info object with another belonging to a child context in order to set the 'safest' heritage.
*
* It is not possible to delete any part of a context that is not deleted by a parent.
* So if a course's retention policy has been reached, then only parts where the children have also expired can be
* deleted.
*
* @param expiry_info $child The child record to merge with.
* @return $this
*/
public function merge_with_child(expiry_info $child): expiry_info {
if ($child->is_fully_expired()) {
return $this;
}
// If the child is not fully expired, then none of the parents can be either.
$this->fullyexpired = false;
// Remove any role in this node which is not expired in the child.
foreach ($this->expired as $key => $roleid) {
if (!$child->is_role_expired($roleid)) {
unset($this->expired[$key]);
}
}
array_merge($this->unexpired, $child->get_unexpired_roles());
if (!$child->is_default_expired()) {
$this->defaultexpiryreached = false;
}
return $this;
}
}
admin/tool/dataprivacy/classes/external.php
+1642
View File
File diff suppressed because it is too large Load Diff
admin/tool/dataprivacy/classes/external/category_exporter.php
Vendored
+79
View File
@@ -0,0 +1,79 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for exporting data category.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
defined('MOODLE_INTERNAL') || die();
use core\external\persistent_exporter;
use tool_dataprivacy\category;
use tool_dataprivacy\context_instance;
/**
* Class for exporting field data.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class category_exporter extends persistent_exporter {
/**
* Defines the persistent class.
*
* @return string
*/
protected static function define_class() {
return \tool_dataprivacy\category::class;
}
/**
* Returns a list of objects that are related.
*
* @return array
*/
protected static function define_related() {
return array(
'context' => 'context',
);
}
/**
* Utility function that fetches a category name from the given ID.
*
* @param int $categoryid The category ID. Could be INHERIT (false, -1), NOT_SET (0), or the actual ID.
* @return string The purpose name.
*/
public static function get_name($categoryid) {
global $PAGE;
if ($categoryid === false || $categoryid == context_instance::INHERIT) {
return get_string('inherit', 'tool_dataprivacy');
} else if ($categoryid == context_instance::NOTSET) {
return get_string('notset', 'tool_dataprivacy');
} else {
$purpose = new category($categoryid);
$output = $PAGE->get_renderer('tool_dataprivacy');
$exporter = new self($purpose, ['context' => \context_system::instance()]);
$data = $exporter->export($output);
return $data->name;
}
}
}
admin/tool/dataprivacy/classes/external/context_instance_exporter.php
Vendored
+45
View File
@@ -0,0 +1,45 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for exporting context instance.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
defined('MOODLE_INTERNAL') || die();
use core\external\persistent_exporter;
/**
* Class for exporting context instance.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class context_instance_exporter extends persistent_exporter {
/**
* Defines the persistent class.
*
* @return string
*/
protected static function define_class() {
return \tool_dataprivacy\context_instance::class;
}
}
admin/tool/dataprivacy/classes/external/create_data_request.php
Vendored
+121
View File
@@ -0,0 +1,121 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy\external;
use core_external\external_api;
use core_external\external_function_parameters;
use core_external\external_single_structure;
use core_external\external_value;
use core_external\external_warnings;
use tool_dataprivacy\api;
use core_user;
use moodle_exception;
/**
* External function for creating a data request.
*
* @package tool_dataprivacy
* @copyright 2023 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.4
*/
class create_data_request extends external_api {
/**
* Webservice parameters.
*
* @return external_function_parameters
*/
public static function execute_parameters(): external_function_parameters {
return new external_function_parameters(
[
'type' => new external_value(PARAM_INT, 'The type of data request to create. 1 for export, 2 for data deletion.'),
'comments' => new external_value(PARAM_RAW, 'Comments for the data request.', VALUE_DEFAULT, ''),
'foruserid' => new external_value(PARAM_INT, 'The id of the user to create the data request for. Empty for current user.',
VALUE_DEFAULT, 0),
]
);
}
/**
* Create a data request.
*
* @param int $type The type of data request to create.
* @param string $comments Comments for the data request.
* @param int $foruserid The id of the user to create the data request for.
* @return array containing the id of the request created and warnings.
* @throws moodle_exception
*/
public static function execute(int $type, string $comments = '', int $foruserid = 0): array {
global $USER;
$params = self::validate_parameters(self::execute_parameters(), [
'type' => $type,
'comments' => $comments,
'foruserid' => $foruserid,
]);
$system = \context_system::instance();
external_api::validate_context($system);
$cancontactdpo = api::can_contact_dpo();
$canmanage = false;
if (empty($params['foruserid']) || $params['foruserid'] == $USER->id) {
$user = $USER;
} else {
$user = core_user::get_user($params['foruserid'], '*', MUST_EXIST);
core_user::require_active_user($user);
if (!$canmanage = api::can_manage_data_requests($user->id)) {
api::require_can_create_data_request_for_user($user->id);
}
}
if (!$canmanage && !$cancontactdpo) {
throw new moodle_exception('contactdpoviaprivacypolicy', 'tool_dataprivacy');
}
// Validate the data.
$validationerrors = api::validate_create_data_request((object) ['userid' => $user->id, 'type' => $params['type']]);
if (!empty($validationerrors)) {
$error = array_key_first($validationerrors);
throw new moodle_exception($error, 'tool_dataprivacy');
}
// All clear now, create the request.
$datarequest = api::create_data_request($user->id, $params['type'], $params['comments']);
return [
'datarequestid' => $datarequest->get('id'),
'warnings' => [],
];
}
/**
* Webservice returns.
*
* @return external_single_structure
*/
public static function execute_returns(): external_single_structure {
return new external_single_structure(
[
'datarequestid' => new external_value(PARAM_INT, 'The id of the created data request.'),
'warnings' => new external_warnings(),
]
);
}
}
admin/tool/dataprivacy/classes/external/data_request_exporter.php
Vendored
+219
View File
@@ -0,0 +1,219 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for exporting user evidence with all competencies.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
defined('MOODLE_INTERNAL') || die();
use core\external\persistent_exporter;
use core_user;
use core_user\external\user_summary_exporter;
use renderer_base;
use tool_dataprivacy\api;
use tool_dataprivacy\data_request;
use tool_dataprivacy\local\helper;
/**
* Class for exporting user evidence with all competencies.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_request_exporter extends persistent_exporter {
/**
* Class definition.
*
* @return string
*/
protected static function define_class() {
return data_request::class;
}
/**
* Related objects definition.
*
* @return array
*/
protected static function define_related() {
return [
'context' => 'context',
];
}
/**
* Other properties definition.
*
* @return array
*/
protected static function define_other_properties() {
return [
'foruser' => [
'type' => user_summary_exporter::read_properties_definition(),
],
'requestedbyuser' => [
'type' => user_summary_exporter::read_properties_definition(),
'optional' => true
],
'dpouser' => [
'type' => user_summary_exporter::read_properties_definition(),
'optional' => true
],
'messagehtml' => [
'type' => PARAM_RAW,
'optional' => true
],
'typename' => [
'type' => PARAM_TEXT,
],
'typenameshort' => [
'type' => PARAM_TEXT,
],
'statuslabel' => [
'type' => PARAM_TEXT,
],
'statuslabelclass' => [
'type' => PARAM_TEXT,
],
'canreview' => [
'type' => PARAM_BOOL,
'optional' => true,
'default' => false
],
'approvedeny' => [
'type' => PARAM_BOOL,
'optional' => true,
'default' => false
],
'allowfiltering' => [
'type' => PARAM_BOOL,
'optional' => true,
'default' => false,
],
'canmarkcomplete' => [
'type' => PARAM_BOOL,
'optional' => true,
'default' => false
],
'downloadlink' => [
'type' => PARAM_URL,
'optional' => true,
],
];
}
/**
* Assign values to the defined other properties.
*
* @param renderer_base $output The output renderer object.
* @return array
* @throws coding_exception
* @throws dml_exception
* @throws moodle_exception
*/
protected function get_other_values(renderer_base $output) {
$values = [];
$foruserid = $this->persistent->get('userid');
$user = core_user::get_user($foruserid, '*', MUST_EXIST);
$userexporter = new user_summary_exporter($user);
$values['foruser'] = $userexporter->export($output);
$requestedbyid = $this->persistent->get('requestedby');
if ($requestedbyid != $foruserid) {
$user = core_user::get_user($requestedbyid, '*', MUST_EXIST);
$userexporter = new user_summary_exporter($user);
$values['requestedbyuser'] = $userexporter->export($output);
} else {
$values['requestedbyuser'] = $values['foruser'];
}
if (!empty($this->persistent->get('dpo'))) {
$dpoid = $this->persistent->get('dpo');
$user = core_user::get_user($dpoid, '*', MUST_EXIST);
$userexporter = new user_summary_exporter($user);
$values['dpouser'] = $userexporter->export($output);
}
$values['messagehtml'] = text_to_html($this->persistent->get('comments'));
$requesttype = $this->persistent->get('type');
$values['typename'] = helper::get_request_type_string($requesttype);
$values['typenameshort'] = helper::get_shortened_request_type_string($requesttype);
$values['canreview'] = false;
$values['approvedeny'] = false;
$values['allowfiltering'] = get_config('tool_dataprivacy', 'allowfiltering');
$values['statuslabel'] = helper::get_request_status_string($this->persistent->get('status'));
switch ($this->persistent->get('status')) {
case api::DATAREQUEST_STATUS_PENDING:
case api::DATAREQUEST_STATUS_PREPROCESSING:
$values['statuslabelclass'] = 'bg-info text-white';
// Request can be manually completed for general enquiry requests.
$values['canmarkcomplete'] = $requesttype == api::DATAREQUEST_TYPE_OTHERS;
break;
case api::DATAREQUEST_STATUS_AWAITING_APPROVAL:
$values['statuslabelclass'] = 'bg-info text-white';
// DPO can review the request once it's ready.
$values['canreview'] = true;
// Whether the DPO can approve or deny the request.
$values['approvedeny'] = in_array($requesttype, [api::DATAREQUEST_TYPE_EXPORT, api::DATAREQUEST_TYPE_DELETE]);
// If the request's type is delete, check if user have permission to approve/deny it.
if ($requesttype == api::DATAREQUEST_TYPE_DELETE) {
$values['approvedeny'] = api::can_create_data_deletion_request_for_other();
}
break;
case api::DATAREQUEST_STATUS_APPROVED:
$values['statuslabelclass'] = 'bg-info text-white';
break;
case api::DATAREQUEST_STATUS_PROCESSING:
$values['statuslabelclass'] = 'bg-info text-white';
break;
case api::DATAREQUEST_STATUS_COMPLETE:
case api::DATAREQUEST_STATUS_DOWNLOAD_READY:
case api::DATAREQUEST_STATUS_DELETED:
$values['statuslabelclass'] = 'bg-success text-white';
break;
case api::DATAREQUEST_STATUS_CANCELLED:
$values['statuslabelclass'] = 'bg-warning text-dark';
break;
case api::DATAREQUEST_STATUS_REJECTED:
$values['statuslabelclass'] = 'bg-danger text-white';
break;
case api::DATAREQUEST_STATUS_EXPIRED:
$values['statuslabelclass'] = 'bg-secondary text-dark';
break;
}
if ($this->persistent->get('status') == api::DATAREQUEST_STATUS_DOWNLOAD_READY) {
$usercontext = \context_user::instance($foruserid, IGNORE_MISSING);
// If user has permission to view download link, show relevant action item.
if ($usercontext && api::can_download_data_request_for_user($foruserid, $requestedbyid)) {
$downloadlink = api::get_download_link($usercontext, $this->persistent->get('id'))->url;
$values['downloadlink'] = $downloadlink->out(false);
}
}
return $values;
}
}
admin/tool/dataprivacy/classes/external/get_access_information.php
Vendored
+85
View File
@@ -0,0 +1,85 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy\external;
use core_external\external_api;
use core_external\external_function_parameters;
use core_external\external_single_structure;
use core_external\external_value;
use core_external\external_warnings;
use tool_dataprivacy\api;
/**
* External function for retrieving access (permissions) information for the privacy API.
*
* @package tool_dataprivacy
* @copyright 2023 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.4
*/
class get_access_information extends external_api {
/**
* Webservice parameters.
*
* @return external_function_parameters
*/
public static function execute_parameters(): external_function_parameters {
return new external_function_parameters([]);
}
/**
* Main method of the external function.
*
* @return array current user permissions
*/
public static function execute(): array {
global $USER;
$system = \context_system::instance();
external_api::validate_context($system);
return [
'cancontactdpo' => api::can_contact_dpo(),
'canmanagedatarequests' => api::can_manage_data_requests($USER->id),
'cancreatedatadownloadrequest' => api::can_create_data_download_request_for_self($USER->id),
'cancreatedatadeletionrequest' => api::can_create_data_deletion_request_for_self($USER->id),
'hasongoingdatadownloadrequest' => api::has_ongoing_request($USER->id, api::DATAREQUEST_TYPE_EXPORT),
'hasongoingdatadeletionrequest' => api::has_ongoing_request($USER->id, api::DATAREQUEST_TYPE_DELETE),
'warnings' => [],
];
}
/**
* Webservice returns.
*
* @return external_single_structure
*/
public static function execute_returns(): external_single_structure {
return new external_single_structure(
[
'cancontactdpo' => new external_value(PARAM_BOOL, 'Can contact dpo.'),
'canmanagedatarequests' => new external_value(PARAM_BOOL, 'Can manage data requests.'),
'cancreatedatadownloadrequest' => new external_value(PARAM_BOOL, 'Can create data download request for self.'),
'cancreatedatadeletionrequest' => new external_value(PARAM_BOOL, 'Can create data deletion request for self.'),
'hasongoingdatadownloadrequest' => new external_value(PARAM_BOOL, 'Has ongoing data download request.'),
'hasongoingdatadeletionrequest' => new external_value(PARAM_BOOL, 'Has ongoing data deletion request.'),
'warnings' => new external_warnings(),
]
);
}
}
admin/tool/dataprivacy/classes/external/get_data_requests.php
Vendored
+165
View File
@@ -0,0 +1,165 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy\external;
use core_external\external_api;
use core_external\external_function_parameters;
use core_external\external_single_structure;
use core_external\external_multiple_structure;
use core_external\external_value;
use core_external\external_warnings;
use tool_dataprivacy\api;
use core_user;
use context_system;
use moodle_exception;
/**
* External function for getting data requests.
*
* @package tool_dataprivacy
* @copyright 2023 Juan Leyva <juan@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.4
*/
class get_data_requests extends external_api {
/**
* Webservice parameters.
*
* @return external_function_parameters
*/
public static function execute_parameters(): external_function_parameters {
return new external_function_parameters(
[
'userid' => new external_value(PARAM_INT, 'The id of the user to get the data requests for. Empty for all users.',
VALUE_DEFAULT, 0),
'statuses' => new external_multiple_structure(
new external_value(PARAM_INT, 'The status of the data requests to get.'),
'The statuses of the data requests to get.
0 for pending 1 preprocessing, 2 awaiting approval, 3 approved,
4 processed, 5 completed, 6 cancelled, 7 rejected.',
VALUE_DEFAULT,
[]
),
'types' => new external_multiple_structure(
new external_value(PARAM_INT, 'The type of the data requests to get.'),
'The types of the data requests to get. 1 for export, 2 for data deletion.',
VALUE_DEFAULT,
[]
),
'creationmethods' => new external_multiple_structure(
new external_value(PARAM_INT, 'The creation method of the data requests to get.'),
'The creation methods of the data requests to get. 0 for manual, 1 for automatic.',
VALUE_DEFAULT,
[]
),
'sort' => new external_value(PARAM_NOTAGS, 'The field to sort the data requests by.',
VALUE_DEFAULT, ''),
'limitfrom' => new external_value(PARAM_INT, 'The number to start getting the data requests from.',
VALUE_DEFAULT, 0),
'limitnum' => new external_value(PARAM_INT, 'The number of data requests to get.',
VALUE_DEFAULT, 0),
]
);
}
/**
* Get data requests.
*
* @param int $userid The user id.
* @param array $statuses The status filters.
* @param array $types The request type filters.
* @param array $creationmethods The request creation method filters.
* @param string $sort The order by clause.
* @param int $limitfrom Amount of records to skip.
* @param int $limitnum Amount of records to fetch.
* @throws moodle_exception
* @return array containing the data requests and warnings.
*/
public static function execute($userid = 0, $statuses = [], $types = [], $creationmethods = [],
$sort = '', $limitfrom = 0, $limitnum = 0): array {
global $USER, $PAGE;
$params = self::validate_parameters(self::execute_parameters(), [
'userid' => $userid,
'statuses' => $statuses,
'types' => $types,
'creationmethods' => $creationmethods,
'sort' => $sort,
'limitfrom' => $limitfrom,
'limitnum' => $limitnum,
]);
$systemcontext = context_system::instance();
if ($params['userid'] == $USER->id) {
$userid = $USER->id;
} else {
// Additional security checks when obtaining data requests for other users.
if (!has_capability('tool/dataprivacy:managedatarequests', $systemcontext) || !api::is_site_dpo($USER->id)) {
$dponamestring = implode (', ', api::get_dpo_role_names());
throw new moodle_exception('privacyofficeronly', 'tool_dataprivacy', '', $dponamestring);
}
$userid = 0;
if (!empty($params['userid'])) {
$user = core_user::get_user($params['userid'], '*', MUST_EXIST);
core_user::require_active_user($user);
$userid = $user->id;
}
}
// Ensure sort parameter is safe to use. Fallback to default value of the parameter itself.
$sortorderparts = explode(' ', $params['sort'], 2);
$sortorder = get_safe_orderby([
'id' => 'id',
'status' => 'status',
'timemodified' => 'timemodified',
'default' => '',
], $sortorderparts[0], $sortorderparts[1] ?? '', false);
$userrequests = api::get_data_requests($userid, $params['statuses'], $params['types'], $params['creationmethods'],
$sortorder, $params['limitfrom'], $params['limitnum']);
$requests = [];
foreach ($userrequests as $requestpersistent) {
$exporter = new data_request_exporter($requestpersistent, ['context' => $systemcontext]);
$renderer = $PAGE->get_renderer('tool_dataprivacy');
$requests[] = $exporter->export($renderer);
}
return [
'requests' => $requests,
'warnings' => [],
];
}
/**
* Webservice returns.
*
* @return external_single_structure
*/
public static function execute_returns(): external_single_structure {
return new external_single_structure(
[
'requests' => new external_multiple_structure(data_request_exporter::get_read_structure(), 'The data requests.'),
'warnings' => new external_warnings(),
]
);
}
}
admin/tool/dataprivacy/classes/external/name_description_exporter.php
Vendored
+63
View File
@@ -0,0 +1,63 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for exporting an object containing a name and a description.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
defined('MOODLE_INTERNAL') || die();
use core\external\exporter;
/**
* Class that exports an object containing a name and a description.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class name_description_exporter extends exporter {
/**
* Returns a list of objects that are related.
*
* @return array
*/
protected static function define_related() {
return array(
'context' => 'context',
);
}
/**
* Return the list of properties.
*
* @return array
*/
protected static function define_properties() {
return [
'name' => [
'type' => PARAM_TEXT,
],
'description' => [
'type' => PARAM_TEXT,
],
];
}
}
admin/tool/dataprivacy/classes/external/purpose_exporter.php
Vendored
+159
View File
@@ -0,0 +1,159 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for exporting data purpose.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
defined('MOODLE_INTERNAL') || die();
use core\external\persistent_exporter;
use renderer_base;
use tool_dataprivacy\context_instance;
use tool_dataprivacy\purpose;
/**
* Class for exporting field data.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class purpose_exporter extends persistent_exporter {
/**
* Defines the persistent class.
*
* @return string
*/
protected static function define_class() {
return purpose::class;
}
/**
* Returns a list of objects that are related.
*
* @return array
*/
protected static function define_related() {
return array(
'context' => 'context',
);
}
/**
* Return the list of additional properties.
*
* @return array
*/
protected static function define_other_properties() {
return [
'formattedretentionperiod' => [
'type' => PARAM_TEXT
],
'formattedlawfulbases' => [
'type' => name_description_exporter::read_properties_definition(),
'multiple' => true
],
'formattedsensitivedatareasons' => [
'type' => name_description_exporter::read_properties_definition(),
'multiple' => true,
'optional' => true
],
'roleoverrides' => [
'type' => PARAM_TEXT
],
];
}
/**
* Return other properties.
*
* @param renderer_base $output
* @return array
* @throws coding_exception
* @throws Exception
*/
protected function get_other_values(renderer_base $output) {
$values = [];
$formattedbases = [];
$lawfulbases = explode(',', $this->persistent->get('lawfulbases'));
if (!empty($lawfulbases)) {
foreach ($lawfulbases as $basis) {
if (empty(trim($basis))) {
continue;
}
$formattedbases[] = (object)[
'name' => get_string($basis . '_name', 'tool_dataprivacy'),
'description' => get_string($basis . '_description', 'tool_dataprivacy')
];
}
}
$values['formattedlawfulbases'] = $formattedbases;
$formattedsensitivereasons = [];
$sensitivereasons = explode(',', $this->persistent->get('sensitivedatareasons') ?? '');
if (!empty($sensitivereasons)) {
foreach ($sensitivereasons as $reason) {
if (empty(trim($reason))) {
continue;
}
$formattedsensitivereasons[] = (object)[
'name' => get_string($reason . '_name', 'tool_dataprivacy'),
'description' => get_string($reason . '_description', 'tool_dataprivacy')
];
}
}
$values['formattedsensitivedatareasons'] = $formattedsensitivereasons;
$retentionperiod = $this->persistent->get('retentionperiod');
if ($retentionperiod) {
$formattedtime = \tool_dataprivacy\api::format_retention_period(new \DateInterval($retentionperiod));
} else {
$formattedtime = get_string('retentionperiodnotdefined', 'tool_dataprivacy');
}
$values['formattedretentionperiod'] = $formattedtime;
$values['roleoverrides'] = !empty($this->persistent->get_purpose_overrides());
return $values;
}
/**
* Utility function that fetches a purpose name from the given ID.
*
* @param int $purposeid The purpose ID. Could be INHERIT (false, -1), NOT_SET (0), or the actual ID.
* @return string The purpose name.
*/
public static function get_name($purposeid) {
global $PAGE;
if ($purposeid === false || $purposeid == context_instance::INHERIT) {
return get_string('inherit', 'tool_dataprivacy');
} else if ($purposeid == context_instance::NOTSET) {
return get_string('notset', 'tool_dataprivacy');
} else {
$purpose = new purpose($purposeid);
$output = $PAGE->get_renderer('tool_dataprivacy');
$exporter = new self($purpose, ['context' => \context_system::instance()]);
$data = $exporter->export($output);
return $data->name;
}
}
}
admin/tool/dataprivacy/classes/external/submit_selected_courses_form.php
Vendored
+131
View File
@@ -0,0 +1,131 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for submit selected courses from form.
*
* @package tool_dataprivacy
* @copyright 2021 The Open University.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\external;
use core_external\external_api;
use core_external\external_function_parameters;
use core_external\external_single_structure;
use core_external\external_value;
use core_external\external_warnings;
use core\notification;
use context_system;
/**
* Class for submit selected courses from form.
*
* @copyright 2021 The Open University.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.3
*/
class submit_selected_courses_form extends external_api {
/**
* Parameter description for get_data_request().
*
* @return external_function_parameters
*/
public static function execute_parameters(): external_function_parameters {
return new external_function_parameters([
'requestid' => new external_value(PARAM_INT, 'The id of data request'),
'jsonformdata' => new external_value(PARAM_RAW, 'The data of selected courses form, encoded as a json array'),
]);
}
/**
* Fetch the list of course which user can select to export data.
*
* @param int $requestid The request ID.
* @param string $jsonformdata The data of selected courses form.
* @return array
*/
public static function execute(int $requestid, string $jsonformdata): array {
$warnings = [];
$result = false;
$params = self::validate_parameters(self::execute_parameters(), [
'requestid' => $requestid,
'jsonformdata' => $jsonformdata,
]);
$context = context_system::instance();
self::validate_context($context);
// Make sure the user has the proper capability.
require_capability('tool/dataprivacy:managedatarequests', $context);
$requestid = $params['requestid'];
$serialiseddata = json_decode($params['jsonformdata']);
$data = array();
parse_str($serialiseddata, $data);
$mform = new \tool_dataprivacy\form\exportfilter_form(null, ['requestid' => $requestid], 'post', '', null, true, $data);
if (PHPUNIT_TEST) {
$validateddata = $mform->mock_ajax_submit($data);
} else {
$validateddata = $mform->get_data();
}
if ($validateddata) {
// Ensure the request exists.
$requestexists = \tool_dataprivacy\data_request::record_exists($requestid);
if ($requestexists) {
$coursecontextids = [];
if (!empty($validateddata->coursecontextids)) {
$coursecontextids = $validateddata->coursecontextids;
}
if (PHPUNIT_TEST) {
if (!empty($validateddata['coursecontextids'])) {
$coursecontextids = $validateddata['coursecontextids'];
}
}
$result = \tool_dataprivacy\api::approve_data_request($requestid, $coursecontextids);
// Add notification in the session to be shown when the page is reloaded on the JS side.
notification::success(get_string('requestapproved', 'tool_dataprivacy'));
} else {
$warnings = [
'item' => $requestid,
'warningcode' => 'errorrequestnotfound',
'message' => get_string('errorrequestnotfound', 'tool_dataprivacy'),
];
}
}
return [
'result' => $result,
'warnings' => $warnings,
];
}
/**
* Parameter description for submit_selected_courses_form().
*
* @return external_single_structure
*/
public static function execute_returns(): external_single_structure {
return new external_single_structure([
'result' => new external_value(PARAM_BOOL, 'The processing result'),
'warnings' => new external_warnings(),
]);
}
}
admin/tool/dataprivacy/classes/filtered_userlist.php
+63
View File
@@ -0,0 +1,63 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* An implementation of a userlist which has been filtered and approved.
*
* @package tool_dataprivacy
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
/**
* An implementation of a userlist which can be filtered by role.
*
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class filtered_userlist extends \core_privacy\local\request\approved_userlist {
/**
* Apply filters to only remove users in the expireduserids list, and to remove any who are in the unexpired list.
* The unexpired list wins where a user is in both lists.
*
* @param int[] $expireduserids The list of userids for users who should be expired.
* @param int[] $unexpireduserids The list of userids for those users who should not be expired.
* @return $this
*/
public function apply_expired_context_filters(array $expireduserids, array $unexpireduserids): filtered_userlist {
// The current userlist content.
$userids = $this->get_userids();
if (!empty($expireduserids)) {
// Now remove any not on the list of expired users.
$userids = array_intersect($userids, $expireduserids);
}
if (!empty($unexpireduserids)) {
// Remove any on the list of unexpiredusers users.
$userids = array_diff($userids, $unexpireduserids);
}
$this->set_userids($userids);
return $this;
}
}
admin/tool/dataprivacy/classes/form/category.php
+67
View File
@@ -0,0 +1,67 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file contains the form add/update a data category.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\form;
defined('MOODLE_INTERNAL') || die();
use core\form\persistent;
/**
* Data category form.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class category extends persistent {
/**
* @var The persistent class.
*/
protected static $persistentclass = 'tool_dataprivacy\\category';
/**
* Define the form - called by parent constructor
*/
public function definition() {
$mform = $this->_form;
$mform->addElement('text', 'name', get_string('name'), 'maxlength="100"');
$mform->setType('name', PARAM_TEXT);
$mform->addRule('name', get_string('required'), 'required', null, 'server');
$mform->addRule('name', get_string('maximumchars', '', 100), 'maxlength', 100, 'server');
$mform->addElement('editor', 'description', get_string('description'), null, ['autosave' => false]);
$mform->setType('description', PARAM_CLEANHTML);
if (!empty($this->_customdata['showbuttons'])) {
if (!$this->get_persistent()->get('id')) {
$savetext = get_string('add');
} else {
$savetext = get_string('savechanges');
}
$this->add_action_buttons(true, $savetext);
}
}
}
admin/tool/dataprivacy/classes/form/contactdpo.php
+100
View File
@@ -0,0 +1,100 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy\form;
use context;
use context_user;
use moodle_exception;
use moodle_url;
use core_form\dynamic_form;
use tool_dataprivacy\api;
use tool_dataprivacy\external;
/**
* Contact DPO modal form
*
* @package tool_dataprivacy
* @copyright 2021 Paul Holden <paulh@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class contactdpo extends dynamic_form {
/**
* Form definition
*/
protected function definition() {
global $USER;
$mform = $this->_form;
$mform->addElement('static', 'replyto', get_string('replyto', 'tool_dataprivacy'), s($USER->email));
$mform->addElement('textarea', 'message', get_string('message', 'tool_dataprivacy'), 'cols="60" rows="8"');
$mform->setType('message', PARAM_TEXT);
$mform->addRule('message', get_string('required'), 'required', null, 'client');
}
/**
* Return form context
*
* @return context
*/
protected function get_context_for_dynamic_submission(): context {
global $USER;
return context_user::instance($USER->id);
}
/**
* Check if current user has access to this form, otherwise throw exception
*
* @throws moodle_exception
*/
protected function check_access_for_dynamic_submission(): void {
if (!api::can_contact_dpo()) {
throw new moodle_exception('errorcontactdpodisabled', 'tool_dataprivacy');
}
}
/**
* Process the form submission, used if form was submitted via AJAX
*
* @return array
*/
public function process_dynamic_submission() {
return external::contact_dpo($this->get_data()->message);
}
/**
* Load in existing data as form defaults (not applicable)
*/
public function set_data_for_dynamic_submission(): void {
return;
}
/**
* Returns url to set in $PAGE->set_url() when form is being rendered or submitted via AJAX
*
* @return moodle_url
*/
protected function get_page_url_for_dynamic_submission(): moodle_url {
global $USER;
return new moodle_url('/user/profile.php', ['id' => $USER->id]);
}
}
admin/tool/dataprivacy/classes/form/context_instance.php
+226
View File
@@ -0,0 +1,226 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file contains the form add/update context instance data.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\form;
defined('MOODLE_INTERNAL') || die();
use tool_dataprivacy\api;
use tool_dataprivacy\data_registry;
use tool_dataprivacy\purpose;
/**
* Context instance data form.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class context_instance extends \core\form\persistent {
/**
* @var The persistent class.
*/
protected static $persistentclass = 'tool_dataprivacy\\context_instance';
/**
* Define the form - called by parent constructor
*/
public function definition() {
$this->_form->setDisableShortforms();
$this->_form->addElement('header', 'contextname', $this->_customdata['contextname']);
$subjectscope = implode(', ', $this->_customdata['subjectscope']);
if (empty($subjectscope)) {
$subjectscope = get_string('noassignedroles', 'tool_dataprivacy');
}
$this->_form->addElement('static', 'subjectscope', get_string('subjectscope', 'tool_dataprivacy'), $subjectscope);
$this->_form->addHelpButton('subjectscope', 'subjectscope', 'tool_dataprivacy');
$this->add_purpose_category($this->_customdata['context']->contextlevel);
$this->_form->addElement('hidden', 'contextid');
$this->_form->setType('contextid', PARAM_INT);
parent::add_action_buttons(false, get_string('savechanges'));
}
/**
* Adds purpose and category selectors.
*
* @param int $contextlevel Apply this context level defaults. False for no defaults.
* @return null
*/
protected function add_purpose_category($contextlevel = false) {
$mform = $this->_form;
$addcategorytext = $this->get_add_element_content(get_string('addcategory', 'tool_dataprivacy'));
$categoryselect = $mform->createElement('select', 'categoryid', null, $this->_customdata['categories']);
$addcategory = $mform->createElement('button', 'addcategory', $addcategorytext, ['data-add-element' => 'category']);
$mform->addElement('group', 'categorygroup', get_string('category', 'tool_dataprivacy'),
[$categoryselect, $addcategory], null, false);
$mform->addHelpButton('categorygroup', 'category', 'tool_dataprivacy');
$mform->setType('categoryid', PARAM_INT);
$mform->setDefault('categoryid', 0);
$addpurposetext = $this->get_add_element_content(get_string('addpurpose', 'tool_dataprivacy'));
$purposeselect = $mform->createElement('select', 'purposeid', null, $this->_customdata['purposes']);
$addpurpose = $mform->createElement('button', 'addpurpose', $addpurposetext, ['data-add-element' => 'purpose']);
$mform->addElement('group', 'purposegroup', get_string('purpose', 'tool_dataprivacy'),
[$purposeselect, $addpurpose], null, false);
$mform->addHelpButton('purposegroup', 'purpose', 'tool_dataprivacy');
$mform->setType('purposeid', PARAM_INT);
$mform->setDefault('purposeid', 0);
if (!empty($this->_customdata['currentretentionperiod'])) {
$mform->addElement('static', 'retention_current', get_string('retentionperiod', 'tool_dataprivacy'),
$this->_customdata['currentretentionperiod']);
$mform->addHelpButton('retention_current', 'retentionperiod', 'tool_dataprivacy');
}
}
/**
* Returns the 'add' label.
*
* It depends on the theme in use.
*
* @param string $label
* @return \renderable|string
*/
private function get_add_element_content($label) {
global $PAGE, $OUTPUT;
$bs4 = false;
$theme = $PAGE->theme;
if ($theme->name === 'boost') {
$bs4 = true;
} else {
foreach ($theme->parents as $basetheme) {
if ($basetheme === 'boost') {
$bs4 = true;
}
}
}
if (!$bs4) {
return $label;
}
return $OUTPUT->pix_icon('e/insert', $label);
}
/**
* Returns the customdata array for the provided context instance.
*
* @param \context $context
* @return array
*/
public static function get_context_instance_customdata(\context $context) {
$persistent = \tool_dataprivacy\context_instance::get_record_by_contextid($context->id, false);
if (!$persistent) {
$persistent = new \tool_dataprivacy\context_instance();
$persistent->set('contextid', $context->id);
}
$purposes = [];
foreach (api::get_purposes() as $purpose) {
$purposes[$purpose->get('id')] = $purpose;
}
$purposeoptions = \tool_dataprivacy\output\data_registry_page::purpose_options($purposes);
$categoryoptions = \tool_dataprivacy\output\data_registry_page::category_options(api::get_categories());
$customdata = [
'context' => $context,
'subjectscope' => data_registry::get_subject_scope($context),
'contextname' => $context->get_context_name(),
'persistent' => $persistent,
'purposes' => $purposeoptions,
'categories' => $categoryoptions,
];
$effectivepurpose = api::get_effective_context_purpose($context);
if ($effectivepurpose) {
$customdata['currentretentionperiod'] = self::get_retention_display_text($effectivepurpose, $context->contextlevel,
$context);
$customdata['purposeretentionperiods'] = [];
foreach (array_keys($purposeoptions) as $optionvalue) {
if (isset($purposes[$optionvalue])) {
$purpose = $purposes[$optionvalue];
} else {
// Get the effective purpose if $optionvalue would be the selected value.
$purpose = api::get_effective_context_purpose($context, $optionvalue);
}
$retentionperiod = self::get_retention_display_text(
$purpose,
$context->contextlevel,
$context
);
$customdata['purposeretentionperiods'][$optionvalue] = $retentionperiod;
}
}
return $customdata;
}
/**
* Returns the purpose display text.
*
* @param purpose $effectivepurpose
* @param int $retentioncontextlevel
* @param \context $context The context, just for displaying (filters) purposes.
* @return string
*/
protected static function get_retention_display_text(purpose $effectivepurpose, $retentioncontextlevel, \context $context) {
global $PAGE;
$renderer = $PAGE->get_renderer('tool_dataprivacy');
$exporter = new \tool_dataprivacy\external\purpose_exporter($effectivepurpose, ['context' => $context]);
$exportedpurpose = $exporter->export($renderer);
switch ($retentioncontextlevel) {
case CONTEXT_COURSE:
case CONTEXT_MODULE:
case CONTEXT_BLOCK:
$str = get_string('effectiveretentionperiodcourse', 'tool_dataprivacy',
$exportedpurpose->formattedretentionperiod);
break;
case CONTEXT_USER:
$str = get_string('effectiveretentionperioduser', 'tool_dataprivacy',
$exportedpurpose->formattedretentionperiod);
break;
default:
$str = $exportedpurpose->formattedretentionperiod;
}
return $str;
}
}
admin/tool/dataprivacy/classes/form/contextlevel.php
+124
View File
@@ -0,0 +1,124 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file contains the form add/update context level data.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\form;
defined('MOODLE_INTERNAL') || die();
use core\form\persistent;
use tool_dataprivacy\api;
use tool_dataprivacy\data_registry;
/**
* Context level data form.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class contextlevel extends context_instance {
/**
* @var The persistent class.
*/
protected static $persistentclass = 'tool_dataprivacy\\contextlevel';
/**
* Define the form - called by parent constructor
*/
public function definition() {
$this->_form->setDisableShortforms();
$this->_form->addElement('header', 'contextlevelname', $this->_customdata['contextlevelname']);
$this->add_purpose_category();
$this->_form->addElement('hidden', 'contextlevel');
$this->_form->setType('contextlevel', PARAM_INT);
parent::add_action_buttons(false, get_string('savechanges'));
}
/**
* Returns the customdata array for the provided context level.
*
* @param int $contextlevel
* @return array
*/
public static function get_contextlevel_customdata($contextlevel) {
$persistent = \tool_dataprivacy\contextlevel::get_record_by_contextlevel($contextlevel, false);
if (!$persistent) {
$persistent = new \tool_dataprivacy\contextlevel();
$persistent->set('contextlevel', $contextlevel);
}
$includeinherit = true;
if ($contextlevel == CONTEXT_SYSTEM) {
// Nothing to inherit from Site level.
$includeinherit = false;
}
$includenotset = true;
if ($contextlevel == CONTEXT_SYSTEM || $contextlevel == CONTEXT_USER) {
// No 'not set' value for system and user because we do not have defaults for them.
$includenotset = false;
}
$purposeoptions = \tool_dataprivacy\output\data_registry_page::purpose_options(
api::get_purposes(), $includenotset, $includeinherit);
$categoryoptions = \tool_dataprivacy\output\data_registry_page::category_options(
api::get_categories(), $includenotset, $includeinherit);
$customdata = [
'contextlevel' => $contextlevel,
'contextlevelname' => get_string('contextlevelname' . $contextlevel, 'tool_dataprivacy'),
'persistent' => $persistent,
'purposes' => $purposeoptions,
'categories' => $categoryoptions,
];
$effectivepurpose = api::get_effective_contextlevel_purpose($contextlevel);
if ($effectivepurpose) {
$customdata['currentretentionperiod'] = self::get_retention_display_text($effectivepurpose, $contextlevel,
\context_system::instance());
$customdata['purposeretentionperiods'] = [];
foreach ($purposeoptions as $optionvalue => $unused) {
// Get the effective purpose if $optionvalue would be the selected value.
list($purposeid, $unused) = data_registry::get_effective_default_contextlevel_purpose_and_category($contextlevel,
$optionvalue);
$purpose = new \tool_dataprivacy\purpose($purposeid);
$retentionperiod = self::get_retention_display_text(
$purpose,
$contextlevel,
\context_system::instance()
);
$customdata['purposeretentionperiods'][$optionvalue] = $retentionperiod;
}
}
return $customdata;
}
}
admin/tool/dataprivacy/classes/form/exportfilter_form.php
+106
View File
@@ -0,0 +1,106 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Form to filter export data.
*
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
* @package tool_dataprivacy
* @since Moodle 4.3
*/
namespace tool_dataprivacy\form;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/formslib.php');
/**
* Form to filter export data.
*
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
* @package tool_dataprivacy
* @since Moodle 4.3
*/
class exportfilter_form extends \moodleform {
/**
* Form definition.
*/
public function definition(): void {
$requestid = $this->_customdata['requestid'];
$mform = $this->_form;
$selectitems = [];
$mform->addElement('hidden', 'requestid', $requestid);
$mform->setType('requestid', PARAM_INT);
$contexts = \tool_dataprivacy\api::get_course_contexts_for_view_filter($requestid);
foreach ($contexts as $context) {
$coursename = '';
$groupname = '';
$parentcontexts = $context->get_parent_contexts(true);
$parentcontexts = array_reverse($parentcontexts);
end($parentcontexts);
$lastkey = key($parentcontexts);
reset($parentcontexts);
$firstkey = key($parentcontexts);
foreach ($parentcontexts as $key => $parentcontext) {
if ($key !== $lastkey) {
if ($key !== $firstkey) {
$groupname .= ' > ';
}
$groupname .= $parentcontext->get_context_name(false);
} else {
$coursename = $parentcontext->get_context_name(false);
}
}
$selectitems[$groupname][$context->id] = $coursename;
}
if ($contexts) {
$mform->addElement(
'selectgroups',
'coursecontextids',
get_string('selectcourses', 'tool_dataprivacy'),
$selectitems,
);
$mform->getElement('coursecontextids')->setMultiple(true);
$mform->getElement('coursecontextids')->setSize(15);
} else {
$mform->addElement('html', get_string('nocoursetofilter', 'tool_dataprivacy'));
}
}
/**
* Form validation.
*
* @param array $data
* @param array $files
* @return array
*/
public function validation($data, $files) {
$errors = [];
if (empty($data['coursecontextids'])) {
$errors['coursecontextids'] = get_string('errornoselectedcourse', 'tool_dataprivacy');
}
return $errors;
}
}
admin/tool/dataprivacy/classes/form/purpose.php
+577
View File
@@ -0,0 +1,577 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* This file contains the form add/update a data purpose.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\form;
defined('MOODLE_INTERNAL') || die();
use core\form\persistent;
/**
* Data purpose form.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class purpose extends persistent {
/**
* @var string The persistent class.
*/
protected static $persistentclass = 'tool_dataprivacy\\purpose';
/**
* @var array The list of current overrides.
*/
protected $existingoverrides = [];
/**
* Define the form - called by parent constructor
*/
public function definition() {
$mform = $this->_form;
$mform->addElement('text', 'name', get_string('name'), 'maxlength="100"');
$mform->setType('name', PARAM_TEXT);
$mform->addRule('name', get_string('required'), 'required', null, 'server');
$mform->addRule('name', get_string('maximumchars', '', 100), 'maxlength', 100, 'server');
$mform->addElement('editor', 'description', get_string('description'), null, ['autosave' => false]);
$mform->setType('description', PARAM_CLEANHTML);
// Field for selecting lawful bases (from GDPR Article 6.1).
$this->add_field($this->get_lawful_base_field());
$mform->addRule('lawfulbases', get_string('required'), 'required', null, 'server');
// Optional field for selecting reasons for collecting sensitive personal data (from GDPR Article 9.2).
$this->add_field($this->get_sensitive_base_field());
$this->add_field($this->get_retention_period_fields());
$this->add_field($this->get_protected_field());
$this->add_override_fields();
if (!empty($this->_customdata['showbuttons'])) {
if (!$this->get_persistent()->get('id')) {
$savetext = get_string('add');
} else {
$savetext = get_string('savechanges');
}
$this->add_action_buttons(true, $savetext);
}
}
/**
* Add a fieldset to the current form.
*
* @param \stdClass $data
*/
protected function add_field(\stdClass $data) {
foreach ($data->fields as $field) {
$this->_form->addElement($field);
}
if (!empty($data->helps)) {
foreach ($data->helps as $fieldname => $helpdata) {
$help = array_merge([$fieldname], $helpdata);
call_user_func_array([$this->_form, 'addHelpButton'], $help);
}
}
if (!empty($data->types)) {
foreach ($data->types as $fieldname => $type) {
$this->_form->setType($fieldname, $type);
}
}
if (!empty($data->rules)) {
foreach ($data->rules as $fieldname => $ruledata) {
$rule = array_merge([$fieldname], $ruledata);
call_user_func_array([$this->_form, 'addRule'], $rule);
}
}
if (!empty($data->defaults)) {
foreach ($data->defaults as $fieldname => $default) {
$this->_form($fieldname, $default);
}
}
}
/**
* Handle addition of relevant repeated element fields for role overrides.
*/
protected function add_override_fields() {
$purpose = $this->get_persistent();
if (empty($purpose->get('id'))) {
// It is not possible to use repeated elements in a modal form yet.
return;
}
$fields = [
$this->get_role_override_id('roleoverride_'),
$this->get_role_field('roleoverride_'),
$this->get_retention_period_fields('roleoverride_'),
$this->get_protected_field('roleoverride_'),
$this->get_lawful_base_field('roleoverride_'),
$this->get_sensitive_base_field('roleoverride_'),
];
$options = [
'type' => [],
'helpbutton' => [],
];
// Start by adding the title.
$overrideelements = [
$this->_form->createElement('header', 'roleoverride', get_string('roleoverride', 'tool_dataprivacy')),
$this->_form->createElement(
'static',
'roleoverrideoverview',
'',
get_string('roleoverrideoverview', 'tool_dataprivacy')
),
];
foreach ($fields as $fielddata) {
foreach ($fielddata->fields as $field) {
$overrideelements[] = $field;
}
if (!empty($fielddata->helps)) {
foreach ($fielddata->helps as $name => $help) {
if (!isset($options[$name])) {
$options[$name] = [];
}
$options[$name]['helpbutton'] = $help;
}
}
if (!empty($fielddata->types)) {
foreach ($fielddata->types as $name => $type) {
if (!isset($options[$name])) {
$options[$name] = [];
}
$options[$name]['type'] = $type;
}
}
if (!empty($fielddata->rules)) {
foreach ($fielddata->rules as $name => $rule) {
if (!isset($options[$name])) {
$options[$name] = [];
}
$options[$name]['rule'] = $rule;
}
}
if (!empty($fielddata->defaults)) {
foreach ($fielddata->defaults as $name => $default) {
if (!isset($options[$name])) {
$options[$name] = [];
}
$options[$name]['default'] = $default;
}
}
if (!empty($fielddata->advanceds)) {
foreach ($fielddata->advanceds as $name => $advanced) {
if (!isset($options[$name])) {
$options[$name] = [];
}
$options[$name]['advanced'] = $advanced;
}
}
}
$this->existingoverrides = $purpose->get_purpose_overrides();
$existingoverridecount = count($this->existingoverrides);
$this->repeat_elements(
$overrideelements,
$existingoverridecount,
$options,
'overrides',
'addoverride',
1,
get_string('addroleoverride', 'tool_dataprivacy')
);
}
/**
* Converts fields.
*
* @param \stdClass $data
* @return \stdClass
*/
public function filter_data_for_persistent($data) {
$data = parent::filter_data_for_persistent($data);
$classname = static::$persistentclass;
$properties = $classname::properties_definition();
$data = (object) array_filter((array) $data, function($value, $key) use ($properties) {
return isset($properties[$key]);
}, ARRAY_FILTER_USE_BOTH);
return $data;
}
/**
* Get the field for the role name.
*
* @param string $prefix The prefix to apply to the field
* @return \stdClass
*/
protected function get_role_override_id(string $prefix = ''): \stdClass {
$fieldname = "{$prefix}id";
$fielddata = (object) [
'fields' => [],
];
$fielddata->fields[] = $this->_form->createElement('hidden', $fieldname);
$fielddata->types[$fieldname] = PARAM_INT;
return $fielddata;
}
/**
* Get the field for the role name.
*
* @param string $prefix The prefix to apply to the field
* @return \stdClass
*/
protected function get_role_field(string $prefix = ''): \stdClass {
$fieldname = "{$prefix}roleid";
$fielddata = (object) [
'fields' => [],
'helps' => [],
];
$roles = [
'' => get_string('none'),
];
foreach (role_get_names() as $roleid => $role) {
$roles[$roleid] = $role->localname;
}
$fielddata->fields[] = $this->_form->createElement('select', $fieldname, get_string('role'),
$roles,
[
'multiple' => false,
]
);
$fielddata->helps[$fieldname] = ['role', 'tool_dataprivacy'];
$fielddata->defaults[$fieldname] = null;
return $fielddata;
}
/**
* Get the mform field for lawful bases.
*
* @param string $prefix The prefix to apply to the field
* @return \stdClass
*/
protected function get_lawful_base_field(string $prefix = ''): \stdClass {
$fieldname = "{$prefix}lawfulbases";
$data = (object) [
'fields' => [],
];
$bases = [];
foreach (\tool_dataprivacy\purpose::GDPR_ART_6_1_ITEMS as $article) {
$key = 'gdpr_art_6_1_' . $article;
$bases[$key] = get_string("{$key}_name", 'tool_dataprivacy');
}
$data->fields[] = $this->_form->createElement('autocomplete', $fieldname, get_string('lawfulbases', 'tool_dataprivacy'),
$bases,
[
'multiple' => true,
]
);
$data->helps = [
$fieldname => ['lawfulbases', 'tool_dataprivacy'],
];
$data->advanceds = [
$fieldname => true,
];
return $data;
}
/**
* Get the mform field for sensitive bases.
*
* @param string $prefix The prefix to apply to the field
* @return \stdClass
*/
protected function get_sensitive_base_field(string $prefix = ''): \stdClass {
$fieldname = "{$prefix}sensitivedatareasons";
$data = (object) [
'fields' => [],
];
$bases = [];
foreach (\tool_dataprivacy\purpose::GDPR_ART_9_2_ITEMS as $article) {
$key = 'gdpr_art_9_2_' . $article;
$bases[$key] = get_string("{$key}_name", 'tool_dataprivacy');
}
$data->fields[] = $this->_form->createElement(
'autocomplete',
$fieldname,
get_string('sensitivedatareasons', 'tool_dataprivacy'),
$bases,
[
'multiple' => true,
]
);
$data->helps = [
$fieldname => ['sensitivedatareasons', 'tool_dataprivacy'],
];
$data->advanceds = [
$fieldname => true,
];
return $data;
}
/**
* Get the retention period fields.
*
* @param string $prefix The name of the main field, and prefix for the subfields.
* @return \stdClass
*/
protected function get_retention_period_fields(string $prefix = ''): \stdClass {
$prefix = "{$prefix}retentionperiod";
$data = (object) [
'fields' => [],
'types' => [],
];
$number = $this->_form->createElement('text', "{$prefix}number", null, ['size' => 8]);
$data->types["{$prefix}number"] = PARAM_INT;
$unitoptions = [
'Y' => get_string('years'),
'M' => strtolower(get_string('months')),
'D' => strtolower(get_string('days'))
];
$unit = $this->_form->createElement('select', "{$prefix}unit", '', $unitoptions);
$data->fields[] = $this->_form->createElement(
'group',
$prefix,
get_string('retentionperiod', 'tool_dataprivacy'),
[
'number' => $number,
'unit' => $unit,
],
null,
false
);
return $data;
}
/**
* Get the mform field for the protected flag.
*
* @param string $prefix The prefix to apply to the field
* @return \stdClass
*/
protected function get_protected_field(string $prefix = ''): \stdClass {
$fieldname = "{$prefix}protected";
return (object) [
'fields' => [
$this->_form->createElement(
'advcheckbox',
$fieldname,
get_string('protected', 'tool_dataprivacy'),
get_string('protectedlabel', 'tool_dataprivacy')
),
],
];
}
/**
* Converts data to data suitable for storage.
*
* @param \stdClass $data
* @return \stdClass
*/
protected static function convert_fields(\stdClass $data) {
$data = parent::convert_fields($data);
if (!empty($data->lawfulbases) && is_array($data->lawfulbases)) {
$data->lawfulbases = implode(',', $data->lawfulbases);
}
if (!empty($data->sensitivedatareasons) && is_array($data->sensitivedatareasons)) {
$data->sensitivedatareasons = implode(',', $data->sensitivedatareasons);
} else {
// Nothing selected. Set default value of null.
$data->sensitivedatareasons = null;
}
// A single value.
$data->retentionperiod = 'P' . $data->retentionperiodnumber . $data->retentionperiodunit;
unset($data->retentionperiodnumber);
unset($data->retentionperiodunit);
return $data;
}
/**
* Get the default data.
*
* @return \stdClass
*/
protected function get_default_data() {
$data = parent::get_default_data();
return $this->convert_existing_data_to_values($data);
}
/**
* Normalise any values stored in existing data.
*
* @param \stdClass $data
* @return \stdClass
*/
protected function convert_existing_data_to_values(\stdClass $data): \stdClass {
$data->lawfulbases = explode(',', $data->lawfulbases);
if (!empty($data->sensitivedatareasons)) {
$data->sensitivedatareasons = explode(',', $data->sensitivedatareasons);
}
// Convert the single properties into number and unit.
$strlen = strlen($data->retentionperiod);
$data->retentionperiodnumber = substr($data->retentionperiod, 1, $strlen - 2);
$data->retentionperiodunit = substr($data->retentionperiod, $strlen - 1);
unset($data->retentionperiod);
return $data;
}
/**
* Fetch the role override data from the list of submitted data.
*
* @param \stdClass $data The complete set of processed data
* @return \stdClass[] The list of overrides
*/
public function get_role_overrides_from_data(\stdClass $data) {
$overrides = [];
if (!empty($data->overrides)) {
$searchkey = 'roleoverride_';
for ($i = 0; $i < $data->overrides; $i++) {
$overridedata = (object) [];
foreach ((array) $data as $fieldname => $value) {
if (strpos($fieldname, $searchkey) !== 0) {
continue;
}
$overridefieldname = substr($fieldname, strlen($searchkey));
$overridedata->$overridefieldname = $value[$i];
}
if (empty($overridedata->roleid) || empty($overridedata->retentionperiodnumber)) {
// Skip this one.
// There is no value and it will be delete.
continue;
}
$override = static::convert_fields($overridedata);
$overrides[$i] = $override;
}
}
return $overrides;
}
/**
* Define extra validation mechanims.
*
* @param stdClass $data Data to validate.
* @param array $files Array of files.
* @param array $errors Currently reported errors.
* @return array of additional errors, or overridden errors.
*/
protected function extra_validation($data, $files, array &$errors) {
$overrides = $this->get_role_overrides_from_data($data);
// Check role overrides to ensure that:
// - roles are unique; and
// - specifeid retention periods are numeric.
$seenroleids = [];
foreach ($overrides as $id => $override) {
$override->purposeid = 0;
$persistent = new \tool_dataprivacy\purpose_override($override->id, $override);
if (isset($seenroleids[$persistent->get('roleid')])) {
$errors["roleoverride_roleid[{$id}]"] = get_string('duplicaterole');
}
$seenroleids[$persistent->get('roleid')] = true;
$errors = array_merge($errors, $persistent->get_errors());
}
return $errors;
}
/**
* Load in existing data as form defaults. Usually new entry defaults are stored directly in
* form definition (new entry form); this function is used to load in data where values
* already exist and data is being edited (edit entry form).
*
* @param stdClass $data
*/
public function set_data($data) {
$purpose = $this->get_persistent();
$count = 0;
foreach ($this->existingoverrides as $override) {
$overridedata = $this->convert_existing_data_to_values($override->to_record());
foreach ($overridedata as $key => $value) {
$keyname = "roleoverride_{$key}[{$count}]";
$data->$keyname = $value;
}
$count++;
}
parent::set_data($data);
}
}
admin/tool/dataprivacy/classes/hook_callbacks.php
+53
View File
@@ -0,0 +1,53 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy;
use html_writer;
use moodle_url;
/**
* Hook callbacks for tool_dataprivacy.
*
* @package tool_dataprivacy
* @copyright 2024 Andrew Lyons <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class hook_callbacks {
/**
* Add the privacy summary to the footer.
*
* @param \core\hook\output\before_standard_footer_html_generation $hook
*/
public static function standard_footer_html(\core\hook\output\before_standard_footer_html_generation $hook): void {
// A returned 0 means that the setting was set and disabled, false means that there is no value for the provided setting.
$showsummary = get_config('tool_dataprivacy', 'showdataretentionsummary');
if ($showsummary === false) {
// This means that no value is stored in db. We use the default value in this case.
$showsummary = true;
}
if ($showsummary) {
$url = new moodle_url('/admin/tool/dataprivacy/summary.php');
$hook->add_html(
html_writer::div(
html_writer::link($url, get_string('dataretentionsummary', 'tool_dataprivacy')),
'tool_dataprivacy',
),
);
}
}
}
admin/tool/dataprivacy/classes/local/helper.php
+252
View File
@@ -0,0 +1,252 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Collection of helper functions for the data privacy tool.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\local;
defined('MOODLE_INTERNAL') || die();
use coding_exception;
use moodle_exception;
use tool_dataprivacy\api;
use tool_dataprivacy\data_request;
/**
* Class containing helper functions for the data privacy tool.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class helper {
/** The default number of results to be shown per page. */
const DEFAULT_PAGE_SIZE = 20;
/** Filter constant associated with the request type filter. */
const FILTER_TYPE = 1;
/** Filter constant associated with the request status filter. */
const FILTER_STATUS = 2;
/** Filter constant associated with the request creation filter. */
const FILTER_CREATION = 3;
/** The request filters preference key. */
const PREF_REQUEST_FILTERS = 'tool_dataprivacy_request-filters';
/** The number of data request records per page preference key. */
const PREF_REQUEST_PERPAGE = 'tool_dataprivacy_request-perpage';
/**
* Retrieves the human-readable text value of a data request type.
*
* @param int $requesttype The request type.
* @return string
* @throws coding_exception
* @throws moodle_exception
*/
public static function get_request_type_string($requesttype) {
$types = self::get_request_types();
if (!isset($types[$requesttype])) {
throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy');
}
return $types[$requesttype];
}
/**
* Retrieves the human-readable shortened text value of a data request type.
*
* @param int $requesttype The request type.
* @return string
* @throws coding_exception
* @throws moodle_exception
*/
public static function get_shortened_request_type_string($requesttype) {
$types = self::get_request_types_short();
if (!isset($types[$requesttype])) {
throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy');
}
return $types[$requesttype];
}
/**
* Returns the key value-pairs of request type code and their string value.
*
* @return array
*/
public static function get_request_types() {
return [
api::DATAREQUEST_TYPE_EXPORT => get_string('requesttypeexport', 'tool_dataprivacy'),
api::DATAREQUEST_TYPE_DELETE => get_string('requesttypedelete', 'tool_dataprivacy'),
api::DATAREQUEST_TYPE_OTHERS => get_string('requesttypeothers', 'tool_dataprivacy'),
];
}
/**
* Returns the key value-pairs of request type code and their shortened string value.
*
* @return array
*/
public static function get_request_types_short() {
return [
api::DATAREQUEST_TYPE_EXPORT => get_string('requesttypeexportshort', 'tool_dataprivacy'),
api::DATAREQUEST_TYPE_DELETE => get_string('requesttypedeleteshort', 'tool_dataprivacy'),
api::DATAREQUEST_TYPE_OTHERS => get_string('requesttypeothersshort', 'tool_dataprivacy'),
];
}
/**
* Retrieves the human-readable value of a data request status.
*
* @param int $status The request status.
* @return string
* @throws moodle_exception
*/
public static function get_request_status_string($status) {
$statuses = self::get_request_statuses();
if (!isset($statuses[$status])) {
throw new moodle_exception('errorinvalidrequeststatus', 'tool_dataprivacy');
}
return $statuses[$status];
}
/**
* Returns the key value-pairs of request status code and string value.
*
* @return array
*/
public static function get_request_statuses() {
return [
api::DATAREQUEST_STATUS_PENDING => get_string('statuspending', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_PREPROCESSING => get_string('statuspreprocessing', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_AWAITING_APPROVAL => get_string('statusawaitingapproval', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_APPROVED => get_string('statusapproved', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_PROCESSING => get_string('statusprocessing', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_COMPLETE => get_string('statuscomplete', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_DOWNLOAD_READY => get_string('statusready', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_EXPIRED => get_string('statusexpired', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_CANCELLED => get_string('statuscancelled', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_REJECTED => get_string('statusrejected', 'tool_dataprivacy'),
api::DATAREQUEST_STATUS_DELETED => get_string('statusdeleted', 'tool_dataprivacy'),
];
}
/**
* Retrieves the human-readable value of a data request creation method.
*
* @param int $creation The request creation method.
* @return string
* @throws moodle_exception
*/
public static function get_request_creation_method_string($creation) {
$creationmethods = self::get_request_creation_methods();
if (!isset($creationmethods[$creation])) {
throw new moodle_exception('errorinvalidrequestcreationmethod', 'tool_dataprivacy');
}
return $creationmethods[$creation];
}
/**
* Returns the key value-pairs of request creation method code and string value.
*
* @return array
*/
public static function get_request_creation_methods() {
return [
data_request::DATAREQUEST_CREATION_MANUAL => get_string('creationmanual', 'tool_dataprivacy'),
data_request::DATAREQUEST_CREATION_AUTO => get_string('creationauto', 'tool_dataprivacy'),
];
}
/**
* Get the users that a user can make data request for.
*
* E.g. User having a parent role and has the 'tool/dataprivacy:makedatarequestsforchildren' capability.
* @param int $userid The user's ID.
* @return array
*/
public static function get_children_of_user($userid) {
global $DB;
// Get users that the user has role assignments to.
$userfieldsapi = \core_user\fields::for_name();
$allusernames = $userfieldsapi->get_sql('u', false, '', '', false)->selects;
$sql = "SELECT u.id, $allusernames
FROM {role_assignments} ra, {context} c, {user} u
WHERE ra.userid = :userid
AND ra.contextid = c.id
AND c.instanceid = u.id
AND c.contextlevel = :contextlevel";
$params = [
'userid' => $userid,
'contextlevel' => CONTEXT_USER
];
// The final list of users that we will return.
$finalresults = [];
// Our prospective list of users.
if ($candidates = $DB->get_records_sql($sql, $params)) {
foreach ($candidates as $key => $child) {
$childcontext = \context_user::instance($child->id);
if (has_capability('tool/dataprivacy:makedatarequestsforchildren', $childcontext, $userid)) {
$finalresults[$key] = $child;
}
}
}
return $finalresults;
}
/**
* Get options for the data requests filter.
*
* @return array
* @throws coding_exception
*/
public static function get_request_filter_options() {
$filters = [
self::FILTER_TYPE => (object)[
'name' => get_string('requesttype', 'tool_dataprivacy'),
'options' => self::get_request_types_short()
],
self::FILTER_STATUS => (object)[
'name' => get_string('requeststatus', 'tool_dataprivacy'),
'options' => self::get_request_statuses()
],
self::FILTER_CREATION => (object)[
'name' => get_string('requestcreation', 'tool_dataprivacy'),
'options' => self::get_request_creation_methods()
],
];
$options = [];
foreach ($filters as $category => $filtercategory) {
foreach ($filtercategory->options as $key => $name) {
$option = (object)[
'category' => $filtercategory->name,
'name' => $name
];
$options["{$category}:{$key}"] = get_string('filteroption', 'tool_dataprivacy', $option);
}
}
return $options;
}
}
admin/tool/dataprivacy/classes/manager_observer.php
+76
View File
@@ -0,0 +1,76 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class \tool_dataprivacy\manager_observer.
*
* @package tool_dataprivacy
* @copyright 2018 Marina Glancy
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
/**
* A failure observer for the \core_privacy\manager.
*
* @package tool_dataprivacy
* @copyright 2018 Marina Glancy
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class manager_observer implements \core_privacy\manager_observer {
/**
* Notifies all DPOs that an exception occurred.
*
* @param \Throwable $e
* @param string $component
* @param string $interface
* @param string $methodname
* @param array $params
*/
public function handle_component_failure($e, $component, $interface, $methodname, array $params) {
// Get the list of the site Data Protection Officers.
$dpos = api::get_site_dpos();
$messagesubject = get_string('exceptionnotificationsubject', 'tool_dataprivacy');
$a = (object)[
'fullmethodname' => \core_privacy\manager::get_provider_classname_for_component($component) . '::' . $methodname,
'component' => $component,
'message' => $e->getMessage(),
'backtrace' => $e->getTraceAsString()
];
$messagebody = get_string('exceptionnotificationbody', 'tool_dataprivacy', $a);
// Email the data request to the Data Protection Officer(s)/Admin(s).
foreach ($dpos as $dpo) {
$message = new \core\message\message();
$message->courseid = SITEID;
$message->component = 'tool_dataprivacy';
$message->name = 'notifyexceptions';
$message->userfrom = \core_user::get_noreply_user();
$message->subject = $messagesubject;
$message->fullmessageformat = FORMAT_HTML;
$message->notification = 1;
$message->userto = $dpo;
$message->fullmessagehtml = $messagebody;
$message->fullmessage = html_to_text($messagebody);
// Send message.
message_send($message);
}
}
}
admin/tool/dataprivacy/classes/metadata_registry.php
+183
View File
@@ -0,0 +1,183 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing helper methods for processing data requests.
*
* @package tool_dataprivacy
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use core_privacy\local\metadata\types\type;
defined('MOODLE_INTERNAL') || die();
/**
* Class containing helper methods for processing data requests.
*
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class metadata_registry {
/**
* Returns plugin types / plugins and the user data that it stores in a format that can be sent to a template.
*
* @return array An array with all of the plugin types / plugins and the user data they store.
*/
public function get_registry_metadata() {
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
$pluginman = \core_plugin_manager::instance();
$contributedplugins = $this->get_contrib_list();
$metadata = $manager->get_metadata_for_components();
$fullyrichtree = $this->get_full_component_list();
foreach ($fullyrichtree as $branch => $leaves) {
$plugintype = $leaves['plugin_type'];
$plugins = array_map(function($component) use ($manager, $metadata, $contributedplugins, $plugintype, $pluginman) {
// Use the plugin name for the plugins, ignore for core subsystems.
$internaldata = ($plugintype == 'core') ? ['component' => $component] :
['component' => $pluginman->plugin_name($component)];
$internaldata['raw_component'] = $component;
if ($manager->component_is_compliant($component)) {
$internaldata['compliant'] = true;
if (isset($metadata[$component])) {
$collection = $metadata[$component]->get_collection();
$internaldata = $this->format_metadata($collection, $component, $internaldata);
} else if ($manager->is_empty_subsystem($component)) {
// This is an unused subsystem.
// Use the generic string.
$internaldata['nullprovider'] = get_string('privacy:subsystem:empty', 'core_privacy');
} else {
// Call get_reason for null provider.
$internaldata['nullprovider'] = get_string($manager->get_null_provider_reason($component), $component);
}
} else {
$internaldata['compliant'] = false;
}
// Check to see if we are an external plugin.
// Plugin names can contain _ characters, limit to 2 to just remove initial plugintype.
$componentshortname = explode('_', $component, 2);
$shortname = array_pop($componentshortname);
if (isset($contributedplugins[$plugintype][$shortname])) {
$internaldata['external'] = true;
}
// Additional interface checks.
if (!$manager->is_empty_subsystem($component)) {
$classname = $manager->get_provider_classname_for_component($component);
if (class_exists($classname)) {
$componentclass = new $classname();
// Check if the interface is deprecated.
if ($componentclass instanceof \core_privacy\local\deprecated) {
$internaldata['deprecated'] = true;
}
// Check that the core_userlist_provider is implemented for all user data providers.
if ($componentclass instanceof \core_privacy\local\request\core_user_data_provider
&& !$componentclass instanceof \core_privacy\local\request\core_userlist_provider) {
$internaldata['userlistnoncompliance'] = true;
}
// Check that any type of userlist_provider is implemented for all shared data providers.
if ($componentclass instanceof \core_privacy\local\request\shared_data_provider
&& !$componentclass instanceof \core_privacy\local\request\userlist_provider) {
$internaldata['userlistnoncompliance'] = true;
}
}
}
return $internaldata;
}, $leaves['plugins']);
$fullyrichtree[$branch]['plugin_type_raw'] = $plugintype;
// We're done using the plugin type. Convert it to a readable string.
$fullyrichtree[$branch]['plugin_type'] = $pluginman->plugintype_name($plugintype);
$fullyrichtree[$branch]['plugins'] = $plugins;
}
return $fullyrichtree;
}
/**
* Formats the metadata for use with a template.
*
* @param type[] $collection The collection associated with the component that we want to expand and format.
* @param string $component The component that we are dealing in
* @param array $internaldata The array to add the formatted metadata to.
* @return array The internal data array with the formatted metadata.
*/
protected function format_metadata($collection, $component, $internaldata) {
foreach ($collection as $collectioninfo) {
$privacyfields = $collectioninfo->get_privacy_fields();
$fields = '';
if (!empty($privacyfields)) {
$fields = array_map(function($key, $field) use ($component) {
return [
'field_name' => $key,
'field_summary' => get_string($field, $component)
];
}, array_keys($privacyfields), $privacyfields);
}
// Can the metadata types be located somewhere else besides core?
$items = explode('\\', get_class($collectioninfo));
$type = array_pop($items);
$typedata = [
'name' => $collectioninfo->get_name(),
'type' => $type,
'fields' => $fields,
'summary' => get_string($collectioninfo->get_summary(), $component)
];
if (strpos($type, 'subsystem_link') === 0 || strpos($type, 'plugintype_link') === 0) {
$typedata['link'] = true;
}
$internaldata['metadata'][] = $typedata;
}
return $internaldata;
}
/**
* Return the full list of components.
*
* @return array An array of plugin types which contain plugin data.
*/
protected function get_full_component_list() {
global $CFG;
$list = \core_component::get_component_list();
$list['core']['core'] = "{$CFG->dirroot}/lib";
$formattedlist = [];
foreach ($list as $plugintype => $plugin) {
$formattedlist[] = ['plugin_type' => $plugintype, 'plugins' => array_keys($plugin)];
}
return $formattedlist;
}
/**
* Returns a list of contributed plugins installed on the system.
*
* @return array A list of contributed plugins installed.
*/
protected function get_contrib_list() {
return array_map(function($plugins) {
return array_filter($plugins, function($plugindata) {
return !$plugindata->is_standard();
});
}, \core_plugin_manager::instance()->get_plugins());
}
}
admin/tool/dataprivacy/classes/output/categories.php
+88
View File
@@ -0,0 +1,88 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Categories renderable.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\external\category_exporter;
/**
* Class containing the categories page renderable.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class categories extends crud_element implements renderable, templatable {
/** @var array $categories All system categories. */
protected $categories = [];
/**
* Construct this renderable.
*
* @param \tool_dataprivacy\category[] $categories
*/
public function __construct($categories) {
$this->categories = $categories;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
*/
public function export_for_template(renderer_base $output) {
global $PAGE;
$context = \context_system::instance();
$PAGE->requires->js_call_amd('tool_dataprivacy/categoriesactions', 'init');
$PAGE->requires->js_call_amd('tool_dataprivacy/add_category', 'getInstance', [$context->id]);
$data = new stdClass();
// Navigation links.
$data->navigation = [];
$navigationlinks = $this->get_navigation();
foreach ($navigationlinks as $navlink) {
$data->navigation[] = $navlink->export_for_template($output);
}
$data->categories = [];
foreach ($this->categories as $category) {
$exporter = new category_exporter($category, ['context' => \context_system::instance()]);
$exportedcategory = $exporter->export($output);
$actionmenu = $this->action_menu('category', $exportedcategory, $category);
$exportedcategory->actions = $actionmenu->export_for_template($output);
$data->categories[] = $exportedcategory;
}
return $data;
}
}
admin/tool/dataprivacy/classes/output/crud_element.php
+91
View File
@@ -0,0 +1,91 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Abstract renderer for independent renderable elements.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\external\purpose_exporter;
use tool_dataprivacy\external\category_exporter;
/**
* Abstract renderer for independent renderable elements.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
abstract class crud_element {
/**
* Returns the top navigation buttons.
*
* @return \action_link[]
*/
final protected function get_navigation() {
$back = new \action_link(
new \moodle_url('/admin/tool/dataprivacy/dataregistry.php'),
get_string('back'),
null,
['class' => 'btn btn-primary']
);
return [$back];
}
/**
* Adds an action menu for the provided element
*
* @param string $elementname 'purpose' or 'category'.
* @param \stdClass $exported
* @param \core\persistent $persistent
* @return \action_menu
*/
final protected function action_menu($elementname, $exported, $persistent) {
// Just in case, we are doing funny stuff below.
$elementname = clean_param($elementname, PARAM_ALPHA);
// Actions.
$actionmenu = new \action_menu();
$actionmenu->set_menu_trigger(get_string('actions'));
$actionmenu->set_owner_selector($elementname . '-' . $exported->id . '-actions');
$url = new \moodle_url('/admin/tool/dataprivacy/edit' . $elementname . '.php',
['id' => $exported->id]);
$link = new \action_menu_link_secondary($url, new \pix_icon('t/edit',
get_string('edit')), get_string('edit'));
$actionmenu->add($link);
if (!$persistent->is_used()) {
$url = new \moodle_url('#');
$attrs = ['data-id' => $exported->id, 'data-action' => 'delete' . $elementname, 'data-name' => $exported->name];
$link = new \action_menu_link_secondary($url, new \pix_icon('t/delete',
get_string('delete')), get_string('delete'), $attrs);
$actionmenu->add($link);
}
return $actionmenu;
}
}
admin/tool/dataprivacy/classes/output/data_deletion_page.php
+94
View File
@@ -0,0 +1,94 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing data for a user's data requests.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use coding_exception;
use moodle_exception;
use moodle_url;
use renderable;
use renderer_base;
use single_select;
use stdClass;
use templatable;
use tool_dataprivacy\data_request;
use tool_dataprivacy\local\helper;
/**
* Class containing data for a user's data requests.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_deletion_page implements renderable, templatable {
/** @var data_request[] $requests List of data requests. */
protected $filter = null;
/** @var data_request[] $requests List of data requests. */
protected $expiredcontextstable = [];
/**
* Construct this renderable.
*
* @param \tool_dataprivacy\data_request[] $filter
* @param expired_contexts_table $expiredcontextstable
*/
public function __construct($filter, expired_contexts_table $expiredcontextstable) {
$this->filter = $filter;
$this->expiredcontextstable = $expiredcontextstable;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
* @throws coding_exception
* @throws moodle_exception
*/
public function export_for_template(renderer_base $output) {
$data = new stdClass();
$url = new moodle_url('/admin/tool/dataprivacy/datadeletion.php');
$options = [
CONTEXT_USER => get_string('user'),
CONTEXT_COURSE => get_string('course'),
CONTEXT_MODULE => get_string('activitiesandresources', 'tool_dataprivacy'),
CONTEXT_BLOCK => get_string('blocks'),
];
$filterselector = new single_select($url, 'filter', $options, $this->filter, null);
$data->filter = $filterselector->export_for_template($output);
ob_start();
$this->expiredcontextstable->out(helper::DEFAULT_PAGE_SIZE, true);
$expiredcontexts = ob_get_contents();
ob_end_clean();
$data->expiredcontexts = $expiredcontexts;
$data->existingcontexts = $this->expiredcontextstable->rawdata ? true : false;
return $data;
}
}
admin/tool/dataprivacy/classes/output/data_registry_compliance_page.php
+60
View File
@@ -0,0 +1,60 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Contains the data registry compliance renderable.
*
* @package tool_dataprivacy
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use templatable;
/**
* Class containing the data registry compliance renderable
*
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_registry_compliance_page implements renderable, templatable {
/** @var array meta-data to be displayed about the system. */
protected $metadata;
/**
* Constructor.
*
* @param array $metadata
*/
public function __construct($metadata) {
$this->metadata = $metadata;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
*/
public function export_for_template(renderer_base $output) {
return ['types' => $this->metadata];
}
}
admin/tool/dataprivacy/classes/output/data_registry_page.php
+475
View File
@@ -0,0 +1,475 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Data registry renderable.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\data_registry;
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
require_once($CFG->libdir . '/blocklib.php');
/**
* Class containing the data registry renderable
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_registry_page implements renderable, templatable {
/**
* @var int
*/
private $defaultcontextlevel;
/**
* @var int
*/
private $defaultcontextid;
/**
* Constructor.
*
* @param int $defaultcontextlevel
* @param int $defaultcontextid
* @return null
*/
public function __construct($defaultcontextlevel = false, $defaultcontextid = false) {
$this->defaultcontextlevel = $defaultcontextlevel;
$this->defaultcontextid = $defaultcontextid;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
*/
public function export_for_template(renderer_base $output) {
global $PAGE;
$params = [\context_system::instance()->id, $this->defaultcontextlevel, $this->defaultcontextid];
$PAGE->requires->js_call_amd('tool_dataprivacy/data_registry', 'init', $params);
$data = new stdClass();
$defaultsbutton = new \action_link(
new \moodle_url('/admin/tool/dataprivacy/defaults.php'),
get_string('setdefaults', 'tool_dataprivacy'),
null,
['class' => 'btn btn-primary']
);
$data->defaultsbutton = $defaultsbutton->export_for_template($output);
$actionmenu = new \action_menu();
$actionmenu->set_menu_trigger(get_string('edit'), 'btn btn-primary');
$actionmenu->set_owner_selector('dataregistry-actions');
$url = new \moodle_url('/admin/tool/dataprivacy/categories.php');
$categories = new \action_menu_link_secondary($url, null, get_string('categories', 'tool_dataprivacy'));
$actionmenu->add($categories);
$url = new \moodle_url('/admin/tool/dataprivacy/purposes.php');
$purposes = new \action_menu_link_secondary($url, null, get_string('purposes', 'tool_dataprivacy'));
$actionmenu->add($purposes);
$data->actions = $actionmenu->export_for_template($output);
if (!data_registry::defaults_set()) {
$data->info = (object)[
'message' => get_string('dataregistryinfo', 'tool_dataprivacy'),
'announce' => 1
];
$data->nosystemdefaults = (object)[
'message' => get_string('nosystemdefaults', 'tool_dataprivacy'),
'announce' => 1
];
}
$data->tree = $this->get_default_tree_structure();
return $data;
}
/**
* Returns the tree default structure.
*
* @return array
*/
private function get_default_tree_structure() {
$frontpage = \context_course::instance(SITEID);
$categorybranches = $this->get_all_category_branches();
$elements = [
'text' => get_string('contextlevelname' . CONTEXT_SYSTEM, 'tool_dataprivacy'),
'contextlevel' => CONTEXT_SYSTEM,
'branches' => [
[
'text' => get_string('user'),
'contextlevel' => CONTEXT_USER,
], [
'text' => get_string('categories'),
'branches' => $categorybranches,
'expandelement' => 'category',
], [
'text' => get_string('frontpagecourse', 'tool_dataprivacy'),
'contextid' => $frontpage->id,
'branches' => [
[
'text' => get_string('activitiesandresources', 'tool_dataprivacy'),
'expandcontextid' => $frontpage->id,
'expandelement' => 'module',
'expanded' => 0,
], [
'text' => get_string('blocks'),
'expandcontextid' => $frontpage->id,
'expandelement' => 'block',
'expanded' => 0,
],
]
]
]
];
// Returned as an array to follow a common array format.
return [self::complete($elements, $this->defaultcontextlevel, $this->defaultcontextid)];
}
/**
* Returns the hierarchy of system course categories.
*
* @return array
*/
private function get_all_category_branches() {
$categories = data_registry::get_site_categories();
$categoriesbranch = [];
while (count($categories) > 0) {
foreach ($categories as $key => $category) {
$context = \context_coursecat::instance($category->id);
$newnode = [
'text' => shorten_text(format_string($category->name, true, ['context' => $context])),
'categoryid' => $category->id,
'contextid' => $context->id,
];
if ($category->coursecount > 0) {
$newnode['branches'] = [
[
'text' => get_string('courses'),
'expandcontextid' => $context->id,
'expandelement' => 'course',
'expanded' => 0,
]
];
}
$added = false;
if ($category->parent == 0) {
// New categories root-level node.
$categoriesbranch[] = $newnode;
$added = true;
} else {
// Add the new node under the appropriate parent.
if ($this->add_to_parent_category_branch($category, $newnode, $categoriesbranch)) {
$added = true;
}
}
if ($added) {
unset($categories[$key]);
}
}
}
return $categoriesbranch;
}
/**
* Gets the courses branch for the provided category.
*
* @param \context $catcontext
* @return array
*/
public static function get_courses_branch(\context $catcontext) {
if ($catcontext->contextlevel !== CONTEXT_COURSECAT) {
throw new \coding_exception('A course category context should be provided');
}
$coursecat = \core_course_category::get($catcontext->instanceid);
$courses = $coursecat->get_courses();
$branches = [];
foreach ($courses as $course) {
$coursecontext = \context_course::instance($course->id);
$coursenode = [
'text' => shorten_text(format_string($course->shortname, true, ['context' => $coursecontext])),
'contextid' => $coursecontext->id,
'branches' => [
[
'text' => get_string('activitiesandresources', 'tool_dataprivacy'),
'expandcontextid' => $coursecontext->id,
'expandelement' => 'module',
'expanded' => 0,
], [
'text' => get_string('blocks'),
'expandcontextid' => $coursecontext->id,
'expandelement' => 'block',
'expanded' => 0,
],
]
];
$branches[] = self::complete($coursenode);
}
return $branches;
}
/**
* Gets the modules branch for the provided course.
*
* @param \context $coursecontext
* @return array
*/
public static function get_modules_branch(\context $coursecontext) {
if ($coursecontext->contextlevel !== CONTEXT_COURSE) {
throw new \coding_exception('A course context should be provided');
}
$branches = [];
// Using the current user.
$modinfo = get_fast_modinfo($coursecontext->instanceid);
foreach ($modinfo->get_instances() as $moduletype => $instances) {
foreach ($instances as $cm) {
if (!$cm->uservisible) {
continue;
}
$a = (object)[
'instancename' => shorten_text($cm->get_formatted_name()),
'modulename' => get_string('pluginname', 'mod_' . $moduletype),
];
$text = get_string('moduleinstancename', 'tool_dataprivacy', $a);
$branches[] = self::complete([
'text' => $text,
'contextid' => $cm->context->id,
]);
}
}
return $branches;
}
/**
* Gets the blocks branch for the provided course.
*
* @param \context $coursecontext
* @return null
*/
public static function get_blocks_branch(\context $coursecontext) {
global $DB;
if ($coursecontext->contextlevel !== CONTEXT_COURSE) {
throw new \coding_exception('A course context should be provided');
}
$branches = [];
$children = $coursecontext->get_child_contexts();
foreach ($children as $childcontext) {
if ($childcontext->contextlevel !== CONTEXT_BLOCK) {
continue;
}
$blockinstance = block_instance_by_id($childcontext->instanceid);
$displayname = shorten_text(format_string($blockinstance->get_title(), true, ['context' => $childcontext]));
$branches[] = self::complete([
'text' => $displayname,
'contextid' => $childcontext->id,
]);
}
return $branches;
}
/**
* Adds the provided category to the categories branch.
*
* @param stdClass $category
* @param array $newnode
* @param array $categoriesbranch
* @return bool
*/
private function add_to_parent_category_branch($category, $newnode, &$categoriesbranch) {
foreach ($categoriesbranch as $key => $branch) {
if (!empty($branch['categoryid']) && $branch['categoryid'] == $category->parent) {
// It may be empty (if it does not contain courses and this is the first child cat).
if (!isset($categoriesbranch[$key]['branches'])) {
$categoriesbranch[$key]['branches'] = [];
}
$categoriesbranch[$key]['branches'][] = $newnode;
return true;
}
if (!empty($branch['branches'])) {
$parent = $this->add_to_parent_category_branch($category, $newnode, $categoriesbranch[$key]['branches']);
if ($parent) {
return true;
}
}
}
return false;
}
/**
* Completes tree nodes with default values.
*
* @param array $node
* @param int|false $currentcontextlevel
* @param int|false $currentcontextid
* @return array
*/
private static function complete($node, $currentcontextlevel = false, $currentcontextid = false) {
if (!isset($node['active'])) {
if ($currentcontextlevel && !empty($node['contextlevel']) &&
$currentcontextlevel == $node['contextlevel'] &&
empty($currentcontextid)) {
// This is the active context level, we also checked that there
// is no default contextid set.
$node['active'] = true;
} else if ($currentcontextid && !empty($node['contextid']) &&
$currentcontextid == $node['contextid']) {
$node['active'] = true;
} else {
$node['active'] = null;
}
}
if (!isset($node['branches'])) {
$node['branches'] = [];
} else {
foreach ($node['branches'] as $key => $childnode) {
$node['branches'][$key] = self::complete($childnode, $currentcontextlevel, $currentcontextid);
}
}
if (!isset($node['expandelement'])) {
$node['expandelement'] = null;
}
if (!isset($node['expandcontextid'])) {
$node['expandcontextid'] = null;
}
if (!isset($node['contextid'])) {
$node['contextid'] = null;
}
if (!isset($node['contextlevel'])) {
$node['contextlevel'] = null;
}
if (!isset($node['expanded'])) {
if (!empty($node['branches'])) {
$node['expanded'] = 1;
} else {
$node['expanded'] = 0;
}
}
return $node;
}
/**
* From a list of purpose persistents to a list of id => name purposes.
*
* @param \tool_dataprivacy\purpose[] $purposes
* @param bool $includenotset
* @param bool $includeinherit
* @return string[]
*/
public static function purpose_options($purposes, $includenotset = true, $includeinherit = true) {
$options = self::base_options($includenotset, $includeinherit);
foreach ($purposes as $purpose) {
$options[$purpose->get('id')] = $purpose->get('name');
}
return $options;
}
/**
* From a list of category persistents to a list of id => name categories.
*
* @param \tool_dataprivacy\category[] $categories
* @param bool $includenotset
* @param bool $includeinherit
* @return string[]
*/
public static function category_options($categories, $includenotset = true, $includeinherit = true) {
$options = self::base_options($includenotset, $includeinherit);
foreach ($categories as $category) {
$options[$category->get('id')] = $category->get('name');
}
return $options;
}
/**
* Base not set and inherit options.
*
* @param bool $includenotset
* @param bool $includeinherit
* @return array
*/
private static function base_options($includenotset = true, $includeinherit = true) {
$options = [];
if ($includenotset) {
$options[\tool_dataprivacy\context_instance::NOTSET] = get_string('notset', 'tool_dataprivacy');
}
if ($includeinherit) {
$options[\tool_dataprivacy\context_instance::INHERIT] = get_string('inherit', 'tool_dataprivacy');
}
return $options;
}
}
admin/tool/dataprivacy/classes/output/data_requests_page.php
+96
View File
@@ -0,0 +1,96 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing data for a user's data requests.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use coding_exception;
use dml_exception;
use moodle_exception;
use moodle_url;
use renderable;
use renderer_base;
use single_select;
use stdClass;
use templatable;
use tool_dataprivacy\api;
use tool_dataprivacy\local\helper;
/**
* Class containing data for a user's data requests.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_requests_page implements renderable, templatable {
/** @var data_requests_table $table The data requests table. */
protected $table;
/** @var int[] $filters The applied filters. */
protected $filters = [];
/**
* Construct this renderable.
*
* @param data_requests_table $table The data requests table.
* @param int[] $filters The applied filters.
*/
public function __construct($table, $filters) {
$this->table = $table;
$this->filters = $filters;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
* @throws coding_exception
* @throws dml_exception
* @throws moodle_exception
*/
public function export_for_template(renderer_base $output) {
$data = new stdClass();
$data->newdatarequesturl = new moodle_url('/admin/tool/dataprivacy/createdatarequest.php');
$data->newdatarequesturl->param('manage', true);
if (!is_https()) {
$httpwarningmessage = get_string('httpwarning', 'tool_dataprivacy');
$data->httpsite = array('message' => $httpwarningmessage, 'announce' => 1);
}
$url = new moodle_url('/admin/tool/dataprivacy/datarequests.php');
$filteroptions = helper::get_request_filter_options();
$filter = new request_filter($filteroptions, $this->filters, $url);
$data->filter = $filter->export_for_template($output);
ob_start();
$this->table->out($this->table->get_requests_per_page(), true);
$requests = ob_get_contents();
ob_end_clean();
$data->datarequests = $requests;
return $data;
}
}
admin/tool/dataprivacy/classes/output/data_requests_table.php
+453
View File
@@ -0,0 +1,453 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Contains the class used for the displaying the data requests table.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta <jun@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir . '/tablelib.php');
use action_menu;
use action_menu_link_secondary;
use coding_exception;
use dml_exception;
use html_writer;
use moodle_url;
use stdClass;
use table_sql;
use tool_dataprivacy\api;
use tool_dataprivacy\external\data_request_exporter;
defined('MOODLE_INTERNAL') || die;
/**
* The class for displaying the data requests table.
*
* @copyright 2018 Jun Pataleta <jun@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class data_requests_table extends table_sql {
/** @var int The user ID. */
protected $userid = 0;
/** @var int[] The status filters. */
protected $statuses = [];
/** @var int[] The request type filters. */
protected $types = [];
/** @var bool Whether this table is being rendered for managing data requests. */
protected $manage = false;
/** @var \tool_dataprivacy\data_request[] Array of data request persistents. */
protected $datarequests = [];
/** @var \stdClass[] List of userids and whether they have any ongoing active requests. */
protected $ongoingrequests = [];
/** @var int The number of data request to be displayed per page. */
protected $perpage;
/** @var int[] The available options for the number of data request to be displayed per page. */
protected $perpageoptions = [25, 50, 100, 250];
/** @var int[] The request creation method filters. */
protected array $creationmethods = [];
/**
* data_requests_table constructor.
*
* @param int $userid The user ID
* @param int[] $statuses
* @param int[] $types
* @param int[] $creationmethods
* @param bool $manage
* @throws coding_exception
*/
public function __construct($userid = 0, $statuses = [], $types = [], $creationmethods = [], $manage = false) {
parent::__construct('data-requests-table');
$this->userid = $userid;
$this->statuses = $statuses;
$this->types = $types;
$this->creationmethods = $creationmethods;
$this->manage = $manage;
$checkboxattrs = [
'title' => get_string('selectall'),
'data-action' => 'selectall'
];
$columnheaders = [
'select' => html_writer::checkbox('selectall', 1, false, null, $checkboxattrs),
'type' => get_string('requesttype', 'tool_dataprivacy'),
'userid' => get_string('user', 'tool_dataprivacy'),
'timecreated' => get_string('daterequested', 'tool_dataprivacy'),
'requestedby' => get_string('requestby', 'tool_dataprivacy'),
'status' => get_string('requeststatus', 'tool_dataprivacy'),
'comments' => get_string('message', 'tool_dataprivacy'),
'actions' => '',
];
$this->define_columns(array_keys($columnheaders));
$this->define_headers(array_values($columnheaders));
$this->no_sorting('select', 'actions');
}
/**
* The select column.
*
* @param stdClass $data The row data.
* @return string
* @throws \moodle_exception
* @throws coding_exception
*/
public function col_select($data) {
if ($data->status == \tool_dataprivacy\api::DATAREQUEST_STATUS_AWAITING_APPROVAL) {
if ($data->type == \tool_dataprivacy\api::DATAREQUEST_TYPE_DELETE
&& !api::can_create_data_deletion_request_for_other()) {
// Don't show checkbox if request's type is delete and user don't have permission.
return false;
}
$stringdata = [
'username' => $data->foruser->fullname,
'requesttype' => \core_text::strtolower($data->typenameshort)
];
return \html_writer::checkbox('requestids[]', $data->id, false, '',
['class' => 'selectrequests', 'title' => get_string('selectuserdatarequest',
'tool_dataprivacy', $stringdata)]);
}
}
/**
* The type column.
*
* @param stdClass $data The row data.
* @return string
*/
public function col_type($data) {
if ($this->manage) {
return $data->typenameshort;
}
return $data->typename;
}
/**
* The user column.
*
* @param stdClass $data The row data.
* @return mixed
*/
public function col_userid($data) {
$user = $data->foruser;
return html_writer::link($user->profileurl, $user->fullname, ['title' => get_string('viewprofile')]);
}
/**
* The context information column.
*
* @param stdClass $data The row data.
* @return string
*/
public function col_timecreated($data) {
return userdate($data->timecreated);
}
/**
* The requesting user's column.
*
* @param stdClass $data The row data.
* @return mixed
*/
public function col_requestedby($data) {
$user = $data->requestedbyuser;
return html_writer::link($user->profileurl, $user->fullname, ['title' => get_string('viewprofile')]);
}
/**
* The status column.
*
* @param stdClass $data The row data.
* @return mixed
*/
public function col_status($data) {
return html_writer::span($data->statuslabel, 'badge ' . $data->statuslabelclass);
}
/**
* The comments column.
*
* @param stdClass $data The row data.
* @return string
*/
public function col_comments($data) {
return shorten_text($data->comments, 60);
}
/**
* The actions column.
*
* @param stdClass $data The row data.
* @return string
*/
public function col_actions($data) {
global $OUTPUT;
$requestid = $data->id;
$status = $data->status;
$persistent = $this->datarequests[$requestid];
// Prepare actions.
$actions = [];
// View action.
$actionurl = new moodle_url('#');
$actiondata = [
'data-action' => 'view',
'data-requestid' => $requestid,
'data-contextid' => \context_system::instance()->id,
];
$actiontext = get_string('viewrequest', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
switch ($status) {
case api::DATAREQUEST_STATUS_PENDING:
// Add action to mark a general enquiry request as complete.
if ($data->type == api::DATAREQUEST_TYPE_OTHERS) {
$actiondata['data-action'] = 'complete';
$nameemail = (object)[
'name' => $data->foruser->fullname,
'email' => $data->foruser->email
];
$actiondata['data-requestid'] = $data->id;
$actiondata['data-replytoemail'] = get_string('nameemail', 'tool_dataprivacy', $nameemail);
$actiontext = get_string('markcomplete', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
}
break;
case api::DATAREQUEST_STATUS_AWAITING_APPROVAL:
// Only show "Approve" and "Deny" button for deletion request if current user has permission.
if ($persistent->get('type') == api::DATAREQUEST_TYPE_DELETE &&
!api::can_create_data_deletion_request_for_other()) {
break;
}
// Approve.
$actiondata['data-action'] = 'approve';
if (get_config('tool_dataprivacy', 'allowfiltering') && $data->type == api::DATAREQUEST_TYPE_EXPORT) {
$actiontext = get_string('approverequestall', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
// Approve selected courses.
$actiontext = get_string('filterexportdata', 'tool_dataprivacy');
$actiondata = ['data-action' => 'approve-selected-courses', 'data-requestid' => $requestid,
'data-contextid' => \context_system::instance()->id];
$actions[] = new \action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
} else {
$actiontext = get_string('approverequest', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
}
// Deny.
$actiondata['data-action'] = 'deny';
$actiontext = get_string('denyrequest', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($actionurl, null, $actiontext, $actiondata);
break;
case api::DATAREQUEST_STATUS_DOWNLOAD_READY:
$userid = $data->foruser->id;
$usercontext = \context_user::instance($userid, IGNORE_MISSING);
// If user has permission to view download link, show relevant action item.
if ($usercontext && api::can_download_data_request_for_user($userid, $data->requestedbyuser->id)) {
$actions[] = api::get_download_link($usercontext, $requestid);
}
break;
}
if ($this->manage) {
$canreset = $persistent->is_active() || empty($this->ongoingrequests[$data->foruser->id]->{$data->type});
$canreset = $canreset && $persistent->is_resettable();
// Prevent re-submmit deletion request if current user don't have permission.
$canreset = $canreset && ($persistent->get('type') != api::DATAREQUEST_TYPE_DELETE ||
api::can_create_data_deletion_request_for_other());
if ($canreset) {
$reseturl = new moodle_url('/admin/tool/dataprivacy/resubmitrequest.php', [
'requestid' => $requestid,
]);
$actiondata = ['data-action' => 'reset', 'data-requestid' => $requestid];
$actiontext = get_string('resubmitrequestasnew', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($reseturl, null, $actiontext, $actiondata);
}
}
$actionsmenu = new action_menu($actions);
$actionsmenu->set_menu_trigger(get_string('actions'));
$actionsmenu->set_owner_selector('request-actions-' . $requestid);
$actionsmenu->set_boundary('window');
return $OUTPUT->render($actionsmenu);
}
/**
* Query the database for results to display in the table.
*
* @param int $pagesize size of page for paginated displayed table.
* @param bool $useinitialsbar do you want to use the initials bar.
* @throws dml_exception
* @throws coding_exception
*/
public function query_db($pagesize, $useinitialsbar = true) {
global $PAGE;
// Set dummy page total until we fetch full result set.
$this->pagesize($pagesize, $pagesize + 1);
$sort = $this->get_sql_sort();
// Get data requests from the given conditions.
$datarequests = api::get_data_requests($this->userid, $this->statuses, $this->types,
$this->creationmethods, $sort, $this->get_page_start(), $this->get_page_size());
// Count data requests from the given conditions.
$total = api::get_data_requests_count($this->userid, $this->statuses, $this->types,
$this->creationmethods);
$this->pagesize($pagesize, $total);
$this->rawdata = [];
$context = \context_system::instance();
$renderer = $PAGE->get_renderer('tool_dataprivacy');
$forusers = [];
foreach ($datarequests as $persistent) {
$this->datarequests[$persistent->get('id')] = $persistent;
$exporter = new data_request_exporter($persistent, ['context' => $context]);
$this->rawdata[] = $exporter->export($renderer);
$forusers[] = $persistent->get('userid');
}
// Fetch the list of all ongoing requests for the users currently shown.
// This is used to determine whether any non-active request can be resubmitted.
// There can only be one ongoing request of a type for each user.
$this->ongoingrequests = api::find_ongoing_request_types_for_users($forusers);
// Set initial bars.
if ($useinitialsbar) {
$this->initialbars($total > $pagesize);
}
}
/**
* Override default implementation to display a more meaningful information to the user.
*/
public function print_nothing_to_display() {
global $OUTPUT;
echo $this->render_reset_button();
$this->print_initials_bar();
if (!empty($this->statuses) || !empty($this->types)) {
$message = get_string('nodatarequestsmatchingfilter', 'tool_dataprivacy');
} else {
$message = get_string('nodatarequests', 'tool_dataprivacy');
}
echo $OUTPUT->notification($message, 'warning');
}
/**
* Override the table's show_hide_link method to prevent the show/hide links from rendering.
*
* @param string $column the column name, index into various names.
* @param int $index numerical index of the column.
* @return string HTML fragment.
*/
protected function show_hide_link($column, $index) {
return '';
}
/**
* Override the table's wrap_html_finish method in order to render the bulk actions and
* records per page options.
*/
public function wrap_html_finish() {
global $OUTPUT;
$data = new stdClass();
$data->options = [
[
'value' => 0,
'name' => ''
],
[
'value' => \tool_dataprivacy\api::DATAREQUEST_ACTION_APPROVE,
'name' => get_string('approve', 'tool_dataprivacy')
],
[
'value' => \tool_dataprivacy\api::DATAREQUEST_ACTION_REJECT,
'name' => get_string('deny', 'tool_dataprivacy')
]
];
$perpageoptions = array_combine($this->perpageoptions, $this->perpageoptions);
$perpageselect = new \single_select(new moodle_url(''), 'perpage',
$perpageoptions, get_user_preferences('tool_dataprivacy_request-perpage'), null, 'selectgroup');
$perpageselect->label = get_string('perpage', 'moodle');
$data->perpage = $OUTPUT->render($perpageselect);
echo $OUTPUT->render_from_template('tool_dataprivacy/data_requests_bulk_actions', $data);
}
/**
* Set the number of data request records to be displayed per page.
*
* @param int $perpage The number of data request records.
*/
public function set_requests_per_page(int $perpage) {
$this->perpage = $perpage;
}
/**
* Get the number of data request records to be displayed per page.
*
* @return int The number of data request records.
*/
public function get_requests_per_page(): int {
return $this->perpage;
}
/**
* Set the available options for the number of data request to be displayed per page.
*
* @param array $perpageoptions The available options for the number of data request to be displayed per page.
*/
public function set_requests_per_page_options(array $perpageoptions) {
$this->$perpageoptions = $perpageoptions;
}
/**
* Get the available options for the number of data request to be displayed per page.
*
* @return array The available options for the number of data request to be displayed per page.
*/
public function get_requests_per_page_options(): array {
return $this->perpageoptions;
}
}
admin/tool/dataprivacy/classes/output/defaults_page.php
+178
View File
@@ -0,0 +1,178 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing data for the data registry defaults.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use action_menu_link_primary;
use coding_exception;
use moodle_exception;
use moodle_url;
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\data_registry;
use tool_dataprivacy\external\category_exporter;
use tool_dataprivacy\external\purpose_exporter;
/**
* Class containing data for the data registry defaults.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class defaults_page implements renderable, templatable {
/** @var int $mode The display mode. */
protected $mode = null;
/** @var int $category The default category for the given mode. */
protected $category = null;
/** @var int $purpose The default purpose for the given mode. */
protected $purpose = null;
/** @var stdClass[] $otherdefaults Other defaults for the given mode. */
protected $otherdefaults = [];
/** @var bool $canedit Whether editing is allowed. */
protected $canedit = false;
/**
* Construct this renderable.
*
* @param int $mode The display mode.
* @param int $category The default category for the given mode.
* @param int $purpose The default purpose for the given mode.
* @param stdClass[] $otherdefaults Other defaults for the given mode.
* @param bool $canedit Whether editing is allowed.
*/
public function __construct($mode, $category, $purpose, $otherdefaults = [], $canedit = false) {
$this->mode = $mode;
$this->category = $category;
$this->purpose = $purpose;
$this->otherdefaults = $otherdefaults;
$this->canedit = $canedit;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
* @throws coding_exception
* @throws moodle_exception
*/
public function export_for_template(renderer_base $output) {
$data = new stdClass();
// Set tab URLs.
$coursecaturl = new moodle_url('/admin/tool/dataprivacy/defaults.php', ['mode' => CONTEXT_COURSECAT]);
$courseurl = new moodle_url('/admin/tool/dataprivacy/defaults.php', ['mode' => CONTEXT_COURSE]);
$moduleurl = new moodle_url('/admin/tool/dataprivacy/defaults.php', ['mode' => CONTEXT_MODULE]);
$blockurl = new moodle_url('/admin/tool/dataprivacy/defaults.php', ['mode' => CONTEXT_BLOCK]);
$data->coursecaturl = $coursecaturl;
$data->courseurl = $courseurl;
$data->moduleurl = $moduleurl;
$data->blockurl = $blockurl;
// Set display mode.
switch ($this->mode) {
case CONTEXT_COURSECAT:
$data->modecoursecat = true;
break;
case CONTEXT_COURSE:
$data->modecourse = true;
break;
case CONTEXT_MODULE:
$data->modemodule = true;
break;
case CONTEXT_BLOCK:
$data->modeblock = true;
break;
default:
$data->modecoursecat = true;
break;
}
// Set config variables.
$configname = \context_helper::get_class_for_level($this->mode);
list($purposevar, $categoryvar) = data_registry::var_names_from_context($configname);
$data->categoryvar = $categoryvar;
$data->purposevar = $purposevar;
// Set default category.
$data->categoryid = $this->category;
$data->category = category_exporter::get_name($this->category);
// Set default purpose.
$data->purposeid = $this->purpose;
$data->purpose = purpose_exporter::get_name($this->purpose);
// Set other defaults.
$otherdefaults = [];
$url = new moodle_url('#');
foreach ($this->otherdefaults as $pluginname => $values) {
$defaults = [
'name' => $values->name,
'category' => category_exporter::get_name($values->category),
'purpose' => purpose_exporter::get_name($values->purpose),
];
if ($this->canedit) {
$actions = [];
// Edit link.
$editattrs = [
'data-action' => 'edit-activity-defaults',
'data-contextlevel' => $this->mode,
'data-activityname' => $pluginname,
'data-category' => $values->category,
'data-purpose' => $values->purpose,
];
$editlink = new action_menu_link_primary($url, new \pix_icon('t/edit', get_string('edit')),
get_string('edit'), $editattrs);
$actions[] = $editlink->export_for_template($output);
// Delete link.
$deleteattrs = [
'data-action' => 'delete-activity-defaults',
'data-contextlevel' => $this->mode,
'data-activityname' => $pluginname,
'data-activitydisplayname' => $values->name,
];
$deletelink = new action_menu_link_primary($url, new \pix_icon('t/delete', get_string('delete')),
get_string('delete'), $deleteattrs);
$actions[] = $deletelink->export_for_template($output);
$defaults['actions'] = $actions;
}
$otherdefaults[] = (object)$defaults;
}
$data->otherdefaults = $otherdefaults;
$data->canedit = $this->canedit;
$data->contextlevel = $this->mode;
return $data;
}
}
admin/tool/dataprivacy/classes/output/expired_contexts_table.php
+410
View File
@@ -0,0 +1,410 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Contains the class used for the displaying the expired contexts table.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta <jun@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir . '/tablelib.php');
use coding_exception;
use context_helper;
use dml_exception;
use Exception;
use html_writer;
use pix_icon;
use stdClass;
use table_sql;
use tool_dataprivacy\api;
use tool_dataprivacy\expired_context;
use tool_dataprivacy\external\purpose_exporter;
use tool_dataprivacy\purpose;
defined('MOODLE_INTERNAL') || die;
/**
* The class for displaying the expired contexts table.
*
* @copyright 2018 Jun Pataleta <jun@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class expired_contexts_table extends table_sql {
/** @var int The context level acting as a filter for this table. */
protected $contextlevel = null;
/**
* @var bool $selectall Has the user selected all users on the page? True by default.
*/
protected $selectall = true;
/** @var purpose[] Array of purposes by their id. */
protected $purposes = [];
/** @var purpose[] Map of context => purpose. */
protected $purposemap = [];
/** @var array List of roles. */
protected $roles = [];
/**
* expired_contexts_table constructor.
*
* @param int|null $contextlevel
* @throws coding_exception
*/
public function __construct($contextlevel = null) {
parent::__construct('expired-contexts-table');
$this->contextlevel = $contextlevel;
$columnheaders = [
'name' => get_string('name'),
'info' => get_string('info'),
'purpose' => get_string('purpose', 'tool_dataprivacy'),
'category' => get_string('category', 'tool_dataprivacy'),
'retentionperiod' => get_string('retentionperiod', 'tool_dataprivacy'),
'tobedeleted' => get_string('tobedeleted', 'tool_dataprivacy'),
'timecreated' => get_string('expiry', 'tool_dataprivacy'),
];
$checkboxattrs = [
'title' => get_string('selectall'),
'data-action' => 'selectall'
];
$columnheaders['select'] = html_writer::checkbox('selectall', 1, true, null, $checkboxattrs);
$this->define_columns(array_keys($columnheaders));
$this->define_headers(array_values($columnheaders));
$this->no_sorting('name');
$this->no_sorting('select');
$this->no_sorting('info');
$this->no_sorting('purpose');
$this->no_sorting('category');
$this->no_sorting('retentionperiod');
$this->no_sorting('tobedeleted');
// Make this table sorted by first name by default.
$this->sortable(true, 'timecreated');
// We use roles in several places.
$this->roles = role_get_names();
}
/**
* The context name column.
*
* @param stdClass $expiredctx The row data.
* @return string
* @throws coding_exception
*/
public function col_name($expiredctx) {
global $OUTPUT;
$context = context_helper::instance_by_id($expiredctx->get('contextid'));
$parent = $context->get_parent_context();
$contextdata = (object)[
'name' => $context->get_context_name(false, true),
'parent' => $parent->get_context_name(false, true),
];
$fullcontexts = $context->get_parent_contexts(true);
$contextsinpath = [];
foreach ($fullcontexts as $contextinpath) {
$contextsinpath[] = $contextinpath->get_context_name(false, true);
}
$infoicon = new pix_icon('i/info', implode(' / ', array_reverse($contextsinpath)));
$infoiconhtml = $OUTPUT->render($infoicon);
$name = html_writer::span(get_string('nameandparent', 'tool_dataprivacy', $contextdata), 'mr-1');
return $name . $infoiconhtml;
}
/**
* The context information column.
*
* @param stdClass $expiredctx The row data.
* @return string
* @throws coding_exception
*/
public function col_info($expiredctx) {
global $OUTPUT;
$context = context_helper::instance_by_id($expiredctx->get('contextid'));
$children = $context->get_child_contexts();
if (empty($children)) {
return get_string('none');
} else {
$childnames = [];
foreach ($children as $child) {
$childnames[] = $child->get_context_name(false, true);
}
$infoicon = new pix_icon('i/info', implode(', ', $childnames));
$infoiconhtml = $OUTPUT->render($infoicon);
$name = html_writer::span(get_string('nchildren', 'tool_dataprivacy', count($children)), 'mr-1');
return $name . $infoiconhtml;
}
}
/**
* The category name column.
*
* @param stdClass $expiredctx The row data.
* @return mixed
* @throws coding_exception
* @throws dml_exception
*/
public function col_category($expiredctx) {
$context = context_helper::instance_by_id($expiredctx->get('contextid'));
$category = api::get_effective_context_category($context);
return s($category->get('name'));
}
/**
* The purpose column.
*
* @param stdClass $expiredctx The row data.
* @return string
* @throws coding_exception
*/
public function col_purpose($expiredctx) {
$purpose = $this->get_purpose_for_expiry($expiredctx);
return s($purpose->get('name'));
}
/**
* The retention period column.
*
* @param stdClass $expiredctx The row data.
* @return string
*/
public function col_retentionperiod($expiredctx) {
$purpose = $this->get_purpose_for_expiry($expiredctx);
$expiries = [];
$expiry = html_writer::tag('dt', get_string('default'), ['class' => 'col-sm-3']);
if ($expiredctx->get('defaultexpired')) {
$expiries[get_string('default')] = get_string('expiredrolewithretention', 'tool_dataprivacy', (object) [
'retention' => api::format_retention_period(new \DateInterval($purpose->get('retentionperiod'))),
]);
} else {
$expiries[get_string('default')] = get_string('unexpiredrolewithretention', 'tool_dataprivacy', (object) [
'retention' => api::format_retention_period(new \DateInterval($purpose->get('retentionperiod'))),
]);
}
if (!$expiredctx->is_fully_expired()) {
$purposeoverrides = $purpose->get_purpose_overrides();
foreach ($expiredctx->get('unexpiredroles') as $roleid) {
$role = $this->roles[$roleid];
$override = $purposeoverrides[$roleid];
$expiries[$role->localname] = get_string('unexpiredrolewithretention', 'tool_dataprivacy', (object) [
'retention' => api::format_retention_period(new \DateInterval($override->get('retentionperiod'))),
]);
}
foreach ($expiredctx->get('expiredroles') as $roleid) {
$role = $this->roles[$roleid];
$override = $purposeoverrides[$roleid];
$expiries[$role->localname] = get_string('expiredrolewithretention', 'tool_dataprivacy', (object) [
'retention' => api::format_retention_period(new \DateInterval($override->get('retentionperiod'))),
]);
}
}
$output = array_map(function($rolename, $expiry) {
$return = html_writer::tag('dt', $rolename, ['class' => 'col-sm-3']);
$return .= html_writer::tag('dd', $expiry, ['class' => 'col-sm-9']);
return $return;
}, array_keys($expiries), $expiries);
return html_writer::tag('dl', implode($output), ['class' => 'row']);
}
/**
* The timecreated a.k.a. the context expiry date column.
*
* @param stdClass $expiredctx The row data.
* @return string
*/
public function col_timecreated($expiredctx) {
return userdate($expiredctx->get('timecreated'));
}
/**
* Generate the select column.
*
* @param stdClass $expiredctx The row data.
* @return string
*/
public function col_select($expiredctx) {
$id = $expiredctx->get('id');
return html_writer::checkbox('expiredcontext_' . $id, $id, $this->selectall, '', ['class' => 'selectcontext']);
}
/**
* Formatting for the 'tobedeleted' column which indicates in a friendlier fashion whose data will be removed.
*
* @param stdClass $expiredctx The row data.
* @return string
*/
public function col_tobedeleted($expiredctx) {
if ($expiredctx->is_fully_expired()) {
return get_string('defaultexpired', 'tool_dataprivacy');
}
$purpose = $this->get_purpose_for_expiry($expiredctx);
$a = (object) [];
$expiredroles = [];
foreach ($expiredctx->get('expiredroles') as $roleid) {
$expiredroles[] = html_writer::tag('li', $this->roles[$roleid]->localname);
}
$a->expired = html_writer::tag('ul', implode($expiredroles));
$unexpiredroles = [];
foreach ($expiredctx->get('unexpiredroles') as $roleid) {
$unexpiredroles[] = html_writer::tag('li', $this->roles[$roleid]->localname);
}
$a->unexpired = html_writer::tag('ul', implode($unexpiredroles));
if ($expiredctx->get('defaultexpired')) {
return get_string('defaultexpiredexcept', 'tool_dataprivacy', $a);
} else if (empty($unexpiredroles)) {
return get_string('defaultunexpired', 'tool_dataprivacy', $a);
} else {
return get_string('defaultunexpiredwithexceptions', 'tool_dataprivacy', $a);
}
}
/**
* Query the database for results to display in the table.
*
* @param int $pagesize size of page for paginated displayed table.
* @param bool $useinitialsbar do you want to use the initials bar.
* @throws dml_exception
* @throws coding_exception
*/
public function query_db($pagesize, $useinitialsbar = true) {
// Only count expired contexts that are awaiting confirmation.
$total = expired_context::get_record_count_by_contextlevel($this->contextlevel, expired_context::STATUS_EXPIRED);
$this->pagesize($pagesize, $total);
$sort = $this->get_sql_sort();
if (empty($sort)) {
$sort = 'timecreated';
}
// Only load expired contexts that are awaiting confirmation.
$expiredcontexts = expired_context::get_records_by_contextlevel($this->contextlevel, expired_context::STATUS_EXPIRED,
$sort, $this->get_page_start(), $this->get_page_size());
$this->rawdata = [];
$contextids = [];
foreach ($expiredcontexts as $persistent) {
$this->rawdata[] = $persistent;
$contextids[] = $persistent->get('contextid');
}
$this->preload_contexts($contextids);
// Set initial bars.
if ($useinitialsbar) {
$this->initialbars($total > $pagesize);
}
}
/**
* Override default implementation to display a more meaningful information to the user.
*/
public function print_nothing_to_display() {
global $OUTPUT;
echo $this->render_reset_button();
$this->print_initials_bar();
echo $OUTPUT->notification(get_string('noexpiredcontexts', 'tool_dataprivacy'), 'warning');
}
/**
* Override the table's show_hide_link method to prevent the show/hide link for the select column from rendering.
*
* @param string $column the column name, index into various names.
* @param int $index numerical index of the column.
* @return string HTML fragment.
*/
protected function show_hide_link($column, $index) {
if ($index < 6) {
return parent::show_hide_link($column, $index);
}
return '';
}
/**
* Get the purpose for the specified expired context.
*
* @param expired_context $expiredcontext
* @return purpose
*/
protected function get_purpose_for_expiry(expired_context $expiredcontext): purpose {
$context = context_helper::instance_by_id($expiredcontext->get('contextid'));
if (empty($this->purposemap[$context->id])) {
$purpose = api::get_effective_context_purpose($context);
$this->purposemap[$context->id] = $purpose->get('id');
if (empty($this->purposes[$purpose->get('id')])) {
$this->purposes[$purpose->get('id')] = $purpose;
}
}
return $this->purposes[$this->purposemap[$context->id]];
}
/**
* Preload context records given a set of contextids.
*
* @param array $contextids
*/
protected function preload_contexts(array $contextids) {
global $DB;
if (empty($contextids)) {
return;
}
$ctxfields = \context_helper::get_preload_record_columns_sql('ctx');
list($insql, $inparams) = $DB->get_in_or_equal($contextids, SQL_PARAMS_NAMED);
$sql = "SELECT {$ctxfields} FROM {context} ctx WHERE ctx.id {$insql}";
$contextlist = $DB->get_recordset_sql($sql, $inparams);
foreach ($contextlist as $contextdata) {
\context_helper::preload_from_record($contextdata);
}
$contextlist->close();
}
}
admin/tool/dataprivacy/classes/output/my_data_requests_page.php
+164
View File
@@ -0,0 +1,164 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing data for a user's data requests.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use action_menu;
use action_menu_link_secondary;
use coding_exception;
use context_user;
use moodle_exception;
use moodle_url;
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\api;
use tool_dataprivacy\data_request;
use tool_dataprivacy\external\data_request_exporter;
/**
* Class containing data for a user's data requests.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class my_data_requests_page implements renderable, templatable {
/** @var array $requests List of data requests. */
protected $requests = [];
/**
* Construct this renderable.
*
* @param data_request[] $requests
*/
public function __construct($requests) {
$this->requests = $requests;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
* @throws coding_exception
* @throws moodle_exception
*/
public function export_for_template(renderer_base $output) {
global $USER;
$data = new stdClass();
$data->newdatarequesturl = new moodle_url('/admin/tool/dataprivacy/createdatarequest.php');
if (!is_https()) {
$httpwarningmessage = get_string('httpwarning', 'tool_dataprivacy');
$data->httpsite = array('message' => $httpwarningmessage, 'announce' => 1);
}
$requests = [];
foreach ($this->requests as $request) {
$requestid = $request->get('id');
$status = $request->get('status');
$userid = $request->get('userid');
$type = $request->get('type');
$usercontext = context_user::instance($userid, IGNORE_MISSING);
if (!$usercontext) {
// Use the context system.
$outputcontext = \context_system::instance();
} else {
$outputcontext = $usercontext;
}
$requestexporter = new data_request_exporter($request, ['context' => $outputcontext]);
$item = $requestexporter->export($output);
$self = $request->get('userid') == $USER->id;
if (!$self) {
// Append user name if it differs from $USER.
$a = (object)['typename' => $item->typename, 'user' => $item->foruser->fullname];
$item->typename = get_string('requesttypeuser', 'tool_dataprivacy', $a);
}
$candownload = false;
$cancancel = true;
switch ($status) {
case api::DATAREQUEST_STATUS_COMPLETE:
$item->statuslabelclass = 'bg-success text-white';
$item->statuslabel = get_string('statuscomplete', 'tool_dataprivacy');
$cancancel = false;
break;
case api::DATAREQUEST_STATUS_DOWNLOAD_READY:
$item->statuslabelclass = 'bg-success text-white';
$item->statuslabel = get_string('statusready', 'tool_dataprivacy');
$cancancel = false;
$candownload = true;
if ($usercontext) {
$candownload = api::can_download_data_request_for_user(
$request->get('userid'), $request->get('requestedby'));
}
break;
case api::DATAREQUEST_STATUS_DELETED:
$item->statuslabelclass = 'bg-success text-white';
$item->statuslabel = get_string('statusdeleted', 'tool_dataprivacy');
$cancancel = false;
break;
case api::DATAREQUEST_STATUS_EXPIRED:
$item->statuslabelclass = 'bg-secondary text-dark';
$item->statuslabel = get_string('statusexpired', 'tool_dataprivacy');
$item->statuslabeltitle = get_string('downloadexpireduser', 'tool_dataprivacy');
$cancancel = false;
break;
case api::DATAREQUEST_STATUS_CANCELLED:
case api::DATAREQUEST_STATUS_REJECTED:
$cancancel = false;
break;
}
// Prepare actions.
$actions = [];
if ($cancancel) {
$cancelurl = new moodle_url('#');
$canceldata = ['data-action' => 'cancel', 'data-requestid' => $requestid];
$canceltext = get_string('cancelrequest', 'tool_dataprivacy');
$actions[] = new action_menu_link_secondary($cancelurl, null, $canceltext, $canceldata);
}
if ($candownload && $usercontext) {
$actions[] = api::get_download_link($usercontext, $requestid);
}
if (!empty($actions)) {
$actionsmenu = new action_menu($actions);
$actionsmenu->set_menu_trigger(get_string('actions'));
$actionsmenu->set_owner_selector('request-actions-' . $requestid);
$item->actions = $actionsmenu->export_for_template($output);
}
$requests[] = $item;
}
$data->requests = $requests;
return $data;
}
}
admin/tool/dataprivacy/classes/output/purposes.php
+88
View File
@@ -0,0 +1,88 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Purposes renderable.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use stdClass;
use templatable;
use tool_dataprivacy\external\purpose_exporter;
/**
* Class containing the purposes page renderable.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class purposes extends crud_element implements renderable, templatable {
/** @var array $purposes All system purposes. */
protected $purposes = [];
/**
* Construct this renderable.
*
* @param \tool_dataprivacy\purpose[] $purposes
*/
public function __construct($purposes) {
$this->purposes = $purposes;
}
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return stdClass
*/
public function export_for_template(renderer_base $output) {
global $PAGE;
$context = \context_system::instance();
$PAGE->requires->js_call_amd('tool_dataprivacy/purposesactions', 'init');
$PAGE->requires->js_call_amd('tool_dataprivacy/add_purpose', 'getInstance', [$context->id]);
$data = new stdClass();
// Navigation links.
$data->navigation = [];
$navigationlinks = $this->get_navigation();
foreach ($navigationlinks as $navlink) {
$data->navigation[] = $navlink->export_for_template($output);
}
$data->purposes = [];
foreach ($this->purposes as $purpose) {
$exporter = new purpose_exporter($purpose, ['context' => \context_system::instance()]);
$exportedpurpose = $exporter->export($output);
$actionmenu = $this->action_menu('purpose', $exportedpurpose, $purpose);
$exportedpurpose->actions = $actionmenu->export_for_template($output);
$data->purposes[] = $exportedpurpose;
}
return $data;
}
}
admin/tool/dataprivacy/classes/output/renderer.php
+149
View File
@@ -0,0 +1,149 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Renderer class for tool_dataprivacy
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use coding_exception;
use html_writer;
use moodle_exception;
use plugin_renderer_base;
/**
* Renderer class for tool_dataprivacy.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class renderer extends plugin_renderer_base {
/**
* Render the user's data requests page.
*
* @param my_data_requests_page $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_my_data_requests_page(my_data_requests_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/my_data_requests', $data);
}
/**
* Render the contact DPO link.
*
* @return string The HTML for the link.
*/
public function render_contact_dpo_link() {
$params = [
'data-action' => 'contactdpo',
];
return html_writer::link('#', get_string('contactdataprotectionofficer', 'tool_dataprivacy'), $params);
}
/**
* Render the data requests page for the DPO.
*
* @param data_requests_page $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_data_requests_page(data_requests_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/data_requests', $data);
}
/**
* Render the data registry.
*
* @param data_registry_page $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_data_registry_page(data_registry_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/data_registry', $data);
}
/**
* Render the data compliance registry.
*
* @param data_registry_compliance_page $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_data_registry_compliance_page(data_registry_compliance_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/data_registry_compliance', $data);
}
/**
* Render the purposes management page.
*
* @param purposes $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_purposes(purposes $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/purposes', $data);
}
/**
* Render the categories management page.
*
* @param categories $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_categories(categories $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/categories', $data);
}
/**
* Render the review page for the deletion of expired contexts.
*
* @param data_deletion_page $page
* @return string html for the page
* @throws moodle_exception
*/
public function render_data_deletion_page(data_deletion_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/data_deletion', $data);
}
/**
* Render the user data retention summary page.
*
* @param summary_page $page
* @return string html for the page.
*/
public function render_summary_page(summary_page $page) {
$data = $page->export_for_template($this);
return parent::render_from_template('tool_dataprivacy/summary', $data);
}
}
admin/tool/dataprivacy/classes/output/request_filter.php
+98
View File
@@ -0,0 +1,98 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class containing the filter options data for rendering the autocomplete element for the data requests page.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
use moodle_url;
use renderable;
use renderer_base;
use stdClass;
use templatable;
defined('MOODLE_INTERNAL') || die();
/**
* Class containing the filter options data for rendering the autocomplete element for the data requests page.
*
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class request_filter implements renderable, templatable {
/** @var array $filteroptions The filter options. */
protected $filteroptions;
/** @var array $selectedoptions The list of selected filter option values. */
protected $selectedoptions;
/** @var moodle_url|string $baseurl The url with params needed to call up this page. */
protected $baseurl;
/**
* request_filter constructor.
*
* @param array $filteroptions The filter options.
* @param array $selectedoptions The list of selected filter option values.
* @param string|moodle_url $baseurl The url with params needed to call up this page.
*/
public function __construct($filteroptions, $selectedoptions, $baseurl = null) {
$this->filteroptions = $filteroptions;
$this->selectedoptions = $selectedoptions;
if (!empty($baseurl)) {
$this->baseurl = new moodle_url($baseurl);
}
}
/**
* Function to export the renderer data in a format that is suitable for a mustache template.
*
* @param renderer_base $output Used to do a final render of any components that need to be rendered for export.
* @return stdClass|array
*/
public function export_for_template(renderer_base $output) {
global $PAGE;
$data = new stdClass();
if (empty($this->baseurl)) {
$this->baseurl = $PAGE->url;
}
$data->action = $this->baseurl->out(false);
foreach ($this->selectedoptions as $option) {
if (!isset($this->filteroptions[$option])) {
$this->filteroptions[$option] = $option;
}
}
$data->filteroptions = [];
foreach ($this->filteroptions as $value => $label) {
$selected = in_array($value, $this->selectedoptions);
$filteroption = (object)[
'value' => $value,
'label' => $label
];
$filteroption->selected = $selected;
$data->filteroptions[] = $filteroption;
}
return $data;
}
}
admin/tool/dataprivacy/classes/output/summary_page.php
+132
View File
@@ -0,0 +1,132 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Summary page renderable.
*
* @package tool_dataprivacy
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\output;
defined('MOODLE_INTERNAL') || die();
use renderable;
use renderer_base;
use templatable;
/**
* Class containing the summary page renderable.
*
* @copyright 2018 Adrian Greeve
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class summary_page implements renderable, templatable {
/**
* Export this data so it can be used as the context for a mustache template.
*
* @param renderer_base $output
* @return array
*/
public function export_for_template(renderer_base $output) {
$contextlevels = [
'contextlevelname10' => CONTEXT_SYSTEM,
'contextlevelname30' => CONTEXT_USER,
'contextlevelname40' => CONTEXT_COURSECAT,
'contextlevelname50' => CONTEXT_COURSE,
'contextlevelname70' => CONTEXT_MODULE,
'contextlevelname80' => CONTEXT_BLOCK
];
$data = [];
$context = \context_system::instance();
foreach ($contextlevels as $levelname => $level) {
$classname = \context_helper::get_class_for_level($level);
list($purposevar, $categoryvar) = \tool_dataprivacy\data_registry::var_names_from_context($classname);
$purposeid = get_config('tool_dataprivacy', $purposevar);
$categoryid = get_config('tool_dataprivacy', $categoryvar);
$section = [];
$section['contextname'] = get_string($levelname, 'tool_dataprivacy');
if (empty($purposeid)) {
list($purposeid, $categoryid) =
\tool_dataprivacy\data_registry::get_effective_default_contextlevel_purpose_and_category($level);
}
if ($purposeid == -1) {
$purposeid = 0;
}
$purpose = new \tool_dataprivacy\purpose($purposeid);
$export = new \tool_dataprivacy\external\purpose_exporter($purpose, ['context' => $context]);
$purposedata = $export->export($output);
$section['purpose'] = $purposedata;
if (empty($categoryid)) {
list($purposeid, $categoryid) =
\tool_dataprivacy\data_registry::get_effective_default_contextlevel_purpose_and_category($level);
}
if ($categoryid == -1) {
$categoryid = 0;
}
$category = new \tool_dataprivacy\category($categoryid);
$export = new \tool_dataprivacy\external\category_exporter($category, ['context' => $context]);
$categorydata = $export->export($output);
$section['category'] = $categorydata;
$data['contexts'][] = $section;
}
// Get activity module plugin info.
$pluginmanager = \core_plugin_manager::instance();
$modplugins = $pluginmanager->get_enabled_plugins('mod');
foreach ($modplugins as $name) {
$classname = \context_helper::get_class_for_level($contextlevels['contextlevelname70']);
list($purposevar, $categoryvar) = \tool_dataprivacy\data_registry::var_names_from_context($classname, $name);
$categoryid = get_config('tool_dataprivacy', $categoryvar);
$purposeid = get_config('tool_dataprivacy', $purposevar);
if ($categoryid === false && $purposeid === false) {
// If no purpose and category has been set for this plugin, then there's no need to show this on the list.
continue;
}
$section = [];
$section['contextname'] = $pluginmanager->plugin_name('mod_' . $name);
if ($purposeid == -1) {
$purposeid = 0;
}
$purpose = new \tool_dataprivacy\purpose($purposeid);
$export = new \tool_dataprivacy\external\purpose_exporter($purpose, ['context' => $context]);
$purposedata = $export->export($output);
$section['purpose'] = $purposedata;
if ($categoryid == -1) {
$categoryid = 0;
}
$category = new \tool_dataprivacy\category($categoryid);
$export = new \tool_dataprivacy\external\category_exporter($category, ['context' => $context]);
$categorydata = $export->export($output);
$section['category'] = $categorydata;
$data['contexts'][] = $section;
}
return $data;
}
}
admin/tool/dataprivacy/classes/page_helper.php
+87
View File
@@ -0,0 +1,87 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Page helper.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use context_system;
use moodle_url;
defined('MOODLE_INTERNAL') || die();
/**
* Page helper.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class page_helper {
/**
* Sets up $PAGE for data privacy admin pages.
*
* @param moodle_url $url The page URL.
* @param string $title The page's title.
* @param string $attachtoparentnode The parent navigation node where this page can be accessed from.
* @param string $requiredcapability The required capability to view this page.
*/
public static function setup(moodle_url $url, $title, $attachtoparentnode = '',
$requiredcapability = 'tool/dataprivacy:managedataregistry') {
global $PAGE, $SITE;
$context = context_system::instance();
require_login();
if (isguestuser()) {
throw new \moodle_exception('noguest');
}
// TODO Check that data privacy is enabled.
require_capability($requiredcapability, $context);
$PAGE->navigation->override_active_url($url);
$PAGE->set_url($url);
$PAGE->set_context($context);
$PAGE->set_pagelayout('admin');
$PAGE->set_title($title);
$PAGE->set_heading($SITE->fullname);
$PAGE->set_secondary_active_tab('users');
$PAGE->set_primary_active_tab('siteadminnode');
// If necessary, override the settings navigation to add this page into the breadcrumb navigation.
if ($attachtoparentnode) {
if ($siteadmin = $PAGE->settingsnav->find('root', \navigation_node::TYPE_SITE_ADMIN)) {
$PAGE->navbar->add($siteadmin->get_content(), $siteadmin->action());
}
if ($dataprivacy = $PAGE->settingsnav->find('privacy', \navigation_node::TYPE_SETTING)) {
$PAGE->navbar->add($dataprivacy->get_content(), $dataprivacy->action());
}
if ($dataregistry = $PAGE->settingsnav->find($attachtoparentnode, \navigation_node::TYPE_SETTING)) {
$PAGE->navbar->add($dataregistry->get_content(), $dataregistry->action());
}
$PAGE->navbar->add($title, $url);
}
}
}
admin/tool/dataprivacy/classes/privacy/provider.php
+268
View File
@@ -0,0 +1,268 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy class for requesting user data.
*
* @package tool_dataprivacy
* @copyright 2018 Jake Dallimore <jrhdallimore@gmail.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\privacy;
defined('MOODLE_INTERNAL') || die();
use coding_exception;
use context;
use context_user;
use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_contextlist;
use \core_privacy\local\request\approved_userlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\helper;
use core_privacy\local\request\transform;
use \core_privacy\local\request\userlist;
use core_privacy\local\request\writer;
use dml_exception;
use stdClass;
use tool_dataprivacy\api;
use tool_dataprivacy\local\helper as tool_helper;
/**
* Privacy class for requesting user data.
*
* @package tool_dataprivacy
* @copyright 2018 Jake Dallimore <jrhdallimore@gmail.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements
// This tool stores user data.
\core_privacy\local\metadata\provider,
// This plugin is capable of determining which users have data within it.
\core_privacy\local\request\core_userlist_provider,
// This tool may provide access to and deletion of user data.
\core_privacy\local\request\plugin\provider,
// This plugin has some sitewide user preferences to export.
\core_privacy\local\request\user_preference_provider {
/**
* Returns meta data about this system.
*
* @param collection $collection The initialised collection to add items to.
* @return collection A listing of user data stored through this system.
*/
public static function get_metadata(collection $collection): collection {
$collection->add_database_table(
'tool_dataprivacy_request',
[
'comments' => 'privacy:metadata:request:comments',
'userid' => 'privacy:metadata:request:userid',
'requestedby' => 'privacy:metadata:request:requestedby',
'dpocomment' => 'privacy:metadata:request:dpocomment',
'timecreated' => 'privacy:metadata:request:timecreated'
],
'privacy:metadata:request'
);
// Regarding this block, we are unable to export or purge this data, as
// it would damage the privacy data across the whole site.
$collection->add_database_table(
'tool_dataprivacy_purposerole',
[
'usermodified' => 'privacy:metadata:purpose:usermodified',
],
'privacy:metadata:purpose'
);
$collection->add_user_preference(tool_helper::PREF_REQUEST_FILTERS,
'privacy:metadata:preference:tool_dataprivacy_request-filters');
$collection->add_user_preference(tool_helper::PREF_REQUEST_PERPAGE,
'privacy:metadata:preference:tool_dataprivacy_request-perpage');
return $collection;
}
/**
* Get the list of contexts that contain user information for the specified user.
*
* @param int $userid The user to search.
* @return contextlist $contextlist The contextlist containing the list of contexts used in this plugin.
*/
public static function get_contexts_for_userid(int $userid): contextlist {
$sql = "SELECT id
FROM {context}
WHERE instanceid = :userid
AND contextlevel = :contextlevel";
$contextlist = new contextlist();
$contextlist->set_component('tool_dataprivacy');
$contextlist->add_from_sql($sql, ['userid' => $userid, 'contextlevel' => CONTEXT_USER]);
return $contextlist;
}
/**
* Get the list of users who have data within a context.
*
* @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
*
*/
public static function get_users_in_context(userlist $userlist) {
$context = $userlist->get_context();
if (!is_a($context, \context_user::class)) {
return;
}
$params = [
'contextlevel' => CONTEXT_USER,
'contextid' => $context->id,
];
$sql = "SELECT instanceid AS userid
FROM {context}
WHERE id = :contextid
AND contextlevel = :contextlevel";
$userlist->add_from_sql('userid', $sql, $params);
}
/**
* Export all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts to export information for.
* @throws coding_exception
* @throws dml_exception
* @throws \moodle_exception
*/
public static function export_user_data(approved_contextlist $contextlist) {
if (empty($contextlist->count())) {
return;
}
$user = $contextlist->get_user();
$datarequests = api::get_data_requests($user->id);
$context = context_user::instance($user->id);
$contextdatatowrite = [];
foreach ($datarequests as $request) {
$record = $request->to_record();
$data = new stdClass();
// The user ID that made the request/the request is made for.
if ($record->requestedby != $record->userid) {
if ($user->id != $record->requestedby) {
// This request is done by this user for another user.
$data->userid = fullname($user);
} else if ($user->id != $record->userid) {
// This request was done by another user on behalf of this user.
$data->requestedby = fullname($user);
}
}
// Request type.
$data->type = tool_helper::get_shortened_request_type_string($record->type);
// Status.
$data->status = tool_helper::get_request_status_string($record->status);
// Creation method.
$data->creationmethod = tool_helper::get_request_creation_method_string($record->creationmethod);
// Comments.
$data->comments = $record->comments;
// The DPO's comment about this request.
$data->dpocomment = $record->dpocomment;
// The date and time this request was lodged.
$data->timecreated = transform::datetime($record->timecreated);
$contextdatatowrite[] = $data;
}
// User context / Privacy and policies / Data requests.
$subcontext = [
get_string('privacyandpolicies', 'admin'),
get_string('datarequests', 'tool_dataprivacy'),
];
writer::with_context($context)->export_data($subcontext, (object)$contextdatatowrite);
// Write generic module intro files.
helper::export_context_files($context, $user);
}
/**
* Delete all data for all users in the specified context.
*
* @param context $context The specific context to delete data for.
*/
public static function delete_data_for_all_users_in_context(context $context) {
}
/**
* Delete all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
*/
public static function delete_data_for_user(approved_contextlist $contextlist) {
}
/**
* Delete multiple users within a single context.
*
* @param approved_userlist $userlist The approved context and user information to delete information for.
*
*/
public static function delete_data_for_users(approved_userlist $userlist) {
}
/**
* Export all user preferences for the plugin.
*
* @param int $userid The userid of the user whose data is to be exported.
*/
public static function export_user_preferences(int $userid) {
$preffilter = get_user_preferences(tool_helper::PREF_REQUEST_FILTERS, null, $userid);
if ($preffilter !== null) {
$filters = json_decode($preffilter);
$descriptions = [];
foreach ($filters as $filter) {
list($category, $value) = explode(':', $filter);
$option = new stdClass();
switch($category) {
case tool_helper::FILTER_TYPE:
$option->category = get_string('requesttype', 'tool_dataprivacy');
$option->name = tool_helper::get_shortened_request_type_string($value);
break;
case tool_helper::FILTER_STATUS:
$option->category = get_string('requeststatus', 'tool_dataprivacy');
$option->name = tool_helper::get_request_status_string($value);
break;
case tool_helper::FILTER_CREATION:
$option->category = get_string('requestcreation', 'tool_dataprivacy');
$option->name = tool_helper::get_request_creation_method_string($value);
break;
}
$descriptions[] = get_string('filteroption', 'tool_dataprivacy', $option);
}
// Export the filter preference as comma-separated values and text descriptions.
$values = implode(', ', $filters);
$descriptionstext = implode(', ', $descriptions);
writer::export_user_preference('tool_dataprivacy', tool_helper::PREF_REQUEST_FILTERS, $values, $descriptionstext);
}
$prefperpage = get_user_preferences(tool_helper::PREF_REQUEST_PERPAGE, null, $userid);
if ($prefperpage !== null) {
writer::export_user_preference('tool_dataprivacy', tool_helper::PREF_REQUEST_PERPAGE, $prefperpage,
get_string('privacy:metadata:preference:tool_dataprivacy_request-perpage', 'tool_dataprivacy'));
}
}
}
admin/tool/dataprivacy/classes/purpose.php
+191
View File
@@ -0,0 +1,191 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing data purposes from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use stdClass;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Class for loading/storing data purposes from the DB.
*
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class purpose extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_purpose';
/** Items under GDPR Article 6.1. */
const GDPR_ART_6_1_ITEMS = ['a', 'b', 'c', 'd', 'e', 'f'];
/** Items under GDPR Article 9.2. */
const GDPR_ART_9_2_ITEMS = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j'];
/**
* Extended constructor to fetch from the cache if available.
*
* @param int $id If set, this is the id of an existing record, used to load the data.
* @param stdClass $record If set will be passed to {@link self::from_record()}.
*/
public function __construct($id = 0, stdClass $record = null) {
global $CFG;
if ($id) {
$cache = \cache::make('tool_dataprivacy', 'purpose');
if ($data = $cache->get($id)) {
// Replicate self::read.
$this->from_record($data);
// Validate the purpose record.
$this->validate();
// Now replicate the parent constructor.
if (!empty($record)) {
$this->from_record($record);
}
if ($CFG->debugdeveloper) {
$this->verify_protected_methods();
}
return;
}
}
parent::__construct($id, $record);
}
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return array(
'name' => array(
'type' => PARAM_TEXT,
'description' => 'The purpose name.',
),
'description' => array(
'type' => PARAM_RAW,
'description' => 'The purpose description.',
'null' => NULL_ALLOWED,
'default' => '',
),
'descriptionformat' => array(
'choices' => array(FORMAT_HTML, FORMAT_MOODLE, FORMAT_PLAIN, FORMAT_MARKDOWN),
'type' => PARAM_INT,
'default' => FORMAT_HTML
),
'lawfulbases' => array(
'type' => PARAM_TEXT,
'description' => 'Comma-separated IDs matching records in tool_dataprivacy_lawfulbasis.',
),
'sensitivedatareasons' => array(
'type' => PARAM_TEXT,
'description' => 'Comma-separated IDs matching records in tool_dataprivacy_sensitive',
'null' => NULL_ALLOWED,
'default' => ''
),
'retentionperiod' => array(
'type' => PARAM_ALPHANUM,
'description' => 'Retention period. ISO_8601 durations format (as in DateInterval format).',
'default' => '',
),
'protected' => array(
'type' => PARAM_INT,
'description' => 'Data retention with higher precedent over user\'s request to be forgotten.',
'default' => '0',
),
);
}
/**
* Adds the new record to the cache.
*
* @return null
*/
protected function after_create() {
$cache = \cache::make('tool_dataprivacy', 'purpose');
$cache->set($this->get('id'), $this->to_record());
}
/**
* Updates the cache record.
*
* @param bool $result
* @return null
*/
protected function after_update($result) {
$cache = \cache::make('tool_dataprivacy', 'purpose');
$cache->set($this->get('id'), $this->to_record());
}
/**
* Removes unnecessary stuff from db.
*
* @return null
*/
protected function before_delete() {
$cache = \cache::make('tool_dataprivacy', 'purpose');
$cache->delete($this->get('id'));
}
/**
* Is this purpose used?.
*
* @return null
*/
public function is_used() {
if (\tool_dataprivacy\contextlevel::is_purpose_used($this->get('id')) ||
\tool_dataprivacy\context_instance::is_purpose_used($this->get('id'))) {
return true;
}
$pluginconfig = get_config('tool_dataprivacy');
$levels = \context_helper::get_all_levels();
foreach ($levels as $level => $classname) {
list($purposevar, $unused) = \tool_dataprivacy\data_registry::var_names_from_context($classname);
if (!empty($pluginconfig->{$purposevar}) && $pluginconfig->{$purposevar} == $this->get('id')) {
return true;
}
}
return false;
}
/**
* Get a list of the role purpose overrides for this purpose.
*
* @return array
*/
public function get_purpose_overrides(): array {
return purpose_override::get_overrides_for_purpose($this);
}
}
admin/tool/dataprivacy/classes/purpose_override.php
+143
View File
@@ -0,0 +1,143 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class for loading/storing data purpose overrides from the DB.
*
* @package tool_dataprivacy
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
use stdClass;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Class for loading/storing data purpose overrides from the DB.
*
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class purpose_override extends \core\persistent {
/**
* Database table.
*/
const TABLE = 'tool_dataprivacy_purposerole';
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties() {
return array(
'purposeid' => array(
'type' => PARAM_INT,
'description' => 'The purpose that that this override relates to',
),
'roleid' => array(
'type' => PARAM_INT,
'description' => 'The role that that this override relates to',
),
'lawfulbases' => array(
'type' => PARAM_TEXT,
'description' => 'Comma-separated IDs matching records in tool_dataprivacy_lawfulbasis.',
'null' => NULL_ALLOWED,
'default' => null,
),
'sensitivedatareasons' => array(
'type' => PARAM_TEXT,
'description' => 'Comma-separated IDs matching records in tool_dataprivacy_sensitive',
'null' => NULL_ALLOWED,
'default' => null,
),
'retentionperiod' => array(
'type' => PARAM_ALPHANUM,
'description' => 'Retention period. ISO_8601 durations format (as in DateInterval format).',
'default' => '',
),
'protected' => array(
'type' => PARAM_INT,
'description' => 'Data retention with higher precedent over user\'s request to be forgotten.',
'default' => '0',
),
);
}
/**
* Get all role overrides for the purpose.
*
* @param purpose $purpose
* @return array
*/
public static function get_overrides_for_purpose(purpose $purpose): array {
$cache = \cache::make('tool_dataprivacy', 'purpose_overrides');
$overrides = [];
$alldata = $cache->get($purpose->get('id'));
if (false === $alldata) {
$tocache = [];
foreach (self::get_records(['purposeid' => $purpose->get('id')]) as $override) {
$tocache[] = $override->to_record();
$overrides[$override->get('roleid')] = $override;
}
$cache->set($purpose->get('id'), $tocache);
} else {
foreach ($alldata as $data) {
$override = new self(0, $data);
$overrides[$override->get('roleid')] = $override;
}
}
return $overrides;
}
/**
* Adds the new record to the cache.
*
* @return null
*/
protected function after_create() {
$cache = \cache::make('tool_dataprivacy', 'purpose_overrides');
$cache->delete($this->get('purposeid'));
}
/**
* Updates the cache record.
*
* @param bool $result
* @return null
*/
protected function after_update($result) {
$cache = \cache::make('tool_dataprivacy', 'purpose_overrides');
$cache->delete($this->get('purposeid'));
}
/**
* Removes unnecessary stuff from db.
*
* @return null
*/
protected function before_delete() {
$cache = \cache::make('tool_dataprivacy', 'purpose_overrides');
$cache->delete($this->get('purposeid'));
}
}
admin/tool/dataprivacy/classes/request_contextlist.php
+62
View File
@@ -0,0 +1,62 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy;
use core\persistent;
/**
* The request_contextlist persistent.
*
* @package tool_dataprivacy
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.3
*/
class request_contextlist extends persistent {
/** The table name this persistent object maps to. */
const TABLE = 'tool_dataprivacy_rqst_ctxlst';
/**
* Return the definition of the properties of this model.
*
* @return array
*/
protected static function define_properties(): array {
return [
'requestid' => [
'type' => PARAM_INT,
],
'contextlistid' => [
'type' => PARAM_INT,
],
];
}
/**
* Creates a new relation, but does not persist it.
*
* @param int $requestid ID of data request.
* @param int $contextlistid ID of context list.
* @return $this
*/
public static function create_relation(int $requestid, int $contextlistid): request_contextlist {
$requestcontextlist = new request_contextlist();
return $requestcontextlist->set('requestid', $requestid)
->set('contextlistid', $contextlistid);
}
}
admin/tool/dataprivacy/classes/task/delete_existing_deleted_users.php
+91
View File
@@ -0,0 +1,91 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Scheduled task to create delete data request for pre-existing deleted users.
*
* @package tool_dataprivacy
* @copyright 2018 Mihail Geshoski
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\task;
use core\task\scheduled_task;
use tool_dataprivacy\api;
use tool_dataprivacy\data_request;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Scheduled task to create delete data request for pre-existing deleted users.
*
* @package tool_dataprivacy
* @copyright 2018 Mihail Geshoski
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class delete_existing_deleted_users extends scheduled_task {
/**
* Returns the task name.
*
* @return string
*/
public function get_name() {
return get_string('deleteexistingdeleteduserstask', 'tool_dataprivacy');
}
/**
* Run the task to delete expired data request files and update request statuses.
*
*/
public function execute() {
global $DB;
// Automatic creation of deletion requests must be enabled.
if (get_config('tool_dataprivacy', 'automaticdeletionrequests')) {
// Select all deleted users that do not have any delete data requests created for them.
$sql = "SELECT DISTINCT(u.id)
FROM {user} u
LEFT JOIN {tool_dataprivacy_request} r
ON u.id = r.userid
WHERE u.deleted = ?
AND (r.id IS NULL
OR r.type != ?)";
$params = [
1,
api::DATAREQUEST_TYPE_DELETE
];
$deletedusers = $DB->get_records_sql($sql, $params);
$createdrequests = 0;
foreach ($deletedusers as $user) {
api::create_data_request($user->id, api::DATAREQUEST_TYPE_DELETE,
get_string('datarequestcreatedfromscheduledtask', 'tool_dataprivacy'),
data_request::DATAREQUEST_CREATION_AUTO);
$createdrequests++;
}
if ($createdrequests > 0) {
mtrace($createdrequests . ' delete data request(s) created for existing deleted users');
}
}
}
}
admin/tool/dataprivacy/classes/task/delete_expired_contexts.php
+61
View File
@@ -0,0 +1,61 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Scheduled task to delete expired context instances once they are approved for deletion.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\task;
use coding_exception;
use core\task\scheduled_task;
use tool_dataprivacy\api;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Scheduled task to delete expired context instances once they are approved for deletion.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class delete_expired_contexts extends scheduled_task {
/**
* Returns the task name.
*
* @return string
*/
public function get_name() {
return get_string('deleteexpiredcontextstask', 'tool_dataprivacy');
}
/**
* Run the task to delete context instances based on their retention periods.
*/
public function execute() {
$manager = new \tool_dataprivacy\expired_contexts_manager(new \text_progress_trace());
list($courses, $users) = $manager->process_approved_deletions();
mtrace("Processed deletions for {$courses} course contexts, and {$users} user contexts as expired");
}
}
admin/tool/dataprivacy/classes/task/delete_expired_requests.php
+67
View File
@@ -0,0 +1,67 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Scheduled task to delete files and update statuses of expired data requests.
*
* @package tool_dataprivacy
* @copyright 2018 Michael Hawkins
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\task;
use coding_exception;
use core\task\scheduled_task;
use tool_dataprivacy\api;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Scheduled task to delete files and update request statuses once they expire.
*
* @package tool_dataprivacy
* @copyright 2018 Michael Hawkins
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class delete_expired_requests extends scheduled_task {
/**
* Returns the task name.
*
* @return string
*/
public function get_name() {
return get_string('deleteexpireddatarequeststask', 'tool_dataprivacy');
}
/**
* Run the task to delete expired data request files and update request statuses.
*
*/
public function execute() {
$expiredrequests = \tool_dataprivacy\data_request::get_expired_requests();
$deletecount = count($expiredrequests);
if ($deletecount > 0) {
\tool_dataprivacy\data_request::expire($expiredrequests);
mtrace($deletecount . ' expired completed data requests have been deleted');
}
}
}
admin/tool/dataprivacy/classes/task/expired_retention_period.php
+61
View File
@@ -0,0 +1,61 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Scheduled task to flag contexts as expired.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\task;
use coding_exception;
use core\task\scheduled_task;
use tool_dataprivacy\api;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->dirroot . '/' . $CFG->admin . '/tool/dataprivacy/lib.php');
/**
* Scheduled task to flag contexts as expired.
*
* @package tool_dataprivacy
* @copyright 2018 David Monllao
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class expired_retention_period extends scheduled_task {
/**
* Returns the task name.
*
* @return string
*/
public function get_name() {
return get_string('expiredretentionperiodtask', 'tool_dataprivacy');
}
/**
* Run the task to flag context instances as expired.
*/
public function execute() {
$manager = new \tool_dataprivacy\expired_contexts_manager(new \text_progress_trace());
list($courses, $users) = $manager->flag_expired_contexts();
mtrace("Flagged {$courses} course contexts, and {$users} user contexts as expired");
}
}
admin/tool/dataprivacy/classes/task/initiate_data_request_task.php
+84
View File
@@ -0,0 +1,84 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace tool_dataprivacy\task;
use coding_exception;
use core\task\adhoc_task;
use tool_dataprivacy\api;
use tool_dataprivacy\contextlist_context;
use tool_dataprivacy\data_request;
/**
* Class that processes a data request and prepares the user's relevant contexts for review.
*
* Custom data accepted:
* - requestid -> The ID of the data request to be processed.
*
* @package tool_dataprivacy
* @copyright 2021 The Open University
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @since Moodle 4.3
*/
class initiate_data_request_task extends adhoc_task {
/**
* Run the task to initiate the data request process.
*/
public function execute(): void {
if (!isset($this->get_custom_data()->requestid)) {
throw new coding_exception('The custom data \'requestid\' is required.');
}
$requestid = $this->get_custom_data()->requestid;
$datarequest = new data_request($requestid);
// Check if this request still needs to be processed. e.g. The user might have cancelled it before this task has run.
$status = $datarequest->get('status');
if (!api::is_active($status)) {
mtrace('Request ' . $requestid . ' with status ' . $status . ' doesn\'t need to be processed. Skipping...');
return;
}
// Update the status of this request as pre-processing.
mtrace('Generating the contexts containing personal data for the user...');
api::update_request_status($requestid, api::DATAREQUEST_STATUS_PREPROCESSING);
// Add the list of relevant contexts to the request, and mark all as pending approval.
$privacymanager = new \core_privacy\manager();
$privacymanager->set_observer(new \tool_dataprivacy\manager_observer());
$contextlistcollection = $privacymanager->get_contexts_for_userid($datarequest->get('userid'));
api::add_request_contexts_with_status($contextlistcollection, $requestid, contextlist_context::STATUS_PENDING);
// When the preparation of the contexts finishes, update the request status to awaiting approval.
api::update_request_status($requestid, api::DATAREQUEST_STATUS_AWAITING_APPROVAL);
mtrace('Context generation complete...');
// Get the list of the site Data Protection Officers.
$dpos = api::get_site_dpos();
// Email the data request to the Data Protection Officer(s)/Admin(s).
foreach ($dpos as $dpo) {
$dponame = fullname($dpo);
if (api::notify_dpo($dpo, $datarequest)) {
mtrace('Message sent to DPO: ' . $dponame);
} else {
mtrace('A problem was encountered while sending the message to the DPO: ' . $dponame);
}
}
}
}
admin/tool/dataprivacy/classes/task/process_data_request_task.php
+300
View File
@@ -0,0 +1,300 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Adhoc task that processes an approved data request and prepares/deletes the user's data.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy\task;
use action_link;
use coding_exception;
use context_system;
use core\message\message;
use core\task\adhoc_task;
use core_user;
use moodle_exception;
use moodle_url;
use tool_dataprivacy\api;
use tool_dataprivacy\data_request;
/**
* Class that processes an approved data request and prepares/deletes the user's data.
*
* Custom data accepted:
* - requestid -> The ID of the data request to be processed.
*
* @package tool_dataprivacy
* @copyright 2018 Jun Pataleta
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class process_data_request_task extends adhoc_task {
/**
* Run the task to initiate the data request process.
*
* @throws coding_exception
* @throws moodle_exception
*/
public function execute() {
global $CFG, $PAGE, $SITE;
require_once($CFG->dirroot . "/{$CFG->admin}/tool/dataprivacy/lib.php");
if (!isset($this->get_custom_data()->requestid)) {
throw new coding_exception('The custom data \'requestid\' is required.');
}
$requestid = $this->get_custom_data()->requestid;
$requestpersistent = new data_request($requestid);
$request = $requestpersistent->to_record();
// Check if this request still needs to be processed. e.g. The user might have cancelled it before this task has run.
$status = $requestpersistent->get('status');
if (!api::is_active($status)) {
mtrace("Request {$requestid} with status {$status} doesn't need to be processed. Skipping...");
return;
}
if (!\tool_dataprivacy\data_registry::defaults_set()) {
// Warn if no site purpose is defined.
mtrace('Warning: No purpose is defined at the system level. Deletion will delete all.');
}
// Grab the manager.
// We set an observer against it to handle failures.
$allowfiltering = get_config('tool_dataprivacy', 'allowfiltering');
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
// Get the user details now. We might not be able to retrieve it later if it's a deletion processing.
$foruser = core_user::get_user($request->userid);
// Update the status of this request as pre-processing.
mtrace('Pre-processing request...');
api::update_request_status($requestid, api::DATAREQUEST_STATUS_PROCESSING);
$contextlistcollection = $manager->get_contexts_for_userid($requestpersistent->get('userid'));
mtrace('Fetching approved contextlists from collection');
mtrace('Processing request...');
$completestatus = api::DATAREQUEST_STATUS_COMPLETE;
$deleteuser = false;
if ($request->type == api::DATAREQUEST_TYPE_EXPORT) {
// Get the user context.
if ($allowfiltering) {
// Get the collection of approved_contextlist objects needed for core_privacy data export.
$approvedclcollection = api::get_approved_contextlist_collection_for_request($requestpersistent);
} else {
$approvedclcollection = api::get_approved_contextlist_collection_for_collection(
$contextlistcollection,
$foruser,
$request->type,
);
}
$usercontext = \context_user::instance($foruser->id, IGNORE_MISSING);
if (!$usercontext) {
mtrace("Request {$requestid} cannot be processed due to a missing user context instance for the user
with ID {$foruser->id}. Skipping...");
return;
}
// Export the data.
$exportedcontent = $manager->export_user_data($approvedclcollection);
$fs = get_file_storage();
$filerecord = new \stdClass;
$filerecord->component = 'tool_dataprivacy';
$filerecord->contextid = $usercontext->id;
$filerecord->userid = $foruser->id;
$filerecord->filearea = 'export';
$filerecord->filename = 'export.zip';
$filerecord->filepath = '/';
$filerecord->itemid = $requestid;
$filerecord->license = $CFG->sitedefaultlicense;
$filerecord->author = fullname($foruser);
// Save somewhere.
$thing = $fs->create_file_from_pathname($filerecord, $exportedcontent);
$completestatus = api::DATAREQUEST_STATUS_DOWNLOAD_READY;
} else if ($request->type == api::DATAREQUEST_TYPE_DELETE) {
// Delete the data for users other than the primary admin, which is rejected.
if (is_primary_admin($foruser->id)) {
$completestatus = api::DATAREQUEST_STATUS_REJECTED;
} else {
$approvedclcollection = api::get_approved_contextlist_collection_for_collection(
$contextlistcollection,
$foruser,
$request->type,
);
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
$manager->delete_data_for_user($approvedclcollection);
$completestatus = api::DATAREQUEST_STATUS_DELETED;
$deleteuser = !$foruser->deleted;
}
}
// When the preparation of the metadata finishes, update the request status to awaiting approval.
api::update_request_status($requestid, $completestatus);
mtrace('The processing of the user data request has been completed...');
// Create message to notify the user regarding the processing results.
$message = new message();
$message->courseid = $SITE->id;
$message->component = 'tool_dataprivacy';
$message->name = 'datarequestprocessingresults';
if (empty($request->dpo)) {
// Use the no-reply user as the sender if the privacy officer is not set. This is the case for automatically
// approved requests.
$fromuser = core_user::get_noreply_user();
} else {
$fromuser = core_user::get_user($request->dpo);
$message->replyto = $fromuser->email;
$message->replytoname = fullname($fromuser);
}
$message->userfrom = $fromuser;
$typetext = null;
// Prepare the context data for the email message body.
$messagetextdata = [
'username' => fullname($foruser)
];
$output = $PAGE->get_renderer('tool_dataprivacy');
$emailonly = false;
$notifyuser = true;
switch ($request->type) {
case api::DATAREQUEST_TYPE_EXPORT:
// Check if the user is allowed to download their own export. (This is for
// institutions which centrally co-ordinate subject access request across many
// systems, not just one Moodle instance, so we don't want every instance emailing
// the user.)
if (!api::can_download_data_request_for_user($request->userid, $request->requestedby, $request->userid)) {
$notifyuser = false;
}
$typetext = get_string('requesttypeexport', 'tool_dataprivacy');
// We want to notify the user in Moodle about the processing results.
$message->notification = 1;
$datarequestsurl = new moodle_url('/admin/tool/dataprivacy/mydatarequests.php');
$message->contexturl = $datarequestsurl;
$message->contexturlname = get_string('datarequests', 'tool_dataprivacy');
// Message to the recipient.
$messagetextdata['message'] = get_string('resultdownloadready', 'tool_dataprivacy',
format_string($SITE->fullname, true, ['context' => context_system::instance()]));
// Prepare download link.
$downloadurl = moodle_url::make_pluginfile_url($usercontext->id, 'tool_dataprivacy', 'export', $thing->get_itemid(),
$thing->get_filepath(), $thing->get_filename(), true);
$downloadlink = new action_link($downloadurl, get_string('download', 'tool_dataprivacy'));
$messagetextdata['downloadlink'] = $downloadlink->export_for_template($output);
break;
case api::DATAREQUEST_TYPE_DELETE:
$typetext = get_string('requesttypedelete', 'tool_dataprivacy');
// No point notifying a deleted user in Moodle.
$message->notification = 0;
// Message to the recipient.
$messagetextdata['message'] = get_string('resultdeleted', 'tool_dataprivacy',
format_string($SITE->fullname, true, ['context' => context_system::instance()]));
// Message will be sent to the deleted user via email only.
$emailonly = true;
break;
default:
throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy');
}
$subject = get_string('datarequestemailsubject', 'tool_dataprivacy', $typetext);
$message->subject = $subject;
$message->fullmessageformat = FORMAT_HTML;
$message->userto = $foruser;
// Render message email body.
$messagehtml = $output->render_from_template('tool_dataprivacy/data_request_results_email', $messagetextdata);
$message->fullmessage = html_to_text($messagehtml);
$message->fullmessagehtml = $messagehtml;
// Send message to the user involved.
if ($notifyuser) {
$messagesent = false;
if ($emailonly) {
// Do not sent an email if the user has been deleted. The user email has been previously deleted.
if (!$foruser->deleted) {
$messagesent = email_to_user($foruser, $fromuser, $subject, $message->fullmessage, $messagehtml);
}
} else {
$messagesent = message_send($message);
}
if ($messagesent) {
mtrace('Message sent to user: ' . $messagetextdata['username']);
}
}
// Send to requester as well in some circumstances.
if ($foruser->id != $request->requestedby) {
$sendtorequester = false;
switch ($request->type) {
case api::DATAREQUEST_TYPE_EXPORT:
// Send to the requester as well if they can download it, unless they are the
// DPO. If we didn't notify the user themselves (because they can't download)
// then send to requester even if it is the DPO, as in that case the requester
// needs to take some action.
if (api::can_download_data_request_for_user($request->userid, $request->requestedby, $request->requestedby)) {
$sendtorequester = !$notifyuser || !api::is_site_dpo($request->requestedby);
}
break;
case api::DATAREQUEST_TYPE_DELETE:
// Send to the requester if they are not the DPO and if they are allowed to
// create data requests for the user (e.g. Parent).
$sendtorequester = !api::is_site_dpo($request->requestedby) &&
api::can_create_data_request_for_user($request->userid, $request->requestedby);
break;
default:
throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy');
}
// Ensure the requester has the capability to make data requests for this user.
if ($sendtorequester) {
$requestedby = core_user::get_user($request->requestedby);
$message->userto = $requestedby;
$messagetextdata['username'] = fullname($requestedby);
// Render message email body.
$messagehtml = $output->render_from_template('tool_dataprivacy/data_request_results_email', $messagetextdata);
$message->fullmessage = html_to_text($messagehtml);
$message->fullmessagehtml = $messagehtml;
// Send message.
if ($emailonly) {
email_to_user($requestedby, $fromuser, $subject, $message->fullmessage, $messagehtml);
} else {
message_send($message);
}
mtrace('Message sent to requester: ' . $messagetextdata['username']);
}
}
if ($deleteuser) {
// Delete the user.
delete_user($foruser);
}
}
}