Skip to content

Commit

Permalink
MDL-62117 enrol_paypal: Add implementation of Privacy API
Browse files Browse the repository at this point in the history
  • Loading branch information
@rezaies
rezaies committed May 8, 2018
1 parent 1e65154 commit 3184269
Show file tree
Hide file tree
Showing 3 changed files with 895 additions and 0 deletions.
284 changes: 284 additions & 0 deletions enrol/paypal/classes/privacy/provider.php
View file
@@ -0,0 +1,284 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.

/**
* Privacy Subsystem implementation for enrol_paypal.
*
* @package enrol_paypal
* @category privacy
* @copyright 2018 Shamim Rezaie <shamim@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

namespace enrol_paypal\privacy;

defined('MOODLE_INTERNAL') || die();

use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\helper;
use core_privacy\local\request\writer;

/**
* Privacy Subsystem implementation for enrol_paypal.
*
* @copyright 2018 Shamim Rezaie <shamim@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements
\core_privacy\local\metadata\provider,
\core_privacy\local\request\plugin\provider {

/**
* Returns meta data about this system.
*
* @param collection $collection The initialised collection to add items to.
* @return collection A listing of user data stored through this system.
*/
public static function get_metadata(collection $collection) {
$collection->add_external_location_link(
'paypal.com',
[
'os0' => 'privacy:metadata:enrol_paypal:paypal_com:os0',
'custom' => 'privacy:metadata:enrol_paypal:paypal_com:custom',
'first_name' => 'privacy:metadata:enrol_paypal:paypal_com:first_name',
'last_name' => 'privacy:metadata:enrol_paypal:paypal_com:last_name',
'address' => 'privacy:metadata:enrol_paypal:paypal_com:address',
'city' => 'privacy:metadata:enrol_paypal:paypal_com:city',
'email' => 'privacy:metadata:enrol_paypal:paypal_com:email',
'country' => 'privacy:metadata:enrol_paypal:paypal_com:country',
],
'privacy:metadata:enrol_paypal:paypal_com'
);

// The enrol_paypal has a DB table that contains user data.
$collection->add_database_table(
'enrol_paypal',
[
'business' => 'privacy:metadata:enrol_paypal:enrol_paypal:business',
'receiver_email' => 'privacy:metadata:enrol_paypal:enrol_paypal:receiver_email',
'receiver_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:receiver_id',
'item_name' => 'privacy:metadata:enrol_paypal:enrol_paypal:item_name',
'courseid' => 'privacy:metadata:enrol_paypal:enrol_paypal:courseid',
'userid' => 'privacy:metadata:enrol_paypal:enrol_paypal:userid',
'instanceid' => 'privacy:metadata:enrol_paypal:enrol_paypal:instanceid',
'memo' => 'privacy:metadata:enrol_paypal:enrol_paypal:memo',
'tax' => 'privacy:metadata:enrol_paypal:enrol_paypal:tax',
'option_selection1_x' => 'privacy:metadata:enrol_paypal:enrol_paypal:option_selection1_x',
'payment_status' => 'privacy:metadata:enrol_paypal:enrol_paypal:payment_status',
'pending_reason' => 'privacy:metadata:enrol_paypal:enrol_paypal:pending_reason',
'reason_code' => 'privacy:metadata:enrol_paypal:enrol_paypal:reason_code',
'txn_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:txn_id',
'parent_txn_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:parent_txn_id',
'payment_type' => 'privacy:metadata:enrol_paypal:enrol_paypal:payment_type',
'timeupdated' => 'privacy:metadata:enrol_paypal:enrol_paypal:timeupdated'
],
'privacy:metadata:enrol_paypal:enrol_paypal'
);

return $collection;
}

/**
* Get the list of contexts that contain user information for the specified user.
*
* @param int $userid The user to search.
* @return contextlist The contextlist containing the list of contexts used in this plugin.
*/
public static function get_contexts_for_userid($userid) {
$contextlist = new contextlist();

// Values of ep.receiver_email and ep.business are already normalised to lowercase characters by PayPal,
// therefore there is no need to use LOWER() on them in the following query.
$sql = "SELECT ctx.id
FROM {enrol_paypal} ep
JOIN {enrol} e ON ep.instanceid = e.id
JOIN {context} ctx ON e.courseid = ctx.instanceid AND ctx.contextlevel = :contextcourse
LEFT JOIN {user} u1 ON LOWER(u1.email) = ep.receiver_email
LEFT JOIN {user} u2 ON LOWER(u2.email) = ep.business
WHERE ep.userid = :userid
OR u1.id = :receiverid
OR u2.id = :businessid";
$params = [
'contextcourse' => CONTEXT_COURSE,
'userid' => $userid,
'receiverid' => $userid,
'businessid' => $userid,
];

$contextlist->add_from_sql($sql, $params);

return $contextlist;
}

/**
* Export all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts to export information for.
*/
public static function export_user_data(approved_contextlist $contextlist) {
global $DB;

if (empty($contextlist->count())) {
return;
}

$user = $contextlist->get_user();

list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);

// Values of ep.receiver_email and ep.business are already normalised to lowercase characters by PayPal,
// therefore there is no need to use LOWER() on them in the following query.
$sql = "SELECT ep.*
FROM {enrol_paypal} ep
JOIN {enrol} e ON ep.instanceid = e.id
JOIN {context} ctx ON e.courseid = ctx.instanceid AND ctx.contextlevel = :contextcourse
LEFT JOIN {user} u1 ON LOWER(u1.email) = ep.receiver_email
LEFT JOIN {user} u2 ON LOWER(u2.email) = ep.business
WHERE ctx.id {$contextsql}
AND (ep.userid = :userid
OR u1.id = :receiverid
OR u2.id = :businessid)
ORDER BY e.courseid";

$params = [
'contextcourse' => CONTEXT_COURSE,
'userid' => $user->id,
'receiverid' => $user->id,
'businessid' => $user->id,
];
$params += $contextparams;

// Reference to the course seen in the last iteration of the loop. By comparing this with the current record, and
// because we know the results are ordered, we know when we've moved to the PayPal transactions for a new course
// and therefore when we can export the complete data for the last course.
$lastcourseid = null;

$strtransactions = get_string('transactions', 'enrol_paypal');
$transactions = [];
$paypalrecords = $DB->get_recordset_sql($sql, $params);
foreach ($paypalrecords as $paypalrecord) {
if ($lastcourseid != $paypalrecord->courseid) {
if (!empty($transactions)) {
$coursecontext = \context_course::instance($paypalrecord->courseid);
writer::with_context($coursecontext)->export_data(
[$strtransactions],
(object) ['transactions' => $transactions]
);
}
$transactions = [];
}

$transaction = (object) [
'receiver_id' => $paypalrecord->receiver_id,
'item_name' => $paypalrecord->item_name,
'userid' => $paypalrecord->userid,
'memo' => $paypalrecord->memo,
'tax' => $paypalrecord->tax,
'option_name1' => $paypalrecord->option_name1,
'option_selection1_x' => $paypalrecord->option_selection1_x,
'option_name2' => $paypalrecord->option_name2,
'option_selection2_x' => $paypalrecord->option_selection2_x,
'payment_status' => $paypalrecord->payment_status,
'pending_reason' => $paypalrecord->pending_reason,
'reason_code' => $paypalrecord->reason_code,
'txn_id' => $paypalrecord->txn_id,
'parent_txn_id' => $paypalrecord->parent_txn_id,
'payment_type' => $paypalrecord->payment_type,
'timeupdated' => \core_privacy\local\request\transform::datetime($paypalrecord->timeupdated),
];
if ($paypalrecord->userid == $user->id) {
$transaction->userid = $paypalrecord->userid;
}
if ($paypalrecord->business == \core_text::strtolower($user->email)) {
$transaction->business = $paypalrecord->business;
}
if ($paypalrecord->receiver_email == \core_text::strtolower($user->email)) {
$transaction->receiver_email = $paypalrecord->receiver_email;
}

$transactions[] = $paypalrecord;

$lastcourseid = $paypalrecord->courseid;
}
$paypalrecords->close();

// The data for the last activity won't have been written yet, so make sure to write it now!
if (!empty($transactions)) {
$coursecontext = \context_course::instance($paypalrecord->courseid);
writer::with_context($coursecontext)->export_data(
[$strtransactions],
(object) ['transactions' => $transactions]
);
}
}

/**
* Delete all data for all users in the specified context.
*
* @param \context $context The specific context to delete data for.
*/
public static function delete_data_for_all_users_in_context(\context $context) {
global $DB;

if (!$context instanceof \context_course) {
return;
}

$DB->delete_records('enrol_paypal', array('courseid' => $context->instanceid));
}

/**
* Delete all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
*/
public static function delete_data_for_user(approved_contextlist $contextlist) {
global $DB;

if (empty($contextlist->count())) {
return;
}

$user = $contextlist->get_user();

$contexts = $contextlist->get_contexts();
$courseids = [];
foreach ($contexts as $context) {
if ($context instanceof \context_course) {
$courseids[] = $context->instanceid;
}
}

list($insql, $inparams) = $DB->get_in_or_equal($courseids, SQL_PARAMS_NAMED);

$select = "userid = :userid AND courseid $insql";
$params = $inparams + ['userid' => $user->id];
$DB->delete_records_select('enrol_paypal', $select, $params);

// We do not want to delete the payment record when the user is just the receiver of payment.
// In that case, we just delete the receiver's info from the transaction record.

$select = "business = :business AND courseid $insql";
$params = $inparams + ['business' => \core_text::strtolower($user->email)];
$DB->set_field_select('enrol_paypal', 'business', '', $select, $params);

$select = "receiver_email = :receiver_email AND courseid $insql";
$params = $inparams + ['receiver_email' => \core_text::strtolower($user->email)];
$DB->set_field_select('enrol_paypal', 'receiver_email', '', $select, $params);
}
}
28 changes: 28 additions & 0 deletions enrol/paypal/lang/en/enrol_paypal.php
View file
Expand Up @@ -56,7 +56,35 @@
$string['paypalaccepted'] = 'PayPal payments accepted';
$string['pluginname'] = 'PayPal';
$string['pluginname_desc'] = 'The PayPal module allows you to set up paid courses. If the cost for any course is zero, then students are not asked to pay for entry. There is a site-wide cost that you set here as a default for the whole site and then a course setting that you can set for each course individually. The course cost overrides the site cost.';
$string['privacy:metadata:enrol_paypal:enrol_paypal'] = 'Information about the PayPal transactions for PayPal enrolments.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:business'] = 'Email address or PayPal account ID of the payment recipient (that is, the merchant).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:courseid'] = 'The ID of the course that is sold.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:instanceid'] = 'The ID of the enrolment instance in the course.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:item_name'] = 'The full name of the course that its enrolment has been sold.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:memo'] = 'A note that was entered by the buyer in PayPal website payments note field.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:option_selection1_x'] = 'Full name of the buyer.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:parent_txn_id'] = 'In the case of a refund, reversal, or canceled reversal, this would be the transaction ID of the original transaction.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:payment_status'] = 'The status of the payment.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:payment_type'] = 'Holds whether the payment was funded with an eCheck (echeck), or was funded with PayPal balance, credit card, or instant transfer (instant).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:pending_reason'] = 'The reason why payment status is pending (if that is).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:reason_code'] = 'The reason why payment status is Reversed, Refunded, Canceled_Reversal, or Denied (if the status is one of them).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:receiver_email'] = 'Primary email address of the payment recipient (that is, the merchant).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:receiver_id'] = 'Unique PayPal account ID of the payment recipient (i.e., the merchant).';
$string['privacy:metadata:enrol_paypal:enrol_paypal:tax'] = 'Amount of tax charged on payment.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:timeupdated'] = 'The time of Moodle being notified by PayPal about the payment.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:txn_id'] = 'The merchant\'s original transaction identification number for the payment from the buyer, against which the case was registered.';
$string['privacy:metadata:enrol_paypal:enrol_paypal:userid'] = 'The ID of the user who bought the course enrolment.';
$string['privacy:metadata:enrol_paypal:paypal_com'] = 'The PayPal enrolment plugin transmits user data from Moodle to the PayPal website.';
$string['privacy:metadata:enrol_paypal:paypal_com:address'] = 'Address of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:city'] = 'City of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:country'] = 'Country of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:custom'] = 'A hyphen-separated string that contains ID of the user (the buyer), ID of the course, ID of the enrolment instance.';
$string['privacy:metadata:enrol_paypal:paypal_com:email'] = 'Email address of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:first_name'] = 'First name of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:last_name'] = 'Last name of the user who is buying the course.';
$string['privacy:metadata:enrol_paypal:paypal_com:os0'] = 'Full name of the buyer.';
$string['sendpaymentbutton'] = 'Send payment via PayPal';
$string['status'] = 'Allow PayPal enrolments';
$string['status_desc'] = 'Allow users to use PayPal to enrol into a course by default.';
$string['transactions'] = 'PayPal transactions';
$string['unenrolselfconfirm'] = 'Do you really want to unenrol yourself from course "{$a}"?';

0 comments on commit 3184269

Please sign in to comment.