From 3f18d2af9a05317994ee5853229da238f43c6492 Mon Sep 17 00:00:00 2001 From: Marina Glancy Date: Tue, 15 May 2018 12:33:47 +0800 Subject: [PATCH] MDL-62134 tool_dataprivacy: privacy manager wrapper If exception occurs in one plugin implementation do not fail the whole job but instead send a message to DPOs with the exception details --- .../classes/expired_contexts_manager.php | 2 +- admin/tool/dataprivacy/classes/manager.php | 97 +++++++++++++++++++ .../dataprivacy/classes/metadata_registry.php | 2 +- .../task/initiate_data_request_task.php | 3 +- .../task/process_data_request_task.php | 5 +- admin/tool/dataprivacy/db/messages.php | 8 ++ .../dataprivacy/lang/en/tool_dataprivacy.php | 3 + admin/tool/dataprivacy/version.php | 2 +- 8 files changed, 116 insertions(+), 6 deletions(-) create mode 100644 admin/tool/dataprivacy/classes/manager.php diff --git a/admin/tool/dataprivacy/classes/expired_contexts_manager.php b/admin/tool/dataprivacy/classes/expired_contexts_manager.php index e71422df3b778..6c083ba3f5c9c 100644 --- a/admin/tool/dataprivacy/classes/expired_contexts_manager.php +++ b/admin/tool/dataprivacy/classes/expired_contexts_manager.php @@ -90,7 +90,7 @@ public function delete() { return $numprocessed; } - $privacymanager = new \core_privacy\manager(); + $privacymanager = new manager(); foreach ($this->get_context_levels() as $level) { diff --git a/admin/tool/dataprivacy/classes/manager.php b/admin/tool/dataprivacy/classes/manager.php new file mode 100644 index 0000000000000..16c46a68fe700 --- /dev/null +++ b/admin/tool/dataprivacy/classes/manager.php @@ -0,0 +1,97 @@ +. +/** + * Class \tool_dataprivacy\manager + * + * @package tool_dataprivacy + * @copyright 2018 Marina Glancy + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +namespace tool_dataprivacy; +defined('MOODLE_INTERNAL') || die(); + +/** + * Wrapper for \core_privacy\manager that sends notifications about exceptions to DPO + * + * @package tool_dataprivacy + * @copyright 2018 Marina Glancy + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class manager extends \core_privacy\manager { + + /** + * Call the named method with the specified params on the supplied component if it implements the relevant interface on its provider. + * + * @param string $component The component to call + * @param string $interface The interface to implement + * @param string $methodname The method to call + * @param array $params The params to call + * @return mixed + */ + public static function component_class_callback(string $component, string $interface, string $methodname, array $params) { + try { + return parent::component_class_callback($component, $interface, $methodname, $params); + } catch (\Throwable $e) { + debugging($e->getMessage(), DEBUG_DEVELOPER, $e->getTrace()); + self::notify_dpo($e, $component, $interface, $methodname, $params); + } + return null; + } + + /** + * Notifies all DPOs about exception occurred + * + * @param \Throwable $e + * @param string $component + * @param string $interface + * @param string $methodname + * @param array $params + * @return mixed + */ + protected static function notify_dpo(\Throwable $e, string $component, string $interface, string $methodname, array $params) { + + // Get the list of the site Data Protection Officers. + $dpos = api::get_site_dpos(); + + $messagesubject = get_string('exceptionnotificationsubject', 'tool_dataprivacy'); + $a = (object)[ + 'fullmethodname' => static::get_provider_classname_for_component($component) . '::' . $methodname, + 'component' => $component, + 'message' => $e->getMessage(), + 'backtrace' => $e->getTraceAsString() + ]; + $messagebody = get_string('exceptionnotificationbody', 'tool_dataprivacy', $a); + + // Email the data request to the Data Protection Officer(s)/Admin(s). + foreach ($dpos as $dpo) { + $message = new \core\message\message(); + $message->courseid = SITEID; + $message->component = 'tool_dataprivacy'; + $message->name = 'notifyexceptions'; + $message->userfrom = \core_user::get_noreply_user(); + $message->subject = $messagesubject; + $message->fullmessageformat = FORMAT_HTML; + $message->notification = 1; + $message->userto = $dpo; + $message->fullmessagehtml = $messagebody; + $message->fullmessage = html_to_text($messagebody); + + // Send message. + return message_send($message); + } + } +} \ No newline at end of file diff --git a/admin/tool/dataprivacy/classes/metadata_registry.php b/admin/tool/dataprivacy/classes/metadata_registry.php index 7607643101a7b..b101f4238bdd0 100644 --- a/admin/tool/dataprivacy/classes/metadata_registry.php +++ b/admin/tool/dataprivacy/classes/metadata_registry.php @@ -39,7 +39,7 @@ class metadata_registry { * @return array An array with all of the plugin types / plugins and the user data they store. */ public function get_registry_metadata() { - $manager = new \core_privacy\manager(); + $manager = new manager(); $pluginman = \core_plugin_manager::instance(); $contributedplugins = $this->get_contrib_list(); $metadata = $manager->get_metadata_for_components(); diff --git a/admin/tool/dataprivacy/classes/task/initiate_data_request_task.php b/admin/tool/dataprivacy/classes/task/initiate_data_request_task.php index 0cebeb0caaf65..6554894beff31 100644 --- a/admin/tool/dataprivacy/classes/task/initiate_data_request_task.php +++ b/admin/tool/dataprivacy/classes/task/initiate_data_request_task.php @@ -30,6 +30,7 @@ use tool_dataprivacy\api; use tool_dataprivacy\contextlist_context; use tool_dataprivacy\data_request; +use tool_dataprivacy\manager; defined('MOODLE_INTERNAL') || die(); @@ -96,7 +97,7 @@ public function execute() { api::update_request_status($requestid, api::DATAREQUEST_STATUS_PREPROCESSING); // Add the list of relevant contexts to the request, and mark all as pending approval. - $privacymanager = new \core_privacy\manager(); + $privacymanager = new manager(); $contextlistcollection = $privacymanager->get_contexts_for_userid($datarequest->get('userid')); api::add_request_contexts_with_status($contextlistcollection, $requestid, contextlist_context::STATUS_PENDING); diff --git a/admin/tool/dataprivacy/classes/task/process_data_request_task.php b/admin/tool/dataprivacy/classes/task/process_data_request_task.php index 589ef01accd4a..2ef0b7d3685a0 100644 --- a/admin/tool/dataprivacy/classes/task/process_data_request_task.php +++ b/admin/tool/dataprivacy/classes/task/process_data_request_task.php @@ -33,6 +33,7 @@ use moodle_url; use tool_dataprivacy\api; use tool_dataprivacy\data_request; +use tool_dataprivacy\manager; defined('MOODLE_INTERNAL') || die(); @@ -87,7 +88,7 @@ public function execute() { $approvedclcollection = api::get_approved_contextlist_collection_for_request($requestpersistent); // Export the data. - $manager = new \core_privacy\manager(); + $manager = new manager(); $exportedcontent = $manager->export_user_data($approvedclcollection); $fs = get_file_storage(); @@ -109,7 +110,7 @@ public function execute() { $approvedclcollection = api::get_approved_contextlist_collection_for_request($requestpersistent); // Delete the data. - $manager = new \core_privacy\manager(); + $manager = new manager(); $manager->delete_data_for_user($approvedclcollection); } diff --git a/admin/tool/dataprivacy/db/messages.php b/admin/tool/dataprivacy/db/messages.php index 685d9b29ef027..2c1d239d4a03b 100644 --- a/admin/tool/dataprivacy/db/messages.php +++ b/admin/tool/dataprivacy/db/messages.php @@ -41,4 +41,12 @@ 'email' => MESSAGE_PERMITTED + MESSAGE_DEFAULT_LOGGEDIN + MESSAGE_DEFAULT_LOGGEDOFF, ] ], + + // Notify Data Protection Officer about exceptions. + 'notifyexceptions' => [ + 'defaults' => [ + 'email' => MESSAGE_PERMITTED + MESSAGE_DEFAULT_LOGGEDIN + MESSAGE_DEFAULT_LOGGEDOFF, + ], + 'capability' => 'tool/dataprivacy:managedatarequests' + ], ]; diff --git a/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php b/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php index 8b089c7283faa..40dc1e7cadbb8 100644 --- a/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php +++ b/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php @@ -101,6 +101,8 @@ $string['errorrequestnotfound'] = 'Request not found'; $string['errorrequestnotwaitingforapproval'] = 'The request is not awaiting approval. Either it is not yet ready or it has already been processed.'; $string['errorsendingmessagetodpo'] = 'An error was encountered while trying to send a message to {$a}.'; +$string['exceptionnotificationsubject'] = "Exception occured while processing privacy data"; +$string['exceptionnotificationbody'] = "

Exception occured while calling {\$a->fullmethodname}.
This means that plugin {\$a->component} did not complete processing data. Below you can find exception information that can be passed to the plugin developer.

{\$a->message}
\n\n{\$a->backtrace}
"; $string['expiredretentionperiodtask'] = 'Expired retention period'; $string['expiry'] = 'Expiry'; $string['expandplugin'] = 'Expand and collapse plugin.'; @@ -148,6 +150,7 @@ $string['lawfulbases_help'] = 'Select at least one option that will serve as the lawful basis for processing personal data. For details on these lawful bases, please see GDPR Art. 6.1'; $string['messageprovider:contactdataprotectionofficer'] = 'Data requests'; $string['messageprovider:datarequestprocessingresults'] = 'Data request processing results'; +$string['messageprovider:notifyexceptions'] = 'Data requests exceptions notifications'; $string['message'] = 'Message'; $string['messagelabel'] = 'Message:'; $string['moduleinstancename'] = '{$a->instancename} ({$a->modulename})'; diff --git a/admin/tool/dataprivacy/version.php b/admin/tool/dataprivacy/version.php index 3561d57d51860..7b7bde4be6e9f 100644 --- a/admin/tool/dataprivacy/version.php +++ b/admin/tool/dataprivacy/version.php @@ -24,6 +24,6 @@ defined('MOODLE_INTERNAL') || die; -$plugin->version = 2018051400; +$plugin->version = 2018051401; $plugin->requires = 2018050800; // Moodle 3.5dev (Build 2018031600) and upwards. $plugin->component = 'tool_dataprivacy';