Skip to content

Commit

Permalink
MDL-61307 core_comment: Add implementation of privacy API
Browse files Browse the repository at this point in the history
  • Loading branch information
@abgreeve @andrewnicols
abgreeve authored and andrewnicols committed Mar 9, 2018
1 parent a63717d commit d17dc20
Show file tree
Hide file tree
Showing 3 changed files with 351 additions and 0 deletions.
130 changes: 130 additions & 0 deletions comment/classes/privacy/provider.php
View file
@@ -0,0 +1,130 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.

/**
* Privacy class for requesting user data.
*
* @package core_comment
* @copyright 2018 Adrian Greeve <adrian@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

namespace core_comment\privacy;

defined('MOODLE_INTERNAL') || die();

use \core_privacy\local\metadata\collection;
use \core_privacy\local\request\transform;

/**
* Privacy class for requesting user data.
*
* @package core_comment
* @copyright 2018 Adrian Greeve <adrian@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\subsystem\plugin_provider {

/**
* Returns meta data about this system.
*
* @param collection $collection The initialised collection to add items to.
* @return collection A listing of user data stored through this system.
*/
public static function get_metadata(collection $collection) {
$collection->add_database_table('comments', [
'content' => 'privacy:metadata:comment:content',
'timecreated' => 'privacy:metadata:comment:timecreated',
'userid' => 'privacy:metadata:comment:userid',
], 'privacy:metadata:comment');

return $collection;
}

/**
* Writes user data to the writer for the user to download.
*
* @param array $context Contexts to run through and return data.
* @param string $component The component that is calling this function
* @param string $commentarea The comment area related to the component
* @param int $itemid An identifier for a group of comments
* @param array $subcontext The sub-context in which to export this data
* @param bool $onlyforthisuser Only return the comments this user made.
*/
public static function export_comments($context, $component, $commentarea, $itemid, $subcontext, $onlyforthisuser = true) {

$data = new \stdClass;
$data->context = $context;
$data->area = $commentarea;
$data->itemid = $itemid;
$data->component = $component;

$commentobject = new \comment($data);
$commentobject->set_view_permission(true);
$comments = $commentobject->get_comments(0);
$subcontext[] = get_string('commentsubcontext', 'core_comment');

$comments = array_filter($comments, function($comment) use ($onlyforthisuser) {
global $USER;

return (!$onlyforthisuser || $comment->userid == $USER->id);
});

$comments = array_map(function($comment) {
return (object) [
'content' => $comment->content,
'time' => transform::datetime($comment->timecreated),
'userid' => transform::user($comment->userid),
];
}, $comments);

if (!empty($comments)) {
\core_privacy\local\request\writer::with_context($context)
->export_data($subcontext, (object) [
'comments' => $comments,
]);
}
}

/**
* Deletes all comments for a specified context.
*
* @param \core_privacy\local\request\deletion_criteria $criteria Details about which context to delete comments for.
*/
public static function delete_comments_for_context(\core_privacy\local\request\deletion_criteria $criteria) {
global $DB;
$DB->delete_records('comments', ['contextid' => $criteria->get_context()->id]);
}

/**
* Deletes all records for a user from a list of approved contexts.
*
* @param \core_privacy\local\request\approved_contextlist $contextlist Contains the user ID and a list of contexts to be
* deleted from.
*/
public static function delete_comments_for_user_in_context(\core_privacy\local\request\approved_contextlist $contextlist) {
global $DB;

$userid = $contextlist->get_user()->id;
$contextids = implode(',', $contextlist->get_contextids());
$params = ['userid' => $userid];
list($insql, $inparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
$params += $inparams;

$select = "userid = :userid and contextid $insql";
$DB->delete_records_select('comments', $select, $params);
}
}
192 changes: 192 additions & 0 deletions comment/tests/privacy_test.php
View file
@@ -0,0 +1,192 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy tests for core_comment.
*
* @package core_comment
* @category test
* @copyright 2018 Adrian Greeve <adrian@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

defined('MOODLE_INTERNAL') || die();
global $CFG;

require_once($CFG->dirroot . '/comment/locallib.php');
require_once($CFG->dirroot . '/comment/lib.php');

use \core_privacy\tests\provider_testcase;

/**
* Unit tests for comment/classes/privacy/policy
*
* @copyright 2018 Adrian Greeve <adrian@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class core_comment_privacy_testcase extends provider_testcase {

/**
* Check the exporting of comments for a user id in a context.
*/
public function test_export_comments() {
$this->resetAfterTest(true);
$course = $this->getDataGenerator()->create_course();
$context = context_course::instance($course->id);

$comment = $this->get_comment_object($context, $course);

$user1 = $this->getDataGenerator()->create_user();
$user2 = $this->getDataGenerator()->create_user();

// Add comments.
$comments = [];
$firstcomment = 'This is the first comment';
$this->setUser($user1);
$comment->add($firstcomment);
$comments[$user1->id] = $firstcomment;

$secondcomment = 'From the second user';
$this->setUser($user2);
$comment->add($secondcomment);
$comments[$user2->id] = $secondcomment;

// Retrieve comments only for user1.
$this->setUser($user1);
$writer = \core_privacy\local\request\writer::with_context($context);
\core_comment\privacy\provider::export_comments($context, 'block_comments', 'page_comments', 0, []);

$data = $writer->get_data([get_string('commentsubcontext', 'core_comment')]);
$exportedcomments = $data->comments;

// There is only one comment made by this user.
$this->assertCount(1, $exportedcomments);
$comment = reset($exportedcomments);
$this->assertEquals($comments[$user1->id], format_string($comment->content, FORMAT_PLAIN));

// Retrieve comments from any user.
\core_comment\privacy\provider::export_comments($context, 'block_comments', 'page_comments', 0, [], false);

$data = $writer->get_data([get_string('commentsubcontext', 'core_comment')]);
$exportedcomments = $data->comments;

// The whole conversation is two comments.
$this->assertCount(2, $exportedcomments);
foreach ($exportedcomments as $comment) {
$this->assertEquals($comments[$comment->userid], format_string($comment->content, FORMAT_PLAIN));
}
}

/**
* Tests the deletion of all comments in a context.
*/
public function test_delete_comments_for_context() {
$this->resetAfterTest();

$course1 = $this->getDataGenerator()->create_course();
$course2 = $this->getDataGenerator()->create_course();

$coursecontext1 = context_course::instance($course1->id);
$coursecontext2 = context_course::instance($course2->id);

$user1 = $this->getDataGenerator()->create_user();
$user2 = $this->getDataGenerator()->create_user();

$comment1 = $this->get_comment_object($coursecontext1, $course1);
$comment2 = $this->get_comment_object($coursecontext2, $course2);

$this->setUser($user1);
$comment1->add('First comment for user 1 on comment 1');
$comment2->add('First comment for user 1 on comment 2');
$this->setUser($user2);
$comment1->add('First comment for user 2 on comment 1');
$comment2->add('First comment for user 2 on comment 2');

// Delete only for the first context. All records in the comments table for this context should be removed.
$deletioncriteria = new \core_privacy\local\request\deletion_criteria($coursecontext1);
\core_comment\privacy\provider::delete_comments_for_context($deletioncriteria);
// No records left here.
$this->assertCount(0, $comment1->get_comments());
// All of the records are left intact here.
$this->assertCount(2, $comment2->get_comments());

}

/**
* Tests deletion of comments for a specified user and contexts.
*/
public function test_delete_comments_for_user_in_context() {
$this->resetAfterTest();

$course1 = $this->getDataGenerator()->create_course();
$course2 = $this->getDataGenerator()->create_course();
$course3 = $this->getDataGenerator()->create_course();

$coursecontext1 = context_course::instance($course1->id);
$coursecontext2 = context_course::instance($course2->id);
$coursecontext3 = context_course::instance($course3->id);

$user1 = $this->getDataGenerator()->create_user();
$user2 = $this->getDataGenerator()->create_user();

$comment1 = $this->get_comment_object($coursecontext1, $course1);
$comment2 = $this->get_comment_object($coursecontext2, $course2);
$comment3 = $this->get_comment_object($coursecontext3, $course3);

$this->setUser($user1);
$comment1->add('First comment for user 1');
$comment2->add('User 1 comment in second comment');

$this->setUser($user2);
$comment2->add('User two replied in comment two');
$comment3->add('Comment three for user 2.');

// Delete the comments for user 1.
$approvedcontextlist = new core_privacy\tests\request\approved_contextlist($user1, 'block_comments',
[$coursecontext1->id, $coursecontext2->id]);
\core_comment\privacy\provider::delete_comments_for_user_in_context($approvedcontextlist);

// No comments left in comments 1 as only user 1 commented there.
$this->assertCount(0, $comment1->get_comments());
// Only user 2 comments left in comments 2.
$comment2comments = $comment2->get_comments();
$this->assertCount(1, $comment2comments);
$this->assertEquals($user2->id, $comment2comments[0]->userid);
// Nothing changed here as user 1 did not leave a comment.
$comment3comments = $comment3->get_comments();
$this->assertCount(1, $comment3comments);
$this->assertEquals($user2->id, $comment3comments[0]->userid);
}

/**
* Creates a comment object
*
* @param context $context A context object.
* @param stdClass $course A course object.
* @return comment The comment object.
*/
protected function get_comment_object($context, $course) {
// Comment on course page.
$args = new stdClass;
$args->context = $context;
$args->course = $course;
$args->area = 'page_comments';
$args->itemid = 0;
$args->component = 'block_comments';
$comment = new comment($args);
$comment->set_post_permission(true);
return $comment;
}
}
29 changes: 29 additions & 0 deletions lang/en/comment.php
View file
@@ -0,0 +1,29 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.

/**
* Strings for component 'moodle', language 'en', branch 'MOODLE_20_STABLE'
*
* @package core
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

$string['commentsubcontext'] = 'Comments';
$string['privacy:metadata:comment'] = 'Stores comments of users.';
$string['privacy:metadata:comment:content'] = 'Stores the text of the comment.';
$string['privacy:metadata:comment:timecreated'] = 'Time a comment was created.';
$string['privacy:metadata:comment:userid'] = 'The user who made the comment.';

0 comments on commit d17dc20

Please sign in to comment.