MDL-62425 core: Add privacy implementation

moodle · May 14, 2018 · ef0f37c · ef0f37c
1 parent b5b86c2
commit ef0f37c
Show file tree

Hide file tree

Showing 2 changed files with 161 additions and 0 deletions.
diff --git a/lang/en/moodle.php b/lang/en/moodle.php
@@ -1551,6 +1551,32 @@
 $string['previouslyselectedusers'] = 'Previously selected users not matching \'{$a}\'';
 $string['previoussection'] = 'Previous section';
 $string['primaryadminsetup'] = 'Setup administrator account';
+$string['privacy:metadata:config_log'] = 'The log of configuration changes.';
+$string['privacy:metadata:config_log:name'] = 'The name of the setting changes.';
+$string['privacy:metadata:config_log:oldvalue'] = 'The previous value for this setting.';
+$string['privacy:metadata:config_log:plugin'] = 'The plugin modified.';
+$string['privacy:metadata:config_log:timemodified'] = 'The time that the change was made.';
+$string['privacy:metadata:config_log:userid'] = 'The user who made the change.';
+$string['privacy:metadata:config_log:value'] = 'The  new value for this setting.';
+$string['privacy:metadata:events_queue'] = 'The queue of user events waiting to be processed.';
+$string['privacy:metadata:events_queue:eventdata'] = 'The data stored in the event.';
+$string['privacy:metadata:events_queue:stackdump'] = 'Any stacktrace associated with this event.';
+$string['privacy:metadata:events_queue:timecreated'] = 'The time that this event was created.';
+$string['privacy:metadata:events_queue:userid'] = 'The userid associated with this event.';
+$string['privacy:metadata:task_adhoc'] = 'The status of adhoc tasks.';
+$string['privacy:metadata:task_adhoc:component'] = 'The component owning the task.';
+$string['privacy:metadata:task_adhoc:nextruntime'] = 'The earliest time to run this task.';
+$string['privacy:metadata:task_adhoc:userid'] = 'The user to run the task as.';
+$string['privacy:metadata:upgrade_log'] = 'The upgrade log.';
+$string['privacy:metadata:upgrade_log:backtrace'] = 'Any backtrace associated with this upgrade step.';
+$string['privacy:metadata:upgrade_log:details'] = 'Extra information relating to the upgrade.';
+$string['privacy:metadata:upgrade_log:info'] = 'The main information for this upgrade step.';
+$string['privacy:metadata:upgrade_log:plugin'] = 'The plugin which was upgraded.';
+$string['privacy:metadata:upgrade_log:targetversion'] = 'The new version to upgrade to.';
+$string['privacy:metadata:upgrade_log:timemodified'] = 'The time that the upgrade took place.';
+$string['privacy:metadata:upgrade_log:type'] = 'The type of log entry.';
+$string['privacy:metadata:upgrade_log:userid'] = 'The user who ran the upgrade.';
+$string['privacy:metadata:upgrade_log:version'] = 'The old version of the plugin.';
 $string['privatefiles'] = 'Private files';
 $string['privatefilesmanage'] = 'Manage private files';
 $string['private_files_handler'] = 'Store attachments to an e-mail in the user\'s private files storage space.';

diff --git a/lib/classes/privacy/provider.php b/lib/classes/privacy/provider.php
@@ -0,0 +1,135 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Privacy class for requesting user data.
+ *
+ * @package    core
+ * @copyright  2018 Andrew Nicols <andrew@nicols.co.uk>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+namespace core\privacy;
+
+defined('MOODLE_INTERNAL') || die();
+
+use \core_privacy\local\metadata\collection;
+use \core_privacy\local\request\contextlist;
+use \core_privacy\local\request\approved_contextlist;
+
+/**
+ * Privacy class for requesting user data.
+ *
+ * @package    core
+ * @copyright  2018 Andrew Nicols <andrew@nicols.co.uk>
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\subsystem\provider {
+
+    /**
+     * Returns information about the user data stored in this component.
+     *
+     * @param  collection $collection A list of information about this component
+     * @return collection The collection object filled out with information about this component.
+     */
+    public static function get_metadata(collection $collection) : collection {
+        // These tables are really data about site configuration and not user data.
+
+        // The config_log includes information about which user performed a configuration change.
+        // The value and oldvalue may contain sensitive information such as accounts for service passwords..
+        // This is not considered to be user data.
+        $collection->add_database_table('config_log', [
+                'userid'        => 'privacy:metadata:config_log:userid',
+                'timemodified'  => 'privacy:metadata:config_log:timemodified',
+                'plugin'        => 'privacy:metadata:config_log:plugin',
+                'name'          => 'privacy:metadata:config_log:name',
+                'value'         => 'privacy:metadata:config_log:value',
+                'oldvalue'      => 'privacy:metadata:config_log:oldvalue',
+            ], 'privacy:metadata:config_log');
+
+        // The upgrade_log includes information about which user performed an upgrade.
+        // This is not considered to be user data.
+        $collection->add_database_table('upgrade_log', [
+                'type'          => 'privacy:metadata:upgrade_log:type',
+                'plugin'        => 'privacy:metadata:upgrade_log:plugin',
+                'version'       => 'privacy:metadata:upgrade_log:version',
+                'targetversion' => 'privacy:metadata:upgrade_log:targetversion',
+                'info'          => 'privacy:metadata:upgrade_log:info',
+                'details'       => 'privacy:metadata:upgrade_log:details',
+                'backtrace'     => 'privacy:metadata:upgrade_log:backtrace',
+                'userid'        => 'privacy:metadata:upgrade_log:userid',
+                'timemodified'  => 'privacy:metadata:upgrade_log:timemodified',
+            ], 'privacy:metadata:upgrade_log');
+
+        // The task_adhoc includes information about pending adhoc tasks, some of which may be run as a user.
+        // These are removed as the task completes.
+        $collection->add_database_table('task_adhoc', [
+                'component'     => 'privacy:metadata:task_adhoc:component',
+                'nextruntime'   => 'privacy:metadata:task_adhoc:nextruntime',
+                'userid'        => 'privacy:metadata:task_adhoc:userid',
+            ], 'privacy:metadata:task_adhoc');
+
+        // The events_queue includes information about pending events tasks.
+        // These are stored for short periods whilst being processed into other locations.
+        $collection->add_database_table('events_queue', [
+                'eventdata'     => 'privacy:metadata:events_queue:eventdata',
+                'stackdump'     => 'privacy:metadata:events_queue:stackdump',
+                'userid'        => 'privacy:metadata:events_queue:userid',
+                'timecreated'   => 'privacy:metadata:events_queue:timecreated',
+            ], 'privacy:metadata:events_queue');
+
+        return $collection;
+    }
+
+    /**
+     * Get the list of contexts that contain user information for the specified user.
+     *
+     * @param   int $userid The user to search.
+     * @return  contextlist $contextlist The contextlist containing the list of contexts used in this plugin.
+     */
+    public static function get_contexts_for_userid(int $userid) : contextlist {
+        return new contextlist();
+    }
+
+    /**
+     * Export all user data for the specified user, in the specified contexts.
+     *
+     * @param approved_contextlist $contextlist The approved contexts to export information for.
+     */
+    public static function export_user_data(approved_contextlist $contextlist) {
+        // None of the core tables should be exported.
+    }
+
+    /**
+     * Delete all data for all users in the specified context.
+     *
+     * @param context $context The specific context to delete data for.
+     */
+    public static function delete_data_for_all_users_in_context(\context $context) {
+        // None of the the data from these tables should be deleted.
+    }
+
+    /**
+     * Delete all user data for the specified user, in the specified contexts.
+     *
+     * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
+     */
+    public static function delete_data_for_user(approved_contextlist $contextlist) {
+        // None of the the data from these tables should be deleted.
+        // Note: Although it may be tempting to delete the adhoc task data, do not do so.
+        // The delete process is run as an adhoc task.
+    }
+}