Skip to content

Commit

Permalink
Fix link, add cron reminder of user requests see #2555
Browse files Browse the repository at this point in the history
  • Loading branch information
@jmontoyaa
jmontoyaa committed Aug 7, 2018
1 parent b3ee25e commit 40ffb93
Show file tree
Hide file tree
Showing 4 changed files with 115 additions and 13 deletions.
13 changes: 1 addition & 12 deletions main/admin/user_list_consent.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,18 +465,7 @@ function status_filter($status)
if ($check) {
switch ($action) {
case 'delete_terms':
$extraFieldValue = new ExtraFieldValue('user');
$value = $extraFieldValue->get_values_by_handler_and_field_variable(
$_GET['user_id'],
'legal_accept'
);
$result = $extraFieldValue->delete($value['id']);

$value = $extraFieldValue->get_values_by_handler_and_field_variable(
$_GET['user_id'],
'request_for_legal_agreement_consent_removal'
);
$result = $extraFieldValue->delete($value['id']);
UserManager::cleanUserRequestsOfRemoval($_GET['user_id']);

Display::addFlash(Display::return_message(get_lang('Deleted')));
header('Location: '.api_get_self());
Expand Down
84 changes: 84 additions & 0 deletions main/cron/request_removal_reminder.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
<?php
/* For licensing terms, see /license.txt */

require_once __DIR__.'/../inc/global.inc.php';

$urlList = UrlManager::get_url_data();

$defaultSenderId = 1;

// Loop all portals
foreach ($urlList as $url) {
// Set access_url in order to get the correct url links and admins
$_configuration['access_url'] = $url['id'];

$sql = '';
$user_table = Database::get_main_table(TABLE_MAIN_USER);
$admin_table = Database::get_main_table(TABLE_MAIN_ADMIN);

$sql .= "SELECT u.id, v.updated_at FROM $user_table u";

// adding the filter to see the user's only of the current access_url
if (api_get_multiple_access_url()) {
$access_url_rel_user_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
$sql .= " INNER JOIN $access_url_rel_user_table url_rel_user
ON (u.id = url_rel_user.user_id)";
}

$extraFields = UserManager::createDataPrivacyExtraFields();
$extraFieldId = $extraFields['delete_legal'];
$extraFieldIdDeleteAccount = $extraFields['delete_account_extra_field'];

$extraFieldValue = Database::get_main_table(TABLE_EXTRA_FIELD_VALUES);
$sql .= " INNER JOIN $extraFieldValue v
ON (
u.id = v.item_id AND
(field_id = $extraFieldId OR field_id = $extraFieldIdDeleteAccount) AND
v.value = 1
) ";

$sql .= " WHERE 1 = 1 ";

if (api_get_multiple_access_url()) {
$sql .= " AND url_rel_user.access_url_id = ".api_get_current_access_url_id();
}

$numberOfDays = 7;
$date = new DateTime();
$date->sub(new \DateInterval('P'.$numberOfDays.'D'));
$dateToString = $date->format('Y-m-d h:i:s');
$sql .= " AND v.updated_at < '$dateToString'";

$url = api_get_path(WEB_CODE_PATH).'admin/user_list_consent.php';
$link = Display::url($url, $url);
$subject = get_lang('UserRequestWaitingForAction');

$email = api_get_configuration_value('data_protection_officer_email');

$message = 'Checking requests from '.strip_tags(Display::dateToStringAgoAndLongDate($dateToString))."\n";

$result = Database::query($sql);
while ($user = Database::fetch_array($result, 'ASSOC')) {
$userId = $user['id'];
$userInfo = api_get_user_info($userId);
if ($userInfo) {
$content = sprintf(
get_lang('TheUserXIsWaitingForAnActionGoHereX'),
$userInfo['complete_name'],
$link
);

if (!empty($email)) {
api_mail_html('', $email, $subject, $content);
} else {
MessageManager::sendMessageToAllAdminUsers($defaultSenderId, $subject, $content);
}

$date = strip_tags(Display::dateToStringAgoAndLongDate($user['updated_at']));
$message .= "User ".$userInfo['complete_name_with_username']." is waiting for an action since $date \n";
}
}

echo $message;
}

29 changes: 29 additions & 0 deletions main/inc/lib/usermanager.lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6086,6 +6086,8 @@ public static function anonymize($userId, $deleteIP = true)
;

self::deleteUserPicture($userId);
self::cleanUserRequestsOfRemoval($userId);

// The IP address is a border-case personal data, as it does
// not directly allow for personal identification (it is not
// a completely safe value in most countries - the IP could
Expand Down Expand Up @@ -6379,4 +6381,31 @@ private static function getGravatar(

return $url;
}

/**
* @param int $userId
*/
public static function cleanUserRequestsOfRemoval($userId)
{
$userId = (int) $userId;

$extraFieldValue = new ExtraFieldValue('user');
$extraFieldsToDelete = [
'legal_accept',
'request_for_legal_agreement_consent_removal',
'request_for_legal_agreement_consent_removal_justification',
'request_for_delete_account_justification', // just in case delete also this
'request_for_delete_account',
];

foreach ($extraFieldsToDelete as $variable) {
$value = $extraFieldValue->get_values_by_handler_and_field_variable(
$userId,
$variable
);
if ($value && isset($value['id'])) {
$extraFieldValue->delete($value['id']);
}
}
}
}
2 changes: 1 addition & 1 deletion main/social/personal_data.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,7 +181,7 @@
$userInfo
);

$url = api_get_path(WEB_CODE_PATH).'admin/';
$url = api_get_path(WEB_CODE_PATH).'admin/user_list_consent.php';
$link = Display::url($url, $url);
$subject = get_lang('RequestForLegalConsentRemoval');
$content = sprintf(
Expand Down

0 comments on commit 40ffb93

Please sign in to comment.