Skip to content

/ moodle Mirror

mirrored from git://git.moodle.org/moodle.git
Permalink
Browse files

Merge branch 'MDL-63764-master' of git://github.com/mickhawkins/moodle

  • Loading branch information
David Monllao committed Nov 5, 2018
2 parents 83868e1 + cabea2f commit 0422a13c903b00b68d1faa0ed08aa492df8bfbe8
Unified Split
Showing with 810 additions and 7 deletions.
  1. +211 −7 competency/classes/privacy/provider.php
  2. +599 −0 competency/tests/privacy_test.php
218 competency/classes/privacy/provider.php
View file
@@ -53,9 +53,11 @@
use core_competency\user_evidence_competency;
use core_competency\external\performance_helper;
use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_userlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\transform;
use core_privacy\local\request\userlist;
use core_privacy\local\request\writer;

/**
@@ -68,6 +70,7 @@
*/
class provider implements
\core_privacy\local\metadata\provider,
\core_privacy\local\request\core_userlist_provider,
\core_privacy\local\request\subsystem\provider {

/**
@@ -418,6 +421,166 @@ public static function get_contexts_for_userid(int $userid) : contextlist {
return $contextlist;
}

/**
* Get the list of users who have data within a context.
*
* @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
*/
public static function get_users_in_context(userlist $userlist) {
$context = $userlist->get_context();
$params = ['contextid' => $context->id];

// Add users who have modified the frameworks and related data in the context.
$sql = "
SELECT cf.usermodified
FROM {" . competency_framework::TABLE . "} cf
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT c.usermodified
FROM {" . competency_framework::TABLE . "} cf
JOIN {" . competency::TABLE . "} c
ON c.competencyframeworkid = cf.id
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT cr.usermodified
FROM {" . competency_framework::TABLE . "} cf
JOIN {" . competency::TABLE . "} c
ON c.competencyframeworkid = cf.id
JOIN {" . related_competency::TABLE . "} cr
ON cr.competencyid = c.id
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

// Add users who have modified the templates and related data in the context.
$sql = "
SELECT tpl.usermodified
FROM {" . template::TABLE . "} tpl
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT tch.usermodified
FROM {" . template::TABLE . "} tpl
JOIN {" . template_cohort::TABLE . "} tch
ON tch.templateid = tpl.id
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT tc.usermodified
FROM {" . template::TABLE . "} tpl
JOIN {" . template_competency::TABLE . "} tc
ON tc.templateid = tpl.id
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);

// Add users if userlist is in course context.
if (is_a($context, \context_course::class)) {
$params = ['courseid' => $context->instanceid];

$sql = "
SELECT cc.usermodified
FROM {" . course_competency::TABLE . "} cc
WHERE cc.courseid = :courseid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT ccs.usermodified
FROM {" . course_competency_settings::TABLE . "} ccs
WHERE ccs.courseid = :courseid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT ucc.userid, ucc.usermodified
FROM {" . user_competency_course::TABLE . "} ucc
WHERE ucc.courseid = :courseid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);

} else if (is_a($context, \context_module::class)) {
// Add users if userlist is in module context.
$params = ['moduleid' => $context->instanceid];

$sql = "
SELECT cmc.usermodified
FROM {" . course_module_competency::TABLE . "} cmc
WHERE cmc.cmid = :moduleid";
$userlist->add_from_sql('usermodified', $sql, $params);

} else if (is_a($context, \context_user::class)) {
$params = ['userid' => $context->instanceid];

// Add users through plan related data.
$sql = "
SELECT p.userid, p.usermodified, p.reviewerid
FROM {" . plan::TABLE . "} p
WHERE p.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('reviewerid', $sql, $params);

$sql = "
SELECT pc.usermodified
FROM {" . plan::TABLE . "} p
JOIN {" . plan_competency::TABLE . "} pc
ON pc.planid = p.id
WHERE p.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT upc.usermodified
FROM {" . user_competency_plan::TABLE . "} upc
WHERE upc.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);

// Add users through competency data.
$sql = "
SELECT uc.userid, uc.usermodified, uc.reviewerid
FROM {" . user_competency::TABLE . "} uc
WHERE uc.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('reviewerid', $sql, $params);

$sql = "
SELECT e.usermodified, e.actionuserid
FROM {" . user_competency::TABLE . "} uc
JOIN {" . evidence::TABLE . "} e
ON e.usercompetencyid = uc.id
WHERE uc.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('actionuserid', $sql, $params);

// Add users through evidence data.
$sql = "
SELECT ue.userid, ue.usermodified
FROM {" . user_evidence::TABLE . "} ue
WHERE ue.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);

$sql = "
SELECT ue.usermodified
FROM {" . user_evidence::TABLE . "} ue
JOIN {" . user_evidence_competency::TABLE . "} uec
ON uec.userevidenceid = ue.id
WHERE ue.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
}

// Add users who commented in the context.
// Note: Comment component must be competency and not core_competency.
\core_comment\privacy\provider::get_users_in_context_from_sql(
$userlist, 'com', 'competency', 'plan', $context->id);

\core_comment\privacy\provider::get_users_in_context_from_sql(
$userlist, 'com', 'competency', 'user_competency', $context->id);
}

/**
* Export all user data for the specified user, in the specified contexts.
*
@@ -478,8 +641,7 @@ public static function delete_data_for_all_users_in_context(context $context) {
break;

case CONTEXT_COURSE:
$courseid = $context->instanceid;
$DB->delete_records(user_competency_course::TABLE, ['courseid' => $courseid]);
static::delete_user_competencies_in_course($context->instanceid);
break;
}
}
@@ -510,12 +672,43 @@ public static function delete_data_for_user(approved_contextlist $contextlist) {
break;

case CONTEXT_COURSE:
static::delete_user_competencies_in_course($userid, $context->instanceid);
static::delete_user_competencies_in_course($context->instanceid, [$userid]);
break;
}
}
}

/**
* Delete multiple users within a single context.
*
* Here we only delete the private data of users, not whether they modified, are reviewing,
* or are associated with the record on at a second level. Only data directly linked to the
* user will be affected.
*
* @param approved_userlist $userlist The approved context and user information to delete information for.
*/
public static function delete_data_for_users(approved_userlist $userlist) {
$context = $userlist->get_context();
$userids = $userlist->get_userids();

switch ($context->contextlevel) {
case CONTEXT_USER:
// Only delete the user's information when their context is being deleted.
// We do not take any action on other user's contexts because we don't own the data there.
if (in_array($context->instanceid, $userids)) {
static::delete_user_evidence_of_prior_learning($context->instanceid);
static::delete_user_plans($context->instanceid);
static::delete_user_competencies($context->instanceid);
}

break;

case CONTEXT_COURSE:
static::delete_user_competencies_in_course($context->instanceid, $userids);
break;
}
}

/**
* Delete evidence of prior learning.
*
@@ -601,15 +794,26 @@ protected static function delete_user_competencies($userid) {
}

/**
* Delete the record of competencies for a user in a course.
* Delete the record of competencies for user(s) in a course.
*
* @param int $userid The user ID.
* @param int $courseid The course ID.
* @param int[] $userids The user IDs, if deleting for specific user(s).
* @return void
*/
protected static function delete_user_competencies_in_course($userid, $courseid) {
protected static function delete_user_competencies_in_course($courseid, $userids = []) {
global $DB;
$DB->delete_records(user_competency_course::TABLE, ['userid' => $userid, 'courseid' => $courseid]);

$params = ['courseid' => $courseid];
$where = "courseid = :courseid";

if (!empty($userids)) {
list($insql, $inparams) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED);
$params = $params + $inparams;

$where .= " AND userid {$insql}";
}

$DB->delete_records_select(user_competency_course::TABLE, $where, $params);
}

/**

0 comments on commit 0422a13

Please sign in to comment.