Permalink
Browse files

Merge branch 'MDL-63764-35' of git://github.com/mickhawkins/moodle in…

…to MOODLE_35_STABLE
  • Loading branch information...
dmonllao committed Nov 5, 2018
2 parents ce8ada0 + ea1f81d commit 3b8730628ba2dc6fe63cd9d53a8df75a0aade9b6
Showing with 810 additions and 7 deletions.
  1. +211 −7 competency/classes/privacy/provider.php
  2. +599 −0 competency/tests/privacy_test.php
@@ -53,9 +53,11 @@
use core_competency\user_evidence_competency;
use core_competency\external\performance_helper;
use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_userlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\transform;
use core_privacy\local\request\userlist;
use core_privacy\local\request\writer;
/**
@@ -68,6 +70,7 @@
*/
class provider implements
\core_privacy\local\metadata\provider,
\core_privacy\local\request\core_userlist_provider,
\core_privacy\local\request\subsystem\provider {
/**
@@ -418,6 +421,166 @@ public static function get_contexts_for_userid(int $userid) : contextlist {
return $contextlist;
}
/**
* Get the list of users who have data within a context.
*
* @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
*/
public static function get_users_in_context(userlist $userlist) {
$context = $userlist->get_context();
$params = ['contextid' => $context->id];
// Add users who have modified the frameworks and related data in the context.
$sql = "
SELECT cf.usermodified
FROM {" . competency_framework::TABLE . "} cf
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT c.usermodified
FROM {" . competency_framework::TABLE . "} cf
JOIN {" . competency::TABLE . "} c
ON c.competencyframeworkid = cf.id
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT cr.usermodified
FROM {" . competency_framework::TABLE . "} cf
JOIN {" . competency::TABLE . "} c
ON c.competencyframeworkid = cf.id
JOIN {" . related_competency::TABLE . "} cr
ON cr.competencyid = c.id
WHERE cf.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
// Add users who have modified the templates and related data in the context.
$sql = "
SELECT tpl.usermodified
FROM {" . template::TABLE . "} tpl
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT tch.usermodified
FROM {" . template::TABLE . "} tpl
JOIN {" . template_cohort::TABLE . "} tch
ON tch.templateid = tpl.id
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT tc.usermodified
FROM {" . template::TABLE . "} tpl
JOIN {" . template_competency::TABLE . "} tc
ON tc.templateid = tpl.id
WHERE tpl.contextid = :contextid";
$userlist->add_from_sql('usermodified', $sql, $params);
// Add users if userlist is in course context.
if (is_a($context, \context_course::class)) {
$params = ['courseid' => $context->instanceid];
$sql = "
SELECT cc.usermodified
FROM {" . course_competency::TABLE . "} cc
WHERE cc.courseid = :courseid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT ccs.usermodified
FROM {" . course_competency_settings::TABLE . "} ccs
WHERE ccs.courseid = :courseid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT ucc.userid, ucc.usermodified
FROM {" . user_competency_course::TABLE . "} ucc
WHERE ucc.courseid = :courseid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
} else if (is_a($context, \context_module::class)) {
// Add users if userlist is in module context.
$params = ['moduleid' => $context->instanceid];
$sql = "
SELECT cmc.usermodified
FROM {" . course_module_competency::TABLE . "} cmc
WHERE cmc.cmid = :moduleid";
$userlist->add_from_sql('usermodified', $sql, $params);
} else if (is_a($context, \context_user::class)) {
$params = ['userid' => $context->instanceid];
// Add users through plan related data.
$sql = "
SELECT p.userid, p.usermodified, p.reviewerid
FROM {" . plan::TABLE . "} p
WHERE p.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('reviewerid', $sql, $params);
$sql = "
SELECT pc.usermodified
FROM {" . plan::TABLE . "} p
JOIN {" . plan_competency::TABLE . "} pc
ON pc.planid = p.id
WHERE p.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT upc.usermodified
FROM {" . user_competency_plan::TABLE . "} upc
WHERE upc.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
// Add users through competency data.
$sql = "
SELECT uc.userid, uc.usermodified, uc.reviewerid
FROM {" . user_competency::TABLE . "} uc
WHERE uc.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('reviewerid', $sql, $params);
$sql = "
SELECT e.usermodified, e.actionuserid
FROM {" . user_competency::TABLE . "} uc
JOIN {" . evidence::TABLE . "} e
ON e.usercompetencyid = uc.id
WHERE uc.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
$userlist->add_from_sql('actionuserid', $sql, $params);
// Add users through evidence data.
$sql = "
SELECT ue.userid, ue.usermodified
FROM {" . user_evidence::TABLE . "} ue
WHERE ue.userid = :userid";
$userlist->add_from_sql('userid', $sql, $params);
$userlist->add_from_sql('usermodified', $sql, $params);
$sql = "
SELECT ue.usermodified
FROM {" . user_evidence::TABLE . "} ue
JOIN {" . user_evidence_competency::TABLE . "} uec
ON uec.userevidenceid = ue.id
WHERE ue.userid = :userid";
$userlist->add_from_sql('usermodified', $sql, $params);
}
// Add users who commented in the context.
// Note: Comment component must be competency and not core_competency.
\core_comment\privacy\provider::get_users_in_context_from_sql(
$userlist, 'com', 'competency', 'plan', $context->id);
\core_comment\privacy\provider::get_users_in_context_from_sql(
$userlist, 'com', 'competency', 'user_competency', $context->id);
}
/**
* Export all user data for the specified user, in the specified contexts.
*
@@ -478,8 +641,7 @@ public static function delete_data_for_all_users_in_context(context $context) {
break;
case CONTEXT_COURSE:
$courseid = $context->instanceid;
$DB->delete_records(user_competency_course::TABLE, ['courseid' => $courseid]);
static::delete_user_competencies_in_course($context->instanceid);
break;
}
}
@@ -511,12 +673,43 @@ public static function delete_data_for_user(approved_contextlist $contextlist) {
break;
case CONTEXT_COURSE:
static::delete_user_competencies_in_course($userid, $context->instanceid);
static::delete_user_competencies_in_course($context->instanceid, [$userid]);
break;
}
}
}
/**
* Delete multiple users within a single context.
*
* Here we only delete the private data of users, not whether they modified, are reviewing,
* or are associated with the record on at a second level. Only data directly linked to the
* user will be affected.
*
* @param approved_userlist $userlist The approved context and user information to delete information for.
*/
public static function delete_data_for_users(approved_userlist $userlist) {
$context = $userlist->get_context();
$userids = $userlist->get_userids();
switch ($context->contextlevel) {
case CONTEXT_USER:
// Only delete the user's information when their context is being deleted.
// We do not take any action on other user's contexts because we don't own the data there.
if (in_array($context->instanceid, $userids)) {
static::delete_user_evidence_of_prior_learning($context->instanceid);
static::delete_user_plans($context->instanceid);
static::delete_user_competencies($context->instanceid);
}
break;
case CONTEXT_COURSE:
static::delete_user_competencies_in_course($context->instanceid, $userids);
break;
}
}
/**
* Delete evidence of prior learning.
*
@@ -602,15 +795,26 @@ protected static function delete_user_competencies($userid) {
}
/**
* Delete the record of competencies for a user in a course.
* Delete the record of competencies for user(s) in a course.
*
* @param int $userid The user ID.
* @param int $courseid The course ID.
* @param int[] $userids The user IDs, if deleting for specific user(s).
* @return void
*/
protected static function delete_user_competencies_in_course($userid, $courseid) {
protected static function delete_user_competencies_in_course($courseid, $userids = []) {
global $DB;
$DB->delete_records(user_competency_course::TABLE, ['userid' => $userid, 'courseid' => $courseid]);
$params = ['courseid' => $courseid];
$where = "courseid = :courseid";
if (!empty($userids)) {
list($insql, $inparams) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED);
$params = $params + $inparams;
$where .= " AND userid {$insql}";
}
$DB->delete_records_select(user_competency_course::TABLE, $where, $params);
}
/**
Oops, something went wrong.

0 comments on commit 3b87306

Please sign in to comment.