Skip to content
Permalink
Browse files

MDL-62062 tool_policy: Let manager/dpo withdraw consent to policies

The policies can be revoked by clicking the "Agreed [on behalf]" ticks.
A message has been added also to explain users they must contact to
the DPO if they want to withdraw their consent to policies.
  • Loading branch information...
sarjona committed May 3, 2018
1 parent 3d34aa5 commit 461b1931c03a7d6e221b168b0d8d57bd778d458e
@@ -15,7 +15,7 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Accept policies on behalf of users (non-JS version)
* Accept or revoke policies on behalf of users (non-JS version)
*
* @package tool_policy
* @copyright 2018 Marina Glancy
@@ -28,6 +28,7 @@
$userids = optional_param_array('userids', null, PARAM_INT);
$versionids = optional_param_array('versionids', null, PARAM_INT);
$returnurl = optional_param('returnurl', null, PARAM_LOCALURL);
$action = optional_param('action', null, PARAM_ALPHA);
require_login();
if (isguestuser()) {
@@ -48,7 +49,7 @@
}
// Initialise the form, this will also validate users, versions and check permission to accept policies.
$form = new \tool_policy\form\accept_policy(null,
['versionids' => $versionids, 'userids' => $userids, 'showbuttons' => true]);
['versionids' => $versionids, 'userids' => $userids, 'showbuttons' => true, 'action' => $action]);
$form->set_data(['returnurl' => $returnurl]);
if ($form->is_cancelled()) {
@@ -58,8 +59,14 @@
redirect($returnurl);
}
if ($action == 'revoke') {
$title = get_string('revokedetails', 'tool_policy');
} else {
$title = get_string('consentdetails', 'tool_policy');
}
$output = $PAGE->get_renderer('tool_policy');
echo $output->header();
echo $output->heading(get_string('consentdetails', 'tool_policy'));
echo $output->heading($title);
$form->display();
echo $output->footer();

Some generated files are not rendered by default. Learn more.

@@ -71,6 +71,14 @@ define(['jquery', 'core/str', 'core/modal_factory', 'core/modal_events', 'core/n
},
{
key: 'ok'
},
{
key: 'revokedetails',
component: 'tool_policy'
},
{
key: 'irevokethepolicy',
component: 'tool_policy'
}
];

@@ -111,16 +119,33 @@ define(['jquery', 'core/str', 'core/modal_factory', 'core/modal_events', 'core/n
* @param {object} triggerElement The trigger HTML jQuery object
*/
AcceptOnBehalf.prototype.showFormModal = function(formData, triggerElement) {
var action;
var params = formData.split('&');
for (var i = 0; i < params.length; i++) {
var pair = params[i].split('=');
if (pair[0] == 'action') {
action = pair[1];
}
}
// Fetch the title string.
Str.get_strings(this.stringKeys).done(function(strings) {
var title;
var saveText;
if (action == 'revoke') {
title = strings[4];
saveText = strings[5];
} else {
title = strings[0];
saveText = strings[1];
}
// Create the modal.
ModalFactory.create({
type: ModalFactory.types.SAVE_CANCEL,
title: strings[0],
title: title,
body: ''
}, triggerElement).done(function(modal) {
this.modal = modal;
this.setupFormModal(formData, strings[1]);
this.setupFormModal(formData, saveText);
}.bind(this));
}.bind(this))
.fail(Notification.exception);
@@ -813,6 +813,39 @@ public static function can_accept_policies($userid = null, $throwexception = fal
}
}
/**
* Checks if user can revoke policies for themselves or on behalf of another user
*
* @param int $userid
* @param bool $throwexception
* @return bool
*/
public static function can_revoke_policies($userid = null, $throwexception = false) {
global $USER;
if (!isloggedin() || isguestuser()) {
if ($throwexception) {
throw new \moodle_exception('noguest');
} else {
return false;
}
}
if (!$userid) {
$userid = $USER->id;
}
// At the moment, current users can't revoke their own policies.
// Check capability to revoke on behalf as the real user.
$realuser = manager::get_realuser();
$usercontext = \context_user::instance($userid);
if ($throwexception) {
require_capability('tool/policy:acceptbehalf', $usercontext, $realuser);
return;
} else {
return has_capability('tool/policy:acceptbehalf', $usercontext, $realuser);
}
}
/**
* Accepts the current revisions of all policies that the user has not yet accepted
*
@@ -32,7 +32,7 @@
require_once($CFG->dirroot.'/lib/formslib.php');
/**
* Represents the form for accepting a policy.
* Represents the form for accepting or revoking a policy.
*
* @package tool_policy
* @copyright 2018 Marina Glancy
@@ -53,9 +53,10 @@ public function definition() {
if (empty($this->_customdata['versionids']) || !is_array($this->_customdata['versionids'])) {
throw new \moodle_exception('missingparam', '', '', 'versionids');
}
$revoke = (!empty($this->_customdata['action']) && $this->_customdata['action'] == 'revoke');
$userids = clean_param_array($this->_customdata['userids'], PARAM_INT);
$versionids = clean_param_array($this->_customdata['versionids'], PARAM_INT);
$usernames = $this->validate_and_get_users($userids);
$usernames = $this->validate_and_get_users($userids, $revoke);
$versionnames = $this->validate_and_get_versions($versionids);
foreach ($usernames as $userid => $name) {
@@ -75,13 +76,23 @@ public function definition() {
$mform->addElement('static', 'policy', get_string('acceptancepolicies', 'tool_policy'),
join(', ', $versionnames));
$mform->addElement('static', 'ack', '', get_string('acceptanceacknowledgement', 'tool_policy'));
if ($revoke) {
$mform->addElement('static', 'ack', '', get_string('revokeacknowledgement', 'tool_policy'));
$mform->addElement('hidden', 'action', 'revoke');
$mform->setType('action', PARAM_ALPHA);
} else {
$mform->addElement('static', 'ack', '', get_string('acceptanceacknowledgement', 'tool_policy'));
}
$mform->addElement('textarea', 'note', get_string('acceptancenote', 'tool_policy'));
$mform->setType('note', PARAM_NOTAGS);
if (!empty($this->_customdata['showbuttons'])) {
$this->add_action_buttons(true, get_string('iagreetothepolicy', 'tool_policy'));
if ($revoke) {
$this->add_action_buttons(true, get_string('irevokethepolicy', 'tool_policy'));
} else {
$this->add_action_buttons(true, get_string('iagreetothepolicy', 'tool_policy'));
}
}
$PAGE->requires->js_call_amd('tool_policy/policyactions', 'init');
@@ -91,9 +102,10 @@ public function definition() {
* Validate userids and return usernames
*
* @param array $userids
* @param boolean $revoke True if policies will be revoked; false when policies will be accepted.
* @return array (userid=>username)
*/
protected function validate_and_get_users($userids) {
protected function validate_and_get_users($userids, $revoke = false) {
global $DB;
$usernames = [];
list($sql, $params) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED);
@@ -112,7 +124,11 @@ protected function validate_and_get_users($userids) {
throw new \moodle_exception('noguest');
}
\context_helper::preload_from_record($user);
api::can_accept_policies($userid, true);
if ($revoke) {
api::can_revoke_policies($userid, true);
} else {
api::can_accept_policies($userid, true);
}
$usernames[$userid] = fullname($user);
}
return $usernames;
@@ -148,8 +164,15 @@ protected function validate_and_get_versions($versionids) {
*/
public function process() {
if ($data = $this->get_data()) {
$revoke = (!empty($data->action) && $data->action == 'revoke');
foreach ($data->userids as $userid) {
\tool_policy\api::accept_policies($data->versionids, $userid, $data->note);
if ($revoke) {
foreach ($data->versionids as $versionid) {
\tool_policy\api::revoke_acceptance($versionid, $userid, $data->note);
}
} else {
\tool_policy\api::accept_policies($data->versionids, $userid, $data->note);
}
}
}
}
@@ -50,6 +50,9 @@ class acceptances implements renderable, templatable {
/** @var moodle_url */
protected $returnurl;
/** @var bool */
protected $canrevoke;
/**
* Contructor.
*
@@ -59,6 +62,7 @@ class acceptances implements renderable, templatable {
public function __construct($userid, $returnurl = null) {
$this->userid = $userid;
$this->returnurl = $returnurl ? (new moodle_url($returnurl))->out(false) : null;
$this->canrevoke = \tool_policy\api::can_revoke_policies($this->userid);
}
/**
@@ -72,6 +76,7 @@ public function export_for_template(renderer_base $output) {
$data->hasonbehalfagreements = false;
$data->pluginbaseurl = (new moodle_url('/admin/tool/policy'))->out(false);
$data->returnurl = $this->returnurl;
$data->canrevoke = $this->canrevoke;
// Get the list of policies and versions that current user is able to see
// and the respective acceptance records for the selected user.
@@ -59,6 +59,9 @@ class user_agreement implements \templatable, \renderable {
/** @var bool */
protected $canaccept;
/** @var bool */
protected $canrevoke;
/**
* user_agreement constructor
*
@@ -68,8 +71,10 @@ class user_agreement implements \templatable, \renderable {
* @param array $versions list of versions (id=>name)
* @param bool $onbehalf whether at least one version was accepted by somebody else on behalf of the user
* @param bool $canaccept does the current user have permission to accept the policy on behalf of user $userid
* @param bool $canrevoke does the current user have permission to revoke the policy on behalf of user $userid
*/
public function __construct($userid, $accepted, moodle_url $pageurl, $versions, $onbehalf = false, $canaccept = null) {
public function __construct($userid, $accepted, moodle_url $pageurl, $versions, $onbehalf = false,
$canaccept = null, $canrevoke = null) {
$this->userid = $userid;
$this->onbehalf = $onbehalf;
$this->pageurl = $pageurl;
@@ -79,6 +84,9 @@ public function __construct($userid, $accepted, moodle_url $pageurl, $versions,
if (count($this->accepted) < count($this->versions) && $canaccept === null) {
$this->canaccept = \tool_policy\api::can_accept_policies($this->userid);
}
if (count($this->accepted) == count($this->versions) && $canrevoke === null) {
$this->canrevoke = \tool_policy\api::can_revoke_policies($this->userid);
}
}
/**
@@ -92,6 +100,7 @@ public function export_for_template(\renderer_base $output) {
'status' => count($this->accepted) == count($this->versions),
'onbehalf' => $this->onbehalf,
'canaccept' => $this->canaccept,
'canrevoke' => $this->canrevoke,
];
if (!$data['status'] && $this->canaccept) {
$linkparams = ['userids[0]' => $this->userid];
@@ -101,6 +110,15 @@ public function export_for_template(\renderer_base $output) {
$linkparams['returnurl'] = $this->pageurl->out_as_local_url(false);
$link = new \moodle_url('/admin/tool/policy/accept.php', $linkparams);
$data['acceptlink'] = $link->out(false);
} else if ($data['status'] && $this->canrevoke) {
$linkparams = ['userids[0]' => $this->userid];
foreach (array_keys($this->versions) as $versionid) {
$linkparams["versionids[{$versionid}]"] = $versionid;
}
$linkparams['returnurl'] = $this->pageurl->out_as_local_url(false);
$linkparams['action'] = 'revoke';
$link = new \moodle_url('/admin/tool/policy/accept.php', $linkparams);
$data['revokelink'] = $link->out(false);
}
$data['singleversion'] = count($this->versions) == 1;
if ($data['singleversion']) {

0 comments on commit 461b193

Please sign in to comment.
You can’t perform that action at this time.