|
| 1 | +<?php |
| 2 | +// This file is part of Moodle - http://moodle.org/ |
| 3 | +// |
| 4 | +// Moodle is free software: you can redistribute it and/or modify |
| 5 | +// it under the terms of the GNU General Public License as published by |
| 6 | +// the Free Software Foundation, either version 3 of the License, or |
| 7 | +// (at your option) any later version. |
| 8 | +// |
| 9 | +// Moodle is distributed in the hope that it will be useful, |
| 10 | +// but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | +// GNU General Public License for more details. |
| 13 | +// |
| 14 | +// You should have received a copy of the GNU General Public License |
| 15 | +// along with Moodle. If not, see <http://www.gnu.org/licenses/>. |
| 16 | + |
| 17 | +/** |
| 18 | + * Privacy Subsystem implementation for editor_atto. |
| 19 | + * |
| 20 | + * @package editor_atto |
| 21 | + * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk> |
| 22 | + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
| 23 | + */ |
| 24 | + |
| 25 | +namespace editor_atto\privacy; |
| 26 | + |
| 27 | +defined('MOODLE_INTERNAL') || die(); |
| 28 | + |
| 29 | +use \core_privacy\local\request\approved_contextlist; |
| 30 | +use \core_privacy\local\request\writer; |
| 31 | +use \core_privacy\local\request\helper; |
| 32 | +use \core_privacy\local\request\deletion_criteria; |
| 33 | +use \core_privacy\local\metadata\collection; |
| 34 | + |
| 35 | +/** |
| 36 | + * Privacy Subsystem implementation for editor_atto. |
| 37 | + * |
| 38 | + * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk> |
| 39 | + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later |
| 40 | + */ |
| 41 | +class provider implements |
| 42 | + // The Atto editor stores user provided data. |
| 43 | + \core_privacy\local\metadata\provider, |
| 44 | + |
| 45 | + // The Atto editor provides data directly to core. |
| 46 | + \core_privacy\local\request\plugin\provider { |
| 47 | + |
| 48 | + /** |
| 49 | + * Returns information about how editor_atto stores its data. |
| 50 | + * |
| 51 | + * @param collection $collection The initialised collection to add items to. |
| 52 | + * @return collection A listing of user data stored through this system. |
| 53 | + */ |
| 54 | + public static function get_metadata(collection $collection) : collection { |
| 55 | + // There isn't much point giving details about the pageid, etc. |
| 56 | + $collection->add_database_table('editor_atto_autosave', [ |
| 57 | + 'userid' => 'privacy:metadata:database:atto_autosave:userid', |
| 58 | + 'drafttext' => 'privacy:metadata:database:atto_autosave:drafttext', |
| 59 | + 'timemodified' => 'privacy:metadata:database:atto_autosave:timemodified', |
| 60 | + ], 'privacy:metadata:database:atto_autosave'); |
| 61 | + |
| 62 | + return $collection; |
| 63 | + } |
| 64 | + |
| 65 | + /** |
| 66 | + * Get the list of contexts that contain user information for the specified user. |
| 67 | + * |
| 68 | + * @param int $userid The user to search. |
| 69 | + * @return contextlist $contextlist The contextlist containing the list of contexts used in this plugin. |
| 70 | + */ |
| 71 | + public static function get_contexts_for_userid(int $userid) : \core_privacy\local\request\contextlist { |
| 72 | + // This block doesn't know who information is stored against unless it |
| 73 | + // is at the user context. |
| 74 | + $contextlist = new \core_privacy\local\request\contextlist(); |
| 75 | + $contextuser = \context_user::instance($userid); |
| 76 | + |
| 77 | + $sql = "SELECT contextid FROM {editor_atto_autosave} WHERE userid = :userid OR contextid = :contextid"; |
| 78 | + $params = [ |
| 79 | + 'userid' => $userid, |
| 80 | + 'contextid' => $contextuser->id, |
| 81 | + ]; |
| 82 | + |
| 83 | + $contextlist->add_from_sql($sql, $params); |
| 84 | + |
| 85 | + return $contextlist; |
| 86 | + } |
| 87 | + |
| 88 | + /** |
| 89 | + * Export all user data for the specified user, in the specified contexts. |
| 90 | + * |
| 91 | + * @param approved_contextlist $contextlist The approved contexts to export information for. |
| 92 | + */ |
| 93 | + public static function export_user_data(approved_contextlist $contextlist) { |
| 94 | + global $DB; |
| 95 | + |
| 96 | + $user = $contextlist->get_user(); |
| 97 | + |
| 98 | + list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED); |
| 99 | + $contextparams['userid'] = $contextlist->get_user()->id; |
| 100 | + |
| 101 | + $sql = "SELECT * |
| 102 | + FROM {editor_atto_autosave} |
| 103 | + WHERE |
| 104 | + (userid = :userid AND contextid {$contextsql}) |
| 105 | + OR |
| 106 | + (contextid = :usercontext)"; |
| 107 | + |
| 108 | + $usercontext = \context_user::instance($user->id); |
| 109 | + $contextparams['usercontext'] = $usercontext->id; |
| 110 | + $autosaves = $DB->get_recordset_sql($sql, $contextparams); |
| 111 | + |
| 112 | + foreach ($autosaves as $autosave) { |
| 113 | + $context = \context::instance_by_id($autosave->contextid); |
| 114 | + $subcontext = [ |
| 115 | + get_string('autosaves', 'editor_atto'), |
| 116 | + $autosave->id, |
| 117 | + ]; |
| 118 | + |
| 119 | + $html = writer::with_context($context) |
| 120 | + ->rewrite_pluginfile_urls($subcontext, 'user', 'draft', $autosave->draftid, $autosave->drafttext); |
| 121 | + |
| 122 | + $data = (object) [ |
| 123 | + 'drafttext' => format_text($html, FORMAT_HTML, static::get_filter_options()), |
| 124 | + 'timemodified' => \core_privacy\local\request\transform::datetime($autosave->timemodified), |
| 125 | + ]; |
| 126 | + |
| 127 | + if ($autosave->userid != $user->id) { |
| 128 | + $data->author = \core_privacy\local\request\transform::user($autosave->userid); |
| 129 | + } |
| 130 | + |
| 131 | + writer::with_context($context) |
| 132 | + ->export_data($subcontext, $data) |
| 133 | + ->export_area_files($subcontext, 'user', 'draft', $autosave->draftid); |
| 134 | + } |
| 135 | + $autosaves->close(); |
| 136 | + } |
| 137 | + |
| 138 | + /** |
| 139 | + * Delete all data for all users in the specified context. |
| 140 | + * |
| 141 | + * @param context $context The specific context to delete data for. |
| 142 | + */ |
| 143 | + public static function delete_data_for_all_users_in_context(\context $context) { |
| 144 | + global $DB; |
| 145 | + |
| 146 | + $DB->delete_records('editor_atto_autosave', [ |
| 147 | + 'contextid' => $context->id, |
| 148 | + ]); |
| 149 | + } |
| 150 | + |
| 151 | + /** |
| 152 | + * Delete all user data for the specified user, in the specified contexts. |
| 153 | + * |
| 154 | + * @param approved_contextlist $contextlist The approved contexts and user information to delete information for. |
| 155 | + */ |
| 156 | + public static function delete_data_for_user(approved_contextlist $contextlist) { |
| 157 | + global $DB; |
| 158 | + |
| 159 | + $user = $contextlist->get_user(); |
| 160 | + |
| 161 | + list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED); |
| 162 | + $contextparams['userid'] = $user->id; |
| 163 | + |
| 164 | + $sql = "SELECT * FROM {editor_atto_autosave} WHERE contextid {$contextsql}"; |
| 165 | + $autosaves = $DB->delete_records_select('editor_atto_autosave', "userid = :userid AND contextid {$contextsql}", |
| 166 | + $contextparams); |
| 167 | + } |
| 168 | + |
| 169 | + /** |
| 170 | + * Get the filter options. |
| 171 | + * |
| 172 | + * This is shared to allow unit testing too. |
| 173 | + * |
| 174 | + * @return \stdClass |
| 175 | + */ |
| 176 | + public static function get_filter_options() { |
| 177 | + return (object) [ |
| 178 | + 'overflowdiv' => true, |
| 179 | + 'noclean' => true, |
| 180 | + ]; |
| 181 | + } |
| 182 | +} |
0 commit comments