mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-13 12:32:08 +02:00
Code Issues Projects Releases Wiki Activity

MDL-62368 enrol_lti: implement privacy provider

Browse Source
This commit is contained in:
Mark Nelson 2018-05-10 11:56:57 +08:00
parent 02c7769422
commit 3e642074ee
3 changed files with 408 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

201
enrol/lti/classes/privacy/provider.php Normal file
View File

@ -0,0 +1,201 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy Subsystem implementation for enrol_lti.
*
* @package enrol_lti
* @copyright 2018 Mark Nelson <markn@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace enrol_lti\privacy;
use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\transform;
use core_privacy\local\request\writer;
defined('MOODLE_INTERNAL') || die();
/**
* Privacy Subsystem for enrol_lti.
*
* @copyright 2018 Mark Nelson <markn@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class provider implements
\core_privacy\local\metadata\provider,
\core_privacy\local\request\plugin\provider {
/**
* Return the fields which contain personal data.
*
* @param collection $items a reference to the collection to use to store the metadata.
* @return collection the updated collection of metadata items.
*/
public static function get_metadata(collection $items) : collection {
$items->add_database_table(
'enrol_lti_users',
[
'userid' => 'privacy:metadata:enrol_lti_users:userid',
'lastgrade' => 'privacy:metadata:enrol_lti_users:lastgrade',
'lastaccess' => 'privacy:metadata:enrol_lti_users:lastaccess',
'timecreated' => 'privacy:metadata:enrol_lti_users:timecreated'
],
'privacy:metadata:enrol_lti_users'
);
return $items;
}
/**
* Get the list of contexts that contain user information for the specified user.
*
* @param int $userid The user to search.
* @return contextlist The contextlist containing the list of contexts used in this plugin.
*/
public static function get_contexts_for_userid(int $userid) : contextlist {
$contextlist = new contextlist();
$sql = "SELECT DISTINCT ctx.id
FROM {enrol_lti_users} ltiusers
JOIN {enrol_lti_tools} ltitools
ON ltiusers.toolid = ltitools.id
JOIN {context} ctx
ON ctx.id = ltitools.contextid
WHERE ltiusers.userid = :userid";
$params = ['userid' => $userid];
$contextlist->add_from_sql($sql, $params);
return $contextlist;
}
/**
* Export all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts to export information for.
*/
public static function export_user_data(approved_contextlist $contextlist) {
global $DB;
if (empty($contextlist->count())) {
return;
}
$user = $contextlist->get_user();
list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
$sql = "SELECT ltiusers.lastgrade, ltiusers.lastaccess, ltiusers.timecreated, ltitools.contextid
FROM {enrol_lti_users} ltiusers
JOIN {enrol_lti_tools} ltitools
ON ltiusers.toolid = ltitools.id
JOIN {context} ctx
ON ctx.id = ltitools.contextid
WHERE ctx.id {$contextsql}
AND ltiusers.userid = :userid";
$params = $contextparams + ['userid' => $user->id];
$ltiusers = $DB->get_recordset_sql($sql, $params);
self::recordset_loop_and_export($ltiusers, 'contextid', [], function($carry, $record) {
$carry[] = [
'lastgrade' => $record->lastgrade,
'timecreated' => transform::datetime($record->lastaccess),
'timemodified' => transform::datetime($record->timecreated)
];
return $carry;
}, function($contextid, $data) {
$context = \context::instance_by_id($contextid);
$finaldata = (object) $data;
writer::with_context($context)->export_data(['enrol_lti_users'], $finaldata);
});
}
/**
* Delete all user data which matches the specified context.
*
* @param \context $context A user context.
*/
public static function delete_data_for_all_users_in_context(\context $context) {
global $DB;
if (!($context instanceof \context_course || $context instanceof \context_module)) {
return;
}
$enrolltitools = $DB->get_fieldset_select('enrol_lti_tools', 'id', 'contextid = :contextid',
['contextid' => $context->id]);
if (!empty($enrolltitools)) {
list($sql, $params) = $DB->get_in_or_equal($enrolltitools, SQL_PARAMS_NAMED);
$DB->delete_records_select('enrol_lti_users', 'toolid ' . $sql, $params);
}
}
/**
* Delete all user data for the specified user, in the specified contexts.
*
* @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
*/
public static function delete_data_for_user(approved_contextlist $contextlist) {
global $DB;
$userid = $contextlist->get_user()->id;
foreach ($contextlist->get_contexts() as $context) {
if (!($context instanceof \context_course || $context instanceof \context_module)) {
return;
}
$enrolltitools = $DB->get_fieldset_select('enrol_lti_tools', 'id', 'contextid = :contextid',
['contextid' => $context->id]);
if (!empty($enrolltitools)) {
list($sql, $params) = $DB->get_in_or_equal($enrolltitools, SQL_PARAMS_NAMED);
$params = array_merge($params, ['userid' => $userid]);
$DB->delete_records_select('enrol_lti_users', "toolid $sql AND userid = :userid", $params);
}
}
}
/**
* Loop and export from a recordset.
*
* @param \moodle_recordset $recordset The recordset.
* @param string $splitkey The record key to determine when to export.
* @param mixed $initial The initial data to reduce from.
* @param callable $reducer The function to return the dataset, receives current dataset, and the current record.
* @param callable $export The function to export the dataset, receives the last value from $splitkey and the dataset.
* @return void
*/
protected static function recordset_loop_and_export(\moodle_recordset $recordset, $splitkey, $initial,
callable $reducer, callable $export) {
$data = $initial;
$lastid = null;
foreach ($recordset as $record) {
if ($lastid && $record->{$splitkey} != $lastid) {
$export($lastid, $data);
$data = $initial;
}
$data = $reducer($data, $record);
$lastid = $record->{$splitkey};
}
$recordset->close();
if (!empty($lastid)) {
$export($lastid, $data);
}
}
}

5
enrol/lti/lang/en/enrol_lti.php
View File

@ -62,6 +62,11 @@ $string['lti:unenrol'] = 'Unenrol users from the course';
$string['opentool'] = 'Open tool';
$string['pluginname'] = 'Publish as LTI tool';
$string['pluginname_desc'] = 'The \'Publish as LTI tool\' plugin, together with the LTI authentication plugin, allows remote users to access selected courses and activities. In other words, Moodle functions as an LTI tool provider.';
$string['privacy:metadata:enrol_lti_users'] = 'The list of users enrolled via an LTI provider';
$string['privacy:metadata:enrol_lti_users:userid'] = 'The ID of the user';
$string['privacy:metadata:enrol_lti_users:lastgrade'] = 'The last grade the user was recorded of having';
$string['privacy:metadata:enrol_lti_users:lastaccess'] = 'The date at which the user was enrolled';
$string['privacy:metadata:enrol_lti_users:timecreated'] = 'The date at which the user was enrolled';
$string['registration'] = 'Published tool registration';
$string['registrationurl'] = 'Registration URL';
$string['registrationurl_help'] = 'If a registration URL (also called proxy URL) is used, then the tool is automatically configured.';

202
enrol/lti/tests/privacy_provider_test.php Normal file
View File

@ -0,0 +1,202 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Privacy provider tests.
*
* @package enrol_lti
* @copyright 2018 Mark Nelson <markn@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
use enrol_lti\privacy\provider;
defined('MOODLE_INTERNAL') || die();
/**
* Privacy provider tests class.
*
* @package enrol_lti
* @copyright 2018 Mark Nelson <markn@moodle.com>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class enrol_lti_privacy_provider_testcase extends \core_privacy\tests\provider_testcase {
/**
* @var stdClass The user
*/
protected $user = null;
/**
* @var stdClass The course
*/
protected $course = null;
/**
* @var stdClass The activity
*/
protected $activity = null;
/**
* Basic setup for these tests.
*/
public function setUp() {
$this->resetAfterTest();
$this->course = $this->getDataGenerator()->create_course();
$this->user = $this->getDataGenerator()->create_user();
$this->activity = $this->getDataGenerator()->create_module('forum', ['course' => $this->course->id]);
// Get the course and activity contexts.
$coursecontext = \context_course::instance($this->course->id);
$cmcontext = \context_module::instance($this->activity->cmid);
// Create LTI tools in different contexts.
$this->create_lti_users($coursecontext, $this->user->id);
$this->create_lti_users($coursecontext, $this->user->id);
$this->create_lti_users($cmcontext, $this->user->id);
// Create another LTI user.
$user = $this->getDataGenerator()->create_user();
$this->create_lti_users($coursecontext, $user->id);
}
/**
* Test getting the context for the user ID related to this plugin.
*/
public function test_get_contexts_for_userid() {
$contextlist = provider::get_contexts_for_userid($this->user->id);
$this->assertCount(2, $contextlist);
$contextforcourse = $contextlist->current();
$context = context_course::instance($this->course->id);
$this->assertEquals($context->id, $contextforcourse->id);
$contextlist->next();
$contextforactivity = $contextlist->current();
$context = context_module::instance($this->activity->cmid);
$this->assertEquals($context->id, $contextforactivity->id);
}
/**
* Test for provider::export_user_data().
*/
public function test_export_for_context() {
$coursecontext = context_course::instance($this->course->id);
$cmcontext = \context_module::instance($this->activity->cmid);
// Export all of the data for the course context.
$this->export_context_data_for_user($this->user->id, $coursecontext, 'enrol_lti');
$writer = \core_privacy\local\request\writer::with_context($coursecontext);
$this->assertTrue($writer->has_any_data());
$data = (array) $writer->get_data(['enrol_lti_users']);
$this->assertCount(2, $data);
foreach ($data as $ltiuser) {
$this->assertArrayHasKey('lastgrade', $ltiuser);
$this->assertArrayHasKey('timecreated', $ltiuser);
$this->assertArrayHasKey('timemodified', $ltiuser);
}
// Export all of the data for the activity context.
$this->export_context_data_for_user($this->user->id, $cmcontext, 'enrol_lti');
$writer = \core_privacy\local\request\writer::with_context($cmcontext);
$this->assertTrue($writer->has_any_data());
$data = (array) $writer->get_data(['enrol_lti_users']);
$this->assertCount(1, $data);
foreach ($data as $ltiuser) {
$this->assertArrayHasKey('lastgrade', $ltiuser);
$this->assertArrayHasKey('timecreated', $ltiuser);
$this->assertArrayHasKey('timemodified', $ltiuser);
}
}
/**
* Test for provider::delete_data_for_all_users_in_context().
*/
public function test_delete_data_for_all_users_in_context() {
global $DB;
$count = $DB->count_records('enrol_lti_users');
$this->assertEquals(4, $count);
// Delete data based on context.
$coursecontext = context_course::instance($this->course->id);
provider::delete_data_for_all_users_in_context($coursecontext);
$ltiusers = $DB->get_records('enrol_lti_users');
$this->assertCount(1, $ltiusers);
$ltiuser = reset($ltiusers);
$this->assertEquals($ltiuser->userid, $this->user->id);
}
/**
* Test for provider::delete_data_for_user().
*/
public function test_delete_data_for_user() {
global $DB;
$cmcontext = context_module::instance($this->activity->cmid);
$coursecontext = context_course::instance($this->course->id);
$count = $DB->count_records('enrol_lti_users');
$this->assertEquals(4, $count);
$contextlist = new \core_privacy\local\request\approved_contextlist($this->user, 'core_backup',
[$coursecontext->id, $cmcontext->id]);
provider::delete_data_for_user($contextlist);
$ltiusers = $DB->get_records('enrol_lti_users');
$this->assertCount(1, $ltiusers);
$ltiuser = reset($ltiusers);
$this->assertNotEquals($ltiuser->userid, $this->user->id);
}
/**
* Creates a LTI user given the provided context
*
* @param context $context
* @param int $userid
*/
private function create_lti_users(\context $context, int $userid) {
global $DB;
// Create a tool.
$ltitool = (object) [
'enrolid' => 5,
'contextid' => $context->id,
'roleinstructor' => 5,
'rolelearner' => 5,
'timecreated' => time(),
'timemodified' => time() + DAYSECS
];
$toolid = $DB->insert_record('enrol_lti_tools', $ltitool);
// Create a user.
$ltiuser = (object) [
'userid' => $userid,
'toolid' => $toolid,
'lastgrade' => 50,
'lastaccess' => time() + DAYSECS,
'timecreated' => time()
];
$DB->insert_record('enrol_lti_users', $ltiuser);
}
}