From 4fc10f50faa8730b1541ffedcaddb022c1bddb55 Mon Sep 17 00:00:00 2001 From: Mihail Geshoski Date: Fri, 12 Oct 2018 11:11:36 +0800 Subject: [PATCH] MDL-63635 block_community: Add support for removal of context users This issue is part of the MDL-62560 Epic. --- blocks/community/classes/privacy/provider.php | 59 +++++++- blocks/community/tests/privacy_test.php | 134 ++++++++++++++++++ 2 files changed, 187 insertions(+), 6 deletions(-) diff --git a/blocks/community/classes/privacy/provider.php b/blocks/community/classes/privacy/provider.php index 569906641e5..9ed8f320844 100644 --- a/blocks/community/classes/privacy/provider.php +++ b/blocks/community/classes/privacy/provider.php @@ -26,11 +26,13 @@ namespace block_community\privacy; defined('MOODLE_INTERNAL') || die(); -use \core_privacy\local\request\approved_contextlist; -use \core_privacy\local\request\contextlist; -use \core_privacy\local\request\writer; -use \core_privacy\local\request\deletion_criteria; -use \core_privacy\local\metadata\collection; +use core_privacy\local\request\approved_contextlist; +use core_privacy\local\request\contextlist; +use core_privacy\local\request\writer; +use core_privacy\local\request\deletion_criteria; +use core_privacy\local\metadata\collection; +use core_privacy\local\request\userlist; +use core_privacy\local\request\approved_userlist; /** * Privacy Subsystem implementation for block_community. @@ -38,7 +40,10 @@ use \core_privacy\local\metadata\collection; * @copyright 2018 Zig Tan * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\plugin\provider { +class provider implements + \core_privacy\local\metadata\provider, + \core_privacy\local\request\core_userlist_provider, + \core_privacy\local\request\plugin\provider { /** * Returns information about how block_community stores its data. @@ -88,6 +93,33 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l return $contextlist; } + /** + * Get the list of users within a specific context. + * + * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination. + */ + public static function get_users_in_context(userlist $userlist) { + $context = $userlist->get_context(); + + if (!$context instanceof \context_user) { + return; + } + + $params = [ + 'contextid' => $context->id, + 'contextuser' => CONTEXT_USER, + ]; + + $sql = "SELECT bc.userid as userid + FROM {block_community} bc + JOIN {context} ctx + ON ctx.instanceid = bc.userid + AND ctx.contextlevel = :contextuser + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + } + /** * Export all user data for the specified user using the User context level. * @@ -154,6 +186,21 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l $DB->delete_records('block_community', ['userid' => $userid]); } + /** + * Delete multiple users within a single context. + * + * @param approved_userlist $userlist The approved context and user information to delete information for. + */ + public static function delete_data_for_users(approved_userlist $userlist) { + global $DB; + + $context = $userlist->get_context(); + + if ($context instanceof \context_user) { + $DB->delete_records('block_community', ['userid' => $context->instanceid]); + } + } + /** * Delete all user data for the specified user. * diff --git a/blocks/community/tests/privacy_test.php b/blocks/community/tests/privacy_test.php index 48f672f8946..fce8b29b287 100644 --- a/blocks/community/tests/privacy_test.php +++ b/blocks/community/tests/privacy_test.php @@ -29,6 +29,7 @@ use \core_privacy\local\metadata\collection; use \core_privacy\local\request\writer; use \core_privacy\local\request\approved_contextlist; use \block_community\privacy\provider; +use \core_privacy\local\request\approved_userlist; /** * Unit tests for the block_community implementation of the privacy API. @@ -264,4 +265,137 @@ class block_community_privacy_testcase extends \core_privacy\tests\provider_test $this->assertCount(1, $communities); } + /** + * Test that only users within a course context are fetched. + */ + public function test_get_users_in_context() { + global $DB; + + $component = 'block_community'; + + // Create a user. + $teacher = $this->getDataGenerator()->create_user(); + $teacherctx = \context_user::instance($teacher->id); + + $userlist = new \core_privacy\local\request\userlist($teacherctx, $component); + provider::get_users_in_context($userlist); + $this->assertCount(0, $userlist); + + $this->setUser($teacher); + // Add two community links for the user. + $community = (object)[ + 'userid' => $teacher->id, + 'coursename' => 'Dummy Community Course Name - 1', + 'coursedescription' => 'Dummy Community Course Description - 1', + 'courseurl' => 'https://moodle.org/community_courses/Dummy_Community_Course-1', + 'imageurl' => '' + ]; + $DB->insert_record('block_community', $community); + + $community = (object)[ + 'userid' => $teacher->id, + 'coursename' => 'Dummy Community Course Name - 2', + 'coursedescription' => 'Dummy Community Course Description - 2', + 'courseurl' => 'https://moodle.org/community_courses/Dummy_Community_Course-2', + 'imageurl' => '' + ]; + $DB->insert_record('block_community', $community); + + // The list of users within the user context should contain user. + provider::get_users_in_context($userlist); + $this->assertCount(1, $userlist); + $expected = [$teacher->id]; + $actual = $userlist->get_userids(); + $this->assertEquals($expected, $actual); + + // The list of users within the system context should be empty. + $systemctx = \context_system::instance(); + $userlist2 = new \core_privacy\local\request\userlist($systemctx, $component); + provider::get_users_in_context($userlist2); + $this->assertCount(0, $userlist2); + } + + /** + * Test that data for users in approved userlist is deleted. + */ + public function test_delete_data_for_users() { + global $DB; + + $component = 'block_community'; + + // Create user1. + $user1 = $this->getDataGenerator()->create_user(); + $userctx1 = \context_user::instance($user1->id); + // Create user2. + $user2 = $this->getDataGenerator()->create_user(); + $userctx2 = \context_user::instance($user2->id); + + $this->setUser($user1); + // Add a community link for user1. + $community = (object)[ + 'userid' => $user1->id, + 'coursename' => 'Dummy Community Course Name - 1', + 'coursedescription' => 'Dummy Community Course Description - 1', + 'courseurl' => 'https://moodle.org/community_courses/Dummy_Community_Course-1', + 'imageurl' => '' + ]; + $DB->insert_record('block_community', $community); + + // Add a community link for user1. + $community = (object)[ + 'userid' => $user1->id, + 'coursename' => 'Dummy Community Course Name - 2', + 'coursedescription' => 'Dummy Community Course Description - 2', + 'courseurl' => 'https://moodle.org/community_courses/Dummy_Community_Course-2', + 'imageurl' => '' + ]; + $DB->insert_record('block_community', $community); + + $this->setUser($user2); + // Add a community link for user2. + $community = (object)[ + 'userid' => $user2->id, + 'coursename' => 'Dummy Community Course Name - 3', + 'coursedescription' => 'Dummy Community Course Description - 3', + 'courseurl' => 'https://moodle.org/community_courses/Dummy_Community_Course-3', + 'imageurl' => '' + ]; + $DB->insert_record('block_community', $community); + + $userlist1 = new \core_privacy\local\request\userlist($userctx1, $component); + provider::get_users_in_context($userlist1); + $this->assertCount(1, $userlist1); + + $userlist2 = new \core_privacy\local\request\userlist($userctx2, $component); + provider::get_users_in_context($userlist2); + $this->assertCount(1, $userlist2); + + // Convert $userlist1 into an approved_contextlist. + $approvedlist1 = new approved_userlist($userctx1, $component, $userlist1->get_userids()); + // Delete using delete_data_for_user. + provider::delete_data_for_users($approvedlist1); + + // Re-fetch users in userctx1. + $userlist1 = new \core_privacy\local\request\userlist($userctx1, $component); + provider::get_users_in_context($userlist1); + // The user data in userctx1 should be deleted. + $this->assertCount(0, $userlist1); + + // Re-fetch users in userctx2. + $userlist2 = new \core_privacy\local\request\userlist($userctx2, $component); + provider::get_users_in_context($userlist2); + // The user data in userctx2 should be still present. + $this->assertCount(1, $userlist2); + + // Convert $userlist2 into an approved_contextlist in the system context. + $systemcontext = \context_system::instance(); + $approvedlist2 = new approved_userlist($systemcontext, $component, $userlist2->get_userids()); + // Delete using delete_data_for_user. + provider::delete_data_for_users($approvedlist2); + // Re-fetch users in userctx2. + $userlist2 = new \core_privacy\local\request\userlist($userctx2, $component); + provider::get_users_in_context($userlist2); + // The user data in systemcontext should not be deleted. + $this->assertCount(1, $userlist2); + } }