diff --git a/comment/classes/privacy/provider.php b/comment/classes/privacy/provider.php new file mode 100644 index 00000000000..8570cbb8b01 --- /dev/null +++ b/comment/classes/privacy/provider.php @@ -0,0 +1,130 @@ +. + +/** + * Privacy class for requesting user data. + * + * @package core_comment + * @copyright 2018 Adrian Greeve + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +namespace core_comment\privacy; + +defined('MOODLE_INTERNAL') || die(); + +use \core_privacy\local\metadata\collection; +use \core_privacy\local\request\transform; + +/** + * Privacy class for requesting user data. + * + * @package core_comment + * @copyright 2018 Adrian Greeve + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\subsystem\plugin_provider { + + /** + * Returns meta data about this system. + * + * @param collection $collection The initialised collection to add items to. + * @return collection A listing of user data stored through this system. + */ + public static function get_metadata(collection $collection) : collection { + $collection->add_database_table('comments', [ + 'content' => 'privacy:metadata:comment:content', + 'timecreated' => 'privacy:metadata:comment:timecreated', + 'userid' => 'privacy:metadata:comment:userid', + ], 'privacy:metadata:comment'); + + return $collection; + } + + /** + * Writes user data to the writer for the user to download. + * + * @param array $context Contexts to run through and return data. + * @param string $component The component that is calling this function + * @param string $commentarea The comment area related to the component + * @param int $itemid An identifier for a group of comments + * @param array $subcontext The sub-context in which to export this data + * @param bool $onlyforthisuser Only return the comments this user made. + */ + public static function export_comments($context, $component, $commentarea, $itemid, $subcontext, $onlyforthisuser = true) { + + $data = new \stdClass; + $data->context = $context; + $data->area = $commentarea; + $data->itemid = $itemid; + $data->component = $component; + + $commentobject = new \comment($data); + $commentobject->set_view_permission(true); + $comments = $commentobject->get_comments(0); + $subcontext[] = get_string('commentsubcontext', 'core_comment'); + + $comments = array_filter($comments, function($comment) use ($onlyforthisuser) { + global $USER; + + return (!$onlyforthisuser || $comment->userid == $USER->id); + }); + + $comments = array_map(function($comment) { + return (object) [ + 'content' => $comment->content, + 'time' => transform::datetime($comment->timecreated), + 'userid' => transform::user($comment->userid), + ]; + }, $comments); + + if (!empty($comments)) { + \core_privacy\local\request\writer::with_context($context) + ->export_data($subcontext, (object) [ + 'comments' => $comments, + ]); + } + } + + /** + * Deletes all comments for a specified context. + * + * @param \core_privacy\local\request\deletion_criteria $criteria Details about which context to delete comments for. + */ + public static function delete_comments_for_context(\core_privacy\local\request\deletion_criteria $criteria) { + global $DB; + $DB->delete_records('comments', ['contextid' => $criteria->get_context()->id]); + } + + /** + * Deletes all records for a user from a list of approved contexts. + * + * @param \core_privacy\local\request\approved_contextlist $contextlist Contains the user ID and a list of contexts to be + * deleted from. + */ + public static function delete_comments_for_user_in_context(\core_privacy\local\request\approved_contextlist $contextlist) { + global $DB; + + $userid = $contextlist->get_user()->id; + $contextids = implode(',', $contextlist->get_contextids()); + $params = ['userid' => $userid]; + list($insql, $inparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED); + $params += $inparams; + + $select = "userid = :userid and contextid $insql"; + $DB->delete_records_select('comments', $select, $params); + } +} diff --git a/comment/tests/privacy_test.php b/comment/tests/privacy_test.php new file mode 100644 index 00000000000..34776e9b28f --- /dev/null +++ b/comment/tests/privacy_test.php @@ -0,0 +1,192 @@ +. +/** + * Privacy tests for core_comment. + * + * @package core_comment + * @category test + * @copyright 2018 Adrian Greeve + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +defined('MOODLE_INTERNAL') || die(); +global $CFG; + +require_once($CFG->dirroot . '/comment/locallib.php'); +require_once($CFG->dirroot . '/comment/lib.php'); + +use \core_privacy\tests\provider_testcase; + +/** + * Unit tests for comment/classes/privacy/policy + * + * @copyright 2018 Adrian Greeve + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ +class core_comment_privacy_testcase extends provider_testcase { + + /** + * Check the exporting of comments for a user id in a context. + */ + public function test_export_comments() { + $this->resetAfterTest(true); + $course = $this->getDataGenerator()->create_course(); + $context = context_course::instance($course->id); + + $comment = $this->get_comment_object($context, $course); + + $user1 = $this->getDataGenerator()->create_user(); + $user2 = $this->getDataGenerator()->create_user(); + + // Add comments. + $comments = []; + $firstcomment = 'This is the first comment'; + $this->setUser($user1); + $comment->add($firstcomment); + $comments[$user1->id] = $firstcomment; + + $secondcomment = 'From the second user'; + $this->setUser($user2); + $comment->add($secondcomment); + $comments[$user2->id] = $secondcomment; + + // Retrieve comments only for user1. + $this->setUser($user1); + $writer = \core_privacy\local\request\writer::with_context($context); + \core_comment\privacy\provider::export_comments($context, 'block_comments', 'page_comments', 0, []); + + $data = $writer->get_data([get_string('commentsubcontext', 'core_comment')]); + $exportedcomments = $data->comments; + + // There is only one comment made by this user. + $this->assertCount(1, $exportedcomments); + $comment = reset($exportedcomments); + $this->assertEquals($comments[$user1->id], format_string($comment->content, FORMAT_PLAIN)); + + // Retrieve comments from any user. + \core_comment\privacy\provider::export_comments($context, 'block_comments', 'page_comments', 0, [], false); + + $data = $writer->get_data([get_string('commentsubcontext', 'core_comment')]); + $exportedcomments = $data->comments; + + // The whole conversation is two comments. + $this->assertCount(2, $exportedcomments); + foreach ($exportedcomments as $comment) { + $this->assertEquals($comments[$comment->userid], format_string($comment->content, FORMAT_PLAIN)); + } + } + + /** + * Tests the deletion of all comments in a context. + */ + public function test_delete_comments_for_context() { + $this->resetAfterTest(); + + $course1 = $this->getDataGenerator()->create_course(); + $course2 = $this->getDataGenerator()->create_course(); + + $coursecontext1 = context_course::instance($course1->id); + $coursecontext2 = context_course::instance($course2->id); + + $user1 = $this->getDataGenerator()->create_user(); + $user2 = $this->getDataGenerator()->create_user(); + + $comment1 = $this->get_comment_object($coursecontext1, $course1); + $comment2 = $this->get_comment_object($coursecontext2, $course2); + + $this->setUser($user1); + $comment1->add('First comment for user 1 on comment 1'); + $comment2->add('First comment for user 1 on comment 2'); + $this->setUser($user2); + $comment1->add('First comment for user 2 on comment 1'); + $comment2->add('First comment for user 2 on comment 2'); + + // Delete only for the first context. All records in the comments table for this context should be removed. + $deletioncriteria = new \core_privacy\local\request\deletion_criteria($coursecontext1); + \core_comment\privacy\provider::delete_comments_for_context($deletioncriteria); + // No records left here. + $this->assertCount(0, $comment1->get_comments()); + // All of the records are left intact here. + $this->assertCount(2, $comment2->get_comments()); + + } + + /** + * Tests deletion of comments for a specified user and contexts. + */ + public function test_delete_comments_for_user_in_context() { + $this->resetAfterTest(); + + $course1 = $this->getDataGenerator()->create_course(); + $course2 = $this->getDataGenerator()->create_course(); + $course3 = $this->getDataGenerator()->create_course(); + + $coursecontext1 = context_course::instance($course1->id); + $coursecontext2 = context_course::instance($course2->id); + $coursecontext3 = context_course::instance($course3->id); + + $user1 = $this->getDataGenerator()->create_user(); + $user2 = $this->getDataGenerator()->create_user(); + + $comment1 = $this->get_comment_object($coursecontext1, $course1); + $comment2 = $this->get_comment_object($coursecontext2, $course2); + $comment3 = $this->get_comment_object($coursecontext3, $course3); + + $this->setUser($user1); + $comment1->add('First comment for user 1'); + $comment2->add('User 1 comment in second comment'); + + $this->setUser($user2); + $comment2->add('User two replied in comment two'); + $comment3->add('Comment three for user 2.'); + + // Delete the comments for user 1. + $approvedcontextlist = new core_privacy\tests\request\approved_contextlist($user1, 'block_comments', + [$coursecontext1->id, $coursecontext2->id]); + \core_comment\privacy\provider::delete_comments_for_user_in_context($approvedcontextlist); + + // No comments left in comments 1 as only user 1 commented there. + $this->assertCount(0, $comment1->get_comments()); + // Only user 2 comments left in comments 2. + $comment2comments = $comment2->get_comments(); + $this->assertCount(1, $comment2comments); + $this->assertEquals($user2->id, $comment2comments[0]->userid); + // Nothing changed here as user 1 did not leave a comment. + $comment3comments = $comment3->get_comments(); + $this->assertCount(1, $comment3comments); + $this->assertEquals($user2->id, $comment3comments[0]->userid); + } + + /** + * Creates a comment object + * + * @param context $context A context object. + * @param stdClass $course A course object. + * @return comment The comment object. + */ + protected function get_comment_object($context, $course) { + // Comment on course page. + $args = new stdClass; + $args->context = $context; + $args->course = $course; + $args->area = 'page_comments'; + $args->itemid = 0; + $args->component = 'block_comments'; + $comment = new comment($args); + $comment->set_post_permission(true); + return $comment; + } +} diff --git a/lang/en/comment.php b/lang/en/comment.php new file mode 100644 index 00000000000..2d1bdf4b43f --- /dev/null +++ b/lang/en/comment.php @@ -0,0 +1,29 @@ +. + +/** + * Strings for component 'moodle', language 'en', branch 'MOODLE_20_STABLE' + * + * @package core + * @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com} + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +$string['commentsubcontext'] = 'Comments'; +$string['privacy:metadata:comment'] = 'Stores comments of users.'; +$string['privacy:metadata:comment:content'] = 'Stores the text of the comment.'; +$string['privacy:metadata:comment:timecreated'] = 'Time a comment was created.'; +$string['privacy:metadata:comment:userid'] = 'The user who made the comment.';