MDL-63538 repository_onedrive: Add support for removal of context users

This issue is a part of the MDL-62560 Epic.
2025-04-22 00:42:54 +02:00 · 2018-10-05 13:13:49 +08:00 · 2018-10-05 13:13:49 +08:00 · 6bd65daa5c
commit 6bd65daa5c
parent 589d2bd4cb
2 changed files with 196 additions and 1 deletions
--- a/repository/onedrive/classes/privacy/provider.php
+++ b/repository/onedrive/classes/privacy/provider.php
@ -26,9 +26,11 @@ namespace repository_onedrive\privacy;

 use core_privacy\local\metadata\collection;
 use core_privacy\local\request\approved_contextlist;
+use core_privacy\local\request\approved_userlist;
 use core_privacy\local\request\context;
 use core_privacy\local\request\contextlist;
 use core_privacy\local\request\transform;
+use core_privacy\local\request\userlist;
 use \core_privacy\local\request\writer;

 defined('MOODLE_INTERNAL') || die();
@ -39,7 +41,10 @@ defined('MOODLE_INTERNAL') || die();
 * @copyright  2018 Zig Tan <zig@moodle.com>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
-class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\plugin\provider {
+class provider implements
+        \core_privacy\local\metadata\provider,
+        \core_privacy\local\request\core_userlist_provider,
+        \core_privacy\local\request\plugin\provider {

    /**
     * Returns meta data about this system.
@ -98,6 +103,32 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l
        return $contextlist;
    }

+    /**
+     * Get the list of users who have data within a context.
+     *
+     * @param   userlist    $userlist   The userlist containing the list of users who have data in this context/plugin combination.
+     */
+    public static function get_users_in_context(userlist $userlist) {
+        $context = $userlist->get_context();
+
+        if (!is_a($context, \context_user::class)) {
+            return;
+        }
+
+        // The data is associated at the user context level, so retrieve the user's context id.
+        $sql = "SELECT roa.usermodified AS userid
+                  FROM {repository_onedrive_access} roa
+                  JOIN {context} c ON c.instanceid = roa.usermodified AND c.contextlevel = :contextuser
+                 WHERE c.id = :contextid";
+
+        $params = [
+            'contextuser'   => CONTEXT_USER,
+            'contextid'        => $context->id,
+        ];
+
+        $userlist->add_from_sql('userid', $sql, $params);
+    }
+
    /**
     * Export all user data for the specified user, in the specified contexts.
     *
@ -196,4 +227,39 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l
        $DB->delete_records('repository_onedrive_access', ['usermodified' => $userid]);
    }

+    /**
+     * Delete multiple users within a single context.
+     *
+     * @param   approved_userlist       $userlist The approved context and user information to delete information for.
+     */
+    public static function delete_data_for_users(approved_userlist $userlist) {
+        global $DB;
+        $context = $userlist->get_context();
+
+        // Sanity check that context is at the User context level, then get the userid.
+        if ($context->contextlevel !== CONTEXT_USER) {
+            return;
+        }
+
+        $userids = $userlist->get_userids();
+        list($insql, $inparams) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED);
+        $params = [
+            'contextid' => $context->id,
+            'contextuser' => CONTEXT_USER,
+        ];
+        $params = array_merge($params, $inparams);
+
+        // Fetch the repository_onedrive_access IDs in the context for approved users.
+        $sql = "SELECT roa.id
+                  FROM {repository_onedrive_access} roa
+                  JOIN {context} c ON c.instanceid = roa.usermodified
+                   AND c.contextlevel = :contextuser
+                   AND c.id = :contextid
+                 WHERE roa.usermodified {$insql}";
+        $accessids = $DB->get_fieldset_sql($sql, $params);
+
+        // Delete the relevant repository_onedrive_access data.
+        list($insql, $params) = $DB->get_in_or_equal($accessids, SQL_PARAMS_NAMED);
+        $DB->delete_records_select('repository_onedrive_access', "id {$insql}", $params);
+    }
 }
--- a/repository/onedrive/tests/privacy_test.php
+++ b/repository/onedrive/tests/privacy_test.php
@ -25,6 +25,7 @@ defined('MOODLE_INTERNAL') || die();
 use \core_privacy\local\metadata\collection;
 use \core_privacy\local\request\writer;
 use \core_privacy\local\request\approved_contextlist;
+use \core_privacy\local\request\approved_userlist;
 use \repository_onedrive\privacy\provider;
 /**
 * Unit tests for the repository_onedrive implementation of the privacy API.
@ -84,6 +85,75 @@ class repository_onedrive_privacy_testcase extends \core_privacy\tests\provider_
        $this->assertEquals($user->id, $context->instanceid);
    }

+    /**
+     * Test for provider::test_get_users_in_context().
+     */
+    public function test_get_users_in_context() {
+        global $DB;
+        $component = 'repository_onedrive';
+
+        // Test setup.
+        $user1 = $this->getDataGenerator()->create_user();
+        $user2 = $this->getDataGenerator()->create_user();
+        $u1id = $user1->id;
+        $u2id = $user2->id;
+
+        // Add a repository_onedrive_access records for each user.
+        $this->setUser($user1);
+        $access = (object)[
+            'usermodified' => $u1id,
+            'itemid' => 'Some onedrive access item data',
+            'permissionid' => 'Some onedrive access permission data',
+            'timecreated' => date('u'),
+            'timemodified' => date('u'),
+        ];
+        $DB->insert_record('repository_onedrive_access', $access);
+
+        $this->setUser($user2);
+        $access = (object)[
+            'usermodified' => $u2id,
+            'itemid' => 'Another onedrive access item data',
+            'permissionid' => 'Another onedrive access permission data',
+            'timecreated' => date('u'),
+            'timemodified' => date('u'),
+        ];
+        $DB->insert_record('repository_onedrive_access', $access);
+
+        // Fetch the context of each user's access record.
+        $contextlist = provider::get_contexts_for_userid($u1id);
+        $u1contexts = $contextlist->get_contexts();
+        $this->assertCount(1, $u1contexts);
+
+        $contextlist = provider::get_contexts_for_userid($u2id);
+        $u2contexts = $contextlist->get_contexts();
+        $this->assertCount(1, $u2contexts);
+
+        $contexts = [
+            $u1id => $u1contexts[0],
+            $u2id => $u2contexts[0],
+        ];
+
+        // Test context 1 only contains user 1.
+        $userlist = new \core_privacy\local\request\userlist($contexts[$u1id], $component);
+        provider::get_users_in_context($userlist);
+
+        $this->assertCount(1, $userlist);
+        $actual = $userlist->get_userids();
+        $this->assertEquals([$u1id], $actual);
+
+        // Test context 2 only contains user 2.
+        $userlist = new \core_privacy\local\request\userlist($contexts[$u2id], $component);
+        provider::get_users_in_context($userlist);
+
+        $this->assertCount(1, $userlist);
+        $actual = $userlist->get_userids();
+        $this->assertEquals([$u2id], $actual);
+
+        // Test the contexts match the users' contexts.
+        $this->assertEquals($u1id, $contexts[$u1id]->instanceid);
+        $this->assertEquals($u2id, $contexts[$u2id]->instanceid);
+    }
+
    /**
     * Test for provider::export_user_data().
     */
@ -253,4 +323,63 @@ class repository_onedrive_privacy_testcase extends \core_privacy\tests\provider_
        $access = $DB->get_records('repository_onedrive_access', ['usermodified' => $user2->id]);
        $this->assertCount(1, $access);
    }
+
+    /**
+     * Test for provider::delete_data_for_users().
+     */
+    public function test_delete_data_for_users() {
+        global $DB;
+        $component = 'repository_onedrive';
+
+        // Test setup.
+        $user1 = $this->getDataGenerator()->create_user();
+        $user2 = $this->getDataGenerator()->create_user();
+        $this->setUser($user1);
+
+        // Add 3 repository_onedrive_accesss records for User 1.
+        $noaccess = 3;
+        for ($a = 0; $a < $noaccess; $a++) {
+            $access = (object)[
+                'usermodified' => $user1->id,
+                'itemid' => 'Some onedrive access item data for user 1 - ' . $a,
+                'permissionid' => 'Some onedrive access permission data - ' . $a,
+                'timecreated' => date('u'),
+                'timemodified' => date('u'),
+            ];
+            $DB->insert_record('repository_onedrive_access', $access);
+        }
+        // Add 1 repository_onedrive_accesss record for User 2.
+        $access = (object)[
+            'usermodified' => $user2->id,
+            'itemid' => 'Some onedrive access item data for user 2',
+            'permissionid' => 'Some onedrive access permission data',
+            'timecreated' => date('u'),
+            'timemodified' => date('u'),
+        ];
+        $DB->insert_record('repository_onedrive_access', $access);
+
+        // Test the created repository_onedrive records for User 1 equals test number of access specified.
+        $communities = $DB->get_records('repository_onedrive_access', ['usermodified' => $user1->id]);
+        $this->assertCount($noaccess, $communities);
+
+        // Test the created repository_onedrive records for User 2 equals 1.
+        $communities = $DB->get_records('repository_onedrive_access', ['usermodified' => $user2->id]);
+        $this->assertCount(1, $communities);
+
+        // Fetch the context of each user's access record.
+        $contextlist = provider::get_contexts_for_userid($user1->id);
+        $u1contexts = $contextlist->get_contexts();
+
+        // Test the deletion of context 1 results in deletion of user 1's records only.
+        $approveduserids = [$user1->id, $user2->id];
+        $approvedlist = new approved_userlist($u1contexts[0], $component, $approveduserids);
+        provider::delete_data_for_users($approvedlist);
+
+        $access = $DB->get_records('repository_onedrive_access', ['usermodified' => $user1->id]);
+        $this->assertCount(0, $access);
+
+        // Ensure user 2's record still exists.
+        $access = $DB->get_records('repository_onedrive_access', ['usermodified' => $user2->id]);
+        $this->assertCount(1, $access);
+    }
 }