diff --git a/enrol/classes/privacy/provider.php b/enrol/classes/privacy/provider.php index e4f33ed35bc..dd34b53968b 100644 --- a/enrol/classes/privacy/provider.php +++ b/enrol/classes/privacy/provider.php @@ -20,7 +20,9 @@ * @copyright 2018 Carlos Escobedo * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ + namespace core_enrol\privacy; + defined('MOODLE_INTERNAL') || die(); use core_privacy\local\metadata\collection; @@ -29,6 +31,8 @@ use core_privacy\local\request\context; use core_privacy\local\request\contextlist; use core_privacy\local\request\transform; use core_privacy\local\request\writer; +use core_privacy\local\request\userlist; +use \core_privacy\local\request\approved_userlist; /** * Privacy Subsystem for core_enrol implementing metadata and plugin providers. @@ -38,6 +42,7 @@ use core_privacy\local\request\writer; */ class provider implements \core_privacy\local\metadata\provider, + \core_privacy\local\request\core_userlist_provider, \core_privacy\local\request\subsystem\provider { /** * Returns meta data about this system. @@ -87,6 +92,36 @@ class provider implements return $contextlist; } + + /** + * Get the list of users within a specific context. + * + * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination. + */ + public static function get_users_in_context(userlist $userlist) { + $context = $userlist->get_context(); + + if (!$context instanceof \context_course) { + return; + } + + $params = [ + 'contextid' => $context->id, + 'contextcourse' => CONTEXT_COURSE, + ]; + + $sql = "SELECT ue.userid as userid + FROM {user_enrolments} ue + JOIN {enrol} e + ON e.id = ue.enrolid + JOIN {context} ctx + ON ctx.instanceid = e.courseid + AND ctx.contextlevel = :contextcourse + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + } + /** * Export all user data for the specified user, in the specified contexts. * @@ -181,6 +216,39 @@ class provider implements } } } + + /** + * Delete multiple users within a single context. + * + * @param approved_userlist $userlist The approved context and user information to delete information for. + */ + public static function delete_data_for_users(approved_userlist $userlist) { + global $DB; + + $context = $userlist->get_context(); + + if ($context instanceof \context_course) { + list($usersql, $userparams) = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED); + + $sql = "SELECT ue.id + FROM {user_enrolments} ue + JOIN {enrol} e + ON e.id = ue.enrolid + JOIN {context} ctx + ON ctx.instanceid = e.courseid + WHERE ctx.id = :contextid + AND ue.userid {$usersql}"; + + $params = ['contextid' => $context->id] + $userparams; + $enrolsids = $DB->get_fieldset_sql($sql, $params); + + if (!empty($enrolsids)) { + list($insql, $inparams) = $DB->get_in_or_equal($enrolsids, SQL_PARAMS_NAMED); + static::delete_user_data($insql, $inparams); + } + } + } + /** * Delete all user data for the specified user, in the specified contexts. * diff --git a/enrol/tests/privacy_test.php b/enrol/tests/privacy_test.php index 8d98fe2b920..23cc543bdda 100644 --- a/enrol/tests/privacy_test.php +++ b/enrol/tests/privacy_test.php @@ -21,12 +21,16 @@ * @copyright 2018 Carlos Escobedo * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ + defined('MOODLE_INTERNAL') || die(); + use core_enrol\privacy\provider; use core_privacy\local\request\approved_contextlist; use core_privacy\local\request\writer; use core_privacy\tests\provider_testcase; use \core_privacy\local\request\transform; +use \core_privacy\local\request\approved_userlist; + /** * Privacy test for the core_enrol. * @@ -172,4 +176,96 @@ class core_enrol_privacy_testcase extends provider_testcase { $userenrolments = $DB->get_records('user_enrolments', array()); $this->assertCount(3, $userenrolments); } + + /** + * Test that only users within a course context are fetched. + */ + public function test_get_users_in_context() { + $this->resetAfterTest(); + + $component = 'core_enrol'; + + $user = $this->getDataGenerator()->create_user(); + $usercontext = context_user::instance($user->id); + $course = $this->getDataGenerator()->create_course(); + $coursecontext = context_course::instance($course->id); + + $userlist1 = new \core_privacy\local\request\userlist($coursecontext, $component); + provider::get_users_in_context($userlist1); + $this->assertCount(0, $userlist1); + + // Enrol user into course. + $this->getDataGenerator()->enrol_user($user->id, $course->id, null, 'manual'); + + // The list of users within the course context should contain user. + provider::get_users_in_context($userlist1); + $this->assertCount(1, $userlist1); + $expected = [$user->id]; + $actual = $userlist1->get_userids(); + $this->assertEquals($expected, $actual); + + // The list of users within the user context should be empty. + $userlist2 = new \core_privacy\local\request\userlist($usercontext, $component); + provider::get_users_in_context($userlist2); + $this->assertCount(0, $userlist2); + } + + /** + * Test that data for users in approved userlist is deleted. + */ + public function test_delete_data_for_users() { + $this->resetAfterTest(); + + $component = 'core_enrol'; + + $user1 = $this->getDataGenerator()->create_user(); + $user2 = $this->getDataGenerator()->create_user(); + $user3 = $this->getDataGenerator()->create_user(); + $course1 = $this->getDataGenerator()->create_course(); + $course2 = $this->getDataGenerator()->create_course(); + $coursecontext1 = context_course::instance($course1->id); + $coursecontext2 = context_course::instance($course2->id); + $systemcontext = context_system::instance(); + + // Enrol user1 into course1. + $this->getDataGenerator()->enrol_user($user1->id, $course1->id, null, 'manual'); + // Enrol user2 into course1. + $this->getDataGenerator()->enrol_user($user2->id, $course1->id, null, 'manual'); + // Enrol user3 into course2. + $this->getDataGenerator()->enrol_user($user3->id, $course2->id, null, 'manual'); + + $userlist1 = new \core_privacy\local\request\userlist($coursecontext1, $component); + provider::get_users_in_context($userlist1); + $this->assertCount(2, $userlist1); + + $userlist2 = new \core_privacy\local\request\userlist($coursecontext2, $component); + provider::get_users_in_context($userlist2); + $this->assertCount(1, $userlist2); + + // Convert $userlist1 into an approved_contextlist. + $approvedlist1 = new approved_userlist($coursecontext1, $component, $userlist1->get_userids()); + // Delete using delete_data_for_user. + provider::delete_data_for_users($approvedlist1); + // Re-fetch users in coursecontext1. + $userlist1 = new \core_privacy\local\request\userlist($coursecontext1, $component); + provider::get_users_in_context($userlist1); + // The user data in coursecontext1 should be deleted. + $this->assertCount(0, $userlist1); + + // Re-fetch users in coursecontext2. + $userlist2 = new \core_privacy\local\request\userlist($coursecontext2, $component); + provider::get_users_in_context($userlist2); + // The user data in coursecontext2 should be still present. + $this->assertCount(1, $userlist2); + + // Convert $userlist2 into an approved_contextlist in the system context. + $approvedlist2 = new approved_userlist($systemcontext, $component, $userlist2->get_userids()); + // Delete using delete_data_for_user. + provider::delete_data_for_users($approvedlist2); + // Re-fetch users in coursecontext1. + $userlist2 = new \core_privacy\local\request\userlist($coursecontext2, $component); + provider::get_users_in_context($userlist2); + // The user data in systemcontext should not be deleted. + $this->assertCount(1, $userlist2); + } } \ No newline at end of file