diff --git a/mod/wiki/classes/privacy/provider.php b/mod/wiki/classes/privacy/provider.php index f2738b46e3c..7a094d1de56 100644 --- a/mod/wiki/classes/privacy/provider.php +++ b/mod/wiki/classes/privacy/provider.php @@ -26,11 +26,13 @@ namespace mod_wiki\privacy; use core_privacy\local\metadata\collection; use core_privacy\local\request\approved_contextlist; +use core_privacy\local\request\approved_userlist; use core_privacy\local\request\contextlist; use context_user; use context; use core_privacy\local\request\helper; use core_privacy\local\request\transform; +use core_privacy\local\request\userlist; use core_privacy\local\request\writer; defined('MOODLE_INTERNAL') || die(); @@ -44,6 +46,7 @@ defined('MOODLE_INTERNAL') || die(); */ class provider implements \core_privacy\local\metadata\provider, + \core_privacy\local\request\core_userlist_provider, \core_privacy\local\request\plugin\provider { /** @@ -119,6 +122,81 @@ class provider implements return $contextlist; } + /** + * Get the list of users who have data within a context. + * + * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination. + */ + public static function get_users_in_context(userlist $userlist) { + $context = $userlist->get_context(); + + if (!is_a($context, \context_module::class)) { + return; + } + + $params = [ + 'modname' => 'wiki', + 'contextlevel' => CONTEXT_MODULE, + 'contextid' => $context->id, + ]; + + $sql = " + SELECT s.userid + FROM {modules} m + JOIN {course_modules} cm ON cm.module = m.id AND m.name = :modname + JOIN {context} ctx ON ctx.instanceid = cm.id AND ctx.contextlevel = :contextlevel + JOIN {wiki_subwikis} s ON cm.instance = s.wikiid + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + + $sql = " + SELECT p.userid + FROM {modules} m + JOIN {course_modules} cm ON cm.module = m.id AND m.name = :modname + JOIN {context} ctx ON ctx.instanceid = cm.id AND ctx.contextlevel = :contextlevel + JOIN {wiki_subwikis} s ON cm.instance = s.wikiid + JOIN {wiki_pages} p ON p.subwikiid = s.id + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + + $sql = " + SELECT v.userid + FROM {modules} m + JOIN {course_modules} cm ON cm.module = m.id AND m.name = :modname + JOIN {context} ctx ON ctx.instanceid = cm.id AND ctx.contextlevel = :contextlevel + JOIN {wiki_subwikis} s ON cm.instance = s.wikiid + JOIN {wiki_pages} p ON p.subwikiid = s.id + JOIN {wiki_versions} v ON v.pageid = p.id + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + + $sql = " + SELECT l.userid + FROM {modules} m + JOIN {course_modules} cm ON cm.module = m.id AND m.name = :modname + JOIN {context} ctx ON ctx.instanceid = cm.id AND ctx.contextlevel = :contextlevel + JOIN {wiki_subwikis} s ON cm.instance = s.wikiid + JOIN {wiki_pages} p ON p.subwikiid = s.id + JOIN {wiki_locks} l ON l.pageid = p.id + WHERE ctx.id = :contextid"; + + $userlist->add_from_sql('userid', $sql, $params); + + $sql = " + SELECT p.id + FROM {modules} m + JOIN {course_modules} cm ON cm.module = m.id AND m.name = :modname + JOIN {context} ctx ON ctx.instanceid = cm.id AND ctx.contextlevel = :contextlevel + JOIN {wiki_subwikis} s ON cm.instance = s.wikiid + JOIN {wiki_pages} p ON p.subwikiid = s.id + WHERE ctx.id = :contextid"; + + \core_comment\privacy\provider::get_users_in_context_from_sql($userlist, 'com', 'mod_wiki', 'wiki_page', $sql, $params); + } + /** * Add one subwiki to the export * @@ -491,4 +569,74 @@ class provider implements // Remove comments made by this user on all other wiki pages. \core_comment\privacy\provider::delete_comments_for_user($contextlist, 'mod_wiki', 'wiki_page'); } + + /** + * Delete multiple users within a single context. + * + * @param approved_userlist $userlist The approved context and user information to delete information for. + */ + public static function delete_data_for_users(approved_userlist $userlist) { + global $DB; + $context = $userlist->get_context(); + $userids = $userlist->get_userids(); + + if ($context->contextlevel != CONTEXT_MODULE) { + return; + } + + // Remove only individual subwikis. Contributions to collaborative wikis is not considered personal contents. + list($insql, $inparams) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED); + $params = [ + 'wiki' => 'wiki', + 'contextmod' => CONTEXT_MODULE, + 'contextid' => $context->id, + ]; + + $params = array_merge($inparams, $params); + $sql = "SELECT s.id + FROM {context} ctx + JOIN {course_modules} cm ON cm.id = ctx.instanceid AND ctx.contextlevel = :contextmod + JOIN {modules} m ON m.name = :wiki AND cm.module = m.id + JOIN {wiki_subwikis} s ON s.wikiid = cm.instance + WHERE ctx.id = :contextid + AND s.userid {$insql}"; + + $subwikis = $DB->get_fieldset_sql($sql, $params); + + if ($subwikis) { + // We found individual subwikis that need to be deleted completely. + + $fs = get_file_storage(); + foreach ($subwikis as $subwikiid) { + $fs->delete_area_files($context->id, 'mod_wiki', 'attachments', $subwikiid); + \core_comment\privacy\provider::delete_comments_for_all_users_select(context::instance_by_id($context->id), + 'mod_wiki', 'wiki_page', "IN (SELECT id FROM {wiki_pages} WHERE subwikiid=:subwikiid)", + ['subwikiid' => $subwikiid]); + } + + list($insql, $inparams) = $DB->get_in_or_equal($subwikis, SQL_PARAMS_NAMED); + $params = ['component' => 'mod_wiki', 'itemtype' => 'page']; + $params = array_merge($inparams, $params); + $sql = "DELETE FROM {tag_instance} + WHERE component=:component + AND itemtype=:itemtype + AND itemid IN + (SELECT id + FROM {wiki_pages} + WHERE subwikiid $insql)"; + + $DB->execute($sql, $params); + + $DB->delete_records_select('wiki_locks', "pageid IN (SELECT id FROM {wiki_pages} WHERE subwikiid {$insql})", $params); + $DB->delete_records_select('wiki_versions', "pageid IN (SELECT id FROM {wiki_pages} WHERE subwikiid {$insql})", + $params); + $DB->delete_records_select('wiki_synonyms', "subwikiid {$insql}", $params); + $DB->delete_records_select('wiki_links', "subwikiid {$insql}", $params); + $DB->delete_records_select('wiki_pages', "subwikiid {$insql}", $params); + $DB->delete_records_select('wiki_subwikis', "id {$insql}", $params); + } + + // Remove comments made by this user on all other wiki pages. + \core_comment\privacy\provider::delete_comments_for_users($userlist, 'mod_wiki', 'wiki_page'); + } } diff --git a/mod/wiki/tests/privacy_test.php b/mod/wiki/tests/privacy_test.php index cd724b8d047..b2699e46987 100644 --- a/mod/wiki/tests/privacy_test.php +++ b/mod/wiki/tests/privacy_test.php @@ -29,6 +29,7 @@ global $CFG; use core_privacy\tests\provider_testcase; use mod_wiki\privacy\provider; use core_privacy\local\request\approved_contextlist; +use core_privacy\local\request\approved_userlist; use core_privacy\local\request\writer; require_once($CFG->dirroot.'/mod/wiki/locallib.php'); @@ -80,11 +81,13 @@ class mod_wiki_privacy_testcase extends provider_testcase { $this->users[1] = $dg->create_user(); $this->users[2] = $dg->create_user(); $this->users[3] = $dg->create_user(); + $this->users[4] = $dg->create_user(); $studentrole = $DB->get_record('role', array('shortname' => 'student')); $this->getDataGenerator()->enrol_user($this->users[1]->id, $course->id, $studentrole->id, 'manual'); $this->getDataGenerator()->enrol_user($this->users[2]->id, $course->id, $studentrole->id, 'manual'); $this->getDataGenerator()->enrol_user($this->users[3]->id, $course->id, $studentrole->id, 'manual'); + $this->getDataGenerator()->enrol_user($this->users[4]->id, $course->id, $studentrole->id, 'manual'); $cm1 = $this->getDataGenerator()->create_module('wiki', ['course' => $course->id]); $cm2 = $this->getDataGenerator()->create_module('wiki', ['course' => $course->id, 'wikimode' => 'individual']); @@ -133,6 +136,10 @@ class mod_wiki_privacy_testcase extends provider_testcase { // Lock a page in the third wiki without having any revisions on it. wiki_set_lock($this->pages[3][1]->id, $this->users[3]->id, null, true); + // User 4 - added to the first wiki, so all users are not part of all edited contexts. + $this->setUser($this->users[4]); + $this->pages[1][4] = $this->create_page($cm1); + $this->subwikis = [ 1 => $this->pages[1][1]->subwikiid, 21 => $this->pages[21][1]->subwikiid, @@ -153,6 +160,7 @@ class mod_wiki_privacy_testcase extends provider_testcase { 1 => $this->pages[1][1]->id . ' ' . $this->pages[1][1]->title, 2 => $this->pages[1][2]->id . ' ' . $this->pages[1][2]->title, 3 => $this->pages[1][3]->id . ' ' . $this->pages[1][3]->title, + 4 => $this->pages[1][4]->id . ' ' . $this->pages[1][4]->title, ], 21 => [ 1 => $this->pages[21][1]->id . ' ' . $this->pages[21][1]->title, @@ -261,6 +269,60 @@ class mod_wiki_privacy_testcase extends provider_testcase { ], $contextids, '', 0.0, 10, true); } + /** + * Test getting the users within a context. + */ + public function test_get_users_in_context() { + global $DB; + $component = 'mod_wiki'; + + // Add a comment from user 4 in context 3. + $this->setUser($this->users[4]); + $this->add_comment($this->pages[3][1], 'Look at me, getting involved!'); + + // Ensure userlist for context 1 contains all users. + $userlist = new \core_privacy\local\request\userlist($this->contexts[1], $component); + provider::get_users_in_context($userlist); + + $this->assertCount(4, $userlist); + + $expected = [$this->users[1]->id, $this->users[2]->id, $this->users[3]->id, $this->users[4]->id]; + $actual = $userlist->get_userids(); + sort($expected); + sort($actual); + $this->assertEquals($expected, $actual); + + // Ensure userlist for context 2 contains users 1-3 only. + $userlist = new \core_privacy\local\request\userlist($this->contexts[2], $component); + provider::get_users_in_context($userlist); + + $this->assertCount(3, $userlist); + + $expected = [$this->users[1]->id, $this->users[2]->id, $this->users[3]->id]; + $actual = $userlist->get_userids(); + sort($expected); + sort($actual); + $this->assertEquals($expected, $actual); + + // Ensure userlist for context 3 contains users 2, 3 and 4 only. + $userlist = new \core_privacy\local\request\userlist($this->contexts[3], $component); + provider::get_users_in_context($userlist); + + $this->assertCount(3, $userlist); + + $expected = [$this->users[2]->id, $this->users[3]->id, $this->users[4]->id]; + $actual = $userlist->get_userids(); + sort($expected); + sort($actual); + $this->assertEquals($expected, $actual); + + // Ensure userlist for context 4 is empty. + $userlist = new \core_privacy\local\request\userlist($this->contexts[4], $component); + provider::get_users_in_context($userlist); + + $this->assertEmpty($userlist); + } + /** * Export data for user 1 */ @@ -529,4 +591,63 @@ class mod_wiki_privacy_testcase extends provider_testcase { $this->assertTrue(writer::with_context($this->contexts[1])->has_any_data()); $this->assertFalse(writer::with_context($this->contexts[2])->has_any_data()); } + + /** + * Test for delete_data_for_users(). + */ + public function test_delete_data_for_users() { + $component = 'mod_wiki'; + + // Ensure data exists within context 2 - individual wikis. + // Since each user owns their own subwiki in this context, they can be deleted. + $u1ctx2 = new approved_contextlist($this->users[1], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u1ctx2); + $u2ctx2 = new approved_contextlist($this->users[2], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u2ctx2); + $u3ctx2 = new approved_contextlist($this->users[3], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u3ctx2); + + $this->assertTrue(writer::with_context($this->contexts[2])->has_any_data()); + writer::reset(); + + // Delete user 1 and 2 data, user 3's wiki still remains. + $approveduserids = [$this->users[1]->id, $this->users[2]->id]; + $approvedlist = new approved_userlist($this->contexts[2], $component, $approveduserids); + provider::delete_data_for_users($approvedlist); + + $u1ctx2 = new approved_contextlist($this->users[1], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u1ctx2); + $u2ctx2 = new approved_contextlist($this->users[2], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u2ctx2); + $u3ctx2 = new approved_contextlist($this->users[3], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u3ctx2); + + $this->assertTrue(writer::with_context($this->contexts[2])->has_any_data()); + writer::reset(); + + // Delete user 3's wiki. All 3 subwikis now deleted, so ensure no data is found in this context. + $approveduserids = [$this->users[3]->id]; + $approvedlist = new approved_userlist($this->contexts[2], $component, $approveduserids); + provider::delete_data_for_users($approvedlist); + + $u1ctx2 = new approved_contextlist($this->users[1], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u1ctx2); + $u2ctx2 = new approved_contextlist($this->users[2], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u2ctx2); + $u3ctx2 = new approved_contextlist($this->users[3], 'mod_wiki', [$this->contexts[2]->id]); + provider::export_user_data($u3ctx2); + + $this->assertFalse(writer::with_context($this->contexts[2])->has_any_data()); + writer::reset(); + + // Ensure Context 1 still contains data. + $u1ctx1 = new approved_contextlist($this->users[1], 'mod_wiki', [$this->contexts[1]->id]); + provider::export_user_data($u1ctx1); + $u2ctx1 = new approved_contextlist($this->users[2], 'mod_wiki', [$this->contexts[1]->id]); + provider::export_user_data($u2ctx1); + $u3ctx1 = new approved_contextlist($this->users[3], 'mod_wiki', [$this->contexts[1]->id]); + provider::export_user_data($u3ctx1); + + $this->assertTrue(writer::with_context($this->contexts[1])->has_any_data()); + } }