MDL-63596 backup: Deal with controller types

For privacy requests, deal with all 3 controller types.
2025-03-14 12:40:01 +01:00 · 2018-11-09 15:22:17 +08:00 · 2018-11-09 15:22:17 +08:00 · f1f7d45bc7
commit f1f7d45bc7
parent fc9bde4bc3
1 changed files with 92 additions and 19 deletions
--- a/backup/util/ui/classes/privacy/provider.php
+++ b/backup/util/ui/classes/privacy/provider.php
@ -84,12 +84,48 @@ class provider implements
    public static function get_contexts_for_userid(int $userid) : contextlist {
        $contextlist = new contextlist();

-        $sql = "SELECT DISTINCT ctx.id
+        $sql = "SELECT ctx.id
                  FROM {backup_controllers} bc
                  JOIN {context} ctx
-                    ON ctx.instanceid = bc.itemid AND ctx.contextlevel = :contextlevel
+                        ON ctx.instanceid = bc.itemid
+                       AND ctx.contextlevel = :contextlevel
+                       AND bc.type = :type
                 WHERE bc.userid = :userid";
-        $params = ['contextlevel' => CONTEXT_COURSE, 'userid' => $userid];
+        $params = [
+            'contextlevel' => CONTEXT_COURSE,
+            'userid' => $userid,
+            'type' => 'course',
+        ];
+        $contextlist->add_from_sql($sql, $params);
+
+        $sql = "SELECT ctx.id
+                  FROM {backup_controllers} bc
+                  JOIN {course_sections} c
+                        ON bc.itemid = c.id
+                       AND bc.type = :type
+                  JOIN {context} ctx
+                        ON ctx.instanceid = c.course
+                       AND ctx.contextlevel = :contextlevel
+                 WHERE bc.userid = :userid";
+        $params = [
+            'contextlevel' => CONTEXT_COURSE,
+            'userid' => $userid,
+            'type' => 'section',
+        ];
+        $contextlist->add_from_sql($sql, $params);
+
+        $sql = "SELECT ctx.id
+                  FROM {backup_controllers} bc
+                  JOIN {context} ctx
+                        ON ctx.instanceid = bc.itemid
+                       AND ctx.contextlevel = :contextlevel
+                       AND bc.type = :type
+                 WHERE bc.userid = :userid";
+        $params = [
+            'contextlevel' => CONTEXT_MODULE,
+            'userid' => $userid,
+            'type' => 'activity',
+        ];
        $contextlist->add_from_sql($sql, $params);

        return $contextlist;
@ -199,21 +235,27 @@ class provider implements

    /**
     * Delete all user data which matches the specified context.
+     * Only dealing with the specific context - not it's child contexts.
     *
     * @param \context $context A user context.
     */
    public static function delete_data_for_all_users_in_context(\context $context) {
        global $DB;

-        if (!$context instanceof \context_course) {
-            return;
+        if ($context instanceof \context_course) {
+            $sectionsql = "itemid IN (SELECT id FROM {course_sections} WHERE course = ?) AND type = ?";
+            $DB->delete_records_select('backup_controllers', $sectionsql, [$context->instanceid, \backup::TYPE_1SECTION]);
+            $DB->delete_records('backup_controllers', ['itemid' => $context->instanceid, 'type' => \backup::TYPE_1COURSE]);
        }
-
-        $DB->delete_records('backup_controllers', ['itemid' => $context->instanceid]);
+        if ($context instanceof \context_module) {
+            $DB->delete_records('backup_controllers', ['itemid' => $context->instanceid, 'type' => \backup::TYPE_1ACTIVITY]);
+        }
+        return;
    }

    /**
     * Delete multiple users within a single context.
+     * Only dealing with the specific context - not it's child contexts.
     *
     * @param approved_userlist $userlist The approved context and user information to delete information for.
     */
@ -225,24 +267,28 @@ class provider implements
        }

        $context = $userlist->get_context();
-
        if ($context instanceof \context_course) {
            list($usersql, $userparams) = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED);
+            $select = "itemid = :itemid AND userid {$usersql} AND type = :type";
+            $params = $userparams;
+            $params['itemid'] = $context->instanceid;
+            $params['type'] = \backup::TYPE_1COURSE;

-            // Delete course backup data.
-            $select = "itemid = :itemid AND type = :type AND userid {$usersql}";
-            $params = ['itemid' => $context->instanceid, 'type' => 'course'] + $userparams;
            $DB->delete_records_select('backup_controllers', $select, $params);

-            // Delete course sections backup data.
-            $select = "itemid IN (SELECT id FROM {course_sections} WHERE course = :course) AND userid
-                    {$usersql} AND type = :type";
-            $params = ['course' => $context->instanceid, 'type' => 'section'] + $userparams;
+            $params = $userparams;
+            $params['course'] = $context->instanceid;
+            $params['type'] = \backup::TYPE_1SECTION;
+            $sectionsql = "itemid IN (SELECT id FROM {course_sections} WHERE course = :course)";
+            $select = $sectionsql . " AND userid {$usersql} AND type = :type";
            $DB->delete_records_select('backup_controllers', $select, $params);
        }
-
        if ($context instanceof \context_module) {
            list($usersql, $userparams) = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED);
+            $select = "itemid = :itemid AND userid {$usersql} AND type = :type";
+            $params = $userparams;
+            $params['itemid'] = $context->instanceid;
+            $params['type'] = \backup::TYPE_1ACTIVITY;

            // Delete activity backup data.
            $select = "itemid = :itemid AND type = :type AND userid {$usersql}";
@ -253,6 +299,7 @@ class provider implements

    /**
     * Delete all user data for the specified user, in the specified contexts.
+     * Only dealing with the specific context - not it's child contexts.
     *
     * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
     */
@ -265,11 +312,37 @@ class provider implements

        $userid = $contextlist->get_user()->id;
        foreach ($contextlist->get_contexts() as $context) {
-            if (!$context instanceof \context_course) {
-                continue;
+            if ($context instanceof \context_course) {
+                $select = "itemid = :itemid AND userid = :userid AND type = :type";
+                $params = [
+                    'userid' => $userid,
+                    'itemid' => $context->instanceid,
+                    'type' => \backup::TYPE_1COURSE
+                ];
+
+                $DB->delete_records_select('backup_controllers', $select, $params);
+
+                $params = [
+                    'userid' => $userid,
+                    'course' => $context->instanceid,
+                    'type' => \backup::TYPE_1SECTION
+                ];
+                $sectionsql = "itemid IN (SELECT id FROM {course_sections} WHERE course = :course)";
+                $select = $sectionsql . " AND userid = :userid AND type = :type";
+                $DB->delete_records_select('backup_controllers', $select, $params);
+            }
+            if ($context instanceof \context_module) {
+                list($usersql, $userparams) = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED);
+                $select = "itemid = :itemid AND userid = :userid AND type = :type";
+                $params = [
+                    'itemid' => $context->instanceid,
+                    'userid' => $userid,
+                    'type' => \backup::TYPE_1ACTIVITY
+                ];
+
+                $DB->delete_records_select('backup_controllers', $select, $params);
            }

-            $DB->delete_records('backup_controllers', ['itemid' => $context->instanceid, 'userid' => $userid]);
        }
    }