Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.

Differences Between: [Versions 310 and 311] [Versions 311 and 400] [Versions 311 and 401] [Versions 311 and 402] [Versions 311 and 403] [Versions 39 and 311]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Privacy class for requesting user data.
  19   *
  20   * @package    core_user
  21   * @copyright  2018 Adrian Greeve <adrian@moodle.com>
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  namespace core_user\privacy;
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  use \core_privacy\local\metadata\collection;
  30  use \core_privacy\local\request\transform;
  31  use \core_privacy\local\request\contextlist;
  32  use \core_privacy\local\request\approved_contextlist;
  33  use \core_privacy\local\request\writer;
  34  use core_privacy\local\request\userlist;
  35  use \core_privacy\local\request\approved_userlist;
  36  
  37  /**
  38   * Privacy class for requesting user data.
  39   *
  40   * @package    core_comment
  41   * @copyright  2018 Adrian Greeve <adrian@moodle.com>
  42   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  43   */
  44  class provider implements
  45          \core_privacy\local\metadata\provider,
  46          \core_privacy\local\request\core_userlist_provider,
  47          \core_privacy\local\request\subsystem\provider {
  48  
  49      /**
  50       * Returns information about the user data stored in this component.
  51       *
  52       * @param  collection $collection A list of information about this component
  53       * @return collection The collection object filled out with information about this component.
  54       */
  55      public static function get_metadata(collection $collection) : collection {
  56          $userfields = [
  57              'id' => 'privacy:metadata:id',
  58              'auth' => 'privacy:metadata:auth',
  59              'confirmed' => 'privacy:metadata:confirmed',
  60              'policyagreed' => 'privacy:metadata:policyagreed',
  61              'deleted' => 'privacy:metadata:deleted',
  62              'suspended' => 'privacy:metadata:suspended',
  63              'mnethostid' => 'privacy:metadata:mnethostid',
  64              'username' => 'privacy:metadata:username',
  65              'password' => 'privacy:metadata:password',
  66              'idnumber' => 'privacy:metadata:idnumber',
  67              'firstname' => 'privacy:metadata:firstname',
  68              'lastname' => 'privacy:metadata:lastname',
  69              'email' => 'privacy:metadata:email',
  70              'emailstop' => 'privacy:metadata:emailstop',
  71              'phone1' => 'privacy:metadata:phone',
  72              'phone2' => 'privacy:metadata:phone',
  73              'institution' => 'privacy:metadata:institution',
  74              'department' => 'privacy:metadata:department',
  75              'address' => 'privacy:metadata:address',
  76              'city' => 'privacy:metadata:city',
  77              'country' => 'privacy:metadata:country',
  78              'lang' => 'privacy:metadata:lang',
  79              'calendartype' => 'privacy:metadata:calendartype',
  80              'theme' => 'privacy:metadata:theme',
  81              'timezone' => 'privacy:metadata:timezone',
  82              'firstaccess' => 'privacy:metadata:firstaccess',
  83              'lastaccess' => 'privacy:metadata:lastaccess',
  84              'lastlogin' => 'privacy:metadata:lastlogin',
  85              'currentlogin' => 'privacy:metadata:currentlogin',
  86              'lastip' => 'privacy:metadata:lastip',
  87              'secret' => 'privacy:metadata:secret',
  88              'picture' => 'privacy:metadata:picture',
  89              'description' => 'privacy:metadata:description',
  90              'maildigest' => 'privacy:metadata:maildigest',
  91              'maildisplay' => 'privacy:metadata:maildisplay',
  92              'autosubscribe' => 'privacy:metadata:autosubscribe',
  93              'trackforums' => 'privacy:metadata:trackforums',
  94              'timecreated' => 'privacy:metadata:timecreated',
  95              'timemodified' => 'privacy:metadata:timemodified',
  96              'trustbitmask' => 'privacy:metadata:trustbitmask',
  97              'imagealt' => 'privacy:metadata:imagealt',
  98              'lastnamephonetic' => 'privacy:metadata:lastnamephonetic',
  99              'firstnamephonetic' => 'privacy:metadata:firstnamephonetic',
 100              'middlename' => 'privacy:metadata:middlename',
 101              'alternatename' => 'privacy:metadata:alternatename',
 102              'moodlenetprofile' => 'privacy:metadata:moodlenetprofile'
 103          ];
 104  
 105          $passwordhistory = [
 106              'userid' => 'privacy:metadata:userid',
 107              'hash' => 'privacy:metadata:hash',
 108              'timecreated' => 'privacy:metadata:timecreated'
 109          ];
 110  
 111          $lastaccess = [
 112              'userid' => 'privacy:metadata:userid',
 113              'courseid' => 'privacy:metadata:courseid',
 114              'timeaccess' => 'privacy:metadata:timeaccess'
 115          ];
 116  
 117          $userpasswordresets = [
 118              'userid' => 'privacy:metadata:userid',
 119              'timerequested' => 'privacy:metadata:timerequested',
 120              'timererequested' => 'privacy:metadata:timererequested',
 121              'token' => 'privacy:metadata:token'
 122          ];
 123  
 124          $userdevices = [
 125              'userid' => 'privacy:metadata:userid',
 126              'appid' => 'privacy:metadata:appid',
 127              'name' => 'privacy:metadata:devicename',
 128              'model' => 'privacy:metadata:model',
 129              'platform' => 'privacy:metadata:platform',
 130              'version' => 'privacy:metadata:version',
 131              'pushid' => 'privacy:metadata:pushid',
 132              'uuid' => 'privacy:metadata:uuid',
 133              'timecreated' => 'privacy:metadata:timecreated',
 134              'timemodified' => 'privacy:metadata:timemodified'
 135          ];
 136  
 137          $usersessions = [
 138              'state' => 'privacy:metadata:state',
 139              'sid' => 'privacy:metadata:sid',
 140              'userid' => 'privacy:metadata:userid',
 141              'sessdata' => 'privacy:metadata:sessdata',
 142              'timecreated' => 'privacy:metadata:timecreated',
 143              'timemodified' => 'privacy:metadata:timemodified',
 144              'firstip' => 'privacy:metadata:firstip',
 145              'lastip' => 'privacy:metadata:lastip'
 146          ];
 147  
 148          $courserequest = [
 149              'fullname' => 'privacy:metadata:fullname',
 150              'shortname' => 'privacy:metadata:shortname',
 151              'summary' => 'privacy:metadata:summary',
 152              'category' => 'privacy:metadata:category',
 153              'reason' => 'privacy:metadata:reason',
 154              'requester' => 'privacy:metadata:requester'
 155          ];
 156  
 157          $mypages = [
 158              'userid' => 'privacy:metadata:my_pages:userid',
 159              'name' => 'privacy:metadata:my_pages:name',
 160              'private' => 'privacy:metadata:my_pages:private',
 161          ];
 162  
 163          $userpreferences = [
 164              'userid' => 'privacy:metadata:user_preferences:userid',
 165              'name' => 'privacy:metadata:user_preferences:name',
 166              'value' => 'privacy:metadata:user_preferences:value'
 167          ];
 168  
 169          $collection->add_database_table('user', $userfields, 'privacy:metadata:usertablesummary');
 170          $collection->add_database_table('user_password_history', $passwordhistory, 'privacy:metadata:passwordtablesummary');
 171          $collection->add_database_table('user_password_resets', $userpasswordresets, 'privacy:metadata:passwordresettablesummary');
 172          $collection->add_database_table('user_lastaccess', $lastaccess, 'privacy:metadata:lastaccesstablesummary');
 173          $collection->add_database_table('user_devices', $userdevices, 'privacy:metadata:devicetablesummary');
 174          $collection->add_database_table('course_request', $courserequest, 'privacy:metadata:requestsummary');
 175          $collection->add_database_table('sessions', $usersessions, 'privacy:metadata:sessiontablesummary');
 176          $collection->add_database_table('my_pages', $mypages, 'privacy:metadata:my_pages');
 177          $collection->add_database_table('user_preferences', $userpreferences, 'privacy:metadata:user_preferences');
 178          $collection->add_subsystem_link('core_files', [], 'privacy:metadata:filelink');
 179  
 180          return $collection;
 181      }
 182  
 183      /**
 184       * Get the list of contexts that contain user information for the specified user.
 185       *
 186       * @param   int $userid The user to search.
 187       * @return  contextlist $contextlist The contextlist containing the list of contexts used in this plugin.
 188       */
 189      public static function get_contexts_for_userid(int $userid) : contextlist {
 190          $params = ['userid' => $userid, 'contextuser' => CONTEXT_USER];
 191          $sql = "SELECT id
 192                    FROM {context}
 193                   WHERE instanceid = :userid and contextlevel = :contextuser";
 194          $contextlist = new contextlist();
 195          $contextlist->add_from_sql($sql, $params);
 196          return $contextlist;
 197      }
 198  
 199      /**
 200       * Get the list of users within a specific context.
 201       *
 202       * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
 203       */
 204      public static function get_users_in_context(userlist $userlist) {
 205          $context = $userlist->get_context();
 206  
 207          if (!$context instanceof \context_user) {
 208              return;
 209          }
 210  
 211          $userlist->add_user($context->instanceid);
 212      }
 213  
 214      /**
 215       * Export all user data for the specified user, in the specified contexts.
 216       *
 217       * @param approved_contextlist $contextlist The approved contexts to export information for.
 218       */
 219      public static function export_user_data(approved_contextlist $contextlist) {
 220          $context = $contextlist->current();
 221          $user = \core_user::get_user($contextlist->get_user()->id);
 222          static::export_user($user, $context);
 223          static::export_password_history($user->id, $context);
 224          static::export_password_resets($user->id, $context);
 225          static::export_lastaccess($user->id, $context);
 226          static::export_course_requests($user->id, $context);
 227          static::export_user_devices($user->id, $context);
 228          static::export_user_session_data($user->id, $context);
 229      }
 230  
 231      /**
 232       * Delete all data for all users in the specified context.
 233       *
 234       * @param context $context The specific context to delete data for.
 235       */
 236      public static function delete_data_for_all_users_in_context(\context $context) {
 237          // Only delete data for a user context.
 238          if ($context->contextlevel == CONTEXT_USER) {
 239              static::delete_user_data($context->instanceid, $context);
 240          }
 241      }
 242  
 243      /**
 244       * Delete multiple users within a single context.
 245       *
 246       * @param approved_userlist $userlist The approved context and user information to delete information for.
 247       */
 248      public static function delete_data_for_users(approved_userlist $userlist) {
 249  
 250          $context = $userlist->get_context();
 251  
 252          if ($context instanceof \context_user) {
 253              static::delete_user_data($context->instanceid, $context);
 254          }
 255      }
 256  
 257      /**
 258       * Delete all user data for the specified user, in the specified contexts.
 259       *
 260       * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
 261       */
 262      public static function delete_data_for_user(approved_contextlist $contextlist) {
 263          foreach ($contextlist as $context) {
 264              // Let's be super certain that we have the right information for this user here.
 265              if ($context->contextlevel == CONTEXT_USER && $contextlist->get_user()->id == $context->instanceid) {
 266                  static::delete_user_data($contextlist->get_user()->id, $contextlist->current());
 267              }
 268          }
 269      }
 270  
 271      /**
 272       * Deletes non vital information about a user.
 273       *
 274       * @param  int      $userid  The user ID to delete
 275       * @param  \context $context The user context
 276       */
 277      protected static function delete_user_data(int $userid, \context $context) {
 278          global $DB;
 279  
 280          // Delete password history.
 281          $DB->delete_records('user_password_history', ['userid' => $userid]);
 282          // Delete last access.
 283          $DB->delete_records('user_lastaccess', ['userid' => $userid]);
 284          // Delete password resets.
 285          $DB->delete_records('user_password_resets', ['userid' => $userid]);
 286          // Delete user devices.
 287          $DB->delete_records('user_devices', ['userid' => $userid]);
 288          // Delete user course requests.
 289          $DB->delete_records('course_request', ['requester' => $userid]);
 290          // Delete sessions.
 291          $DB->delete_records('sessions', ['userid' => $userid]);
 292          // Do I delete user preferences? Seems like the right place to do it.
 293          $DB->delete_records('user_preferences', ['userid' => $userid]);
 294  
 295          // Delete all of the files for this user.
 296          $fs = get_file_storage();
 297          $fs->delete_area_files($context->id, 'user');
 298  
 299          // For the user record itself we only want to remove unnecessary data. We still need the core data to keep as a record
 300          // that we actually did follow the request to be forgotten.
 301          $user = \core_user::get_user($userid);
 302          // Update fields we wish to change to nothing.
 303          $user->deleted = 1;
 304          $user->idnumber = '';
 305          $user->emailstop = 0;
 306          $user->phone1 = '';
 307          $user->phone2 = '';
 308          $user->institution = '';
 309          $user->department = '';
 310          $user->address = '';
 311          $user->city = '';
 312          $user->country = '';
 313          $user->lang = '';
 314          $user->calendartype = '';
 315          $user->theme = '';
 316          $user->timezone = '';
 317          $user->firstaccess = 0;
 318          $user->lastaccess = 0;
 319          $user->lastlogin = 0;
 320          $user->currentlogin = 0;
 321          $user->lastip = 0;
 322          $user->secret = '';
 323          $user->picture = '';
 324          $user->description = '';
 325          $user->descriptionformat = 0;
 326          $user->mailformat = 0;
 327          $user->maildigest = 0;
 328          $user->maildisplay = 0;
 329          $user->autosubscribe = 0;
 330          $user->trackforums = 0;
 331          $user->timecreated = 0;
 332          $user->timemodified = 0;
 333          $user->trustbitmask = 0;
 334          $user->imagealt = '';
 335          $user->lastnamephonetic = '';
 336          $user->firstnamephonetic = '';
 337          $user->middlename = '';
 338          $user->alternatename = '';
 339          $DB->update_record('user', $user);
 340      }
 341  
 342      /**
 343       * Export core user data.
 344       *
 345       * @param  \stdClass $user The user object.
 346       * @param  \context $context The user context.
 347       */
 348      protected static function export_user(\stdClass $user, \context $context) {
 349          $data = (object) [
 350              'auth' => $user->auth,
 351              'confirmed' => transform::yesno($user->confirmed),
 352              'policyagreed' => transform::yesno($user->policyagreed),
 353              'deleted' => transform::yesno($user->deleted),
 354              'suspended' => transform::yesno($user->suspended),
 355              'username' => $user->username,
 356              'idnumber' => $user->idnumber,
 357              'firstname' => format_string($user->firstname, true, ['context' => $context]),
 358              'lastname' => format_string($user->lastname, true, ['context' => $context]),
 359              'email' => $user->email,
 360              'emailstop' => transform::yesno($user->emailstop),
 361              'phone1' => format_string($user->phone1, true, ['context' => $context]),
 362              'phone2' => format_string($user->phone2, true, ['context' => $context]),
 363              'institution' => format_string($user->institution, true, ['context' => $context]),
 364              'department' => format_string($user->department, true, ['context' => $context]),
 365              'address' => format_string($user->address, true, ['context' => $context]),
 366              'city' => format_string($user->city, true, ['context' => $context]),
 367              'country' => format_string($user->country, true, ['context' => $context]),
 368              'lang' => $user->lang,
 369              'calendartype' => $user->calendartype,
 370              'theme' => $user->theme,
 371              'timezone' => $user->timezone,
 372              'firstaccess' => $user->firstaccess ? transform::datetime($user->firstaccess) : null,
 373              'lastaccess' => $user->lastaccess ? transform::datetime($user->lastaccess) : null,
 374              'lastlogin' => $user->lastlogin ? transform::datetime($user->lastlogin) : null,
 375              'currentlogin' => $user->currentlogin ? transform::datetime($user->currentlogin) : null,
 376              'lastip' => $user->lastip,
 377              'secret' => $user->secret,
 378              'picture' => $user->picture,
 379              'description' => format_text(
 380                  writer::with_context($context)->rewrite_pluginfile_urls(
 381                      [],
 382                      'user',
 383                      'profile',
 384                      '',
 385                      $user->description
 386                  ), $user->descriptionformat, ['context' => $context]),
 387              'maildigest' => transform::yesno($user->maildigest),
 388              'maildisplay' => $user->maildisplay,
 389              'autosubscribe' => transform::yesno($user->autosubscribe),
 390              'trackforums' => transform::yesno($user->trackforums),
 391              'timecreated' => transform::datetime($user->timecreated),
 392              'timemodified' => transform::datetime($user->timemodified),
 393              'imagealt' => format_string($user->imagealt, true, ['context' => $context]),
 394              'lastnamephonetic' => format_string($user->lastnamephonetic, true, ['context' => $context]),
 395              'firstnamephonetic' => format_string($user->firstnamephonetic, true, ['context' => $context]),
 396              'middlename' => format_string($user->middlename, true, ['context' => $context]),
 397              'alternatename'  => format_string($user->alternatename, true, ['context' => $context])
 398          ];
 399  
 400          writer::with_context($context)->export_area_files([], 'user', 'profile', 0)
 401                  ->export_data([], $data);
 402          // Export profile images.
 403          writer::with_context($context)->export_area_files([get_string('privacy:profileimagespath', 'user')], 'user', 'icon', 0);
 404          // Export private files.
 405          writer::with_context($context)->export_area_files([get_string('privacy:privatefilespath', 'user')], 'user', 'private', 0);
 406          // Export draft files.
 407          writer::with_context($context)->export_area_files([get_string('privacy:draftfilespath', 'user')], 'user', 'draft', false);
 408      }
 409  
 410      /**
 411       * Export information about the last time a user accessed a course.
 412       *
 413       * @param  int $userid The user ID.
 414       * @param  \context $context The user context.
 415       */
 416      protected static function export_lastaccess(int $userid, \context $context) {
 417          global $DB;
 418          $sql = "SELECT c.id, c.fullname, ul.timeaccess
 419                    FROM {user_lastaccess} ul
 420                    JOIN {course} c ON c.id = ul.courseid
 421                   WHERE ul.userid = :userid";
 422          $params = ['userid' => $userid];
 423          $records = $DB->get_records_sql($sql, $params);
 424          if (!empty($records)) {
 425              $lastaccess = (object) array_map(function($record) use ($context) {
 426                  return [
 427                      'course_name' => format_string($record->fullname, true, ['context' => $context]),
 428                      'timeaccess' => transform::datetime($record->timeaccess)
 429                  ];
 430              }, $records);
 431              writer::with_context($context)->export_data([get_string('privacy:lastaccesspath', 'user')], $lastaccess);
 432          }
 433      }
 434  
 435      /**
 436       * Exports information about password resets.
 437       *
 438       * @param  int $userid The user ID
 439       * @param  \context $context Context for this user.
 440       */
 441      protected static function export_password_resets(int $userid, \context $context) {
 442          global $DB;
 443          $records = $DB->get_records('user_password_resets', ['userid' => $userid]);
 444          if (!empty($records)) {
 445              $passwordresets = (object) array_map(function($record) {
 446                  return [
 447                      'timerequested' => transform::datetime($record->timerequested),
 448                      'timererequested' => transform::datetime($record->timererequested)
 449                  ];
 450              }, $records);
 451              writer::with_context($context)->export_data([get_string('privacy:passwordresetpath', 'user')], $passwordresets);
 452          }
 453      }
 454  
 455      /**
 456       * Exports information about the user's mobile devices.
 457       *
 458       * @param  int $userid The user ID.
 459       * @param  \context $context Context for this user.
 460       */
 461      protected static function export_user_devices(int $userid, \context $context) {
 462          global $DB;
 463          $records = $DB->get_records('user_devices', ['userid' => $userid]);
 464          if (!empty($records)) {
 465              $userdevices = (object) array_map(function($record) {
 466                  return [
 467                      'appid' => $record->appid,
 468                      'name' => $record->name,
 469                      'model' => $record->model,
 470                      'platform' => $record->platform,
 471                      'version' => $record->version,
 472                      'timecreated' => transform::datetime($record->timecreated),
 473                      'timemodified' => transform::datetime($record->timemodified)
 474                  ];
 475              }, $records);
 476              writer::with_context($context)->export_data([get_string('privacy:devicespath', 'user')], $userdevices);
 477          }
 478      }
 479  
 480      /**
 481       * Exports information about course requests this user made.
 482       *
 483       * @param  int    $userid  The user ID.
 484       * @param  \context $context The context object
 485       */
 486      protected static function export_course_requests(int $userid, \context $context) {
 487          global $DB;
 488          $sql = "SELECT cr.shortname, cr.fullname, cr.summary, cc.name AS category, cr.reason
 489                    FROM {course_request} cr
 490                    JOIN {course_categories} cc ON cr.category = cc.id
 491                   WHERE cr.requester = :userid";
 492          $params = ['userid' => $userid];
 493          $records = $DB->get_records_sql($sql, $params);
 494          if ($records) {
 495              writer::with_context($context)->export_data([get_string('privacy:courserequestpath', 'user')], (object) $records);
 496          }
 497      }
 498  
 499      /**
 500       * Get details about the user's password history.
 501       *
 502       * @param int $userid The user ID that we are getting the password history for.
 503       * @param \context $context the user context.
 504       */
 505      protected static function export_password_history(int $userid, \context $context) {
 506          global $DB;
 507  
 508          // Just provide a count of how many entries we have.
 509          $recordcount = $DB->count_records('user_password_history', ['userid' => $userid]);
 510          if ($recordcount) {
 511              $passwordhistory = (object) ['password_history_count' => $recordcount];
 512              writer::with_context($context)->export_data([get_string('privacy:passwordhistorypath', 'user')], $passwordhistory);
 513          }
 514      }
 515  
 516      /**
 517       * Exports information about the user's session.
 518       *
 519       * @param  int $userid The user ID.
 520       * @param  \context $context The context for this user.
 521       */
 522      protected static function export_user_session_data(int $userid, \context $context) {
 523          global $DB, $SESSION;
 524  
 525          $records = $DB->get_records('sessions', ['userid' => $userid]);
 526          if (!empty($records)) {
 527              $sessiondata = (object) array_map(function($record) {
 528                  return [
 529                      'state' => $record->state,
 530                      'sessdata' => base64_decode($record->sessdata),
 531                      'timecreated' => transform::datetime($record->timecreated),
 532                      'timemodified' => transform::datetime($record->timemodified),
 533                      'firstip' => $record->firstip,
 534                      'lastip' => $record->lastip
 535                  ];
 536              }, $records);
 537              writer::with_context($context)->export_data([get_string('privacy:sessionpath', 'user')], $sessiondata);
 538          }
 539      }
 540  }