Search moodle.org's
Developer Documentation

Long Term Support Release

  • Bug fixes for general core bugs in 3.5.x ended May 2019 (12 months).
  • Bug fixes for security issues in 3.5.x will end 10 May 2021 (36 months) - Support has ended.
  • minimum PHP 7.0.0 Note: minimum PHP version has increased since Moodle 3.3. PHP 7.1.x and 7.2.x are supported too. PHP 7.x could have some engine limitations.
  • Differences Between: [Versions 35 and 310] [Versions 35 and 311]

       1  <?php
       2  // This file is part of Moodle - http://moodle.org/
       3  //
       4  // Moodle is free software: you can redistribute it and/or modify
       5  // it under the terms of the GNU General Public License as published by
       6  // the Free Software Foundation, either version 3 of the License, or
       7  // (at your option) any later version.
       8  //
       9  // Moodle is distributed in the hope that it will be useful,
      10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
      11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      12  // GNU General Public License for more details.
      13  //
      14  // You should have received a copy of the GNU General Public License
      15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
      16  
      17  /**
      18   * Privacy test for core_role
      19   *
      20   * @package    core_role
      21   * @category   test
      22   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
      23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
      24   */
      25  
      26  defined('MOODLE_INTERNAL') || die();
      27  
      28  use \core_role\privacy\provider;
      29  use \core_privacy\local\request\approved_contextlist;
      30  use \core_privacy\local\request\writer;
      31  use \core_privacy\tests\provider_testcase;
      32  use \core_privacy\local\request\transform;
      33  use \tool_cohortroles\api;
      34  use \core_privacy\local\request\approved_userlist;
      35  
      36  /**
      37   * Privacy test for core_role
      38   *
      39   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
      40   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
      41   */
      42  class core_role_privacy_testcase extends provider_testcase {
      43      /**
      44       * Test to check export_user_preferences.
      45       * returns user preferences data.
      46       */
      47      public function test_export_user_preferences() {
      48          $this->resetAfterTest();
      49          $this->setAdminUser();
      50          $user = $this->getDataGenerator()->create_user();
      51          $this->setUser($user);
      52          $showadvanced = 1;
      53          set_user_preference('definerole_showadvanced', $showadvanced);
      54          provider::export_user_preferences($user->id);
      55          $writer = writer::with_context(\context_system::instance());
      56          $prefs = $writer->get_user_preferences('core_role');
      57          $this->assertEquals(transform::yesno($showadvanced), transform::yesno($prefs->definerole_showadvanced->value));
      58          $this->assertEquals(get_string('privacy:metadata:preference:showadvanced', 'core_role'),
      59              $prefs->definerole_showadvanced->description);
      60      }
      61  
      62      /**
      63       * Check all contexts are returned if there is any user data for this user.
      64       */
      65      public function test_get_contexts_for_userid() {
      66          global $DB;
      67  
      68          $this->resetAfterTest();
      69          $this->setAdminUser();
      70          $user = $this->getDataGenerator()->create_user();
      71          $this->assertEmpty(provider::get_contexts_for_userid($user->id));
      72  
      73          $user2 = $this->getDataGenerator()->create_user();
      74          $usercontext2 = \context_user::instance($user2->id);
      75          $course = $this->getDataGenerator()->create_course();
      76          $course2 = $this->getDataGenerator()->create_course();
      77          $coursecat = $this->getDataGenerator()->create_category();
      78          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
      79          $cmcontext = \context_module::instance($cm->cmid);
      80          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
      81          $cmcontext2 = \context_module::instance($page->cmid);
      82          $coursecontext = \context_course::instance($course->id);
      83          $coursecontext2 = \context_course::instance($course2->id);
      84          $coursecatcontext = \context_coursecat::instance($coursecat->id);
      85          $systemcontext = \context_system::instance();
      86          $block = $this->getDataGenerator()->create_block('online_users');
      87          $blockcontext = \context_block::instance($block->id);
      88  
      89          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
      90          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
      91  
      92          // Role assignments, where the user is assigned.
      93          role_assign($student->id, $user->id, $cmcontext2->id);
      94          role_assign($student->id, $user->id, $coursecontext2->id);
      95          role_assign($student->id, $user->id, $blockcontext->id);
      96          role_assign($manager->id, $user->id, $usercontext2->id);
      97          // Role assignments, where the user makes assignments.
      98          $this->setUser($user);
      99          role_assign($student->id, $user2->id, $coursecontext->id);
     100          role_assign($manager->id, $user2->id, $coursecatcontext->id);
     101          role_assign($manager->id, $user2->id, $systemcontext->id);
     102  
     103          // Role capabilities.
     104          $this->setUser($user);
     105          $result = assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $cmcontext->id);
     106  
     107          $contextlist = provider::get_contexts_for_userid($user->id)->get_contextids();
     108          $this->assertCount(8, $contextlist);
     109          $this->assertTrue(in_array($cmcontext->id, $contextlist));
     110      }
     111  
     112      /**
     113       * Test that user data is exported correctly.
     114       */
     115      public function test_export_user_data() {
     116          global $DB;
     117  
     118          $this->resetAfterTest();
     119          $this->setAdminUser();
     120          $user = $this->getDataGenerator()->create_user();
     121          $user2 = $this->getDataGenerator()->create_user();
     122          $usercontext2 = \context_user::instance($user2->id);
     123          $course = $this->getDataGenerator()->create_course();
     124          $course2 = $this->getDataGenerator()->create_course();
     125          $coursecat = $this->getDataGenerator()->create_category();
     126          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
     127          $cmcontext = \context_module::instance($cm->cmid);
     128          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
     129          $cmcontext2 = \context_module::instance($page->cmid);
     130          $coursecontext = \context_course::instance($course->id);
     131          $coursecontext2 = \context_course::instance($course2->id);
     132          $coursecatcontext = \context_coursecat::instance($coursecat->id);
     133          $systemcontext = \context_system::instance();
     134          $block = $this->getDataGenerator()->create_block('online_users');
     135          $blockcontext = \context_block::instance($block->id);
     136  
     137          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
     138          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
     139          $rolesnames = self::get_roles_name();
     140  
     141          $subcontextstudent = [
     142              get_string('privacy:metadata:role_assignments', 'core_role'),
     143              $rolesnames[$student->id]
     144          ];
     145          $subcontextmanager = [
     146              get_string('privacy:metadata:role_assignments', 'core_role'),
     147              $rolesnames[$manager->id]
     148          ];
     149          $subcontextrc = [
     150              get_string('privacy:metadata:role_capabilities', 'core_role'),
     151              $rolesnames[$student->id]
     152          ];
     153  
     154          // Test over role assignments.
     155          // Where the user is assigned.
     156          role_assign($student->id, $user->id, $cmcontext2->id);
     157          role_assign($student->id, $user->id, $coursecontext2->id);
     158          role_assign($student->id, $user->id, $blockcontext->id);
     159          role_assign($manager->id, $user->id, $usercontext2->id);
     160          // Where the user makes assignments.
     161          $this->setUser($user);
     162          role_assign($manager->id, $user2->id, $coursecatcontext->id);
     163          role_assign($manager->id, $user2->id, $systemcontext->id);
     164  
     165          // Test overridable roles in module, course, category, user, system and block.
     166          assign_capability('moodle/backup:backupactivity', CAP_ALLOW, $student->id, $cmcontext->id, true);
     167          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $coursecontext->id, true);
     168          assign_capability('moodle/category:manage', CAP_ALLOW, $student->id, $coursecatcontext->id, true);
     169          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $systemcontext->id, true);
     170          assign_capability('moodle/block:edit', CAP_ALLOW, $student->id, $blockcontext->id, true);
     171          assign_capability('moodle/competency:evidencedelete', CAP_ALLOW, $student->id, $usercontext2->id, true);
     172  
     173          // Retrieve the user's context ids.
     174          $contextlist = provider::get_contexts_for_userid($user->id);
     175          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
     176  
     177          $strpermissions = array(
     178              CAP_INHERIT => get_string('inherit', 'role'),
     179              CAP_ALLOW => get_string('allow', 'role'),
     180              CAP_PREVENT => get_string('prevent', 'role'),
     181              CAP_PROHIBIT => get_string('prohibit', 'role')
     182          );
     183          // Retrieve role capabilities and role assignments.
     184          provider::export_user_data($approvedcontextlist);
     185          foreach ($contextlist as $context) {
     186              $writer = writer::with_context($context);
     187              $this->assertTrue($writer->has_any_data());
     188              if ($context->contextlevel == CONTEXT_MODULE) {
     189                  if ($data = $writer->get_data($subcontextstudent)) {
     190                      $this->assertEquals($user->id, reset($data)->userid);
     191                  }
     192                  if ($data = $writer->get_data($subcontextrc)) {
     193                      $this->assertEquals('moodle/backup:backupactivity', reset($data)->capability);
     194                      $this->assertEquals($strpermissions[CAP_ALLOW], reset($data)->permission);
     195                  }
     196              }
     197              if ($context->contextlevel == CONTEXT_COURSE) {
     198                  if ($data = $writer->get_data($subcontextstudent)) {
     199                      $this->assertEquals($user->id, reset($data)->userid);
     200                  }
     201                  if ($data = $writer->get_data($subcontextrc)) {
     202                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
     203                  }
     204              }
     205              if ($context->contextlevel == CONTEXT_COURSECAT) {
     206                  if ($data = $writer->get_data($subcontextmanager)) {
     207                      $this->assertEquals($user->id, reset($data)->modifierid);
     208                  }
     209                  if ($data = $writer->get_data($subcontextrc)) {
     210                      $this->assertEquals('moodle/category:manage', reset($data)->capability);
     211                  }
     212              }
     213              if ($context->contextlevel == CONTEXT_SYSTEM) {
     214                  if ($data = $writer->get_data($subcontextmanager)) {
     215                      $this->assertEquals($user->id, reset($data)->modifierid);
     216                  }
     217                  if ($data = $writer->get_data($subcontextrc)) {
     218                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
     219                  }
     220              }
     221              if ($context->contextlevel == CONTEXT_BLOCK) {
     222                  if ($data = $writer->get_data($subcontextstudent)) {
     223                      $this->assertEquals($user->id, reset($data)->userid);
     224                  }
     225                  if ($data = $writer->get_data($subcontextrc)) {
     226                      $this->assertEquals('moodle/block:edit', reset($data)->capability);
     227                  }
     228              }
     229              if ($context->contextlevel == CONTEXT_USER) {
     230                  if ($data = $writer->get_data($subcontextmanager)) {
     231                      $this->assertEquals($user->id, reset($data)->userid);
     232                  }
     233                  if ($data = $writer->get_data($subcontextrc)) {
     234                      $this->assertEquals('moodle/competency:evidencedelete', reset($data)->capability);
     235                  }
     236              }
     237          }
     238      }
     239  
     240      /**
     241       * Test for provider::delete_data_for_all_users_in_context().
     242       */
     243      public function test_delete_data_for_all_users_in_context() {
     244          global $DB;
     245  
     246          $this->resetAfterTest();
     247          $this->setAdminUser();
     248          $user = $this->getDataGenerator()->create_user();
     249          $user2 = $this->getDataGenerator()->create_user();
     250          $usercontext2 = \context_user::instance($user2->id);
     251          $user3 = $this->getDataGenerator()->create_user();
     252          $course = $this->getDataGenerator()->create_course();
     253          $coursecontext = \context_course::instance($course->id);
     254          $coursecat = $this->getDataGenerator()->create_category();
     255          $coursecatcontext = \context_coursecat::instance($coursecat->id);
     256          $systemcontext = \context_system::instance();
     257          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
     258          $cmcontext = \context_module::instance($cm->cmid);
     259          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
     260          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
     261          $block = $this->getDataGenerator()->create_block('online_users');
     262          $blockcontext = \context_block::instance($block->id);
     263  
     264          // Role assignments CONTEXT_COURSE.
     265          role_assign($student->id, $user->id, $coursecontext->id);
     266          role_assign($student->id, $user2->id, $coursecontext->id);
     267          role_assign($student->id, $user3->id, $coursecontext->id);
     268          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
     269          $this->assertEquals(3, $count);
     270          // Role assignments CONTEXT_COURSECAT.
     271          role_assign($student->id, $user2->id, $coursecatcontext->id);
     272          role_assign($student->id, $user3->id, $coursecatcontext->id);
     273          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
     274          $this->assertEquals(2, $count);
     275          // Role assignments CONTEXT_SYSTEM.
     276          role_assign($student->id, $user->id, $systemcontext->id);
     277          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
     278          $this->assertEquals(1, $count);
     279          // Role assignments CONTEXT_MODULE.
     280          role_assign($student->id, $user->id, $cmcontext->id);
     281          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
     282          $this->assertEquals(1, $count);
     283          // Role assigments CONTEXT_BLOCK.
     284          role_assign($student->id, $user->id, $blockcontext->id);
     285          $count = $DB->count_records('role_assignments', ['contextid' => $blockcontext->id]);
     286          $this->assertEquals(1, $count);
     287          // Role assigments CONTEXT_USER.
     288          role_assign($manager->id, $user->id, $usercontext2->id);
     289          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
     290          $this->assertEquals(1, $count);
     291  
     292          // Delete data based on CONTEXT_COURSE context.
     293          provider::delete_data_for_all_users_in_context($coursecontext);
     294          // After deletion, the role_assignments entries for this context should have been deleted.
     295          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
     296          $this->assertEquals(0, $count);
     297          // Check it is not removing data on other contexts.
     298          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
     299          $this->assertEquals(2, $count);
     300          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
     301          $this->assertEquals(1, $count);
     302          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
     303          $this->assertEquals(1, $count);
     304          // Delete data based on CONTEXT_COURSECAT context.
     305          provider::delete_data_for_all_users_in_context($coursecatcontext);
     306          // After deletion, the role_assignments entries for this context should have been deleted.
     307          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
     308          $this->assertEquals(0, $count);
     309          // Delete data based on CONTEXT_SYSTEM context.
     310          provider::delete_data_for_all_users_in_context($systemcontext);
     311          // After deletion, the role_assignments entries for this context should have been deleted.
     312          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
     313          $this->assertEquals(0, $count);
     314          // Delete data based on CONTEXT_MODULE context.
     315          provider::delete_data_for_all_users_in_context($cmcontext);
     316          // After deletion, the role_assignments entries for this context should have been deleted.
     317          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
     318          $this->assertEquals(0, $count);
     319          // Delete data based on CONTEXT_BLOCK context.
     320          provider::delete_data_for_all_users_in_context($usercontext2);
     321          // After deletion, the role_assignments entries for this context should have been deleted.
     322          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
     323          $this->assertEquals(0, $count);
     324      }
     325  
     326      /**
     327       * Test for provider::delete_data_for_user().
     328       */
     329      public function test_delete_data_for_user() {
     330          global $DB;
     331  
     332          $this->resetAfterTest();
     333          $this->setAdminUser();
     334          $user = $this->getDataGenerator()->create_user();
     335          $user2 = $this->getDataGenerator()->create_user();
     336          $usercontext2 = \context_user::instance($user2->id);
     337          $user3 = $this->getDataGenerator()->create_user();
     338          $usercontext3 = \context_user::instance($user3->id);
     339          $course = $this->getDataGenerator()->create_course();
     340          $course2 = $this->getDataGenerator()->create_course();
     341          $course3 = $this->getDataGenerator()->create_course();
     342          $coursecontext = \context_course::instance($course->id);
     343          $coursecontext2 = \context_course::instance($course2->id);
     344          $coursecontext3 = \context_course::instance($course3->id);
     345          $coursecat = $this->getDataGenerator()->create_category();
     346          $coursecatcontext = \context_coursecat::instance($coursecat->id);
     347          $systemcontext = \context_system::instance();
     348          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
     349          $cmcontext = \context_module::instance($cm->cmid);
     350          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
     351          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
     352          $block = $this->getDataGenerator()->create_block('online_users');
     353          $blockcontext = \context_block::instance($block->id);
     354  
     355          // Role assignments, Where the user is assigned.
     356          role_assign($student->id, $user->id, $coursecontext->id);
     357          role_assign($student->id, $user->id, $coursecontext2->id);
     358          role_assign($student->id, $user->id, $coursecatcontext->id);
     359          role_assign($student->id, $user->id, $cmcontext->id);
     360          role_assign($student->id, $user->id, $systemcontext->id);
     361          role_assign($student->id, $user->id, $blockcontext->id);
     362          role_assign($manager->id, $user->id, $usercontext2->id);
     363          role_assign($manager->id, $user->id, $usercontext3->id);
     364          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
     365          $this->assertEquals(8, $count);
     366          // Role assignments, where the user makes assignments.
     367          $this->setUser($user);
     368          role_assign($student->id, $user2->id, $coursecontext3->id);
     369          role_assign($student->id, $user3->id, $coursecontext3->id);
     370          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
     371          $this->assertEquals(2, $count);
     372  
     373          $contextlist = provider::get_contexts_for_userid($user->id);
     374          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
     375          provider::delete_data_for_user($approvedcontextlist);
     376          // After deletion, the role_assignments assigned to the user should have been deleted.
     377          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
     378          $this->assertEquals(0, $count);
     379          // After deletion, the role_assignments assigned by the user should not have been deleted.
     380          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
     381          $this->assertEquals(2, $count);
     382      }
     383  
     384      /**
     385       * Export for a user with a key against a script where no instance is specified.
     386       */
     387      public function test_export_user_role_to_cohort() {
     388          global $DB;
     389  
     390          $this->resetAfterTest();
     391          $this->setAdminUser();
     392          // Assign user roles to cohort.
     393          $user = $this->getDataGenerator()->create_user();
     394          $contextuser = \context_user::instance($user->id);
     395          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
     396          $cohort = $this->getDataGenerator()->create_cohort();
     397          $userassignover = $this->getDataGenerator()->create_user();
     398          $contextuserassignover = \context_user::instance($userassignover->id);
     399          cohort_add_member($cohort->id, $userassignover->id);
     400          $this->setAdminUser();
     401          $params = (object) array(
     402              'userid' => $user->id,
     403              'roleid' => $teacher->id,
     404              'cohortid' => $cohort->id
     405          );
     406          api::create_cohort_role_assignment($params);
     407          api::sync_all_cohort_roles();
     408          $rolesnames = self::get_roles_name();
     409          $subcontextteacher = [
     410              get_string('privacy:metadata:role_cohortroles', 'core_role'),
     411              $rolesnames[$teacher->id]
     412          ];
     413          // Test User is assigned role teacher to cohort.
     414          provider::export_user_role_to_cohort($user->id);
     415          $writer = writer::with_context($contextuserassignover);
     416          $this->assertTrue($writer->has_any_data());
     417          $exported = $writer->get_related_data($subcontextteacher, 'cohortroles');
     418          $this->assertEquals($user->id, reset($exported)->userid);
     419  
     420          // Test User is member of a cohort which User2 is assigned to role to this cohort.
     421          $user2 = $this->getDataGenerator()->create_user();
     422          $cohort2 = $this->getDataGenerator()->create_cohort();
     423          cohort_add_member($cohort2->id, $user->id);
     424          $params = (object) array(
     425              'userid' => $user2->id,
     426              'roleid' => $teacher->id,
     427              'cohortid' => $cohort2->id
     428          );
     429          api::create_cohort_role_assignment($params);
     430          api::sync_all_cohort_roles();
     431          provider::export_user_role_to_cohort($user->id);
     432          $writer = writer::with_context($contextuser);
     433          $this->assertTrue($writer->has_any_data());
     434          $exported = $writer->get_related_data($subcontextteacher, 'cohortroles');
     435          $this->assertEquals($user2->id, reset($exported)->userid);
     436      }
     437  
     438      /**
     439       * Test for provider::delete_user_role_to_cohort().
     440       */
     441      public function test_delete_user_role_to_cohort() {
     442          global $DB;
     443  
     444          $this->resetAfterTest();
     445          $this->setAdminUser();
     446          // Assign user roles to cohort.
     447          $user = $this->getDataGenerator()->create_user();
     448          $user2 = $this->getDataGenerator()->create_user();
     449          $user3 = $this->getDataGenerator()->create_user();
     450          $user4 = $this->getDataGenerator()->create_user();
     451          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
     452          $cohort = $this->getDataGenerator()->create_cohort();
     453          cohort_add_member($cohort->id, $user2->id);
     454          cohort_add_member($cohort->id, $user3->id);
     455          cohort_add_member($cohort->id, $user4->id);
     456          $this->setAdminUser();
     457          $params = (object) array(
     458              'userid' => $user->id,
     459              'roleid' => $teacher->id,
     460              'cohortid' => $cohort->id
     461          );
     462          api::create_cohort_role_assignment($params);
     463          api::sync_all_cohort_roles();
     464  
     465          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
     466          $this->assertEquals(3, $count);
     467  
     468          provider::delete_user_role_to_cohort($user->id);
     469          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
     470          $this->assertEquals(0, $count);
     471      }
     472  
     473      /**
     474       * Test that only users within a course context are fetched.
     475       */
     476      public function test_get_users_in_context() {
     477          global $DB;
     478  
     479          $this->resetAfterTest();
     480  
     481          $component = 'core_role';
     482  
     483          $this->setAdminUser();
     484          $admin = \core_user::get_user_by_username('admin');
     485          // Create user1.
     486          $user1 = $this->getDataGenerator()->create_user();
     487          $usercontext1 = \context_user::instance($user1->id);
     488          // Create user2.
     489          $user2 = $this->getDataGenerator()->create_user();
     490          $usercontext2 = \context_user::instance($user2->id);
     491          // Create course1.
     492          $course1 = $this->getDataGenerator()->create_course();
     493          $coursecontext1 = \context_course::instance($course1->id);
     494          // Create course category.
     495          $coursecat = $this->getDataGenerator()->create_category();
     496          $coursecatcontext = \context_coursecat::instance($coursecat->id);
     497          // Create chat module.
     498          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
     499          $cmcontext = \context_module::instance($cm->cmid);
     500  
     501          $systemcontext = \context_system::instance();
     502          // Create a block.
     503          $block = $this->getDataGenerator()->create_block('online_users');
     504          $blockcontext = \context_block::instance($block->id);
     505  
     506          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
     507          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
     508  
     509          // Role assignments CONTEXT_COURSE.
     510          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
     511          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
     512          // Role assignments CONTEXT_COURSECAT.
     513          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
     514          // Role assignments CONTEXT_SYSTEM.
     515          role_assign($studentrole->id, $user1->id, $systemcontext->id);
     516          // Role assignments CONTEXT_MODULE.
     517          role_assign($studentrole->id, $user2->id, $cmcontext->id);
     518          // Role assigments CONTEXT_BLOCK.
     519          role_assign($studentrole->id, $user1->id, $blockcontext->id);
     520          // Role assigments CONTEXT_USER.
     521          role_assign($managerrole->id, $user1->id, $usercontext2->id);
     522  
     523          // Role capabilities.
     524          $this->setUser($user1);
     525          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
     526  
     527          // The user list for usercontext1 should not return any users.
     528          $userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
     529          provider::get_users_in_context($userlist1);
     530          $this->assertCount(0, $userlist1);
     531          // The user list for usercontext2 should user1 and admin (role creator).
     532          $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
     533          provider::get_users_in_context($userlist2);
     534          $this->assertCount(2, $userlist2);
     535          $expected = [
     536              $user1->id,
     537              $admin->id
     538          ];
     539          $this->assertEquals($expected, $userlist2->get_userids(), '', 0.0, 10, true);
     540  
     541          // The user list for coursecontext1 should user1, user2 and admin (role creator).
     542          $userlist3 = new \core_privacy\local\request\userlist($coursecontext1, $component);
     543          provider::get_users_in_context($userlist3);
     544          $this->assertCount(3, $userlist3);
     545          $expected = [
     546              $user1->id,
     547              $user2->id,
     548              $admin->id
     549          ];
     550          $this->assertEquals($expected, $userlist3->get_userids(), '', 0.0, 10, true);
     551  
     552          // The user list for coursecatcontext should user2 and admin (role creator).
     553          $userlist4 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
     554          provider::get_users_in_context($userlist4);
     555          $this->assertCount(2, $userlist4);
     556          $expected = [
     557              $user2->id,
     558              $admin->id
     559          ];
     560          $this->assertEquals($expected, $userlist4->get_userids(), '', 0.0, 10, true);
     561  
     562          // The user list for systemcontext should user1 and admin (role creator).
     563          $userlist6 = new \core_privacy\local\request\userlist($systemcontext, $component);
     564          provider::get_users_in_context($userlist6);
     565          $this->assertCount(2, $userlist6);
     566          $expected = [
     567              $user1->id,
     568              $admin->id
     569          ];
     570          $this->assertEquals($expected, $userlist6->get_userids(), '', 0.0, 10, true);
     571  
     572          // The user list for cmcontext should user1, user2 and admin (role creator).
     573          $userlist7 = new \core_privacy\local\request\userlist($cmcontext, $component);
     574          provider::get_users_in_context($userlist7);
     575          $this->assertCount(3, $userlist7);
     576          $expected = [
     577              $user1->id,
     578              $user2->id,
     579              $admin->id
     580          ];
     581          $this->assertEquals($expected, $userlist7->get_userids(), '', 0.0, 10, true);
     582  
     583          // The user list for blockcontext should user1 and admin (role creator).
     584          $userlist8 = new \core_privacy\local\request\userlist($blockcontext, $component);
     585          provider::get_users_in_context($userlist8);
     586          $this->assertCount(2, $userlist8);
     587          $expected = [
     588              $user1->id,
     589              $admin->id
     590          ];
     591          $this->assertEquals($expected, $userlist8->get_userids(), '', 0.0, 10, true);
     592      }
     593  
     594      /**
     595       * Test that data for users in approved userlist is deleted.
     596       */
     597      public function test_delete_data_for_users() {
     598          global $DB;
     599  
     600          $this->resetAfterTest();
     601  
     602          $component = 'core_role';
     603  
     604          $this->setAdminUser();
     605          $admin = \core_user::get_user_by_username('admin');
     606          // Create user1.
     607          $user1 = $this->getDataGenerator()->create_user();
     608          // Create user2.
     609          $user2 = $this->getDataGenerator()->create_user();
     610          $usercontext2 = \context_user::instance($user2->id);
     611          // Create course1.
     612          $course1 = $this->getDataGenerator()->create_course();
     613          $coursecontext1 = \context_course::instance($course1->id);
     614          // Create course category.
     615          $coursecat = $this->getDataGenerator()->create_category();
     616          $coursecatcontext = \context_coursecat::instance($coursecat->id);
     617          // Create chat module.
     618          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
     619          $cmcontext = \context_module::instance($cm->cmid);
     620  
     621          $systemcontext = \context_system::instance();
     622          // Create a block.
     623          $block = $this->getDataGenerator()->create_block('online_users');
     624          $blockcontext = \context_block::instance($block->id);
     625  
     626          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
     627          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
     628  
     629          // Role assignments CONTEXT_COURSE.
     630          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
     631          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
     632          // Role assignments CONTEXT_COURSECAT.
     633          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
     634          // Role assignments CONTEXT_SYSTEM.
     635          role_assign($studentrole->id, $user1->id, $systemcontext->id);
     636          // Role assignments CONTEXT_MODULE.
     637          role_assign($studentrole->id, $user2->id, $cmcontext->id);
     638          // Role assigments CONTEXT_BLOCK.
     639          role_assign($studentrole->id, $user1->id, $blockcontext->id);
     640          // Role assigments CONTEXT_USER.
     641          role_assign($managerrole->id, $user1->id, $usercontext2->id);
     642  
     643          // Role capabilities.
     644          $this->setUser($user1);
     645          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
     646  
     647          // The user list for usercontext2 should user1 and admin (role creator).
     648          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
     649          provider::get_users_in_context($userlist1);
     650          $this->assertCount(2, $userlist1);
     651          // The user list for coursecontext1 should user1, user2 and admin (role creator).
     652          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
     653          provider::get_users_in_context($userlist2);
     654          $this->assertCount(3, $userlist2);
     655          // The user list for coursecatcontext should user2 and admin (role creator).
     656          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
     657          provider::get_users_in_context($userlist3);
     658          $this->assertCount(2, $userlist3);
     659          // The user list for systemcontext should user1 and admin (role creator).
     660          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
     661          provider::get_users_in_context($userlist4);
     662          $this->assertCount(2, $userlist4);
     663          // The user list for cmcontext should user1, user2 and admin (role creator).
     664          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
     665          provider::get_users_in_context($userlist5);
     666          $this->assertCount(3, $userlist5);
     667          // The user list for blockcontext should user1 and admin (role creator).
     668          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
     669          provider::get_users_in_context($userlist6);
     670          $this->assertCount(2, $userlist6);
     671  
     672          // Convert $userlist1 into an approved_contextlist.
     673          $approvedlist1 = new approved_userlist($usercontext2, $component, $userlist1->get_userids());
     674          // Delete using delete_data_for_user.
     675          provider::delete_data_for_users($approvedlist1);
     676          // Re-fetch users in usercontext2.
     677          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
     678          provider::get_users_in_context($userlist1);
     679          $this->assertCount(0, $userlist1);
     680  
     681          // Convert $userlist2 into an approved_contextlist.
     682          $approvedlist2 = new approved_userlist($coursecontext1, $component, $userlist2->get_userids());
     683          // Delete using delete_data_for_user.
     684          provider::delete_data_for_users($approvedlist2);
     685          // Re-fetch users in coursecontext1.
     686          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
     687          provider::get_users_in_context($userlist2);
     688          $this->assertCount(0, $userlist2);
     689  
     690          // Convert $userlist3 into an approved_contextlist.
     691          $approvedlist3 = new approved_userlist($coursecatcontext, $component, $userlist3->get_userids());
     692          // Delete using delete_data_for_user.
     693          provider::delete_data_for_users($approvedlist3);
     694          // Re-fetch users in coursecatcontext.
     695          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
     696          provider::get_users_in_context($userlist3);
     697          $this->assertCount(0, $userlist3);
     698  
     699          // Convert $userlist4 into an approved_contextlist.
     700          $approvedlist4 = new approved_userlist($systemcontext, $component, $userlist4->get_userids());
     701          // Delete using delete_data_for_user.
     702          provider::delete_data_for_users($approvedlist4);
     703          // Re-fetch users in systemcontext.
     704          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
     705          provider::get_users_in_context($userlist4);
     706          // The data from role_capabilities should still be present. The user list should return the admin user.
     707          $this->assertCount(1, $userlist4);
     708          $expected = [$admin->id];
     709          $this->assertEquals($expected, $userlist4->get_userids());
     710  
     711          // Convert $userlist5 into an approved_contextlist.
     712          $approvedlist5 = new approved_userlist($cmcontext, $component, $userlist5->get_userids());
     713          // Delete using delete_data_for_user.
     714          provider::delete_data_for_users($approvedlist5);
     715          // Re-fetch users in cmcontext.
     716          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
     717          provider::get_users_in_context($userlist5);
     718          // The data from role_capabilities should still be present. The user list should return user1.
     719          $this->assertCount(1, $userlist5);
     720          $expected = [$user1->id];
     721          $this->assertEquals($expected, $userlist5->get_userids());
     722  
     723          // Convert $userlist6 into an approved_contextlist.
     724          $approvedlist6 = new approved_userlist($blockcontext, $component, $userlist6->get_userids());
     725          // Delete using delete_data_for_user.
     726          provider::delete_data_for_users($approvedlist6);
     727          // Re-fetch users in blockcontext.
     728          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
     729          provider::get_users_in_context($userlist6);
     730          $this->assertCount(0, $userlist6);
     731      }
     732  
     733      /**
     734       * Supoort function to get all the localised roles name
     735       * in a simple array for testing.
     736       *
     737       * @return array Array of name of the roles by roleid.
     738       */
     739      protected static function get_roles_name() {
     740          $roles = role_fix_names(get_all_roles(), \context_system::instance(), ROLENAME_ORIGINAL);
     741          $rolesnames = array();
     742          foreach ($roles as $role) {
     743              $rolesnames[$role->id] = $role->localname;
     744          }
     745          return $rolesnames;
     746      }
     747  }