Differences Between: [Versions 400 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Adhoc task that processes an approved data request and prepares/deletes the user's data. 19 * 20 * @package tool_dataprivacy 21 * @copyright 2018 Jun Pataleta 22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 23 */ 24 25 namespace tool_dataprivacy\task; 26 27 use action_link; 28 use coding_exception; 29 use context_system; 30 use core\message\message; 31 use core\task\adhoc_task; 32 use core_user; 33 use moodle_exception; 34 use moodle_url; 35 use tool_dataprivacy\api; 36 use tool_dataprivacy\data_request; 37 38 defined('MOODLE_INTERNAL') || die(); 39 40 /** 41 * Class that processes an approved data request and prepares/deletes the user's data. 42 * 43 * Custom data accepted: 44 * - requestid -> The ID of the data request to be processed. 45 * 46 * @package tool_dataprivacy 47 * @copyright 2018 Jun Pataleta 48 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 49 */ 50 class process_data_request_task extends adhoc_task { 51 52 /** 53 * Run the task to initiate the data request process. 54 * 55 * @throws coding_exception 56 * @throws moodle_exception 57 */ 58 public function execute() { 59 global $CFG, $PAGE, $SITE; 60 61 require_once($CFG->dirroot . "/{$CFG->admin}/tool/dataprivacy/lib.php"); 62 63 if (!isset($this->get_custom_data()->requestid)) { 64 throw new coding_exception('The custom data \'requestid\' is required.'); 65 } 66 $requestid = $this->get_custom_data()->requestid; 67 68 $requestpersistent = new data_request($requestid); 69 $request = $requestpersistent->to_record(); 70 71 // Check if this request still needs to be processed. e.g. The user might have cancelled it before this task has run. 72 $status = $requestpersistent->get('status'); 73 if (!api::is_active($status)) { 74 mtrace("Request {$requestid} with status {$status} doesn't need to be processed. Skipping..."); 75 return; 76 } 77 78 if (!\tool_dataprivacy\data_registry::defaults_set()) { 79 // Warn if no site purpose is defined. 80 mtrace('Warning: No purpose is defined at the system level. Deletion will delete all.'); 81 } 82 83 // Grab the manager. 84 // We set an observer against it to handle failures. 85 $manager = new \core_privacy\manager(); 86 $manager->set_observer(new \tool_dataprivacy\manager_observer()); 87 88 // Get the user details now. We might not be able to retrieve it later if it's a deletion processing. 89 $foruser = core_user::get_user($request->userid); 90 91 // Update the status of this request as pre-processing. 92 mtrace('Pre-processing request...'); 93 api::update_request_status($requestid, api::DATAREQUEST_STATUS_PROCESSING); 94 $contextlistcollection = $manager->get_contexts_for_userid($requestpersistent->get('userid')); 95 96 mtrace('Fetching approved contextlists from collection'); 97 $approvedclcollection = api::get_approved_contextlist_collection_for_collection( 98 $contextlistcollection, $foruser, $request->type); 99 100 mtrace('Processing request...'); 101 $completestatus = api::DATAREQUEST_STATUS_COMPLETE; 102 $deleteuser = false; 103 104 if ($request->type == api::DATAREQUEST_TYPE_EXPORT) { 105 // Get the user context. 106 $usercontext = \context_user::instance($foruser->id, IGNORE_MISSING); 107 if (!$usercontext) { 108 mtrace("Request {$requestid} cannot be processed due to a missing user context instance for the user 109 with ID {$foruser->id}. Skipping..."); 110 return; 111 } 112 113 // Export the data. 114 $exportedcontent = $manager->export_user_data($approvedclcollection); 115 116 $fs = get_file_storage(); 117 $filerecord = new \stdClass; 118 $filerecord->component = 'tool_dataprivacy'; 119 $filerecord->contextid = $usercontext->id; 120 $filerecord->userid = $foruser->id; 121 $filerecord->filearea = 'export'; 122 $filerecord->filename = 'export.zip'; 123 $filerecord->filepath = '/'; 124 $filerecord->itemid = $requestid; 125 $filerecord->license = $CFG->sitedefaultlicense; 126 $filerecord->author = fullname($foruser); 127 // Save somewhere. 128 $thing = $fs->create_file_from_pathname($filerecord, $exportedcontent); 129 $completestatus = api::DATAREQUEST_STATUS_DOWNLOAD_READY; 130 } else if ($request->type == api::DATAREQUEST_TYPE_DELETE) { 131 // Delete the data for users other than the primary admin, which is rejected. 132 if (is_primary_admin($foruser->id)) { 133 $completestatus = api::DATAREQUEST_STATUS_REJECTED; 134 } else { 135 $manager = new \core_privacy\manager(); 136 $manager->set_observer(new \tool_dataprivacy\manager_observer()); 137 138 $manager->delete_data_for_user($approvedclcollection); 139 $completestatus = api::DATAREQUEST_STATUS_DELETED; 140 $deleteuser = !$foruser->deleted; 141 } 142 } 143 144 // When the preparation of the metadata finishes, update the request status to awaiting approval. 145 api::update_request_status($requestid, $completestatus); 146 mtrace('The processing of the user data request has been completed...'); 147 148 // Create message to notify the user regarding the processing results. 149 $message = new message(); 150 $message->courseid = $SITE->id; 151 $message->component = 'tool_dataprivacy'; 152 $message->name = 'datarequestprocessingresults'; 153 if (empty($request->dpo)) { 154 // Use the no-reply user as the sender if the privacy officer is not set. This is the case for automatically 155 // approved requests. 156 $fromuser = core_user::get_noreply_user(); 157 } else { 158 $fromuser = core_user::get_user($request->dpo); 159 $message->replyto = $fromuser->email; 160 $message->replytoname = fullname($fromuser); 161 } 162 $message->userfrom = $fromuser; 163 164 $typetext = null; 165 // Prepare the context data for the email message body. 166 $messagetextdata = [ 167 'username' => fullname($foruser) 168 ]; 169 170 $output = $PAGE->get_renderer('tool_dataprivacy'); 171 $emailonly = false; 172 $notifyuser = true; 173 switch ($request->type) { 174 case api::DATAREQUEST_TYPE_EXPORT: 175 // Check if the user is allowed to download their own export. (This is for 176 // institutions which centrally co-ordinate subject access request across many 177 // systems, not just one Moodle instance, so we don't want every instance emailing 178 // the user.) 179 if (!api::can_download_data_request_for_user($request->userid, $request->requestedby, $request->userid)) { 180 $notifyuser = false; 181 } 182 183 $typetext = get_string('requesttypeexport', 'tool_dataprivacy'); 184 // We want to notify the user in Moodle about the processing results. 185 $message->notification = 1; 186 $datarequestsurl = new moodle_url('/admin/tool/dataprivacy/mydatarequests.php'); 187 $message->contexturl = $datarequestsurl; 188 $message->contexturlname = get_string('datarequests', 'tool_dataprivacy'); 189 // Message to the recipient. 190 $messagetextdata['message'] = get_string('resultdownloadready', 'tool_dataprivacy', 191 format_string($SITE->fullname, true, ['context' => context_system::instance()])); 192 // Prepare download link. 193 $downloadurl = moodle_url::make_pluginfile_url($usercontext->id, 'tool_dataprivacy', 'export', $thing->get_itemid(), 194 $thing->get_filepath(), $thing->get_filename(), true); 195 $downloadlink = new action_link($downloadurl, get_string('download', 'tool_dataprivacy')); 196 $messagetextdata['downloadlink'] = $downloadlink->export_for_template($output); 197 break; 198 case api::DATAREQUEST_TYPE_DELETE: 199 $typetext = get_string('requesttypedelete', 'tool_dataprivacy'); 200 // No point notifying a deleted user in Moodle. 201 $message->notification = 0; 202 // Message to the recipient. 203 $messagetextdata['message'] = get_string('resultdeleted', 'tool_dataprivacy', 204 format_string($SITE->fullname, true, ['context' => context_system::instance()])); 205 // Message will be sent to the deleted user via email only. 206 $emailonly = true; 207 break; 208 default: 209 throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy'); 210 } 211 212 $subject = get_string('datarequestemailsubject', 'tool_dataprivacy', $typetext); 213 $message->subject = $subject; 214 $message->fullmessageformat = FORMAT_HTML; 215 $message->userto = $foruser; 216 217 // Render message email body. 218 $messagehtml = $output->render_from_template('tool_dataprivacy/data_request_results_email', $messagetextdata); 219 $message->fullmessage = html_to_text($messagehtml); 220 $message->fullmessagehtml = $messagehtml; 221 222 // Send message to the user involved. 223 if ($notifyuser) { 224 $messagesent = false; 225 if ($emailonly) { 226 // Do not sent an email if the user has been deleted. The user email has been previously deleted. 227 if (!$foruser->deleted) { 228 $messagesent = email_to_user($foruser, $fromuser, $subject, $message->fullmessage, $messagehtml); 229 } 230 } else { 231 $messagesent = message_send($message); 232 } 233 234 if ($messagesent) { 235 mtrace('Message sent to user: ' . $messagetextdata['username']); 236 } 237 } 238 239 // Send to requester as well in some circumstances. 240 if ($foruser->id != $request->requestedby) { 241 $sendtorequester = false; 242 switch ($request->type) { 243 case api::DATAREQUEST_TYPE_EXPORT: 244 // Send to the requester as well if they can download it, unless they are the 245 // DPO. If we didn't notify the user themselves (because they can't download) 246 // then send to requester even if it is the DPO, as in that case the requester 247 // needs to take some action. 248 if (api::can_download_data_request_for_user($request->userid, $request->requestedby, $request->requestedby)) { 249 $sendtorequester = !$notifyuser || !api::is_site_dpo($request->requestedby); 250 } 251 break; 252 case api::DATAREQUEST_TYPE_DELETE: 253 // Send to the requester if they are not the DPO and if they are allowed to 254 // create data requests for the user (e.g. Parent). 255 $sendtorequester = !api::is_site_dpo($request->requestedby) && 256 api::can_create_data_request_for_user($request->userid, $request->requestedby); 257 break; 258 default: 259 throw new moodle_exception('errorinvalidrequesttype', 'tool_dataprivacy'); 260 } 261 262 // Ensure the requester has the capability to make data requests for this user. 263 if ($sendtorequester) { 264 $requestedby = core_user::get_user($request->requestedby); 265 $message->userto = $requestedby; 266 $messagetextdata['username'] = fullname($requestedby); 267 // Render message email body. 268 $messagehtml = $output->render_from_template('tool_dataprivacy/data_request_results_email', $messagetextdata); 269 $message->fullmessage = html_to_text($messagehtml); 270 $message->fullmessagehtml = $messagehtml; 271 272 // Send message. 273 if ($emailonly) { 274 email_to_user($requestedby, $fromuser, $subject, $message->fullmessage, $messagehtml); 275 } else { 276 message_send($message); 277 } 278 mtrace('Message sent to requester: ' . $messagetextdata['username']); 279 } 280 } 281 282 if ($deleteuser) { 283 // Delete the user. 284 delete_user($foruser); 285 } 286 } 287 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body