Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
  • Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

< /** < * Data provider. < * < * @package core_webservice < * @copyright 2018 Frédéric Massart < * @author Frédéric Massart <fred@branchup.tech> < * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later < */ <
namespace core_webservice\privacy;
< defined('MOODLE_INTERNAL') || die(); < < use context; < use context_user; < use core_privacy\local\metadata\collection; < use core_privacy\local\request\approved_contextlist; < use core_privacy\local\request\transform; < use core_privacy\local\request\writer; < use core_privacy\local\request\userlist; < use core_privacy\local\request\approved_userlist;
/**
< * Data provider class.
> * Privacy provider class for the core_webservice component.
* * @package core_webservice * @copyright 2018 Frédéric Massart * @author Frédéric Massart <fred@branchup.tech> * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */
< class provider implements < \core_privacy\local\metadata\provider, < \core_privacy\local\request\core_userlist_provider, < \core_privacy\local\request\subsystem\provider { < < /** < * Returns metadata. < * < * @param collection $collection The initialised collection to add items to. < * @return collection A listing of user data stored through this system. < */ < public static function get_metadata(collection $collection) : collection { < < $collection->add_database_table('external_tokens', [ < 'token' => 'privacy:metadata:tokens:token', < 'privatetoken' => 'privacy:metadata:tokens:privatetoken', < 'tokentype' => 'privacy:metadata:tokens:tokentype', < 'userid' => 'privacy:metadata:tokens:userid', < 'creatorid' => 'privacy:metadata:tokens:creatorid', < 'iprestriction' => 'privacy:metadata:tokens:iprestriction', < 'validuntil' => 'privacy:metadata:tokens:validuntil', < 'timecreated' => 'privacy:metadata:tokens:timecreated', < 'lastaccess' => 'privacy:metadata:tokens:lastaccess', < ], 'privacy:metadata:tokens'); < < $collection->add_database_table('external_services_users', [ < 'userid' => 'privacy:metadata:serviceusers:userid', < 'iprestriction' => 'privacy:metadata:serviceusers:iprestriction', < 'validuntil' => 'privacy:metadata:serviceusers:validuntil', < 'timecreated' => 'privacy:metadata:serviceusers:timecreated', < ], 'privacy:metadata:serviceusers'); < < return $collection; < } < < /** < * Get the list of contexts that contain user information for the specified user. < * < * @param int $userid The user to search. < * @return contextlist $contextlist The contextlist containing the list of contexts used in this plugin. < */ < public static function get_contexts_for_userid(int $userid) : \core_privacy\local\request\contextlist { < $contextlist = new \core_privacy\local\request\contextlist(); < < $sql = " < SELECT ctx.id < FROM {external_tokens} t < JOIN {context} ctx < ON ctx.instanceid = t.userid < AND ctx.contextlevel = :userlevel < WHERE t.userid = :userid1 < OR t.creatorid = :userid2"; < $contextlist->add_from_sql($sql, ['userlevel' => CONTEXT_USER, 'userid1' => $userid, 'userid2' => $userid]); < < $sql = " < SELECT ctx.id < FROM {external_services_users} su < JOIN {context} ctx < ON ctx.instanceid = su.userid < AND ctx.contextlevel = :userlevel < WHERE su.userid = :userid"; < $contextlist->add_from_sql($sql, ['userlevel' => CONTEXT_USER, 'userid' => $userid]); < < return $contextlist; < } < < /** < * Get the list of users within a specific context. < * < * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination. < */ < public static function get_users_in_context(userlist $userlist) { < global $DB; < < $context = $userlist->get_context(); < < if (!$context instanceof \context_user) { < return; < } < < $userid = $context->instanceid; < < $hasdata = false; < $hasdata = $hasdata || $DB->record_exists_select('external_tokens', 'userid = ? OR creatorid = ?', [$userid, $userid]); < $hasdata = $hasdata || $DB->record_exists('external_services_users', ['userid' => $userid]); < < if ($hasdata) { < $userlist->add_user($userid); < } < } < < /** < * Export all user data for the specified user, in the specified contexts. < * < * @param approved_contextlist $contextlist The approved contexts to export information for. < */ < public static function export_user_data(approved_contextlist $contextlist) { < global $DB; < < $userid = $contextlist->get_user()->id; < $contexts = array_reduce($contextlist->get_contexts(), function($carry, $context) use ($userid) { < if ($context->contextlevel == CONTEXT_USER) { < if ($context->instanceid == $userid) { < $carry['has_mine'] = true; < } else { < $carry['others'][] = $context->instanceid; < } < } < return $carry; < }, [ < 'has_mine' => false, < 'others' => [] < ]); < < $path = [get_string('webservices', 'core_webservice')]; < < // Exporting my stuff. < if ($contexts['has_mine']) { < < $data = []; < < // Exporting my tokens. < $sql = " < SELECT t.*, s.name as externalservicename < FROM {external_tokens} t < JOIN {external_services} s < ON s.id = t.externalserviceid < WHERE t.userid = :userid < ORDER BY t.id"; < $recordset = $DB->get_recordset_sql($sql, ['userid' => $userid]); < foreach ($recordset as $record) { < if (!isset($data['tokens'])) { < $data['tokens'] = []; < } < $data['tokens'][] = static::transform_token($record); < } < $recordset->close(); < < // Exporting the services I have access to. < $sql = " < SELECT su.*, s.name as externalservicename < FROM {external_services_users} su < JOIN {external_services} s < ON s.id = su.externalserviceid < WHERE su.userid = :userid < ORDER BY su.id"; < $recordset = $DB->get_recordset_sql($sql, ['userid' => $userid]); < foreach ($recordset as $record) { < if (!isset($data['services_user'])) { < $data['services_user'] = []; < } < $data['services_user'][] = [ < 'external_service' => $record->externalservicename, < 'ip_restriction' => $record->iprestriction, < 'valid_until' => $record->validuntil ? transform::datetime($record->validuntil) : null, < 'created_on' => transform::datetime($record->timecreated), < ]; < } < $recordset->close(); < < if (!empty($data)) { < writer::with_context(context_user::instance($userid))->export_data($path, (object) $data); < }; < } < < // Exporting the tokens I created. < if (!empty($contexts['others'])) { < list($insql, $inparams) = $DB->get_in_or_equal($contexts['others'], SQL_PARAMS_NAMED); < $sql = " < SELECT t.*, s.name as externalservicename < FROM {external_tokens} t < JOIN {external_services} s < ON s.id = t.externalserviceid < WHERE t.userid $insql < AND t.creatorid = :userid1 < AND t.userid <> :userid2 < ORDER BY t.userid, t.id"; < $params = array_merge($inparams, ['userid1' => $userid, 'userid2' => $userid]); < $recordset = $DB->get_recordset_sql($sql, $params); < static::recordset_loop_and_export($recordset, 'userid', [], function($carry, $record) { < $carry[] = static::transform_token($record); < return $carry; < }, function($userid, $data) use ($path) { < writer::with_context(context_user::instance($userid))->export_related_data($path, 'created_by_you', (object) [ < 'tokens' => $data < ]); < }); < } < } < < /** < * Delete all data for all users in the specified context. < * < * @param context $context The specific context to delete data for. < */ < public static function delete_data_for_all_users_in_context(context $context) { < if ($context->contextlevel != CONTEXT_USER) { < return; < } < static::delete_user_data($context->instanceid); < } <
> class provider implements \core_privacy\local\metadata\null_provider {
/**
< * Delete multiple users within a single context.
> * Get the lang string identifier for the reason that no data is returned by the Privacy API.
*
< * @param approved_userlist $userlist The approved context and user information to delete information for.
> * @return string
*/
< public static function delete_data_for_users(approved_userlist $userlist) { < < $context = $userlist->get_context(); < < if ($context instanceof \context_user) { < static::delete_user_data($context->instanceid); < } < } < < /** < * Delete all user data for the specified user, in the specified contexts. < * < * @param approved_contextlist $contextlist The approved contexts and user information to delete information for. < */ < public static function delete_data_for_user(approved_contextlist $contextlist) { < $userid = $contextlist->get_user()->id; < foreach ($contextlist as $context) { < if ($context->contextlevel == CONTEXT_USER && $context->instanceid == $userid) { < static::delete_user_data($context->instanceid); < break; < } < } < } < < /** < * Delete user data. < * < * @param int $userid The user ID. < * @return void < */ < protected static function delete_user_data($userid) { < global $DB; < $DB->delete_records('external_tokens', ['userid' => $userid]); < $DB->delete_records('external_services_users', ['userid' => $userid]); < } < < /** < * Transform a token entry. < * < * @param object $record The token record. < * @return array < */ < protected static function transform_token($record) { < $notexportedstr = get_string('privacy:request:notexportedsecurity', 'core_webservice'); < return [ < 'external_service' => $record->externalservicename, < 'token' => $notexportedstr, < 'private_token' => $record->privatetoken ? $notexportedstr : null, < 'ip_restriction' => $record->iprestriction, < 'valid_until' => $record->validuntil ? transform::datetime($record->validuntil) : null, < 'created_on' => transform::datetime($record->timecreated), < 'last_access' => $record->lastaccess ? transform::datetime($record->lastaccess) : null, < ]; < } < < /** < * Loop and export from a recordset. < * < * @param \moodle_recordset $recordset The recordset. < * @param string $splitkey The record key to determine when to export. < * @param mixed $initial The initial data to reduce from. < * @param callable $reducer The function to return the dataset, receives current dataset, and the current record. < * @param callable $export The function to export the dataset, receives the last value from $splitkey and the dataset. < * @return void < */ < protected static function recordset_loop_and_export(\moodle_recordset $recordset, $splitkey, $initial, < callable $reducer, callable $export) { < < $data = $initial; < $lastid = null; < < foreach ($recordset as $record) { < if ($lastid && $record->{$splitkey} != $lastid) { < $export($lastid, $data); < $data = $initial; < } < $data = $reducer($data, $record); < $lastid = $record->{$splitkey}; < } < $recordset->close(); < < if (!empty($lastid)) { < $export($lastid, $data); < }
> public static function get_reason(): string { > return 'privacy:metadata';
} }