Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
  • Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Data provider tests.
  19   *
  20   * @package    core_webservice
  21   * @category   test
  22   * @copyright  2018 Frédéric Massart
  23   * @author     Frédéric Massart <fred@branchup.tech>
  24   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  namespace core_webservice\privacy;
  27  
  28  defined('MOODLE_INTERNAL') || die();
  29  global $CFG;
  30  
  31  use core_privacy\tests\provider_testcase;
  32  use core_privacy\local\request\approved_contextlist;
  33  use core_privacy\local\request\transform;
  34  use core_privacy\local\request\writer;
  35  use core_webservice\privacy\provider;
  36  use core_privacy\local\request\approved_userlist;
  37  
  38  require_once($CFG->dirroot . '/webservice/lib.php');
  39  
  40  /**
  41   * Data provider testcase class.
  42   *
  43   * @package    core_webservice
  44   * @category   test
  45   * @copyright  2018 Frédéric Massart
  46   * @author     Frédéric Massart <fred@branchup.tech>
  47   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  48   */
  49  class provider_test extends provider_testcase {
  50  
  51      public function setUp(): void {
  52          $this->resetAfterTest();
  53      }
  54  
  55      public function test_get_contexts_for_userid() {
  56          $dg = $this->getDataGenerator();
  57          $u1 = $dg->create_user();
  58          $u2 = $dg->create_user();
  59          $u3 = $dg->create_user();
  60          $u4 = $dg->create_user();
  61          $u5 = $dg->create_user();
  62          $u1ctx = \context_user::instance($u1->id);
  63          $u2ctx = \context_user::instance($u2->id);
  64          $u3ctx = \context_user::instance($u3->id);
  65          $u5ctx = \context_user::instance($u5->id);
  66  
  67          $s = $this->create_service();
  68          $this->create_token(['userid' => $u1->id]);
  69          $this->create_token(['userid' => $u1->id]);
  70          $this->create_token(['userid' => $u2->id, 'creatorid' => $u3->id]);
  71          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u5->id]);
  72  
  73          $contextids = provider::get_contexts_for_userid($u1->id)->get_contextids();
  74          $this->assertCount(1, $contextids);
  75          $this->assertTrue(in_array($u1ctx->id, $contextids));
  76  
  77          $contextids = provider::get_contexts_for_userid($u2->id)->get_contextids();
  78          $this->assertCount(1, $contextids);
  79          $this->assertTrue(in_array($u2ctx->id, $contextids));
  80  
  81          $contextids = provider::get_contexts_for_userid($u3->id)->get_contextids();
  82          $this->assertCount(1, $contextids);
  83          $this->assertTrue(in_array($u2ctx->id, $contextids));
  84  
  85          $contextids = provider::get_contexts_for_userid($u4->id)->get_contextids();
  86          $this->assertCount(0, $contextids);
  87  
  88          $contextids = provider::get_contexts_for_userid($u5->id)->get_contextids();
  89          $this->assertCount(1, $contextids);
  90          $this->assertTrue(in_array($u5ctx->id, $contextids));
  91      }
  92  
  93      public function test_delete_data_for_user() {
  94          global $DB;
  95  
  96          $dg = $this->getDataGenerator();
  97          $u1 = $dg->create_user();
  98          $u2 = $dg->create_user();
  99          $u1ctx = \context_user::instance($u1->id);
 100          $u2ctx = \context_user::instance($u2->id);
 101  
 102          $s = $this->create_service();
 103          $this->create_token(['userid' => $u1->id, 'creatorid' => $u2->id]);
 104          $this->create_token(['userid' => $u1->id]);
 105          $this->create_token(['userid' => $u2->id]);
 106          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u1->id]);
 107          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u2->id]);
 108  
 109          $this->assertEquals(2, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 110          $this->assertEquals(1, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 111          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 112          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 113  
 114          // Delete in another context, nothing happens.
 115          provider::delete_data_for_user(new approved_contextlist($u2, 'core_webservice', [$u1ctx->id]));
 116          $this->assertEquals(2, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 117          $this->assertEquals(1, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 118          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 119          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 120  
 121          // Delete in my context.
 122          provider::delete_data_for_user(new approved_contextlist($u2, 'core_webservice', [$u2ctx->id]));
 123          $this->assertEquals(2, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 124          $this->assertEquals(0, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 125          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 126          $this->assertFalse($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 127      }
 128  
 129      public function test_delete_data_for_all_users_in_context() {
 130          global $DB;
 131  
 132          $dg = $this->getDataGenerator();
 133          $u1 = $dg->create_user();
 134          $u2 = $dg->create_user();
 135          $u1ctx = \context_user::instance($u1->id);
 136          $u2ctx = \context_user::instance($u2->id);
 137  
 138          $s = $this->create_service();
 139          $this->create_token(['userid' => $u1->id, 'creatorid' => $u2->id]);
 140          $this->create_token(['userid' => $u1->id]);
 141          $this->create_token(['userid' => $u2->id]);
 142          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u1->id]);
 143          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u2->id]);
 144  
 145          $this->assertEquals(2, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 146          $this->assertEquals(1, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 147          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 148          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 149  
 150          provider::delete_data_for_all_users_in_context($u2ctx);
 151          $this->assertEquals(2, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 152          $this->assertEquals(0, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 153          $this->assertTrue($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 154          $this->assertFalse($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 155  
 156          provider::delete_data_for_all_users_in_context($u1ctx);
 157          $this->assertEquals(0, $DB->count_records('external_tokens', ['userid' => $u1->id]));
 158          $this->assertEquals(0, $DB->count_records('external_tokens', ['userid' => $u2->id]));
 159          $this->assertFalse($DB->record_exists('external_services_users', ['userid' => $u1->id]));
 160          $this->assertFalse($DB->record_exists('external_services_users', ['userid' => $u2->id]));
 161  
 162      }
 163  
 164      public function test_export_data_for_user() {
 165          global $DB;
 166  
 167          $dg = $this->getDataGenerator();
 168          $u1 = $dg->create_user();
 169          $u2 = $dg->create_user();
 170          $u1ctx = \context_user::instance($u1->id);
 171          $u2ctx = \context_user::instance($u2->id);
 172  
 173          $path = [get_string('webservices', 'core_webservice')];
 174          $yearago = time() - YEARSECS;
 175          $hourago = time() - HOURSECS;
 176  
 177          $s = $this->create_service(['name' => 'Party time!']);
 178          $this->create_token(['userid' => $u1->id, 'timecreated' => $yearago]);
 179          $this->create_token(['userid' => $u1->id, 'creatorid' => $u2->id, 'iprestriction' => '127.0.0.1',
 180              'lastaccess' => $hourago]);
 181          $this->create_token(['userid' => $u2->id, 'iprestriction' => '192.168.1.0/24', 'lastaccess' => $yearago,
 182              'externalserviceid' => $s->id]);
 183          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u2->id]);
 184  
 185          // User 1 exporting user 2 context does not give anything.
 186          writer::reset();
 187          provider::export_user_data(new approved_contextlist($u1, 'core_webservice', [$u2ctx->id]));
 188          $data = writer::with_context($u1ctx)->get_data($path);
 189          $this->assertEmpty($data);
 190          $data = writer::with_context($u1ctx)->get_related_data($path, 'created_by_you');
 191          $this->assertEmpty($data);
 192          $data = writer::with_context($u2ctx)->get_data($path);
 193          $this->assertEmpty($data);
 194          $data = writer::with_context($u2ctx)->get_related_data($path, 'created_by_you');
 195          $this->assertEmpty($data);
 196  
 197          // User 1 exporting their context.
 198          writer::reset();
 199          provider::export_user_data(new approved_contextlist($u1, 'core_webservice', [$u1ctx->id, $u2ctx->id]));
 200          $data = writer::with_context($u1ctx)->get_data($path);
 201          $this->assertFalse(isset($data->services_user));
 202          $this->assertCount(2, $data->tokens);
 203          $this->assertEquals(transform::datetime($yearago), $data->tokens[0]['created_on']);
 204          $this->assertEquals(null, $data->tokens[0]['ip_restriction']);
 205          $this->assertEquals(transform::datetime($hourago), $data->tokens[1]['last_access']);
 206          $this->assertEquals('127.0.0.1', $data->tokens[1]['ip_restriction']);
 207          $data = writer::with_context($u1ctx)->get_related_data($path, 'created_by_you');
 208          $this->assertEmpty($data);
 209          $data = writer::with_context($u2ctx)->get_data($path);
 210          $this->assertEmpty($data);
 211          $data = writer::with_context($u2ctx)->get_related_data($path, 'created_by_you');
 212          $this->assertEmpty($data);
 213  
 214          // User 2 exporting their context.
 215          writer::reset();
 216          provider::export_user_data(new approved_contextlist($u2, 'core_webservice', [$u1ctx->id, $u2ctx->id]));
 217          $data = writer::with_context($u2ctx)->get_data($path);
 218          $this->assertCount(1, $data->tokens);
 219          $this->assertEquals('Party time!', $data->tokens[0]['external_service']);
 220          $this->assertEquals(transform::datetime($yearago), $data->tokens[0]['last_access']);
 221          $this->assertEquals('192.168.1.0/24', $data->tokens[0]['ip_restriction']);
 222          $this->assertCount(1, $data->services_user);
 223          $this->assertEquals('Party time!', $data->services_user[0]['external_service']);
 224          $data = writer::with_context($u1ctx)->get_related_data($path, 'created_by_you');
 225          $this->assertCount(1, $data->tokens);
 226          $this->assertEquals(transform::datetime($hourago), $data->tokens[0]['last_access']);
 227          $this->assertEquals('127.0.0.1', $data->tokens[0]['ip_restriction']);
 228          $data = writer::with_context($u1ctx)->get_data($path);
 229          $this->assertEmpty($data);
 230          $data = writer::with_context($u2ctx)->get_related_data($path, 'created_by_you');
 231          $this->assertEmpty($data);
 232      }
 233  
 234      /**
 235       * Test that only users with a user context are fetched.
 236       */
 237      public function test_get_users_in_context() {
 238  
 239          $component = 'core_webservice';
 240          // Create user u1.
 241          $u1 = $this->getDataGenerator()->create_user();
 242          $u1ctx = \context_user::instance($u1->id);
 243          // Create user u2.
 244          $u2 = $this->getDataGenerator()->create_user();
 245          $u2ctx = \context_user::instance($u2->id);
 246          // Create user u3.
 247          $u3 = $this->getDataGenerator()->create_user();
 248          $u3ctx = \context_user::instance($u3->id);
 249          // Create user u4.
 250          $u4 = $this->getDataGenerator()->create_user();
 251          $u4ctx = \context_user::instance($u4->id);
 252          // Create user u5.
 253          $u5 = $this->getDataGenerator()->create_user();
 254          $u5ctx = \context_user::instance($u5->id);
 255  
 256          // The lists of users for each user context ($u1ctx, $u2ctx, etc.) should be empty.
 257          // Related user data have not been created yet.
 258          $userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
 259          provider::get_users_in_context($userlist1);
 260          $this->assertCount(0, $userlist1);
 261          $userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
 262          provider::get_users_in_context($userlist2);
 263          $this->assertCount(0, $userlist2);
 264          $userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
 265          provider::get_users_in_context($userlist3);
 266          $this->assertCount(0, $userlist3);
 267          $userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
 268          provider::get_users_in_context($userlist4);
 269          $this->assertCount(0, $userlist4);
 270          $userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
 271          provider::get_users_in_context($userlist5);
 272          $this->assertCount(0, $userlist5);
 273  
 274          // Create a webservice.
 275          $s = $this->create_service();
 276          // Create a ws token for u1.
 277          $this->create_token(['userid' => $u1->id]);
 278          // Create a ws token for u2, and u3 as the creator of the token.
 279          $this->create_token(['userid' => $u2->id, 'creatorid' => $u3->id]);
 280          // Create a service user (u4).
 281          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u4->id]);
 282  
 283          // The list of users for userlist1 should return one user (u1).
 284          provider::get_users_in_context($userlist1);
 285          $this->assertCount(1, $userlist1);
 286          $expected = [$u1->id];
 287          $actual = $userlist1->get_userids();
 288          $this->assertEquals($expected, $actual);
 289          // The list of users for userlist2 should return one user (u2).
 290          provider::get_users_in_context($userlist2);
 291          $this->assertCount(1, $userlist2);
 292          $expected = [$u2->id];
 293          $actual = $userlist2->get_userids();
 294          $this->assertEquals($expected, $actual);
 295          // The list of users for userlist3 should return one user (u3).
 296          provider::get_users_in_context($userlist3);
 297          $this->assertCount(1, $userlist3);
 298          $expected = [$u3->id];
 299          $actual = $userlist3->get_userids();
 300          $this->assertEquals($expected, $actual);
 301          // The list of users for userlist4 should return one user (u4).
 302          provider::get_users_in_context($userlist4);
 303          $this->assertCount(1, $userlist4);
 304          $expected = [$u4->id];
 305          $actual = $userlist4->get_userids();
 306          $this->assertEquals($expected, $actual);
 307          // The list of users for userlist5 should not return any users.
 308          provider::get_users_in_context($userlist5);
 309          $this->assertCount(0, $userlist5);
 310  
 311          // The list of users should only return users in the user context.
 312          $systemcontext = \context_system::instance();
 313          $userlist6 = new \core_privacy\local\request\userlist($systemcontext, $component);
 314          provider::get_users_in_context($userlist6);
 315          $this->assertCount(0, $userlist6);
 316      }
 317  
 318      /**
 319       * Test that data for users in approved userlist is deleted.
 320       */
 321      public function test_delete_data_for_users() {
 322  
 323          $component = 'core_webservice';
 324          // Create user u1.
 325          $u1 = $this->getDataGenerator()->create_user();
 326          $u1ctx = \context_user::instance($u1->id);
 327          // Create user u2.
 328          $u2 = $this->getDataGenerator()->create_user();
 329          $u2ctx = \context_user::instance($u2->id);
 330          // Create user u3.
 331          $u3 = $this->getDataGenerator()->create_user();
 332          $u3ctx = \context_user::instance($u3->id);
 333          // Create user u4.
 334          $u4 = $this->getDataGenerator()->create_user();
 335          $u4ctx = \context_user::instance($u4->id);
 336          // Create user u5.
 337          $u5 = $this->getDataGenerator()->create_user();
 338          $u5ctx = \context_user::instance($u5->id);
 339  
 340          // Create a webservice.
 341          $s = $this->create_service();
 342          // Create a ws token for u1.
 343          $this->create_token(['userid' => $u1->id]);
 344          // Create a ws token for u2, and u3 as the creator of the token.
 345          $this->create_token(['userid' => $u2->id, 'creatorid' => $u3->id]);
 346          // Create a service user (u4).
 347          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u4->id]);
 348          // Create a service user (u5).
 349          $this->create_service_user(['externalserviceid' => $s->id, 'userid' => $u5->id]);
 350  
 351          // The list of users for u1ctx should return one user (u1).
 352          $userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
 353          provider::get_users_in_context($userlist1);
 354          $this->assertCount(1, $userlist1);
 355          // The list of users for u2ctx should return one user (u2).
 356          $userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
 357          provider::get_users_in_context($userlist2);
 358          $this->assertCount(1, $userlist2);
 359          // The list of users for u3ctx should return one user (u3).
 360          $userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
 361          provider::get_users_in_context($userlist3);
 362          $this->assertCount(1, $userlist3);
 363          // The list of users for u4ctx should return one user (u4).
 364          $userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
 365          provider::get_users_in_context($userlist4);
 366          $this->assertCount(1, $userlist4);
 367  
 368          $approvedlist = new approved_userlist($u1ctx, $component, $userlist1->get_userids());
 369          // Delete using delete_data_for_user.
 370          provider::delete_data_for_users($approvedlist);
 371          // Re-fetch users in u1ctx - the user data should now be empty.
 372          $userlist1 = new \core_privacy\local\request\userlist($u1ctx, $component);
 373          provider::get_users_in_context($userlist1);
 374          $this->assertCount(0, $userlist1);
 375  
 376          $approvedlist = new approved_userlist($u2ctx, $component, $userlist2->get_userids());
 377          // Delete using delete_data_for_user.
 378          provider::delete_data_for_users($approvedlist);
 379          // Re-fetch users in u2ctx - the user data should now be empty.
 380          $userlist2 = new \core_privacy\local\request\userlist($u2ctx, $component);
 381          provider::get_users_in_context($userlist2);
 382          $this->assertCount(0, $userlist2);
 383  
 384          $approvedlist = new approved_userlist($u3ctx, $component, $userlist3->get_userids());
 385          // Delete using delete_data_for_user.
 386          provider::delete_data_for_users($approvedlist);
 387          // Re-fetch users in u3ctx - the user data should now be empty.
 388          $userlist3 = new \core_privacy\local\request\userlist($u3ctx, $component);
 389          provider::get_users_in_context($userlist3);
 390          $this->assertCount(0, $userlist3);
 391  
 392          $approvedlist = new approved_userlist($u4ctx, $component, $userlist3->get_userids());
 393          // Delete using delete_data_for_user.
 394          provider::delete_data_for_users($approvedlist);
 395          // Re-fetch users in u4ctx - the user data should now be empty.
 396          $userlist4 = new \core_privacy\local\request\userlist($u4ctx, $component);
 397          provider::get_users_in_context($userlist4);
 398          $this->assertCount(0, $userlist4);
 399  
 400          // The list of users for u5ctx should still return one user (u5).
 401          $userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
 402          provider::get_users_in_context($userlist5);
 403          $this->assertCount(1, $userlist5);
 404  
 405          // User data should only be removed in the user context.
 406          $systemcontext = \context_system::instance();
 407          $approvedlist = new approved_userlist($systemcontext, $component, $userlist5->get_userids());
 408          // Delete using delete_data_for_user.
 409          provider::delete_data_for_users($approvedlist);
 410          // Re-fetch users in u5ctx - the user data should still be present.
 411          $userlist5 = new \core_privacy\local\request\userlist($u5ctx, $component);
 412          provider::get_users_in_context($userlist5);
 413          $this->assertCount(1, $userlist5);
 414      }
 415  
 416      /**
 417       * Create a service.
 418       *
 419       * @param array $params The params.
 420       * @return stdClass
 421       */
 422      protected function create_service(array $params = []) {
 423          global $DB;
 424          static $i = 0;
 425          $record = (object) array_merge([
 426              'name' => 'Some service',
 427              'enabled' => '1',
 428              'requiredcapability' => '',
 429              'restrictedusers' => '0',
 430              'component' => 'core_webservice',
 431              'timecreated' => time(),
 432              'timemodified' => time(),
 433              'shortname' => 'service' . $i,
 434              'downloadfiles' => '1',
 435              'uploadfiles' => '1',
 436          ], $params);
 437          $record->id = $DB->insert_record('external_services', $record);
 438          return $record;
 439      }
 440  
 441      /**
 442       * Create a service user.
 443       *
 444       * @param array $params The params.
 445       * @return stdClass
 446       */
 447      protected function create_service_user(array $params) {
 448          global $DB, $USER;
 449          static $i = 0;
 450          $record = (object) array_merge([
 451              'externalserviceid' => null,
 452              'userid' => $USER->id,
 453              'validuntil' => time() + YEARSECS,
 454              'iprestriction' => '',
 455              'timecreated' => time(),
 456          ], $params);
 457          $record->id = $DB->insert_record('external_services_users', $record);
 458          return $record;
 459      }
 460  
 461      /**
 462       * Create a token.
 463       *
 464       * @param array $params The params.
 465       * @return stdClass
 466       */
 467      protected function create_token(array $params) {
 468          global $DB, $USER;
 469          $service = $DB->get_record('external_services', ['shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE]);
 470          $record = (object) array_merge([
 471              'token' => random_string(64),
 472              'privatetoken' => random_string(64),
 473              'tokentype' => EXTERNAL_TOKEN_PERMANENT,
 474              'contextid' => SYSCONTEXTID,
 475              'externalserviceid' => $service->id,
 476              'userid' => $USER->id,
 477              'validuntil' => time() + YEARSECS,
 478              'iprestriction' => null,
 479              'sid' => null,
 480              'timecreated' => time(),
 481              'lastaccess' => time(),
 482              'creatorid' => $USER->id,
 483          ], $params);
 484          $record->id = $DB->insert_record('external_tokens', $record);
 485          return $record;
 486      }
 487  }