Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 311 and 401] [Versions 400 and 401] [Versions 401 and 402] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Privacy test for core_role
  19   *
  20   * @package    core_role
  21   * @category   test
  22   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  namespace core_role\privacy;
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  use core_role\privacy\provider;
  30  use core_privacy\local\request\approved_contextlist;
  31  use core_privacy\local\request\writer;
  32  use core_privacy\tests\provider_testcase;
  33  use core_privacy\local\request\transform;
  34  use tool_cohortroles\api;
  35  use core_privacy\local\request\approved_userlist;
  36  
  37  /**
  38   * Privacy test for core_role
  39   *
  40   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
  41   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  42   */
  43  class provider_test extends provider_testcase {
  44      /**
  45       * Test to check export_user_preferences.
  46       * returns user preferences data.
  47       */
  48      public function test_export_user_preferences() {
  49          $this->resetAfterTest();
  50          $this->setAdminUser();
  51          $user = $this->getDataGenerator()->create_user();
  52          $this->setUser($user);
  53          $showadvanced = 1;
  54          set_user_preference('definerole_showadvanced', $showadvanced);
  55          provider::export_user_preferences($user->id);
  56          $writer = writer::with_context(\context_system::instance());
  57          $prefs = $writer->get_user_preferences('core_role');
  58          $this->assertEquals(transform::yesno($showadvanced), transform::yesno($prefs->definerole_showadvanced->value));
  59          $this->assertEquals(get_string('privacy:metadata:preference:showadvanced', 'core_role'),
  60              $prefs->definerole_showadvanced->description);
  61      }
  62  
  63      /**
  64       * Check all contexts are returned if there is any user data for this user.
  65       */
  66      public function test_get_contexts_for_userid() {
  67          global $DB;
  68  
  69          $this->resetAfterTest();
  70          $this->setAdminUser();
  71          $user = $this->getDataGenerator()->create_user();
  72          $this->assertEmpty(provider::get_contexts_for_userid($user->id));
  73  
  74          $user2 = $this->getDataGenerator()->create_user();
  75          $usercontext2 = \context_user::instance($user2->id);
  76          $course = $this->getDataGenerator()->create_course();
  77          $course2 = $this->getDataGenerator()->create_course();
  78          $coursecat = $this->getDataGenerator()->create_category();
  79          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
  80          $cmcontext = \context_module::instance($cm->cmid);
  81          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
  82          $cmcontext2 = \context_module::instance($page->cmid);
  83          $coursecontext = \context_course::instance($course->id);
  84          $coursecontext2 = \context_course::instance($course2->id);
  85          $coursecatcontext = \context_coursecat::instance($coursecat->id);
  86          $systemcontext = \context_system::instance();
  87          $block = $this->getDataGenerator()->create_block('online_users');
  88          $blockcontext = \context_block::instance($block->id);
  89  
  90          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
  91          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
  92  
  93          // Role assignments, where the user is assigned.
  94          role_assign($student->id, $user->id, $cmcontext2->id);
  95          role_assign($student->id, $user->id, $coursecontext2->id);
  96          role_assign($student->id, $user->id, $blockcontext->id);
  97          role_assign($manager->id, $user->id, $usercontext2->id);
  98          // Role assignments, where the user makes assignments.
  99          $this->setUser($user);
 100          role_assign($student->id, $user2->id, $coursecontext->id);
 101          role_assign($manager->id, $user2->id, $coursecatcontext->id);
 102          role_assign($manager->id, $user2->id, $systemcontext->id);
 103  
 104          // Role capabilities.
 105          $this->setUser($user);
 106          $result = assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $cmcontext->id);
 107  
 108          $contextlist = provider::get_contexts_for_userid($user->id)->get_contextids();
 109          $this->assertCount(8, $contextlist);
 110          $this->assertTrue(in_array($cmcontext->id, $contextlist));
 111      }
 112  
 113      /**
 114       * Test that user data is exported correctly.
 115       */
 116      public function test_export_user_data() {
 117          global $DB;
 118  
 119          $this->resetAfterTest();
 120          $this->setAdminUser();
 121          $user = $this->getDataGenerator()->create_user();
 122          $user2 = $this->getDataGenerator()->create_user();
 123          $usercontext2 = \context_user::instance($user2->id);
 124          $course = $this->getDataGenerator()->create_course();
 125          $course2 = $this->getDataGenerator()->create_course();
 126          $coursecat = $this->getDataGenerator()->create_category();
 127          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 128          $cmcontext = \context_module::instance($cm->cmid);
 129          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
 130          $cmcontext2 = \context_module::instance($page->cmid);
 131          $coursecontext = \context_course::instance($course->id);
 132          $coursecontext2 = \context_course::instance($course2->id);
 133          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 134          $systemcontext = \context_system::instance();
 135          $block = $this->getDataGenerator()->create_block('online_users');
 136          $blockcontext = \context_block::instance($block->id);
 137  
 138          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 139          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 140          $rolesnames = self::get_roles_name();
 141  
 142          $subcontextstudent = [
 143              get_string('privacy:metadata:role_assignments', 'core_role'),
 144              $rolesnames[$student->id]
 145          ];
 146          $subcontextmanager = [
 147              get_string('privacy:metadata:role_assignments', 'core_role'),
 148              $rolesnames[$manager->id]
 149          ];
 150          $subcontextrc = [
 151              get_string('privacy:metadata:role_capabilities', 'core_role'),
 152              $rolesnames[$student->id]
 153          ];
 154  
 155          // Test over role assignments.
 156          // Where the user is assigned.
 157          role_assign($student->id, $user->id, $cmcontext2->id);
 158          role_assign($student->id, $user->id, $coursecontext2->id);
 159          role_assign($student->id, $user->id, $blockcontext->id);
 160          role_assign($manager->id, $user->id, $usercontext2->id);
 161          // Where the user makes assignments.
 162          $this->setUser($user);
 163          role_assign($manager->id, $user2->id, $coursecatcontext->id);
 164          role_assign($manager->id, $user2->id, $systemcontext->id);
 165  
 166          // Test overridable roles in module, course, category, user, system and block.
 167          assign_capability('moodle/backup:backupactivity', CAP_ALLOW, $student->id, $cmcontext->id, true);
 168          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $coursecontext->id, true);
 169          assign_capability('moodle/category:manage', CAP_ALLOW, $student->id, $coursecatcontext->id, true);
 170          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $systemcontext->id, true);
 171          assign_capability('moodle/block:edit', CAP_ALLOW, $student->id, $blockcontext->id, true);
 172          assign_capability('moodle/competency:evidencedelete', CAP_ALLOW, $student->id, $usercontext2->id, true);
 173  
 174          // Retrieve the user's context ids.
 175          $contextlist = provider::get_contexts_for_userid($user->id);
 176          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
 177  
 178          $strpermissions = array(
 179              CAP_INHERIT => get_string('inherit', 'role'),
 180              CAP_ALLOW => get_string('allow', 'role'),
 181              CAP_PREVENT => get_string('prevent', 'role'),
 182              CAP_PROHIBIT => get_string('prohibit', 'role')
 183          );
 184          // Retrieve role capabilities and role assignments.
 185          provider::export_user_data($approvedcontextlist);
 186          foreach ($contextlist as $context) {
 187              $writer = writer::with_context($context);
 188              $this->assertTrue($writer->has_any_data());
 189              if ($context->contextlevel == CONTEXT_MODULE) {
 190                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 191                      $this->assertEquals($user->id, reset($data)->userid);
 192                  }
 193                  if ($data = (array)$writer->get_data($subcontextrc)) {
 194                      $this->assertEquals('moodle/backup:backupactivity', reset($data)->capability);
 195                      $this->assertEquals($strpermissions[CAP_ALLOW], reset($data)->permission);
 196                  }
 197              }
 198              if ($context->contextlevel == CONTEXT_COURSE) {
 199                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 200                      $this->assertEquals($user->id, reset($data)->userid);
 201                  }
 202                  if ($data = (array)$writer->get_data($subcontextrc)) {
 203                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
 204                  }
 205              }
 206              if ($context->contextlevel == CONTEXT_COURSECAT) {
 207                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 208                      $this->assertEquals($user->id, reset($data)->modifierid);
 209                  }
 210                  if ($data = (array)$writer->get_data($subcontextrc)) {
 211                      $this->assertEquals('moodle/category:manage', reset($data)->capability);
 212                  }
 213              }
 214              if ($context->contextlevel == CONTEXT_SYSTEM) {
 215                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 216                      $this->assertEquals($user->id, reset($data)->modifierid);
 217                  }
 218                  if ($data = (array)$writer->get_data($subcontextrc)) {
 219                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
 220                  }
 221              }
 222              if ($context->contextlevel == CONTEXT_BLOCK) {
 223                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 224                      $this->assertEquals($user->id, reset($data)->userid);
 225                  }
 226                  if ($data = (array)$writer->get_data($subcontextrc)) {
 227                      $this->assertEquals('moodle/block:edit', reset($data)->capability);
 228                  }
 229              }
 230              if ($context->contextlevel == CONTEXT_USER) {
 231                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 232                      $this->assertEquals($user->id, reset($data)->userid);
 233                  }
 234                  if ($data = (array)$writer->get_data($subcontextrc)) {
 235                      $this->assertEquals('moodle/competency:evidencedelete', reset($data)->capability);
 236                  }
 237              }
 238          }
 239      }
 240  
 241      /**
 242       * Test for provider::delete_data_for_all_users_in_context().
 243       */
 244      public function test_delete_data_for_all_users_in_context() {
 245          global $DB;
 246  
 247          $this->resetAfterTest();
 248          $this->setAdminUser();
 249          $user = $this->getDataGenerator()->create_user();
 250          $user2 = $this->getDataGenerator()->create_user();
 251          $usercontext2 = \context_user::instance($user2->id);
 252          $user3 = $this->getDataGenerator()->create_user();
 253          $course = $this->getDataGenerator()->create_course();
 254          $coursecontext = \context_course::instance($course->id);
 255          $coursecat = $this->getDataGenerator()->create_category();
 256          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 257          $systemcontext = \context_system::instance();
 258          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 259          $cmcontext = \context_module::instance($cm->cmid);
 260          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 261          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 262          $block = $this->getDataGenerator()->create_block('online_users');
 263          $blockcontext = \context_block::instance($block->id);
 264  
 265          // Role assignments CONTEXT_COURSE.
 266          role_assign($student->id, $user->id, $coursecontext->id);
 267          role_assign($student->id, $user2->id, $coursecontext->id);
 268          role_assign($student->id, $user3->id, $coursecontext->id);
 269          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
 270          $this->assertEquals(3, $count);
 271          // Role assignments CONTEXT_COURSECAT.
 272          role_assign($student->id, $user2->id, $coursecatcontext->id);
 273          role_assign($student->id, $user3->id, $coursecatcontext->id);
 274          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 275          $this->assertEquals(2, $count);
 276          // Role assignments CONTEXT_SYSTEM.
 277          role_assign($student->id, $user->id, $systemcontext->id);
 278          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 279          $this->assertEquals(1, $count);
 280          // Role assignments CONTEXT_MODULE.
 281          role_assign($student->id, $user->id, $cmcontext->id);
 282          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 283          $this->assertEquals(1, $count);
 284          // Role assigments CONTEXT_BLOCK.
 285          role_assign($student->id, $user->id, $blockcontext->id);
 286          $count = $DB->count_records('role_assignments', ['contextid' => $blockcontext->id]);
 287          $this->assertEquals(1, $count);
 288          // Role assigments CONTEXT_USER.
 289          role_assign($manager->id, $user->id, $usercontext2->id);
 290          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
 291          $this->assertEquals(1, $count);
 292  
 293          // Delete data based on CONTEXT_COURSE context.
 294          provider::delete_data_for_all_users_in_context($coursecontext);
 295          // After deletion, the role_assignments entries for this context should have been deleted.
 296          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
 297          $this->assertEquals(0, $count);
 298          // Check it is not removing data on other contexts.
 299          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 300          $this->assertEquals(2, $count);
 301          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 302          $this->assertEquals(1, $count);
 303          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 304          $this->assertEquals(1, $count);
 305          // Delete data based on CONTEXT_COURSECAT context.
 306          provider::delete_data_for_all_users_in_context($coursecatcontext);
 307          // After deletion, the role_assignments entries for this context should have been deleted.
 308          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 309          $this->assertEquals(0, $count);
 310          // Delete data based on CONTEXT_SYSTEM context.
 311          provider::delete_data_for_all_users_in_context($systemcontext);
 312          // After deletion, the role_assignments entries for this context should have been deleted.
 313          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 314          $this->assertEquals(0, $count);
 315          // Delete data based on CONTEXT_MODULE context.
 316          provider::delete_data_for_all_users_in_context($cmcontext);
 317          // After deletion, the role_assignments entries for this context should have been deleted.
 318          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 319          $this->assertEquals(0, $count);
 320          // Delete data based on CONTEXT_BLOCK context.
 321          provider::delete_data_for_all_users_in_context($usercontext2);
 322          // After deletion, the role_assignments entries for this context should have been deleted.
 323          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
 324          $this->assertEquals(0, $count);
 325      }
 326  
 327      /**
 328       * Test for provider::delete_data_for_user().
 329       */
 330      public function test_delete_data_for_user() {
 331          global $DB;
 332  
 333          $this->resetAfterTest();
 334          $this->setAdminUser();
 335          $user = $this->getDataGenerator()->create_user();
 336          $user2 = $this->getDataGenerator()->create_user();
 337          $usercontext2 = \context_user::instance($user2->id);
 338          $user3 = $this->getDataGenerator()->create_user();
 339          $usercontext3 = \context_user::instance($user3->id);
 340          $course = $this->getDataGenerator()->create_course();
 341          $course2 = $this->getDataGenerator()->create_course();
 342          $course3 = $this->getDataGenerator()->create_course();
 343          $coursecontext = \context_course::instance($course->id);
 344          $coursecontext2 = \context_course::instance($course2->id);
 345          $coursecontext3 = \context_course::instance($course3->id);
 346          $coursecat = $this->getDataGenerator()->create_category();
 347          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 348          $systemcontext = \context_system::instance();
 349          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 350          $cmcontext = \context_module::instance($cm->cmid);
 351          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 352          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 353          $block = $this->getDataGenerator()->create_block('online_users');
 354          $blockcontext = \context_block::instance($block->id);
 355  
 356          // Role assignments, Where the user is assigned.
 357          role_assign($student->id, $user->id, $coursecontext->id);
 358          role_assign($student->id, $user->id, $coursecontext2->id);
 359          role_assign($student->id, $user->id, $coursecatcontext->id);
 360          role_assign($student->id, $user->id, $cmcontext->id);
 361          role_assign($student->id, $user->id, $systemcontext->id);
 362          role_assign($student->id, $user->id, $blockcontext->id);
 363          role_assign($manager->id, $user->id, $usercontext2->id);
 364          role_assign($manager->id, $user->id, $usercontext3->id);
 365          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
 366          $this->assertEquals(8, $count);
 367          // Role assignments, where the user makes assignments.
 368          $this->setUser($user);
 369          role_assign($student->id, $user2->id, $coursecontext3->id);
 370          role_assign($student->id, $user3->id, $coursecontext3->id);
 371          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
 372          $this->assertEquals(2, $count);
 373  
 374          $contextlist = provider::get_contexts_for_userid($user->id);
 375          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
 376          provider::delete_data_for_user($approvedcontextlist);
 377          // After deletion, the role_assignments assigned to the user should have been deleted.
 378          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
 379          $this->assertEquals(0, $count);
 380          // After deletion, the role_assignments assigned by the user should not have been deleted.
 381          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
 382          $this->assertEquals(2, $count);
 383      }
 384  
 385      /**
 386       * Export for a user with a key against a script where no instance is specified.
 387       */
 388      public function test_export_user_role_to_cohort() {
 389          global $DB;
 390  
 391          $this->resetAfterTest();
 392          $this->setAdminUser();
 393          // Assign user roles to cohort.
 394          $user = $this->getDataGenerator()->create_user();
 395          $contextuser = \context_user::instance($user->id);
 396          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
 397          $cohort = $this->getDataGenerator()->create_cohort();
 398          $userassignover = $this->getDataGenerator()->create_user();
 399          $contextuserassignover = \context_user::instance($userassignover->id);
 400          cohort_add_member($cohort->id, $userassignover->id);
 401          $this->setAdminUser();
 402          $params = (object) array(
 403              'userid' => $user->id,
 404              'roleid' => $teacher->id,
 405              'cohortid' => $cohort->id
 406          );
 407          api::create_cohort_role_assignment($params);
 408          api::sync_all_cohort_roles();
 409          $rolesnames = self::get_roles_name();
 410          $subcontextteacher = [
 411              get_string('privacy:metadata:role_cohortroles', 'core_role'),
 412              $rolesnames[$teacher->id]
 413          ];
 414          // Test User is assigned role teacher to cohort.
 415          provider::export_user_role_to_cohort($user->id);
 416          $writer = writer::with_context($contextuserassignover);
 417          $this->assertTrue($writer->has_any_data());
 418          $exported = (array)$writer->get_related_data($subcontextteacher, 'cohortroles');
 419          $this->assertEquals($user->id, reset($exported)->userid);
 420  
 421          // Test User is member of a cohort which User2 is assigned to role to this cohort.
 422          $user2 = $this->getDataGenerator()->create_user();
 423          $cohort2 = $this->getDataGenerator()->create_cohort();
 424          cohort_add_member($cohort2->id, $user->id);
 425          $params = (object) array(
 426              'userid' => $user2->id,
 427              'roleid' => $teacher->id,
 428              'cohortid' => $cohort2->id
 429          );
 430          api::create_cohort_role_assignment($params);
 431          api::sync_all_cohort_roles();
 432          provider::export_user_role_to_cohort($user->id);
 433          $writer = writer::with_context($contextuser);
 434          $this->assertTrue($writer->has_any_data());
 435          $exported = (array)$writer->get_related_data($subcontextteacher, 'cohortroles');
 436          $this->assertEquals($user2->id, reset($exported)->userid);
 437      }
 438  
 439      /**
 440       * Test for provider::delete_user_role_to_cohort().
 441       */
 442      public function test_delete_user_role_to_cohort() {
 443          global $DB;
 444  
 445          $this->resetAfterTest();
 446          $this->setAdminUser();
 447          // Assign user roles to cohort.
 448          $user = $this->getDataGenerator()->create_user();
 449          $user2 = $this->getDataGenerator()->create_user();
 450          $user3 = $this->getDataGenerator()->create_user();
 451          $user4 = $this->getDataGenerator()->create_user();
 452          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
 453          $cohort = $this->getDataGenerator()->create_cohort();
 454          cohort_add_member($cohort->id, $user2->id);
 455          cohort_add_member($cohort->id, $user3->id);
 456          cohort_add_member($cohort->id, $user4->id);
 457          $this->setAdminUser();
 458          $params = (object) array(
 459              'userid' => $user->id,
 460              'roleid' => $teacher->id,
 461              'cohortid' => $cohort->id
 462          );
 463          api::create_cohort_role_assignment($params);
 464          api::sync_all_cohort_roles();
 465  
 466          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
 467          $this->assertEquals(3, $count);
 468  
 469          provider::delete_user_role_to_cohort($user->id);
 470          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
 471          $this->assertEquals(0, $count);
 472      }
 473  
 474      /**
 475       * Test that only users within a course context are fetched.
 476       */
 477      public function test_get_users_in_context() {
 478          global $DB;
 479  
 480          $this->resetAfterTest();
 481  
 482          $component = 'core_role';
 483  
 484          $this->setAdminUser();
 485          $admin = \core_user::get_user_by_username('admin');
 486          // Create user1.
 487          $user1 = $this->getDataGenerator()->create_user();
 488          $usercontext1 = \context_user::instance($user1->id);
 489          // Create user2.
 490          $user2 = $this->getDataGenerator()->create_user();
 491          $usercontext2 = \context_user::instance($user2->id);
 492          // Create course1.
 493          $course1 = $this->getDataGenerator()->create_course();
 494          $coursecontext1 = \context_course::instance($course1->id);
 495          // Create course category.
 496          $coursecat = $this->getDataGenerator()->create_category();
 497          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 498          // Create chat module.
 499          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
 500          $cmcontext = \context_module::instance($cm->cmid);
 501  
 502          $systemcontext = \context_system::instance();
 503          // Create a block.
 504          $block = $this->getDataGenerator()->create_block('online_users');
 505          $blockcontext = \context_block::instance($block->id);
 506  
 507          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 508          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 509  
 510          // Role assignments CONTEXT_COURSE.
 511          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
 512          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
 513          // Role assignments CONTEXT_COURSECAT.
 514          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
 515          // Role assignments CONTEXT_SYSTEM.
 516          role_assign($studentrole->id, $user1->id, $systemcontext->id);
 517          // Role assignments CONTEXT_MODULE.
 518          role_assign($studentrole->id, $user2->id, $cmcontext->id);
 519          // Role assigments CONTEXT_BLOCK.
 520          role_assign($studentrole->id, $user1->id, $blockcontext->id);
 521          // Role assigments CONTEXT_USER.
 522          role_assign($managerrole->id, $user1->id, $usercontext2->id);
 523  
 524          // Role capabilities.
 525          $this->setUser($user1);
 526          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
 527  
 528          // The user list for usercontext1 should not return any users.
 529          $userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
 530          provider::get_users_in_context($userlist1);
 531          $this->assertCount(0, $userlist1);
 532          // The user list for usercontext2 should user1 and admin (role creator).
 533          $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
 534          provider::get_users_in_context($userlist2);
 535          $this->assertCount(2, $userlist2);
 536          $expected = [
 537              $user1->id,
 538              $admin->id
 539          ];
 540          $this->assertEqualsCanonicalizing($expected, $userlist2->get_userids());
 541  
 542          // The user list for coursecontext1 should user1, user2 and admin (role creator).
 543          $userlist3 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 544          provider::get_users_in_context($userlist3);
 545          $this->assertCount(3, $userlist3);
 546          $expected = [
 547              $user1->id,
 548              $user2->id,
 549              $admin->id
 550          ];
 551          $this->assertEqualsCanonicalizing($expected, $userlist3->get_userids());
 552  
 553          // The user list for coursecatcontext should user2 and admin (role creator).
 554          $userlist4 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 555          provider::get_users_in_context($userlist4);
 556          $this->assertCount(2, $userlist4);
 557          $expected = [
 558              $user2->id,
 559              $admin->id
 560          ];
 561          $this->assertEqualsCanonicalizing($expected, $userlist4->get_userids());
 562  
 563          // The user list for systemcontext should user1 and admin (role creator).
 564          $userlist6 = new \core_privacy\local\request\userlist($systemcontext, $component);
 565          provider::get_users_in_context($userlist6);
 566          $this->assertCount(2, $userlist6);
 567          $expected = [
 568              $user1->id,
 569              $admin->id
 570          ];
 571          $this->assertEqualsCanonicalizing($expected, $userlist6->get_userids());
 572  
 573          // The user list for cmcontext should user1, user2 and admin (role creator).
 574          $userlist7 = new \core_privacy\local\request\userlist($cmcontext, $component);
 575          provider::get_users_in_context($userlist7);
 576          $this->assertCount(3, $userlist7);
 577          $expected = [
 578              $user1->id,
 579              $user2->id,
 580              $admin->id
 581          ];
 582          $this->assertEqualsCanonicalizing($expected, $userlist7->get_userids());
 583  
 584          // The user list for blockcontext should user1 and admin (role creator).
 585          $userlist8 = new \core_privacy\local\request\userlist($blockcontext, $component);
 586          provider::get_users_in_context($userlist8);
 587          $this->assertCount(2, $userlist8);
 588          $expected = [
 589              $user1->id,
 590              $admin->id
 591          ];
 592          $this->assertEqualsCanonicalizing($expected, $userlist8->get_userids());
 593      }
 594  
 595      /**
 596       * Test that data for users in approved userlist is deleted.
 597       */
 598      public function test_delete_data_for_users() {
 599          global $DB;
 600  
 601          $this->resetAfterTest();
 602  
 603          $component = 'core_role';
 604  
 605          $this->setAdminUser();
 606          $admin = \core_user::get_user_by_username('admin');
 607          // Create user1.
 608          $user1 = $this->getDataGenerator()->create_user();
 609          // Create user2.
 610          $user2 = $this->getDataGenerator()->create_user();
 611          $usercontext2 = \context_user::instance($user2->id);
 612          // Create course1.
 613          $course1 = $this->getDataGenerator()->create_course();
 614          $coursecontext1 = \context_course::instance($course1->id);
 615          // Create course category.
 616          $coursecat = $this->getDataGenerator()->create_category();
 617          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 618          // Create chat module.
 619          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
 620          $cmcontext = \context_module::instance($cm->cmid);
 621  
 622          $systemcontext = \context_system::instance();
 623          // Create a block.
 624          $block = $this->getDataGenerator()->create_block('online_users');
 625          $blockcontext = \context_block::instance($block->id);
 626  
 627          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 628          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 629  
 630          // Role assignments CONTEXT_COURSE.
 631          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
 632          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
 633          // Role assignments CONTEXT_COURSECAT.
 634          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
 635          // Role assignments CONTEXT_SYSTEM.
 636          role_assign($studentrole->id, $user1->id, $systemcontext->id);
 637          // Role assignments CONTEXT_MODULE.
 638          role_assign($studentrole->id, $user2->id, $cmcontext->id);
 639          // Role assigments CONTEXT_BLOCK.
 640          role_assign($studentrole->id, $user1->id, $blockcontext->id);
 641          // Role assigments CONTEXT_USER.
 642          role_assign($managerrole->id, $user1->id, $usercontext2->id);
 643  
 644          // Role capabilities.
 645          $this->setUser($user1);
 646          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
 647  
 648          // The user list for usercontext2 should user1 and admin (role creator).
 649          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
 650          provider::get_users_in_context($userlist1);
 651          $this->assertCount(2, $userlist1);
 652          // The user list for coursecontext1 should user1, user2 and admin (role creator).
 653          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 654          provider::get_users_in_context($userlist2);
 655          $this->assertCount(3, $userlist2);
 656          // The user list for coursecatcontext should user2 and admin (role creator).
 657          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 658          provider::get_users_in_context($userlist3);
 659          $this->assertCount(2, $userlist3);
 660          // The user list for systemcontext should user1 and admin (role creator).
 661          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
 662          provider::get_users_in_context($userlist4);
 663          $this->assertCount(2, $userlist4);
 664          // The user list for cmcontext should user1, user2 and admin (role creator).
 665          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
 666          provider::get_users_in_context($userlist5);
 667          $this->assertCount(3, $userlist5);
 668          // The user list for blockcontext should user1 and admin (role creator).
 669          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
 670          provider::get_users_in_context($userlist6);
 671          $this->assertCount(2, $userlist6);
 672  
 673          // Convert $userlist1 into an approved_contextlist.
 674          $approvedlist1 = new approved_userlist($usercontext2, $component, $userlist1->get_userids());
 675          // Delete using delete_data_for_user.
 676          provider::delete_data_for_users($approvedlist1);
 677          // Re-fetch users in usercontext2.
 678          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
 679          provider::get_users_in_context($userlist1);
 680          $this->assertCount(0, $userlist1);
 681  
 682          // Convert $userlist2 into an approved_contextlist.
 683          $approvedlist2 = new approved_userlist($coursecontext1, $component, $userlist2->get_userids());
 684          // Delete using delete_data_for_user.
 685          provider::delete_data_for_users($approvedlist2);
 686          // Re-fetch users in coursecontext1.
 687          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 688          provider::get_users_in_context($userlist2);
 689          $this->assertCount(0, $userlist2);
 690  
 691          // Convert $userlist3 into an approved_contextlist.
 692          $approvedlist3 = new approved_userlist($coursecatcontext, $component, $userlist3->get_userids());
 693          // Delete using delete_data_for_user.
 694          provider::delete_data_for_users($approvedlist3);
 695          // Re-fetch users in coursecatcontext.
 696          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 697          provider::get_users_in_context($userlist3);
 698          $this->assertCount(0, $userlist3);
 699  
 700          // Convert $userlist4 into an approved_contextlist.
 701          $approvedlist4 = new approved_userlist($systemcontext, $component, $userlist4->get_userids());
 702          // Delete using delete_data_for_user.
 703          provider::delete_data_for_users($approvedlist4);
 704          // Re-fetch users in systemcontext.
 705          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
 706          provider::get_users_in_context($userlist4);
 707          // The data from role_capabilities should still be present. The user list should return the admin user.
 708          $this->assertCount(1, $userlist4);
 709          $expected = [$admin->id];
 710          $this->assertEquals($expected, $userlist4->get_userids());
 711  
 712          // Convert $userlist5 into an approved_contextlist.
 713          $approvedlist5 = new approved_userlist($cmcontext, $component, $userlist5->get_userids());
 714          // Delete using delete_data_for_user.
 715          provider::delete_data_for_users($approvedlist5);
 716          // Re-fetch users in cmcontext.
 717          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
 718          provider::get_users_in_context($userlist5);
 719          // The data from role_capabilities should still be present. The user list should return user1.
 720          $this->assertCount(1, $userlist5);
 721          $expected = [$user1->id];
 722          $this->assertEquals($expected, $userlist5->get_userids());
 723  
 724          // Convert $userlist6 into an approved_contextlist.
 725          $approvedlist6 = new approved_userlist($blockcontext, $component, $userlist6->get_userids());
 726          // Delete using delete_data_for_user.
 727          provider::delete_data_for_users($approvedlist6);
 728          // Re-fetch users in blockcontext.
 729          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
 730          provider::get_users_in_context($userlist6);
 731          $this->assertCount(0, $userlist6);
 732      }
 733  
 734      /**
 735       * Supoort function to get all the localised roles name
 736       * in a simple array for testing.
 737       *
 738       * @return array Array of name of the roles by roleid.
 739       */
 740      protected static function get_roles_name() {
 741          $roles = role_fix_names(get_all_roles(), \context_system::instance(), ROLENAME_ORIGINAL);
 742          $rolesnames = array();
 743          foreach ($roles as $role) {
 744              $rolesnames[$role->id] = $role->localname;
 745          }
 746          return $rolesnames;
 747      }
 748  }