See Release Notes
Long Term Support Release
Differences Between: [Versions 310 and 401] [Versions 39 and 401] [Versions 401 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * The contact form to the site's Data Protection Officer 19 * 20 * @copyright 2018 onwards Jun Pataleta 21 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License 22 * @package tool_dataprivacy 23 */ 24 25 use tool_dataprivacy\api; 26 use tool_dataprivacy\data_request; 27 use tool_dataprivacy\local\helper; 28 29 defined('MOODLE_INTERNAL') || die(); 30 31 require_once($CFG->libdir.'/formslib.php'); 32 33 /** 34 * The contact form to the site's Data Protection Officer 35 * 36 * @copyright 2018 onwards Jun Pataleta 37 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License 38 * @package tool_dataprivacy 39 */ 40 class tool_dataprivacy_data_request_form extends \core\form\persistent { 41 42 /** @var string Name of the persistent class. */ 43 protected static $persistentclass = data_request::class; 44 45 /** @var bool Flag to indicate whether this form is being rendered for managing data requests or for regular requests. */ 46 protected $manage = false; 47 48 /** 49 * Form definition. 50 * 51 * @throws coding_exception 52 * @throws dml_exception 53 */ 54 public function definition() { 55 global $USER; 56 $mform =& $this->_form; 57 58 $this->manage = $this->_customdata['manage']; 59 if ($this->manage) { 60 $options = [ 61 'ajax' => 'tool_dataprivacy/form-user-selector', 62 'valuehtmlcallback' => function($value) { 63 global $OUTPUT; 64 65 $userfieldsapi = \core_user\fields::for_name(); 66 $allusernames = $userfieldsapi->get_sql('', false, '', '', false)->selects; 67 $fields = 'id, email, ' . $allusernames; 68 $user = \core_user::get_user($value, $fields); 69 $useroptiondata = [ 70 'fullname' => fullname($user), 71 'email' => $user->email 72 ]; 73 return $OUTPUT->render_from_template('tool_dataprivacy/form-user-selector-suggestion', $useroptiondata); 74 } 75 ]; 76 $mform->addElement('autocomplete', 'userid', get_string('requestfor', 'tool_dataprivacy'), [], $options); 77 $mform->addRule('userid', null, 'required', null, 'client'); 78 79 } else { 80 // Get users whom you are being a guardian to if your role has the capability to make data requests for children. 81 if ($children = helper::get_children_of_user($USER->id)) { 82 $useroptions = [ 83 $USER->id => fullname($USER) 84 ]; 85 foreach ($children as $key => $child) { 86 $useroptions[$key] = fullname($child); 87 } 88 $mform->addElement('autocomplete', 'userid', get_string('requestfor', 'tool_dataprivacy'), $useroptions); 89 $mform->addRule('userid', null, 'required', null, 'client'); 90 91 } else { 92 // Requesting for self. 93 $mform->addElement('hidden', 'userid', $USER->id); 94 } 95 } 96 97 $mform->setType('userid', PARAM_INT); 98 99 // Subject access request type. 100 $options = []; 101 if ($this->manage || api::can_create_data_download_request_for_self()) { 102 $options[api::DATAREQUEST_TYPE_EXPORT] = get_string('requesttypeexport', 'tool_dataprivacy'); 103 } 104 $options[api::DATAREQUEST_TYPE_DELETE] = get_string('requesttypedelete', 'tool_dataprivacy'); 105 106 $mform->addElement('select', 'type', get_string('requesttype', 'tool_dataprivacy'), $options); 107 $mform->addHelpButton('type', 'requesttype', 'tool_dataprivacy'); 108 109 // Request comments text area. 110 $textareaoptions = ['cols' => 60, 'rows' => 10]; 111 $mform->addElement('textarea', 'comments', get_string('requestcomments', 'tool_dataprivacy'), $textareaoptions); 112 $mform->addHelpButton('comments', 'requestcomments', 'tool_dataprivacy'); 113 114 // Action buttons. 115 $this->add_action_buttons(); 116 117 $shouldfreeze = false; 118 if ($this->manage) { 119 $shouldfreeze = !api::can_create_data_deletion_request_for_other(); 120 } else { 121 $shouldfreeze = !api::can_create_data_deletion_request_for_self(); 122 if ($shouldfreeze && !empty($useroptions)) { 123 foreach ($useroptions as $userid => $useroption) { 124 if (api::can_create_data_deletion_request_for_children($userid)) { 125 $shouldfreeze = false; 126 break; 127 } 128 } 129 } 130 } 131 132 if ($shouldfreeze) { 133 $mform->freeze('type'); 134 } 135 } 136 137 /** 138 * Get the default data. Unset the default userid if managing data requests 139 * 140 * @return stdClass 141 */ 142 protected function get_default_data() { 143 $data = parent::get_default_data(); 144 if ($this->manage) { 145 unset($data->userid); 146 } 147 148 return $data; 149 } 150 151 /** 152 * Form validation. 153 * 154 * @param stdClass $data 155 * @param array $files 156 * @param array $errors 157 * @return array 158 * @throws coding_exception 159 * @throws dml_exception 160 */ 161 public function extra_validation($data, $files, array &$errors) { 162 global $USER; 163 164 $validrequesttypes = [ 165 api::DATAREQUEST_TYPE_EXPORT, 166 api::DATAREQUEST_TYPE_DELETE 167 ]; 168 if (!in_array($data->type, $validrequesttypes)) { 169 $errors['type'] = get_string('errorinvalidrequesttype', 'tool_dataprivacy'); 170 } 171 172 $userid = $data->userid; 173 174 if (api::has_ongoing_request($userid, $data->type)) { 175 $errors['type'] = get_string('errorrequestalreadyexists', 'tool_dataprivacy'); 176 } 177 178 // Check if current user can create data requests. 179 if ($data->type == api::DATAREQUEST_TYPE_DELETE) { 180 if ($userid == $USER->id) { 181 if (!api::can_create_data_deletion_request_for_self()) { 182 $errors['type'] = get_string('errorcannotrequestdeleteforself', 'tool_dataprivacy'); 183 } 184 } else if (!api::can_create_data_deletion_request_for_other() 185 && !api::can_create_data_deletion_request_for_children($userid)) { 186 $errors['type'] = get_string('errorcannotrequestdeleteforother', 'tool_dataprivacy'); 187 } 188 } else if ($data->type == api::DATAREQUEST_TYPE_EXPORT) { 189 if ($userid == $USER->id && !api::can_create_data_download_request_for_self()) { 190 $errors['type'] = get_string('errorcannotrequestexportforself', 'tool_dataprivacy'); 191 } 192 } 193 194 return $errors; 195 } 196 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body