Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Privacy provider tests.
  19   *
  20   * @package    tool_policy
  21   * @category   test
  22   * @copyright  2018 Sara Arjona <sara@moodle.com>
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  namespace tool_policy\privacy;
  26  
  27  use core_privacy\local\metadata\collection;
  28  use tool_policy\privacy\provider;
  29  use tool_policy\api;
  30  use tool_policy\policy_version;
  31  use core_privacy\local\request\approved_contextlist;
  32  use core_privacy\local\request\writer;
  33  
  34  defined('MOODLE_INTERNAL') || die();
  35  
  36  /**
  37   * Privacy provider tests class.
  38   *
  39   * @copyright  2018 Sara Arjona <sara@moodle.com>
  40   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  41   */
  42  class provider_test extends \core_privacy\tests\provider_testcase {
  43      /** @var stdClass The user object. */
  44      protected $user;
  45  
  46      /** @var stdClass The manager user object. */
  47      protected $manager;
  48  
  49      /** @var context_system The system context instance. */
  50      protected $syscontext;
  51  
  52      /**
  53       * Setup function. Will create a user.
  54       */
  55      protected function setUp(): void {
  56          $this->resetAfterTest();
  57  
  58          $generator = $this->getDataGenerator();
  59          $this->user = $generator->create_user();
  60  
  61          // Create manager user.
  62          $this->manager = $generator->create_user();
  63          $this->syscontext = \context_system::instance();
  64          $rolemanagerid = create_role('Policy manager', 'policymanager', 'Can manage policy documents');
  65          assign_capability('tool/policy:managedocs', CAP_ALLOW, $rolemanagerid, $this->syscontext->id);
  66          assign_capability('tool/policy:acceptbehalf', CAP_ALLOW, $rolemanagerid, $this->syscontext->id);
  67          role_assign($rolemanagerid, $this->manager->id, $this->syscontext->id);
  68          accesslib_clear_all_caches_for_unit_testing();
  69      }
  70  
  71      /**
  72       * Test getting the context for the user ID related to this plugin.
  73       */
  74      public function test_get_contexts_for_userid() {
  75          global $CFG;
  76  
  77          // When there are no policies or agreements context list is empty.
  78          $contextlist = \tool_policy\privacy\provider::get_contexts_for_userid($this->manager->id);
  79          $this->assertEmpty($contextlist);
  80          $contextlist = \tool_policy\privacy\provider::get_contexts_for_userid($this->user->id);
  81          $this->assertEmpty($contextlist);
  82  
  83          // Create a policy.
  84          $this->setUser($this->manager);
  85          $CFG->sitepolicyhandler = 'tool_policy';
  86          $policy = $this->add_policy();
  87          api::make_current($policy->get('id'));
  88  
  89          // After creating a policy, there should be manager context.
  90          $contextlist = \tool_policy\privacy\provider::get_contexts_for_userid($this->manager->id);
  91          $this->assertEquals(1, $contextlist->count());
  92  
  93          // But when there are no agreements, user context list is empty.
  94          $contextlist = \tool_policy\privacy\provider::get_contexts_for_userid($this->user->id);
  95          $this->assertEmpty($contextlist);
  96  
  97          // Agree to the policy.
  98          $this->setUser($this->user);
  99          api::accept_policies([$policy->get('id')]);
 100  
 101          // There should be user context.
 102          $contextlist = \tool_policy\privacy\provider::get_contexts_for_userid($this->user->id);
 103          $this->assertEquals(1, $contextlist->count());
 104      }
 105  
 106      /**
 107       * Test getting the user IDs within the context related to this plugin.
 108       */
 109      public function test_get_users_in_context() {
 110          global $CFG;
 111          $component = 'tool_policy';
 112  
 113          // System context should have nothing before a policy is added.
 114          $userlist = new \core_privacy\local\request\userlist($this->syscontext, $component);
 115          provider::get_users_in_context($userlist);
 116          $this->assertEmpty($userlist);
 117  
 118          // Create parent and child users.
 119          $generator = $this->getDataGenerator();
 120          $parentuser = $generator->create_user();
 121          $childuser = $generator->create_user();
 122  
 123          // Fetch relevant contexts.
 124          $managercontext = \context_user::instance($this->manager->id);
 125          $usercontext = $managercontext = \context_user::instance($this->user->id);
 126          $parentcontext = $managercontext = \context_user::instance($parentuser->id);
 127          $childcontext = $managercontext = \context_user::instance($childuser->id);
 128  
 129          // Assign parent to accept on behalf of the child.
 130          $roleparentid = create_role('Parent', 'parent', 'Can accept policies on behalf of their child');
 131          assign_capability('tool/policy:acceptbehalf', CAP_ALLOW, $roleparentid, $this->syscontext->id);
 132          role_assign($roleparentid, $parentuser->id, $childcontext->id);
 133  
 134          // Create a policy.
 135          $this->setUser($this->manager);
 136          $CFG->sitepolicyhandler = 'tool_policy';
 137          $policy = $this->add_policy();
 138          api::make_current($policy->get('id'));
 139  
 140          // Manager should exist in system context now they have created a policy.
 141          $userlist = new \core_privacy\local\request\userlist($this->syscontext, $component);
 142          provider::get_users_in_context($userlist);
 143          $this->assertCount(1, $userlist);
 144          $this->assertEquals([$this->manager->id], $userlist->get_userids());
 145  
 146          // User contexts should be empty before policy acceptances.
 147          $userlist = new \core_privacy\local\request\userlist($usercontext, $component);
 148          provider::get_users_in_context($userlist);
 149          $this->assertEmpty($userlist);
 150  
 151          $userlist = new \core_privacy\local\request\userlist($parentcontext, $component);
 152          provider::get_users_in_context($userlist);
 153          $this->assertEmpty($userlist);
 154  
 155          $userlist = new \core_privacy\local\request\userlist($childcontext, $component);
 156          provider::get_users_in_context($userlist);
 157          $this->assertEmpty($userlist);
 158  
 159          // User accepts policy, parent accepts on behalf of child only.
 160          $this->setUser($this->user);
 161          api::accept_policies([$policy->get('id')]);
 162  
 163          $this->setUser($parentuser);
 164          api::accept_policies([$policy->get('id')], $childuser->id);
 165  
 166          // Ensure user is fetched within its user context.
 167          $userlist = new \core_privacy\local\request\userlist($usercontext, $component);
 168          provider::get_users_in_context($userlist);
 169          $this->assertCount(1, $userlist);
 170          $this->assertEquals([$this->user->id], $userlist->get_userids());
 171  
 172          // Ensure parent and child are both found within child's user context.
 173          $userlist = new \core_privacy\local\request\userlist($childcontext, $component);
 174          provider::get_users_in_context($userlist);
 175          $this->assertCount(2, $userlist);
 176          $expected = [$parentuser->id, $childuser->id];
 177          $actual = $userlist->get_userids();
 178          sort($expected);
 179          sort($actual);
 180          $this->assertEquals($expected, $actual);
 181  
 182          // Parent has not accepted for itself, so should not be found within its user context.
 183          $userlist = new \core_privacy\local\request\userlist($parentcontext, $component);
 184          provider::get_users_in_context($userlist);
 185          $this->assertCount(0, $userlist);
 186      }
 187  
 188      public function test_export_agreements() {
 189          global $CFG;
 190  
 191          $otheruser = $this->getDataGenerator()->create_user();
 192          $otherusercontext = \context_user::instance($otheruser->id);
 193  
 194          // Create policies and agree to them as manager.
 195          $this->setUser($this->manager);
 196          $managercontext = \context_user::instance($this->manager->id);
 197          $systemcontext = \context_system::instance();
 198          $agreementsubcontext = [
 199              get_string('privacyandpolicies', 'admin'),
 200              get_string('useracceptances', 'tool_policy')
 201          ];
 202          $versionsubcontext = [
 203              get_string('policydocuments', 'tool_policy')
 204          ];
 205          $CFG->sitepolicyhandler = 'tool_policy';
 206          $policy1 = $this->add_policy();
 207          api::make_current($policy1->get('id'));
 208          $policy2 = $this->add_policy();
 209          api::make_current($policy2->get('id'));
 210          api::accept_policies([$policy1->get('id'), $policy2->get('id')]);
 211  
 212          // Agree to the policies for oneself.
 213          $this->setUser($this->user);
 214          $usercontext = \context_user::instance($this->user->id);
 215          api::accept_policies([$policy1->get('id'), $policy2->get('id')]);
 216  
 217          // Request export for this user.
 218          $contextlist = provider::get_contexts_for_userid($this->user->id);
 219          $this->assertCount(1, $contextlist);
 220          $this->assertEquals([$usercontext->id], $contextlist->get_contextids());
 221  
 222          $approvedcontextlist = new approved_contextlist($this->user, 'tool_policy', [$usercontext->id]);
 223          provider::export_user_data($approvedcontextlist);
 224  
 225          // User can not see manager's agreements but can see his own.
 226          $writer = writer::with_context($managercontext);
 227          $this->assertFalse($writer->has_any_data());
 228  
 229          $writer = writer::with_context($usercontext);
 230          $this->assertTrue($writer->has_any_data());
 231  
 232          // Test policy 1.
 233          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy1->to_record())]);
 234          $datauser = $writer->get_data($subcontext);
 235          $this->assertEquals($policy1->get('name'), $datauser->name);
 236          $this->assertEquals($this->user->id, $datauser->agreedby);
 237          $this->assertEquals(strip_tags($policy1->get('summary')), strip_tags($datauser->summary));
 238          $this->assertEquals(strip_tags($policy1->get('content')), strip_tags($datauser->content));
 239  
 240          // Test policy 2.
 241          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy2->to_record())]);
 242          $datauser = $writer->get_data($subcontext);
 243          $this->assertEquals($policy2->get('name'), $datauser->name);
 244          $this->assertEquals($this->user->id, $datauser->agreedby);
 245          $this->assertEquals(strip_tags($policy2->get('summary')), strip_tags($datauser->summary));
 246          $this->assertEquals(strip_tags($policy2->get('content')), strip_tags($datauser->content));
 247      }
 248  
 249      public function test_export_agreements_for_other() {
 250          global $CFG;
 251  
 252          $managercontext = \context_user::instance($this->manager->id);
 253          $systemcontext = \context_system::instance();
 254          $usercontext = \context_user::instance($this->user->id);
 255  
 256          // Create policies and agree to them as manager.
 257          $this->setUser($this->manager);
 258          $agreementsubcontext = [
 259              get_string('privacyandpolicies', 'admin'),
 260              get_string('useracceptances', 'tool_policy')
 261          ];
 262          $versionsubcontext = [
 263              get_string('policydocuments', 'tool_policy')
 264          ];
 265          $CFG->sitepolicyhandler = 'tool_policy';
 266          $policy1 = $this->add_policy();
 267          api::make_current($policy1->get('id'));
 268          $policy2 = $this->add_policy();
 269          api::make_current($policy2->get('id'));
 270          api::accept_policies([$policy1->get('id'), $policy2->get('id')]);
 271  
 272          // Agree to the other user's policies.
 273          api::accept_policies([$policy1->get('id'), $policy2->get('id')], $this->user->id, 'My note');
 274  
 275          // Request export for the manager.
 276          $contextlist = provider::get_contexts_for_userid($this->manager->id);
 277          $this->assertCount(3, $contextlist);
 278          $this->assertEqualsCanonicalizing(
 279              [$managercontext->id, $usercontext->id, $systemcontext->id],
 280              $contextlist->get_contextids()
 281          );
 282  
 283          $approvedcontextlist = new approved_contextlist($this->user, 'tool_policy', [$usercontext->id]);
 284          provider::export_user_data($approvedcontextlist);
 285  
 286          // The user context has data.
 287          $writer = writer::with_context($usercontext);
 288          $this->assertTrue($writer->has_any_data());
 289  
 290          // Test policy 1.
 291          $writer = writer::with_context($usercontext);
 292          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy1->to_record())]);
 293          $datauser = $writer->get_data($subcontext);
 294          $this->assertEquals($policy1->get('name'), $datauser->name);
 295          $this->assertEquals($this->manager->id, $datauser->agreedby);
 296          $this->assertEquals(strip_tags($policy1->get('summary')), strip_tags($datauser->summary));
 297          $this->assertEquals(strip_tags($policy1->get('content')), strip_tags($datauser->content));
 298  
 299          // Test policy 2.
 300          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy2->to_record())]);
 301          $datauser = $writer->get_data($subcontext);
 302          $this->assertEquals($policy2->get('name'), $datauser->name);
 303          $this->assertEquals($this->manager->id, $datauser->agreedby);
 304          $this->assertEquals(strip_tags($policy2->get('summary')), strip_tags($datauser->summary));
 305          $this->assertEquals(strip_tags($policy2->get('content')), strip_tags($datauser->content));
 306      }
 307  
 308      public function test_export_created_policies() {
 309          global $CFG;
 310  
 311          // Create policies and agree to them as manager.
 312          $this->setUser($this->manager);
 313          $managercontext = \context_user::instance($this->manager->id);
 314          $systemcontext = \context_system::instance();
 315          $agreementsubcontext = [
 316              get_string('privacyandpolicies', 'admin'),
 317              get_string('useracceptances', 'tool_policy')
 318          ];
 319          $versionsubcontext = [
 320              get_string('policydocuments', 'tool_policy')
 321          ];
 322          $CFG->sitepolicyhandler = 'tool_policy';
 323          $policy1 = $this->add_policy();
 324          api::make_current($policy1->get('id'));
 325          $policy2 = $this->add_policy();
 326          api::make_current($policy2->get('id'));
 327          api::accept_policies([$policy1->get('id'), $policy2->get('id')]);
 328  
 329          // Agree to the policies for oneself.
 330          $contextlist = provider::get_contexts_for_userid($this->manager->id);
 331          $this->assertCount(2, $contextlist);
 332          $this->assertEqualsCanonicalizing([$managercontext->id, $systemcontext->id], $contextlist->get_contextids());
 333  
 334          $approvedcontextlist = new approved_contextlist($this->manager, 'tool_policy', $contextlist->get_contextids());
 335          provider::export_user_data($approvedcontextlist);
 336  
 337          // User has agreed to policies.
 338          $writer = writer::with_context($managercontext);
 339          $this->assertTrue($writer->has_any_data());
 340  
 341          // Test policy 1.
 342          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy1->to_record())]);
 343          $datauser = $writer->get_data($subcontext);
 344          $this->assertEquals($policy1->get('name'), $datauser->name);
 345          $this->assertEquals($this->manager->id, $datauser->agreedby);
 346          $this->assertEquals(strip_tags($policy1->get('summary')), strip_tags($datauser->summary));
 347          $this->assertEquals(strip_tags($policy1->get('content')), strip_tags($datauser->content));
 348  
 349          // Test policy 2.
 350          $subcontext = array_merge($agreementsubcontext, [get_string('policynamedversion', 'tool_policy', $policy2->to_record())]);
 351          $datauser = $writer->get_data($subcontext);
 352          $this->assertEquals($policy2->get('name'), $datauser->name);
 353          $this->assertEquals($this->manager->id, $datauser->agreedby);
 354          $this->assertEquals(strip_tags($policy2->get('summary')), strip_tags($datauser->summary));
 355          $this->assertEquals(strip_tags($policy2->get('content')), strip_tags($datauser->content));
 356  
 357          // User can see policy documents.
 358          $writer = writer::with_context($systemcontext);
 359          $this->assertTrue($writer->has_any_data());
 360  
 361          $subcontext = array_merge($versionsubcontext, [get_string('policynamedversion', 'tool_policy', $policy1->to_record())]);
 362          $dataversion = $writer->get_data($subcontext);
 363          $this->assertEquals($policy1->get('name'), $dataversion->name);
 364          $this->assertEquals(get_string('yes'), $dataversion->createdbyme);
 365  
 366          $subcontext = array_merge($versionsubcontext, [get_string('policynamedversion', 'tool_policy', $policy2->to_record())]);
 367          $dataversion = $writer->get_data($subcontext);
 368          $this->assertEquals($policy2->get('name'), $dataversion->name);
 369          $this->assertEquals(get_string('yes'), $dataversion->createdbyme);
 370      }
 371  
 372      /**
 373       * Helper method that creates a new policy for testing
 374       *
 375       * @param array $params
 376       * @return policy_version
 377       */
 378      protected function add_policy($params = []) {
 379          static $counter = 0;
 380          $counter++;
 381  
 382          $defaults = [
 383              'name' => 'Policy '.$counter,
 384              'summary_editor' => ['text' => "P$counter summary", 'format' => FORMAT_HTML, 'itemid' => 0],
 385              'content_editor' => ['text' => "P$counter content", 'format' => FORMAT_HTML, 'itemid' => 0],
 386          ];
 387  
 388          $params = (array)$params + $defaults;
 389          $formdata = \tool_policy\api::form_policydoc_data(new policy_version(0));
 390          foreach ($params as $key => $value) {
 391              $formdata->$key = $value;
 392          }
 393          return api::form_policydoc_add($formdata);
 394      }
 395  }