See Release Notes
Long Term Support Release
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Privacy class for requesting user data. 19 * 20 * @package core_comment 21 * @copyright 2018 Adrian Greeve <adrian@moodle.com> 22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 23 */ 24 25 namespace core_comment\privacy; 26 27 defined('MOODLE_INTERNAL') || die(); 28 29 use \core_privacy\local\metadata\collection; 30 use \core_privacy\local\request\transform; 31 use \core_privacy\local\request\userlist; 32 33 /** 34 * Privacy class for requesting user data. 35 * 36 * @package core_comment 37 * @copyright 2018 Adrian Greeve <adrian@moodle.com> 38 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 39 */ 40 class provider implements 41 \core_privacy\local\metadata\provider, 42 \core_privacy\local\request\subsystem\plugin_provider, 43 \core_privacy\local\request\shared_userlist_provider 44 { 45 46 /** 47 * Returns meta data about this system. 48 * 49 * @param collection $collection The initialised collection to add items to. 50 * @return collection A listing of user data stored through this system. 51 */ 52 public static function get_metadata(collection $collection) : collection { 53 $collection->add_database_table('comments', [ 54 'content' => 'privacy:metadata:comment:content', 55 'timecreated' => 'privacy:metadata:comment:timecreated', 56 'userid' => 'privacy:metadata:comment:userid', 57 ], 'privacy:metadata:comment'); 58 59 return $collection; 60 } 61 62 /** 63 * Writes user data to the writer for the user to download. 64 * 65 * @param \context $context The context to export data for. 66 * @param string $component The component that is calling this function 67 * @param string $commentarea The comment area related to the component 68 * @param int $itemid An identifier for a group of comments 69 * @param array $subcontext The sub-context in which to export this data 70 * @param bool $onlyforthisuser Only return the comments this user made. 71 */ 72 public static function export_comments(\context $context, string $component, string $commentarea, int $itemid, 73 array $subcontext, bool $onlyforthisuser = true) { 74 global $USER, $DB; 75 $params = [ 76 'contextid' => $context->id, 77 'component' => $component, 78 'commentarea' => $commentarea, 79 'itemid' => $itemid 80 ]; 81 $sql = "SELECT c.id, c.content, c.format, c.timecreated, c.userid 82 FROM {comments} c 83 WHERE c.contextid = :contextid AND 84 c.commentarea = :commentarea AND 85 c.itemid = :itemid AND 86 (c.component IS NULL OR c.component = :component)"; 87 if ($onlyforthisuser) { 88 $sql .= " AND c.userid = :userid"; 89 $params['userid'] = $USER->id; 90 } 91 $sql .= " ORDER BY c.timecreated DESC"; 92 93 $rs = $DB->get_recordset_sql($sql, $params); 94 $comments = []; 95 foreach ($rs as $record) { 96 if ($record->userid != $USER->id) { 97 // Clean HTML in comments that were added by other users. 98 $comment = ['content' => format_text($record->content, $record->format, ['context' => $context])]; 99 } else { 100 // Export comments made by this user as they are stored. 101 $comment = ['content' => $record->content, 'contentformat' => $record->format]; 102 } 103 $comment += [ 104 'time' => transform::datetime($record->timecreated), 105 'userid' => transform::user($record->userid), 106 ]; 107 $comments[] = (object)$comment; 108 } 109 $rs->close(); 110 111 if (!empty($comments)) { 112 $subcontext[] = get_string('commentsubcontext', 'core_comment'); 113 \core_privacy\local\request\writer::with_context($context) 114 ->export_data($subcontext, (object) [ 115 'comments' => $comments, 116 ]); 117 } 118 } 119 120 /** 121 * Deletes all comments for a specified context, component, and commentarea. 122 * 123 * @param \context $context Details about which context to delete comments for. 124 * @param string $component Component to delete. 125 * @param string $commentarea Comment area to delete. 126 * @param int $itemid The item ID for use with deletion. 127 */ 128 public static function delete_comments_for_all_users(\context $context, string $component, string $commentarea = null, 129 int $itemid = null) { 130 global $DB; 131 $params = [ 132 'contextid' => $context->id, 133 'component' => $component 134 ]; 135 if (isset($commentarea)) { 136 $params['commentarea'] = $commentarea; 137 } 138 if (isset($itemid)) { 139 $params['itemid'] = $itemid; 140 } 141 $DB->delete_records('comments', $params); 142 } 143 144 /** 145 * Deletes all comments for a specified context, component, and commentarea. 146 * 147 * @param \context $context Details about which context to delete comments for. 148 * @param string $component Component to delete. 149 * @param string $commentarea Comment area to delete. 150 * @param string $itemidstest an SQL fragment that the itemid must match. Used 151 * in the query like WHERE itemid $itemidstest. Must use named parameters, 152 * and may not use named parameters called contextid, component or commentarea. 153 * @param array $params any query params used by $itemidstest. 154 */ 155 public static function delete_comments_for_all_users_select(\context $context, string $component, string $commentarea, 156 $itemidstest, $params = []) { 157 global $DB; 158 $params += ['contextid' => $context->id, 'component' => $component, 'commentarea' => $commentarea]; 159 $DB->delete_records_select('comments', 160 'contextid = :contextid AND component = :component AND commentarea = :commentarea AND itemid ' . $itemidstest, 161 $params); 162 } 163 164 /** 165 * Deletes all records for a user from a list of approved contexts. 166 * 167 * @param \core_privacy\local\request\approved_contextlist $contextlist Contains the user ID and a list of contexts to be 168 * deleted from. 169 * @param string $component Component to delete from. 170 * @param string $commentarea Area to delete from. 171 * @param int $itemid The item id to delete from. 172 */ 173 public static function delete_comments_for_user(\core_privacy\local\request\approved_contextlist $contextlist, 174 string $component, string $commentarea = null, int $itemid = null) { 175 global $DB; 176 177 $userid = $contextlist->get_user()->id; 178 $contextids = implode(',', $contextlist->get_contextids()); 179 $params = [ 180 'userid' => $userid, 181 'component' => $component, 182 ]; 183 $areasql = ''; 184 if (isset($commentarea)) { 185 $params['commentarea'] = $commentarea; 186 $areasql = 'AND commentarea = :commentarea'; 187 } 188 $itemsql = ''; 189 if (isset($itemid)) { 190 $params['itemid'] = $itemid; 191 $itemsql = 'AND itemid = :itemid'; 192 } 193 list($insql, $inparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED); 194 $params += $inparams; 195 196 $select = "userid = :userid AND component = :component $areasql $itemsql AND contextid $insql"; 197 $DB->delete_records_select('comments', $select, $params); 198 } 199 200 /** 201 * Deletes all records for a context from a list of approved users. 202 * 203 * @param \core_privacy\local\request\approved_userlist $userlist Contains the list of users and 204 * a context to be deleted from. 205 * @param string $component Component to delete from. 206 * @param string $commentarea Area to delete from. 207 * @param int $itemid The item id to delete from. 208 */ 209 public static function delete_comments_for_users(\core_privacy\local\request\approved_userlist $userlist, 210 string $component, string $commentarea = null, int $itemid = null) { 211 global $DB; 212 213 $context = $userlist->get_context(); 214 $params = [ 215 'contextid' => $context->id, 216 'component' => $component, 217 ]; 218 $areasql = ''; 219 if (isset($commentarea)) { 220 $params['commentarea'] = $commentarea; 221 $areasql = 'AND commentarea = :commentarea'; 222 } 223 $itemsql = ''; 224 if (isset($itemid)) { 225 $params['itemid'] = $itemid; 226 $itemsql = 'AND itemid = :itemid'; 227 } 228 list($insql, $inparams) = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED); 229 $params += $inparams; 230 231 $select = "contextid = :contextid AND component = :component {$areasql} {$itemsql} AND userid {$insql}"; 232 $DB->delete_records_select('comments', $select, $params); 233 } 234 235 /** 236 * Add the list of users who have commented in the specified constraints. 237 * 238 * @param userlist $userlist The userlist to add the users to. 239 * @param string $alias An alias prefix to use for comment selects to avoid interference with your own sql. 240 * @param string $component The component to check. 241 * @param string $area The comment area to check. 242 * @param int $contextid The context id. 243 * @param string $insql The SQL to use in a sub-select for the itemid query. 244 * @param array $params The params required for the insql. 245 */ 246 public static function get_users_in_context_from_sql( 247 userlist $userlist, string $alias, string $component, string $area, int $contextid = null, string $insql = '', 248 array $params = []) { 249 250 if ($insql != '') { 251 $insql = "AND {$alias}.itemid {$insql}"; 252 } 253 $contextsql = ''; 254 if (isset($contextid)) { 255 $contextsql = "AND {$alias}.contextid = :{$alias}contextid"; 256 $params["{$alias}contextid"] = $contextid; 257 } 258 259 // Comment authors. 260 $sql = "SELECT {$alias}.userid 261 FROM {comments} {$alias} 262 WHERE {$alias}.component = :{$alias}component 263 AND {$alias}.commentarea = :{$alias}commentarea 264 $contextsql $insql"; 265 266 $params["{$alias}component"] = $component; 267 $params["{$alias}commentarea"] = $area; 268 269 $userlist->add_from_sql('userid', $sql, $params); 270 } 271 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body