Search moodle.org's
Developer Documentation
Developer Documentation
See Release Notes
Long Term Support Release
- Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
- Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
- PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/enrol/paypal/classes/privacy/ -> provider.php (source)
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Privacy Subsystem implementation for enrol_paypal. 19 * 20 * @package enrol_paypal 21 * @category privacy 22 * @copyright 2018 Shamim Rezaie <shamim@moodle.com> 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 namespace enrol_paypal\privacy; 27 28 defined('MOODLE_INTERNAL') || die(); 29 30 use core_privacy\local\metadata\collection; 31 use core_privacy\local\request\approved_contextlist; 32 use core_privacy\local\request\approved_userlist; 33 use core_privacy\local\request\contextlist; 34 use core_privacy\local\request\userlist; 35 use core_privacy\local\request\writer; 36 37 /** 38 * Privacy Subsystem implementation for enrol_paypal. 39 * 40 * @copyright 2018 Shamim Rezaie <shamim@moodle.com> 41 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 42 */ 43 class provider implements 44 // Transactions store user data. 45 \core_privacy\local\metadata\provider, 46 47 // The paypal enrolment plugin contains user's transactions. 48 \core_privacy\local\request\plugin\provider, 49 50 // This plugin is capable of determining which users have data within it. 51 \core_privacy\local\request\core_userlist_provider { 52 53 /** 54 * Returns meta data about this system. 55 * 56 * @param collection $collection The initialised collection to add items to. 57 * @return collection A listing of user data stored through this system. 58 */ 59 public static function get_metadata(collection $collection) : collection { 60 $collection->add_external_location_link( 61 'paypal.com', 62 [ 63 'os0' => 'privacy:metadata:enrol_paypal:paypal_com:os0', 64 'custom' => 'privacy:metadata:enrol_paypal:paypal_com:custom', 65 'first_name' => 'privacy:metadata:enrol_paypal:paypal_com:first_name', 66 'last_name' => 'privacy:metadata:enrol_paypal:paypal_com:last_name', 67 'address' => 'privacy:metadata:enrol_paypal:paypal_com:address', 68 'city' => 'privacy:metadata:enrol_paypal:paypal_com:city', 69 'email' => 'privacy:metadata:enrol_paypal:paypal_com:email', 70 'country' => 'privacy:metadata:enrol_paypal:paypal_com:country', 71 ], 72 'privacy:metadata:enrol_paypal:paypal_com' 73 ); 74 75 // The enrol_paypal has a DB table that contains user data. 76 $collection->add_database_table( 77 'enrol_paypal', 78 [ 79 'business' => 'privacy:metadata:enrol_paypal:enrol_paypal:business', 80 'receiver_email' => 'privacy:metadata:enrol_paypal:enrol_paypal:receiver_email', 81 'receiver_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:receiver_id', 82 'item_name' => 'privacy:metadata:enrol_paypal:enrol_paypal:item_name', 83 'courseid' => 'privacy:metadata:enrol_paypal:enrol_paypal:courseid', 84 'userid' => 'privacy:metadata:enrol_paypal:enrol_paypal:userid', 85 'instanceid' => 'privacy:metadata:enrol_paypal:enrol_paypal:instanceid', 86 'memo' => 'privacy:metadata:enrol_paypal:enrol_paypal:memo', 87 'tax' => 'privacy:metadata:enrol_paypal:enrol_paypal:tax', 88 'option_selection1_x' => 'privacy:metadata:enrol_paypal:enrol_paypal:option_selection1_x', 89 'payment_status' => 'privacy:metadata:enrol_paypal:enrol_paypal:payment_status', 90 'pending_reason' => 'privacy:metadata:enrol_paypal:enrol_paypal:pending_reason', 91 'reason_code' => 'privacy:metadata:enrol_paypal:enrol_paypal:reason_code', 92 'txn_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:txn_id', 93 'parent_txn_id' => 'privacy:metadata:enrol_paypal:enrol_paypal:parent_txn_id', 94 'payment_type' => 'privacy:metadata:enrol_paypal:enrol_paypal:payment_type', 95 'timeupdated' => 'privacy:metadata:enrol_paypal:enrol_paypal:timeupdated' 96 ], 97 'privacy:metadata:enrol_paypal:enrol_paypal' 98 ); 99 100 return $collection; 101 } 102 103 /** 104 * Get the list of contexts that contain user information for the specified user. 105 * 106 * @param int $userid The user to search. 107 * @return contextlist The contextlist containing the list of contexts used in this plugin. 108 */ 109 public static function get_contexts_for_userid(int $userid) : contextlist { 110 $contextlist = new contextlist(); 111 112 // Values of ep.receiver_email and ep.business are already normalised to lowercase characters by PayPal, 113 // therefore there is no need to use LOWER() on them in the following query. 114 $sql = "SELECT ctx.id 115 FROM {enrol_paypal} ep 116 JOIN {enrol} e ON ep.instanceid = e.id 117 JOIN {context} ctx ON e.courseid = ctx.instanceid AND ctx.contextlevel = :contextcourse 118 JOIN {user} u ON u.id = ep.userid OR LOWER(u.email) = ep.receiver_email OR LOWER(u.email) = ep.business 119 WHERE u.id = :userid"; 120 $params = [ 121 'contextcourse' => CONTEXT_COURSE, 122 'userid' => $userid, 123 ]; 124 125 $contextlist->add_from_sql($sql, $params); 126 127 return $contextlist; 128 } 129 130 /** 131 * Get the list of users who have data within a context. 132 * 133 * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination. 134 */ 135 public static function get_users_in_context(userlist $userlist) { 136 $context = $userlist->get_context(); 137 138 if (!$context instanceof \context_course) { 139 return; 140 } 141 142 // Values of ep.receiver_email and ep.business are already normalised to lowercase characters by PayPal, 143 // therefore there is no need to use LOWER() on them in the following query. 144 $sql = "SELECT u.id 145 FROM {enrol_paypal} ep 146 JOIN {enrol} e ON ep.instanceid = e.id 147 JOIN {user} u ON ep.userid = u.id OR LOWER(u.email) = ep.receiver_email OR LOWER(u.email) = ep.business 148 WHERE e.courseid = :courseid"; 149 $params = ['courseid' => $context->instanceid]; 150 151 $userlist->add_from_sql('id', $sql, $params); 152 } 153 154 /** 155 * Export all user data for the specified user, in the specified contexts. 156 * 157 * @param approved_contextlist $contextlist The approved contexts to export information for. 158 */ 159 public static function export_user_data(approved_contextlist $contextlist) { 160 global $DB; 161 162 if (empty($contextlist->count())) { 163 return; 164 } 165 166 $user = $contextlist->get_user(); 167 168 list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED); 169 170 // Values of ep.receiver_email and ep.business are already normalised to lowercase characters by PayPal, 171 // therefore there is no need to use LOWER() on them in the following query. 172 $sql = "SELECT ep.* 173 FROM {enrol_paypal} ep 174 JOIN {enrol} e ON ep.instanceid = e.id 175 JOIN {context} ctx ON e.courseid = ctx.instanceid AND ctx.contextlevel = :contextcourse 176 JOIN {user} u ON u.id = ep.userid OR LOWER(u.email) = ep.receiver_email OR LOWER(u.email) = ep.business 177 WHERE ctx.id {$contextsql} AND u.id = :userid 178 ORDER BY e.courseid"; 179 180 $params = [ 181 'contextcourse' => CONTEXT_COURSE, 182 'userid' => $user->id, 183 'emailuserid' => $user->id, 184 ]; 185 $params += $contextparams; 186 187 // Reference to the course seen in the last iteration of the loop. By comparing this with the current record, and 188 // because we know the results are ordered, we know when we've moved to the PayPal transactions for a new course 189 // and therefore when we can export the complete data for the last course. 190 $lastcourseid = null; 191 192 $strtransactions = get_string('transactions', 'enrol_paypal'); 193 $transactions = []; 194 $paypalrecords = $DB->get_recordset_sql($sql, $params); 195 foreach ($paypalrecords as $paypalrecord) { 196 if ($lastcourseid != $paypalrecord->courseid) { 197 if (!empty($transactions)) { 198 $coursecontext = \context_course::instance($paypalrecord->courseid); 199 writer::with_context($coursecontext)->export_data( 200 [$strtransactions], 201 (object) ['transactions' => $transactions] 202 ); 203 } 204 $transactions = []; 205 } 206 207 $transaction = (object) [ 208 'receiver_id' => $paypalrecord->receiver_id, 209 'item_name' => $paypalrecord->item_name, 210 'userid' => $paypalrecord->userid, 211 'memo' => $paypalrecord->memo, 212 'tax' => $paypalrecord->tax, 213 'option_name1' => $paypalrecord->option_name1, 214 'option_selection1_x' => $paypalrecord->option_selection1_x, 215 'option_name2' => $paypalrecord->option_name2, 216 'option_selection2_x' => $paypalrecord->option_selection2_x, 217 'payment_status' => $paypalrecord->payment_status, 218 'pending_reason' => $paypalrecord->pending_reason, 219 'reason_code' => $paypalrecord->reason_code, 220 'txn_id' => $paypalrecord->txn_id, 221 'parent_txn_id' => $paypalrecord->parent_txn_id, 222 'payment_type' => $paypalrecord->payment_type, 223 'timeupdated' => \core_privacy\local\request\transform::datetime($paypalrecord->timeupdated), 224 ]; 225 if ($paypalrecord->userid == $user->id) { 226 $transaction->userid = $paypalrecord->userid; 227 } 228 if ($paypalrecord->business == \core_text::strtolower($user->email)) { 229 $transaction->business = $paypalrecord->business; 230 } 231 if ($paypalrecord->receiver_email == \core_text::strtolower($user->email)) { 232 $transaction->receiver_email = $paypalrecord->receiver_email; 233 } 234 235 $transactions[] = $paypalrecord; 236 237 $lastcourseid = $paypalrecord->courseid; 238 } 239 $paypalrecords->close(); 240 241 // The data for the last activity won't have been written yet, so make sure to write it now! 242 if (!empty($transactions)) { 243 $coursecontext = \context_course::instance($paypalrecord->courseid); 244 writer::with_context($coursecontext)->export_data( 245 [$strtransactions], 246 (object) ['transactions' => $transactions] 247 ); 248 } 249 } 250 251 /** 252 * Delete all data for all users in the specified context. 253 * 254 * @param \context $context The specific context to delete data for. 255 */ 256 public static function delete_data_for_all_users_in_context(\context $context) { 257 global $DB; 258 259 if (!$context instanceof \context_course) { 260 return; 261 } 262 263 $DB->delete_records('enrol_paypal', array('courseid' => $context->instanceid)); 264 } 265 266 /** 267 * Delete all user data for the specified user, in the specified contexts. 268 * 269 * @param approved_contextlist $contextlist The approved contexts and user information to delete information for. 270 */ 271 public static function delete_data_for_user(approved_contextlist $contextlist) { 272 global $DB; 273 274 if (empty($contextlist->count())) { 275 return; 276 } 277 278 $user = $contextlist->get_user(); 279 280 $contexts = $contextlist->get_contexts(); 281 $courseids = []; 282 foreach ($contexts as $context) { 283 if ($context instanceof \context_course) { 284 $courseids[] = $context->instanceid; 285 } 286 } 287 288 list($insql, $inparams) = $DB->get_in_or_equal($courseids, SQL_PARAMS_NAMED); 289 290 $select = "userid = :userid AND courseid $insql"; 291 $params = $inparams + ['userid' => $user->id]; 292 $DB->delete_records_select('enrol_paypal', $select, $params); 293 294 // We do not want to delete the payment record when the user is just the receiver of payment. 295 // In that case, we just delete the receiver's info from the transaction record. 296 297 $select = "business = :business AND courseid $insql"; 298 $params = $inparams + ['business' => \core_text::strtolower($user->email)]; 299 $DB->set_field_select('enrol_paypal', 'business', '', $select, $params); 300 301 $select = "receiver_email = :receiver_email AND courseid $insql"; 302 $params = $inparams + ['receiver_email' => \core_text::strtolower($user->email)]; 303 $DB->set_field_select('enrol_paypal', 'receiver_email', '', $select, $params); 304 } 305 306 /** 307 * Delete multiple users within a single context. 308 * 309 * @param approved_userlist $userlist The approved context and user information to delete information for. 310 */ 311 public static function delete_data_for_users(approved_userlist $userlist) { 312 global $DB; 313 314 $context = $userlist->get_context(); 315 316 if ($context->contextlevel != CONTEXT_COURSE) { 317 return; 318 } 319 320 $userids = $userlist->get_userids(); 321 322 list($usersql, $userparams) = $DB->get_in_or_equal($userids, SQL_PARAMS_NAMED); 323 324 $params = ['courseid' => $context->instanceid] + $userparams; 325 326 $select = "courseid = :courseid AND userid $usersql"; 327 $DB->delete_records_select('enrol_paypal', $select, $params); 328 329 // We do not want to delete the payment record when the user is just the receiver of payment. 330 // In that case, we just delete the receiver's info from the transaction record. 331 332 $select = "courseid = :courseid AND business IN (SELECT LOWER(email) FROM {user} WHERE id $usersql)"; 333 $DB->set_field_select('enrol_paypal', 'business', '', $select, $params); 334 335 $select = "courseid = :courseid AND receiver_email IN (SELECT LOWER(email) FROM {user} WHERE id $usersql)"; 336 $DB->set_field_select('enrol_paypal', 'receiver_email', '', $select, $params); 337 } 338 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
