Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Infected file report
  19   *
  20   * @package    report_infectedfiles
  21   * @author     Nathan Nguyen <nathannguyen@catalyst-au.net>
  22   * @copyright  Catalyst IT
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  namespace report_infectedfiles\privacy;
  26  
  27  use core_privacy\local\metadata\collection;
  28  use core_privacy\local\request;
  29  
  30  defined('MOODLE_INTERNAL') || die();
  31  
  32  /**
  33   * Infected file report
  34   *
  35   * @package    report_infectedfiles
  36   * @author     Nathan Nguyen <nathannguyen@catalyst-au.net>
  37   * @copyright  Catalyst IT
  38   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  39   */
  40  class provider implements
  41          \core_privacy\local\metadata\provider,
  42          request\plugin\provider,
  43          request\core_userlist_provider {
  44  
  45      /**
  46       * This plugin stores the userid of infected users.
  47       *
  48       * @param collection $collection the collection object to add data to.
  49       * @return collection The populated collection.
  50       */
  51      public static function get_metadata(collection $collection) : collection {
  52          $collection->add_database_table(
  53              'infected_files',
  54              [
  55                  'userid' => 'privacy:metadata:infected_files:userid',
  56                  'filename' => 'privacy:metadata:infected_files:filename',
  57                  'timecreated' => 'privacy:metadata:infected_files:timecreated',
  58              ],
  59              'privacy:metadata:infected_files'
  60          );
  61  
  62          return $collection;
  63      }
  64  
  65      /**
  66       * This function gets the contexts containing data for a userid.
  67       *
  68       * @param int $userid The userid to get contexts for.
  69       * @return request\contextlist the context list for the user.
  70       */
  71      public static function get_contexts_for_userid(int $userid) : request\contextlist {
  72          $contextlist = new request\contextlist();
  73  
  74          // The system context is the only context where information is stored.
  75          $contextlist->add_system_context();
  76          return $contextlist;
  77      }
  78  
  79      /**
  80       * This function exports user data on infected files from the contextlist provided.
  81       *
  82       * @param request\approved_contextlist $contextlist
  83       * @return void
  84       */
  85      public static function export_user_data(request\approved_contextlist $contextlist) {
  86          global $DB;
  87  
  88          foreach ($contextlist as $context) {
  89              // We only export from system context.
  90              if ($context->contextlevel === CONTEXT_SYSTEM) {
  91  
  92                  $userid = $contextlist->get_user()->id;
  93                  $exportdata = [];
  94  
  95                  $records = $DB->get_records('infected_files', ['userid' => $userid]);
  96                  foreach ($records as $record) {
  97                      // Export only the data that does not expose internal information.
  98                      $data = [];
  99                      $data['userid'] = $record->userid;
 100                      $data['timecreated'] = $record->timecreated;
 101                      $data['filename'] = $record->filename;
 102  
 103                      $exportdata[] = $data;
 104                  }
 105  
 106                  // Now export this data in the infected files table as subcontext.
 107                  request\writer::with_context($context)->export_data(
 108                      [get_string('privacy:metadata:infected_files_subcontext', 'report_infectedfiles')],
 109                      (object) $exportdata
 110                  );
 111              }
 112          }
 113      }
 114  
 115      /**
 116       * As this report tracks potential attempted security violations,
 117       * This data should not be deleted at request. This would allow for an
 118       * avenue for a malicious user to cover their tracks. This function deliberately
 119       * does no deletes.
 120       *
 121       * @param \context $context the context to delete for.
 122       * @return void
 123       */
 124      public static function delete_data_for_all_users_in_context(\context $context) {
 125          return;
 126      }
 127  
 128      /**
 129       * As this report tracks potential attempted security violations,
 130       * This data should not be deleted at request. This would allow for an
 131       * avenue for a malicious user to cover their tracks. This function deliberately
 132       * does no deletes.
 133       *
 134       * @param \core_privacy\local\request\approved_contextlist $contextlist the contextlist to delete for.
 135       * @return void
 136       */
 137      public static function delete_data_for_user(request\approved_contextlist $contextlist) {
 138          return;
 139      }
 140  
 141      /**
 142       * This gets the list of users inside of the provided context. In this case, its only system context
 143       * which contains users.
 144       *
 145       * @param \core_privacy\local\request\userlist $userlist
 146       * @return void
 147       */
 148      public static function get_users_in_context(request\userlist $userlist) {
 149          $context = $userlist->get_context();
 150  
 151          if ($context->contextlevel === CONTEXT_SYSTEM) {
 152              // If we are checking system context, we need to get all distinct userids from the table.
 153              $sql = 'SELECT DISTINCT userid
 154                        FROM {infected_files}';
 155  
 156              $userlist->add_from_sql('userid', $sql, []);
 157          }
 158      }
 159  
 160      /**
 161       * As this report tracks potential attempted security violations,
 162       * This data should not be deleted at request. This would allow for an
 163       * avenue for a malicious user to cover their tracks. This function deliberately
 164       * does no deletes.
 165       *
 166       * @param request\approved_userlist $userlist
 167       * @return void
 168       */
 169      public static function delete_data_for_users(request\approved_userlist $userlist) {
 170          return;
 171      }
 172  }