Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.

Differences Between: [Versions 311 and 403] [Versions 400 and 403] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Privacy test for core_role
  19   *
  20   * @package    core_role
  21   * @category   test
  22   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  namespace core_role\privacy;
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  use core_role\privacy\provider;
  30  use core_privacy\local\request\approved_contextlist;
  31  use core_privacy\local\request\writer;
  32  use core_privacy\tests\provider_testcase;
  33  use core_privacy\local\request\transform;
  34  use tool_cohortroles\api;
  35  use core_privacy\local\request\approved_userlist;
  36  
  37  /**
  38   * Privacy test for core_role
  39   *
  40   * @copyright  2018 Carlos Escobedo <carlos@moodle.com>
  41   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  42   */
  43  class provider_test extends provider_testcase {
  44      /**
  45       * Test to check export_user_preferences.
  46       * returns user preferences data.
  47       */
  48      public function test_export_user_preferences() {
  49          $this->resetAfterTest();
  50          $this->setAdminUser();
  51          $user = $this->getDataGenerator()->create_user();
  52          $this->setUser($user);
  53          $showadvanced = 1;
  54          set_user_preference('definerole_showadvanced', $showadvanced);
  55          provider::export_user_preferences($user->id);
  56          /** @var \core_privacy\tests\request\content_writer $writer */
  57          $writer = writer::with_context(\context_system::instance());
  58          $prefs = $writer->get_user_preferences('core_role');
  59          $this->assertEquals(transform::yesno($showadvanced), transform::yesno($prefs->definerole_showadvanced->value));
  60          $this->assertEquals(get_string('privacy:metadata:preference:showadvanced', 'core_role'),
  61              $prefs->definerole_showadvanced->description);
  62      }
  63  
  64      /**
  65       * Check all contexts are returned if there is any user data for this user.
  66       */
  67      public function test_get_contexts_for_userid() {
  68          global $DB;
  69  
  70          $this->resetAfterTest();
  71          $this->setAdminUser();
  72          $user = $this->getDataGenerator()->create_user();
  73          $this->assertEmpty(provider::get_contexts_for_userid($user->id));
  74  
  75          $user2 = $this->getDataGenerator()->create_user();
  76          $usercontext2 = \context_user::instance($user2->id);
  77          $course = $this->getDataGenerator()->create_course();
  78          $course2 = $this->getDataGenerator()->create_course();
  79          $coursecat = $this->getDataGenerator()->create_category();
  80          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
  81          $cmcontext = \context_module::instance($cm->cmid);
  82          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
  83          $cmcontext2 = \context_module::instance($page->cmid);
  84          $coursecontext = \context_course::instance($course->id);
  85          $coursecontext2 = \context_course::instance($course2->id);
  86          $coursecatcontext = \context_coursecat::instance($coursecat->id);
  87          $systemcontext = \context_system::instance();
  88          $block = $this->getDataGenerator()->create_block('online_users');
  89          $blockcontext = \context_block::instance($block->id);
  90  
  91          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
  92          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
  93  
  94          // Role assignments, where the user is assigned.
  95          role_assign($student->id, $user->id, $cmcontext2->id);
  96          role_assign($student->id, $user->id, $coursecontext2->id);
  97          role_assign($student->id, $user->id, $blockcontext->id);
  98          role_assign($manager->id, $user->id, $usercontext2->id);
  99          // Role assignments, where the user makes assignments.
 100          $this->setUser($user);
 101          role_assign($student->id, $user2->id, $coursecontext->id);
 102          role_assign($manager->id, $user2->id, $coursecatcontext->id);
 103          role_assign($manager->id, $user2->id, $systemcontext->id);
 104  
 105          // Role capabilities.
 106          $this->setUser($user);
 107          $result = assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $cmcontext->id);
 108  
 109          $contextlist = provider::get_contexts_for_userid($user->id)->get_contextids();
 110          $this->assertCount(8, $contextlist);
 111          $this->assertTrue(in_array($cmcontext->id, $contextlist));
 112      }
 113  
 114      /**
 115       * Test that user data is exported correctly.
 116       */
 117      public function test_export_user_data() {
 118          global $DB;
 119  
 120          $this->resetAfterTest();
 121          $this->setAdminUser();
 122          $user = $this->getDataGenerator()->create_user();
 123          $user2 = $this->getDataGenerator()->create_user();
 124          $usercontext2 = \context_user::instance($user2->id);
 125          $course = $this->getDataGenerator()->create_course();
 126          $course2 = $this->getDataGenerator()->create_course();
 127          $coursecat = $this->getDataGenerator()->create_category();
 128          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 129          $cmcontext = \context_module::instance($cm->cmid);
 130          $page = $this->getDataGenerator()->create_module('page', array('course' => $course->id));
 131          $cmcontext2 = \context_module::instance($page->cmid);
 132          $coursecontext = \context_course::instance($course->id);
 133          $coursecontext2 = \context_course::instance($course2->id);
 134          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 135          $systemcontext = \context_system::instance();
 136          $block = $this->getDataGenerator()->create_block('online_users');
 137          $blockcontext = \context_block::instance($block->id);
 138  
 139          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 140          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 141          $rolesnames = self::get_roles_name();
 142  
 143          $subcontextstudent = [
 144              get_string('privacy:metadata:role_assignments', 'core_role'),
 145              $rolesnames[$student->id]
 146          ];
 147          $subcontextmanager = [
 148              get_string('privacy:metadata:role_assignments', 'core_role'),
 149              $rolesnames[$manager->id]
 150          ];
 151          $subcontextrc = [
 152              get_string('privacy:metadata:role_capabilities', 'core_role'),
 153              $rolesnames[$student->id]
 154          ];
 155  
 156          // Test over role assignments.
 157          // Where the user is assigned.
 158          role_assign($student->id, $user->id, $cmcontext2->id);
 159          role_assign($student->id, $user->id, $coursecontext2->id);
 160          role_assign($student->id, $user->id, $blockcontext->id);
 161          role_assign($manager->id, $user->id, $usercontext2->id);
 162          // Where the user makes assignments.
 163          $this->setUser($user);
 164          role_assign($manager->id, $user2->id, $coursecatcontext->id);
 165          role_assign($manager->id, $user2->id, $systemcontext->id);
 166  
 167          // Test overridable roles in module, course, category, user, system and block.
 168          assign_capability('moodle/backup:backupactivity', CAP_ALLOW, $student->id, $cmcontext->id, true);
 169          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $coursecontext->id, true);
 170          assign_capability('moodle/category:manage', CAP_ALLOW, $student->id, $coursecatcontext->id, true);
 171          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $student->id, $systemcontext->id, true);
 172          assign_capability('moodle/block:edit', CAP_ALLOW, $student->id, $blockcontext->id, true);
 173          assign_capability('moodle/competency:evidencedelete', CAP_ALLOW, $student->id, $usercontext2->id, true);
 174  
 175          // Retrieve the user's context ids.
 176          $contextlist = provider::get_contexts_for_userid($user->id);
 177          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
 178  
 179          $strpermissions = array(
 180              CAP_INHERIT => get_string('inherit', 'role'),
 181              CAP_ALLOW => get_string('allow', 'role'),
 182              CAP_PREVENT => get_string('prevent', 'role'),
 183              CAP_PROHIBIT => get_string('prohibit', 'role')
 184          );
 185          // Retrieve role capabilities and role assignments.
 186          provider::export_user_data($approvedcontextlist);
 187          foreach ($contextlist as $context) {
 188              /** @var \core_privacy\tests\request\content_writer $writer */
 189              $writer = writer::with_context($context);
 190              $this->assertTrue($writer->has_any_data());
 191              if ($context->contextlevel == CONTEXT_MODULE) {
 192                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 193                      $this->assertEquals($user->id, reset($data)->userid);
 194                  }
 195                  if ($data = (array)$writer->get_data($subcontextrc)) {
 196                      $this->assertEquals('moodle/backup:backupactivity', reset($data)->capability);
 197                      $this->assertEquals($strpermissions[CAP_ALLOW], reset($data)->permission);
 198                  }
 199              }
 200              if ($context->contextlevel == CONTEXT_COURSE) {
 201                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 202                      $this->assertEquals($user->id, reset($data)->userid);
 203                  }
 204                  if ($data = (array)$writer->get_data($subcontextrc)) {
 205                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
 206                  }
 207              }
 208              if ($context->contextlevel == CONTEXT_COURSECAT) {
 209                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 210                      $this->assertEquals($user->id, reset($data)->modifierid);
 211                  }
 212                  if ($data = (array)$writer->get_data($subcontextrc)) {
 213                      $this->assertEquals('moodle/category:manage', reset($data)->capability);
 214                  }
 215              }
 216              if ($context->contextlevel == CONTEXT_SYSTEM) {
 217                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 218                      $this->assertEquals($user->id, reset($data)->modifierid);
 219                  }
 220                  if ($data = (array)$writer->get_data($subcontextrc)) {
 221                      $this->assertEquals('moodle/backup:backupcourse', reset($data)->capability);
 222                  }
 223              }
 224              if ($context->contextlevel == CONTEXT_BLOCK) {
 225                  if ($data = (array)$writer->get_data($subcontextstudent)) {
 226                      $this->assertEquals($user->id, reset($data)->userid);
 227                  }
 228                  if ($data = (array)$writer->get_data($subcontextrc)) {
 229                      $this->assertEquals('moodle/block:edit', reset($data)->capability);
 230                  }
 231              }
 232              if ($context->contextlevel == CONTEXT_USER) {
 233                  if ($data = (array)$writer->get_data($subcontextmanager)) {
 234                      $this->assertEquals($user->id, reset($data)->userid);
 235                  }
 236                  if ($data = (array)$writer->get_data($subcontextrc)) {
 237                      $this->assertEquals('moodle/competency:evidencedelete', reset($data)->capability);
 238                  }
 239              }
 240          }
 241      }
 242  
 243      /**
 244       * Test for provider::delete_data_for_all_users_in_context().
 245       */
 246      public function test_delete_data_for_all_users_in_context() {
 247          global $DB;
 248  
 249          $this->resetAfterTest();
 250          $this->setAdminUser();
 251          $user = $this->getDataGenerator()->create_user();
 252          $user2 = $this->getDataGenerator()->create_user();
 253          $usercontext2 = \context_user::instance($user2->id);
 254          $user3 = $this->getDataGenerator()->create_user();
 255          $course = $this->getDataGenerator()->create_course();
 256          $coursecontext = \context_course::instance($course->id);
 257          $coursecat = $this->getDataGenerator()->create_category();
 258          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 259          $systemcontext = \context_system::instance();
 260          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 261          $cmcontext = \context_module::instance($cm->cmid);
 262          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 263          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 264          $block = $this->getDataGenerator()->create_block('online_users');
 265          $blockcontext = \context_block::instance($block->id);
 266  
 267          // Role assignments CONTEXT_COURSE.
 268          role_assign($student->id, $user->id, $coursecontext->id);
 269          role_assign($student->id, $user2->id, $coursecontext->id);
 270          role_assign($student->id, $user3->id, $coursecontext->id);
 271          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
 272          $this->assertEquals(3, $count);
 273          // Role assignments CONTEXT_COURSECAT.
 274          role_assign($student->id, $user2->id, $coursecatcontext->id);
 275          role_assign($student->id, $user3->id, $coursecatcontext->id);
 276          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 277          $this->assertEquals(2, $count);
 278          // Role assignments CONTEXT_SYSTEM.
 279          role_assign($student->id, $user->id, $systemcontext->id);
 280          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 281          $this->assertEquals(1, $count);
 282          // Role assignments CONTEXT_MODULE.
 283          role_assign($student->id, $user->id, $cmcontext->id);
 284          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 285          $this->assertEquals(1, $count);
 286          // Role assigments CONTEXT_BLOCK.
 287          role_assign($student->id, $user->id, $blockcontext->id);
 288          $count = $DB->count_records('role_assignments', ['contextid' => $blockcontext->id]);
 289          $this->assertEquals(1, $count);
 290          // Role assigments CONTEXT_USER.
 291          role_assign($manager->id, $user->id, $usercontext2->id);
 292          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
 293          $this->assertEquals(1, $count);
 294  
 295          // Delete data based on CONTEXT_COURSE context.
 296          provider::delete_data_for_all_users_in_context($coursecontext);
 297          // After deletion, the role_assignments entries for this context should have been deleted.
 298          $count = $DB->count_records('role_assignments', ['contextid' => $coursecontext->id]);
 299          $this->assertEquals(0, $count);
 300          // Check it is not removing data on other contexts.
 301          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 302          $this->assertEquals(2, $count);
 303          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 304          $this->assertEquals(1, $count);
 305          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 306          $this->assertEquals(1, $count);
 307          // Delete data based on CONTEXT_COURSECAT context.
 308          provider::delete_data_for_all_users_in_context($coursecatcontext);
 309          // After deletion, the role_assignments entries for this context should have been deleted.
 310          $count = $DB->count_records('role_assignments', ['contextid' => $coursecatcontext->id]);
 311          $this->assertEquals(0, $count);
 312          // Delete data based on CONTEXT_SYSTEM context.
 313          provider::delete_data_for_all_users_in_context($systemcontext);
 314          // After deletion, the role_assignments entries for this context should have been deleted.
 315          $count = $DB->count_records('role_assignments', ['contextid' => $systemcontext->id]);
 316          $this->assertEquals(0, $count);
 317          // Delete data based on CONTEXT_MODULE context.
 318          provider::delete_data_for_all_users_in_context($cmcontext);
 319          // After deletion, the role_assignments entries for this context should have been deleted.
 320          $count = $DB->count_records('role_assignments', ['contextid' => $cmcontext->id]);
 321          $this->assertEquals(0, $count);
 322          // Delete data based on CONTEXT_BLOCK context.
 323          provider::delete_data_for_all_users_in_context($usercontext2);
 324          // After deletion, the role_assignments entries for this context should have been deleted.
 325          $count = $DB->count_records('role_assignments', ['contextid' => $usercontext2->id]);
 326          $this->assertEquals(0, $count);
 327      }
 328  
 329      /**
 330       * Test for provider::delete_data_for_user().
 331       */
 332      public function test_delete_data_for_user() {
 333          global $DB;
 334  
 335          $this->resetAfterTest();
 336          $this->setAdminUser();
 337          $user = $this->getDataGenerator()->create_user();
 338          $user2 = $this->getDataGenerator()->create_user();
 339          $usercontext2 = \context_user::instance($user2->id);
 340          $user3 = $this->getDataGenerator()->create_user();
 341          $usercontext3 = \context_user::instance($user3->id);
 342          $course = $this->getDataGenerator()->create_course();
 343          $course2 = $this->getDataGenerator()->create_course();
 344          $course3 = $this->getDataGenerator()->create_course();
 345          $coursecontext = \context_course::instance($course->id);
 346          $coursecontext2 = \context_course::instance($course2->id);
 347          $coursecontext3 = \context_course::instance($course3->id);
 348          $coursecat = $this->getDataGenerator()->create_category();
 349          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 350          $systemcontext = \context_system::instance();
 351          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course->id]);
 352          $cmcontext = \context_module::instance($cm->cmid);
 353          $student = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 354          $manager = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 355          $block = $this->getDataGenerator()->create_block('online_users');
 356          $blockcontext = \context_block::instance($block->id);
 357  
 358          // Role assignments, Where the user is assigned.
 359          role_assign($student->id, $user->id, $coursecontext->id);
 360          role_assign($student->id, $user->id, $coursecontext2->id);
 361          role_assign($student->id, $user->id, $coursecatcontext->id);
 362          role_assign($student->id, $user->id, $cmcontext->id);
 363          role_assign($student->id, $user->id, $systemcontext->id);
 364          role_assign($student->id, $user->id, $blockcontext->id);
 365          role_assign($manager->id, $user->id, $usercontext2->id);
 366          role_assign($manager->id, $user->id, $usercontext3->id);
 367          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
 368          $this->assertEquals(8, $count);
 369          // Role assignments, where the user makes assignments.
 370          $this->setUser($user);
 371          role_assign($student->id, $user2->id, $coursecontext3->id);
 372          role_assign($student->id, $user3->id, $coursecontext3->id);
 373          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
 374          $this->assertEquals(2, $count);
 375  
 376          $contextlist = provider::get_contexts_for_userid($user->id);
 377          $approvedcontextlist = new approved_contextlist($user, 'core_role', $contextlist->get_contextids());
 378          provider::delete_data_for_user($approvedcontextlist);
 379          // After deletion, the role_assignments assigned to the user should have been deleted.
 380          $count = $DB->count_records('role_assignments', ['userid' => $user->id]);
 381          $this->assertEquals(0, $count);
 382          // After deletion, the role_assignments assigned by the user should not have been deleted.
 383          $count = $DB->count_records('role_assignments', ['modifierid' => $user->id]);
 384          $this->assertEquals(2, $count);
 385      }
 386  
 387      /**
 388       * Export for a user with a key against a script where no instance is specified.
 389       */
 390      public function test_export_user_role_to_cohort() {
 391          global $DB;
 392  
 393          $this->resetAfterTest();
 394          $this->setAdminUser();
 395          // Assign user roles to cohort.
 396          $user = $this->getDataGenerator()->create_user();
 397          $contextuser = \context_user::instance($user->id);
 398          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
 399          $cohort = $this->getDataGenerator()->create_cohort();
 400          $userassignover = $this->getDataGenerator()->create_user();
 401          $contextuserassignover = \context_user::instance($userassignover->id);
 402          cohort_add_member($cohort->id, $userassignover->id);
 403          $this->setAdminUser();
 404          $params = (object) array(
 405              'userid' => $user->id,
 406              'roleid' => $teacher->id,
 407              'cohortid' => $cohort->id
 408          );
 409          api::create_cohort_role_assignment($params);
 410          api::sync_all_cohort_roles();
 411          $rolesnames = self::get_roles_name();
 412          $subcontextteacher = [
 413              get_string('privacy:metadata:role_cohortroles', 'core_role'),
 414              $rolesnames[$teacher->id]
 415          ];
 416          // Test User is assigned role teacher to cohort.
 417          provider::export_user_role_to_cohort($user->id);
 418          /** @var \core_privacy\tests\request\content_writer $writer */
 419          $writer = writer::with_context($contextuserassignover);
 420          $this->assertTrue($writer->has_any_data());
 421          $exported = (array)$writer->get_related_data($subcontextteacher, 'cohortroles');
 422          $this->assertEquals($user->id, reset($exported)->userid);
 423  
 424          // Test User is member of a cohort which User2 is assigned to role to this cohort.
 425          $user2 = $this->getDataGenerator()->create_user();
 426          $cohort2 = $this->getDataGenerator()->create_cohort();
 427          cohort_add_member($cohort2->id, $user->id);
 428          $params = (object) array(
 429              'userid' => $user2->id,
 430              'roleid' => $teacher->id,
 431              'cohortid' => $cohort2->id
 432          );
 433          api::create_cohort_role_assignment($params);
 434          api::sync_all_cohort_roles();
 435          provider::export_user_role_to_cohort($user->id);
 436          /** @var \core_privacy\tests\request\content_writer $writer */
 437          $writer = writer::with_context($contextuser);
 438          $this->assertTrue($writer->has_any_data());
 439          $exported = (array)$writer->get_related_data($subcontextteacher, 'cohortroles');
 440          $this->assertEquals($user2->id, reset($exported)->userid);
 441      }
 442  
 443      /**
 444       * Test for provider::delete_user_role_to_cohort().
 445       */
 446      public function test_delete_user_role_to_cohort() {
 447          global $DB;
 448  
 449          $this->resetAfterTest();
 450          $this->setAdminUser();
 451          // Assign user roles to cohort.
 452          $user = $this->getDataGenerator()->create_user();
 453          $user2 = $this->getDataGenerator()->create_user();
 454          $user3 = $this->getDataGenerator()->create_user();
 455          $user4 = $this->getDataGenerator()->create_user();
 456          $teacher = $DB->get_record('role', array('shortname' => 'teacher'), '*', MUST_EXIST);
 457          $cohort = $this->getDataGenerator()->create_cohort();
 458          cohort_add_member($cohort->id, $user2->id);
 459          cohort_add_member($cohort->id, $user3->id);
 460          cohort_add_member($cohort->id, $user4->id);
 461          $this->setAdminUser();
 462          $params = (object) array(
 463              'userid' => $user->id,
 464              'roleid' => $teacher->id,
 465              'cohortid' => $cohort->id
 466          );
 467          api::create_cohort_role_assignment($params);
 468          api::sync_all_cohort_roles();
 469  
 470          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
 471          $this->assertEquals(3, $count);
 472  
 473          provider::delete_user_role_to_cohort($user->id);
 474          $count = $DB->count_records('role_assignments', ['userid' => $user->id, 'component' => 'tool_cohortroles']);
 475          $this->assertEquals(0, $count);
 476      }
 477  
 478      /**
 479       * Test that only users within a course context are fetched.
 480       */
 481      public function test_get_users_in_context() {
 482          global $DB;
 483  
 484          $this->resetAfterTest();
 485  
 486          $component = 'core_role';
 487  
 488          $this->setAdminUser();
 489          $admin = \core_user::get_user_by_username('admin');
 490          // Create user1.
 491          $user1 = $this->getDataGenerator()->create_user();
 492          $usercontext1 = \context_user::instance($user1->id);
 493          // Create user2.
 494          $user2 = $this->getDataGenerator()->create_user();
 495          $usercontext2 = \context_user::instance($user2->id);
 496          // Create course1.
 497          $course1 = $this->getDataGenerator()->create_course();
 498          $coursecontext1 = \context_course::instance($course1->id);
 499          // Create course category.
 500          $coursecat = $this->getDataGenerator()->create_category();
 501          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 502          // Create chat module.
 503          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
 504          $cmcontext = \context_module::instance($cm->cmid);
 505  
 506          $systemcontext = \context_system::instance();
 507          // Create a block.
 508          $block = $this->getDataGenerator()->create_block('online_users');
 509          $blockcontext = \context_block::instance($block->id);
 510  
 511          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 512          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 513  
 514          // Role assignments CONTEXT_COURSE.
 515          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
 516          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
 517          // Role assignments CONTEXT_COURSECAT.
 518          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
 519          // Role assignments CONTEXT_SYSTEM.
 520          role_assign($studentrole->id, $user1->id, $systemcontext->id);
 521          // Role assignments CONTEXT_MODULE.
 522          role_assign($studentrole->id, $user2->id, $cmcontext->id);
 523          // Role assigments CONTEXT_BLOCK.
 524          role_assign($studentrole->id, $user1->id, $blockcontext->id);
 525          // Role assigments CONTEXT_USER.
 526          role_assign($managerrole->id, $user1->id, $usercontext2->id);
 527  
 528          // Role capabilities.
 529          $this->setUser($user1);
 530          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
 531  
 532          // The user list for usercontext1 should not return any users.
 533          $userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
 534          provider::get_users_in_context($userlist1);
 535          $this->assertCount(0, $userlist1);
 536          // The user list for usercontext2 should user1 and admin (role creator).
 537          $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
 538          provider::get_users_in_context($userlist2);
 539          $this->assertCount(2, $userlist2);
 540          $expected = [
 541              $user1->id,
 542              $admin->id
 543          ];
 544          $this->assertEqualsCanonicalizing($expected, $userlist2->get_userids());
 545  
 546          // The user list for coursecontext1 should user1, user2 and admin (role creator).
 547          $userlist3 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 548          provider::get_users_in_context($userlist3);
 549          $this->assertCount(3, $userlist3);
 550          $expected = [
 551              $user1->id,
 552              $user2->id,
 553              $admin->id
 554          ];
 555          $this->assertEqualsCanonicalizing($expected, $userlist3->get_userids());
 556  
 557          // The user list for coursecatcontext should user2 and admin (role creator).
 558          $userlist4 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 559          provider::get_users_in_context($userlist4);
 560          $this->assertCount(2, $userlist4);
 561          $expected = [
 562              $user2->id,
 563              $admin->id
 564          ];
 565          $this->assertEqualsCanonicalizing($expected, $userlist4->get_userids());
 566  
 567          // The user list for systemcontext should user1 and admin (role creator).
 568          $userlist6 = new \core_privacy\local\request\userlist($systemcontext, $component);
 569          provider::get_users_in_context($userlist6);
 570          $this->assertCount(2, $userlist6);
 571          $expected = [
 572              $user1->id,
 573              $admin->id
 574          ];
 575          $this->assertEqualsCanonicalizing($expected, $userlist6->get_userids());
 576  
 577          // The user list for cmcontext should user1, user2 and admin (role creator).
 578          $userlist7 = new \core_privacy\local\request\userlist($cmcontext, $component);
 579          provider::get_users_in_context($userlist7);
 580          $this->assertCount(3, $userlist7);
 581          $expected = [
 582              $user1->id,
 583              $user2->id,
 584              $admin->id
 585          ];
 586          $this->assertEqualsCanonicalizing($expected, $userlist7->get_userids());
 587  
 588          // The user list for blockcontext should user1 and admin (role creator).
 589          $userlist8 = new \core_privacy\local\request\userlist($blockcontext, $component);
 590          provider::get_users_in_context($userlist8);
 591          $this->assertCount(2, $userlist8);
 592          $expected = [
 593              $user1->id,
 594              $admin->id
 595          ];
 596          $this->assertEqualsCanonicalizing($expected, $userlist8->get_userids());
 597      }
 598  
 599      /**
 600       * Test that data for users in approved userlist is deleted.
 601       */
 602      public function test_delete_data_for_users() {
 603          global $DB;
 604  
 605          $this->resetAfterTest();
 606  
 607          $component = 'core_role';
 608  
 609          $this->setAdminUser();
 610          $admin = \core_user::get_user_by_username('admin');
 611          // Create user1.
 612          $user1 = $this->getDataGenerator()->create_user();
 613          // Create user2.
 614          $user2 = $this->getDataGenerator()->create_user();
 615          $usercontext2 = \context_user::instance($user2->id);
 616          // Create course1.
 617          $course1 = $this->getDataGenerator()->create_course();
 618          $coursecontext1 = \context_course::instance($course1->id);
 619          // Create course category.
 620          $coursecat = $this->getDataGenerator()->create_category();
 621          $coursecatcontext = \context_coursecat::instance($coursecat->id);
 622          // Create chat module.
 623          $cm = $this->getDataGenerator()->create_module('chat', ['course' => $course1->id]);
 624          $cmcontext = \context_module::instance($cm->cmid);
 625  
 626          $systemcontext = \context_system::instance();
 627          // Create a block.
 628          $block = $this->getDataGenerator()->create_block('online_users');
 629          $blockcontext = \context_block::instance($block->id);
 630  
 631          $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
 632          $managerrole = $DB->get_record('role', array('shortname' => 'manager'), '*', MUST_EXIST);
 633  
 634          // Role assignments CONTEXT_COURSE.
 635          role_assign($studentrole->id, $user1->id, $coursecontext1->id);
 636          role_assign($studentrole->id, $user2->id, $coursecontext1->id);
 637          // Role assignments CONTEXT_COURSECAT.
 638          role_assign($studentrole->id, $user2->id, $coursecatcontext->id);
 639          // Role assignments CONTEXT_SYSTEM.
 640          role_assign($studentrole->id, $user1->id, $systemcontext->id);
 641          // Role assignments CONTEXT_MODULE.
 642          role_assign($studentrole->id, $user2->id, $cmcontext->id);
 643          // Role assigments CONTEXT_BLOCK.
 644          role_assign($studentrole->id, $user1->id, $blockcontext->id);
 645          // Role assigments CONTEXT_USER.
 646          role_assign($managerrole->id, $user1->id, $usercontext2->id);
 647  
 648          // Role capabilities.
 649          $this->setUser($user1);
 650          assign_capability('moodle/backup:backupcourse', CAP_ALLOW, $studentrole->id, $cmcontext->id);
 651  
 652          // The user list for usercontext2 should user1 and admin (role creator).
 653          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
 654          provider::get_users_in_context($userlist1);
 655          $this->assertCount(2, $userlist1);
 656          // The user list for coursecontext1 should user1, user2 and admin (role creator).
 657          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 658          provider::get_users_in_context($userlist2);
 659          $this->assertCount(3, $userlist2);
 660          // The user list for coursecatcontext should user2 and admin (role creator).
 661          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 662          provider::get_users_in_context($userlist3);
 663          $this->assertCount(2, $userlist3);
 664          // The user list for systemcontext should user1 and admin (role creator).
 665          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
 666          provider::get_users_in_context($userlist4);
 667          $this->assertCount(2, $userlist4);
 668          // The user list for cmcontext should user1, user2 and admin (role creator).
 669          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
 670          provider::get_users_in_context($userlist5);
 671          $this->assertCount(3, $userlist5);
 672          // The user list for blockcontext should user1 and admin (role creator).
 673          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
 674          provider::get_users_in_context($userlist6);
 675          $this->assertCount(2, $userlist6);
 676  
 677          // Convert $userlist1 into an approved_contextlist.
 678          $approvedlist1 = new approved_userlist($usercontext2, $component, $userlist1->get_userids());
 679          // Delete using delete_data_for_user.
 680          provider::delete_data_for_users($approvedlist1);
 681          // Re-fetch users in usercontext2.
 682          $userlist1 = new \core_privacy\local\request\userlist($usercontext2, $component);
 683          provider::get_users_in_context($userlist1);
 684          $this->assertCount(0, $userlist1);
 685  
 686          // Convert $userlist2 into an approved_contextlist.
 687          $approvedlist2 = new approved_userlist($coursecontext1, $component, $userlist2->get_userids());
 688          // Delete using delete_data_for_user.
 689          provider::delete_data_for_users($approvedlist2);
 690          // Re-fetch users in coursecontext1.
 691          $userlist2 = new \core_privacy\local\request\userlist($coursecontext1, $component);
 692          provider::get_users_in_context($userlist2);
 693          $this->assertCount(0, $userlist2);
 694  
 695          // Convert $userlist3 into an approved_contextlist.
 696          $approvedlist3 = new approved_userlist($coursecatcontext, $component, $userlist3->get_userids());
 697          // Delete using delete_data_for_user.
 698          provider::delete_data_for_users($approvedlist3);
 699          // Re-fetch users in coursecatcontext.
 700          $userlist3 = new \core_privacy\local\request\userlist($coursecatcontext, $component);
 701          provider::get_users_in_context($userlist3);
 702          $this->assertCount(0, $userlist3);
 703  
 704          // Convert $userlist4 into an approved_contextlist.
 705          $approvedlist4 = new approved_userlist($systemcontext, $component, $userlist4->get_userids());
 706          // Delete using delete_data_for_user.
 707          provider::delete_data_for_users($approvedlist4);
 708          // Re-fetch users in systemcontext.
 709          $userlist4 = new \core_privacy\local\request\userlist($systemcontext, $component);
 710          provider::get_users_in_context($userlist4);
 711          // The data from role_capabilities should still be present. The user list should return the admin user.
 712          $this->assertCount(1, $userlist4);
 713          $expected = [$admin->id];
 714          $this->assertEquals($expected, $userlist4->get_userids());
 715  
 716          // Convert $userlist5 into an approved_contextlist.
 717          $approvedlist5 = new approved_userlist($cmcontext, $component, $userlist5->get_userids());
 718          // Delete using delete_data_for_user.
 719          provider::delete_data_for_users($approvedlist5);
 720          // Re-fetch users in cmcontext.
 721          $userlist5 = new \core_privacy\local\request\userlist($cmcontext, $component);
 722          provider::get_users_in_context($userlist5);
 723          // The data from role_capabilities should still be present. The user list should return user1.
 724          $this->assertCount(1, $userlist5);
 725          $expected = [$user1->id];
 726          $this->assertEquals($expected, $userlist5->get_userids());
 727  
 728          // Convert $userlist6 into an approved_contextlist.
 729          $approvedlist6 = new approved_userlist($blockcontext, $component, $userlist6->get_userids());
 730          // Delete using delete_data_for_user.
 731          provider::delete_data_for_users($approvedlist6);
 732          // Re-fetch users in blockcontext.
 733          $userlist6 = new \core_privacy\local\request\userlist($blockcontext, $component);
 734          provider::get_users_in_context($userlist6);
 735          $this->assertCount(0, $userlist6);
 736      }
 737  
 738      /**
 739       * Supoort function to get all the localised roles name
 740       * in a simple array for testing.
 741       *
 742       * @return array Array of name of the roles by roleid.
 743       */
 744      protected static function get_roles_name() {
 745          $roles = role_fix_names(get_all_roles(), \context_system::instance(), ROLENAME_ORIGINAL);
 746          $rolesnames = array();
 747          foreach ($roles as $role) {
 748              $rolesnames[$role->id] = $role->localname;
 749          }
 750          return $rolesnames;
 751      }
 752  }