Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.

Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403] [Versions 402 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Adds Data privacy-related settings.
  19   *
  20   * @package    tool_dataprivacy
  21   * @copyright  2018 onwards Jun Pataleta
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die;
  26  
  27  if ($hassiteconfig) {
  28      $privacysettings = $ADMIN->locate('privacysettings');
  29  
  30      if ($ADMIN->fulltree) {
  31          // Contact data protection officer. Disabled by default.
  32          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/contactdataprotectionofficer',
  33                  new lang_string('contactdataprotectionofficer', 'tool_dataprivacy'),
  34                  new lang_string('contactdataprotectionofficer_desc', 'tool_dataprivacy'), 0)
  35          );
  36  
  37          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/automaticdataexportapproval',
  38                  new lang_string('automaticdataexportapproval', 'tool_dataprivacy'),
  39                  new lang_string('automaticdataexportapproval_desc', 'tool_dataprivacy'), 0)
  40          );
  41  
  42          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/automaticdatadeletionapproval',
  43                  new lang_string('automaticdatadeletionapproval', 'tool_dataprivacy'),
  44                  new lang_string('automaticdatadeletionapproval_desc', 'tool_dataprivacy'), 0)
  45          );
  46  
  47          // Automatically create delete data request for users upon user deletion.
  48          // Automatically create delete data request for pre-existing deleted users.
  49          // Enabled by default.
  50          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/automaticdeletionrequests',
  51                  new lang_string('automaticdeletionrequests', 'tool_dataprivacy'),
  52                  new lang_string('automaticdeletionrequests_desc', 'tool_dataprivacy'), 1)
  53          );
  54  
  55          // Set days approved data requests will be accessible. 1 week default.
  56          $privacysettings->add(new admin_setting_configduration('tool_dataprivacy/privacyrequestexpiry',
  57                  new lang_string('privacyrequestexpiry', 'tool_dataprivacy'),
  58                  new lang_string('privacyrequestexpiry_desc', 'tool_dataprivacy'),
  59                  WEEKSECS, 1));
  60  
  61          // Fetch roles that are assignable.
  62          $assignableroles = get_assignable_roles(context_system::instance());
  63  
  64          // Fetch roles that have the capability to manage data requests.
  65          $capableroles = get_roles_with_capability('tool/dataprivacy:managedatarequests');
  66  
  67          // Role(s) that map to the Data Protection Officer role. These are assignable roles with the capability to
  68          // manage data requests.
  69          $roles = [];
  70          foreach ($capableroles as $key => $role) {
  71              if (array_key_exists($key, $assignableroles)) {
  72                  $roles[$key] = $assignableroles[$key];
  73              }
  74          }
  75          if (!empty($roles)) {
  76              $privacysettings->add(new admin_setting_configmulticheckbox('tool_dataprivacy/dporoles',
  77                      new lang_string('dporolemapping', 'tool_dataprivacy'),
  78                      new lang_string('dporolemapping_desc', 'tool_dataprivacy'), null, $roles)
  79              );
  80          }
  81  
  82          // When calculating user expiry, should courses which have no end date be considered.
  83          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/requireallenddatesforuserdeletion',
  84                  new lang_string('requireallenddatesforuserdeletion', 'tool_dataprivacy'),
  85                  new lang_string('requireallenddatesforuserdeletion_desc', 'tool_dataprivacy'),
  86                  1));
  87  
  88          // Whether the data retention summary should be shown in the page footer and in the user profile page.
  89          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/showdataretentionsummary',
  90              new lang_string('showdataretentionsummary', 'tool_dataprivacy'),
  91              new lang_string('showdataretentionsummary_desc', 'tool_dataprivacy'),
  92              1));
  93  
  94          // Whether to allow PO to select courses for data export, instead of always exporting all data.
  95          $privacysettings->add(new admin_setting_configcheckbox('tool_dataprivacy/allowfiltering',
  96              new lang_string('allowfiltering', 'tool_dataprivacy'),
  97              new lang_string('allowfiltering_desc', 'tool_dataprivacy'),
  98              0));
  99          // Prevent the case where the automaticdataexportapproval setting is set to automatically approve,
 100          // but the allowfiltering option is also enabled and non-functional.
 101          $privacysettings->hide_if('tool_dataprivacy/allowfiltering', 'tool_dataprivacy/automaticdataexportapproval', 'checked', 1);
 102      }
 103  }
 104  
 105  // Restrict config links to the DPO.
 106  if (tool_dataprivacy\api::is_site_dpo($USER->id)) {
 107      // Link that leads to the data requests management page.
 108      $ADMIN->add('privacy', new admin_externalpage('datarequests', get_string('datarequests', 'tool_dataprivacy'),
 109          new moodle_url('/admin/tool/dataprivacy/datarequests.php'), 'tool/dataprivacy:managedatarequests')
 110      );
 111  
 112      // Link that leads to the data registry management page.
 113      $ADMIN->add('privacy', new admin_externalpage('dataregistry', get_string('dataregistry', 'tool_dataprivacy'),
 114          new moodle_url('/admin/tool/dataprivacy/dataregistry.php'), 'tool/dataprivacy:managedataregistry')
 115      );
 116  
 117      // Link that leads to the review page of expired contexts that are up for deletion.
 118      $ADMIN->add('privacy', new admin_externalpage('datadeletion', get_string('datadeletion', 'tool_dataprivacy'),
 119              new moodle_url('/admin/tool/dataprivacy/datadeletion.php'), 'tool/dataprivacy:managedataregistry')
 120      );
 121  
 122      // Link that leads to the other data registry management page.
 123      $ADMIN->add('privacy', new admin_externalpage('pluginregistry', get_string('pluginregistry', 'tool_dataprivacy'),
 124          new moodle_url('/admin/tool/dataprivacy/pluginregistry.php'), 'tool/dataprivacy:managedataregistry')
 125      );
 126  }