moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-07 09:56:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'MDL-62134-master' of git://github.com/andrewnicols/moodle

Browse source
This commit is contained in:
Jake Dallimore 2018-05-16 12:01:49 +08:00
commit 0e156326cc
14 changed files with 697 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

1
admin/tool/dataprivacy/classes/expired_contexts_manager.php
View file

@ -91,6 +91,7 @@ abstract class expired_contexts_manager {
}
$privacymanager = new \core_privacy\manager();
$privacymanager->set_observer(new \tool_dataprivacy\manager_observer());
foreach ($this->get_context_levels() as $level) {

76
admin/tool/dataprivacy/classes/manager_observer.php Normal file
View file

@ -0,0 +1,76 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Class \tool_dataprivacy\manager
*
* @package tool_dataprivacy
* @copyright 2018 Marina Glancy
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace tool_dataprivacy;
defined('MOODLE_INTERNAL') || die();
/**
* A failure observer for the \core_privacy\manager.
*
* @package tool_dataprivacy
* @copyright 2018 Marina Glancy
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class manager_observer implements \core_privacy\manager_observer {
/**
* Notifies all DPOs that an exception occurred.
*
* @param \Throwable $e
* @param string $component
* @param string $interface
* @param string $methodname
* @param array $params
*/
public function handle_component_failure($e, $component, $interface, $methodname, array $params) {
// Get the list of the site Data Protection Officers.
$dpos = api::get_site_dpos();
$messagesubject = get_string('exceptionnotificationsubject', 'tool_dataprivacy');
$a = (object)[
'fullmethodname' => \core_privacy\manager::get_provider_classname_for_component($component) . '::' . $methodname,
'component' => $component,
'message' => $e->getMessage(),
'backtrace' => $e->getTraceAsString()
];
$messagebody = get_string('exceptionnotificationbody', 'tool_dataprivacy', $a);
// Email the data request to the Data Protection Officer(s)/Admin(s).
foreach ($dpos as $dpo) {
$message = new \core\message\message();
$message->courseid = SITEID;
$message->component = 'tool_dataprivacy';
$message->name = 'notifyexceptions';
$message->userfrom = \core_user::get_noreply_user();
$message->subject = $messagesubject;
$message->fullmessageformat = FORMAT_HTML;
$message->notification = 1;
$message->userto = $dpo;
$message->fullmessagehtml = $messagebody;
$message->fullmessage = html_to_text($messagebody);
// Send message.
message_send($message);
}
}
}

2
admin/tool/dataprivacy/classes/metadata_registry.php
View file

@ -40,6 +40,8 @@ class metadata_registry {
*/
public function get_registry_metadata() {
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
$pluginman = \core_plugin_manager::instance();
$contributedplugins = $this->get_contrib_list();
$metadata = $manager->get_metadata_for_components();

3
admin/tool/dataprivacy/classes/task/initiate_data_request_task.php
View file

@ -30,6 +30,7 @@ use moodle_exception;
use tool_dataprivacy\api;
use tool_dataprivacy\contextlist_context;
use tool_dataprivacy\data_request;
use tool_dataprivacy\manager;
defined('MOODLE_INTERNAL') || die();
@ -97,6 +98,8 @@ class initiate_data_request_task extends adhoc_task {
// Add the list of relevant contexts to the request, and mark all as pending approval.
$privacymanager = new \core_privacy\manager();
$privacymanager->set_observer(new \tool_dataprivacy\manager_observer());
$contextlistcollection = $privacymanager->get_contexts_for_userid($datarequest->get('userid'));
api::add_request_contexts_with_status($contextlistcollection, $requestid, contextlist_context::STATUS_PENDING);

4
admin/tool/dataprivacy/classes/task/process_data_request_task.php
View file

@ -88,6 +88,8 @@ class process_data_request_task extends adhoc_task {
// Export the data.
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
$exportedcontent = $manager->export_user_data($approvedclcollection);
$fs = get_file_storage();
@ -110,6 +112,8 @@ class process_data_request_task extends adhoc_task {
// Delete the data.
$manager = new \core_privacy\manager();
$manager->set_observer(new \tool_dataprivacy\manager_observer());
$manager->delete_data_for_user($approvedclcollection);
}

8
admin/tool/dataprivacy/db/messages.php
View file

@ -41,4 +41,12 @@ $messageproviders = [
'email' => MESSAGE_PERMITTED + MESSAGE_DEFAULT_LOGGEDIN + MESSAGE_DEFAULT_LOGGEDOFF,
]
],
// Notify Data Protection Officer about exceptions.
'notifyexceptions' => [
'defaults' => [
'email' => MESSAGE_PERMITTED + MESSAGE_DEFAULT_LOGGEDIN + MESSAGE_DEFAULT_LOGGEDOFF,
],
'capability' => 'tool/dataprivacy:managedatarequests'
],
];

3
admin/tool/dataprivacy/lang/en/tool_dataprivacy.php
View file

@ -101,6 +101,8 @@ $string['errorrequestalreadyexists'] = 'You already have an ongoing request.';
$string['errorrequestnotfound'] = 'Request not found';
$string['errorrequestnotwaitingforapproval'] = 'The request is not awaiting approval. Either it is not yet ready or it has already been processed.';
$string['errorsendingmessagetodpo'] = 'An error was encountered while trying to send a message to {$a}.';
$string['exceptionnotificationsubject'] = "Exception occured while processing privacy data";
$string['exceptionnotificationbody'] = "<p>Exception occured while calling <b>{\$a->fullmethodname}</b>.<br>This means that plugin <b>{\$a->component}</b> did not complete processing data. Below you can find exception information that can be passed to the plugin developer.</p><pre>{\$a->message}<br>\n\n{\$a->backtrace}</pre>";
$string['expiredretentionperiodtask'] = 'Expired retention period';
$string['expiry'] = 'Expiry';
$string['expandplugin'] = 'Expand and collapse plugin.';
@ -148,6 +150,7 @@ $string['lawfulbases'] = 'Lawful bases';
$string['lawfulbases_help'] = 'Select at least one option that will serve as the lawful basis for processing personal data. For details on these lawful bases, please see <a href="https://gdpr-info.eu/art-6-gdpr/" target="_blank">GDPR Art. 6.1</a>';
$string['messageprovider:contactdataprotectionofficer'] = 'Data requests';
$string['messageprovider:datarequestprocessingresults'] = 'Data request processing results';
$string['messageprovider:notifyexceptions'] = 'Data requests exceptions notifications';
$string['message'] = 'Message';
$string['messagelabel'] = 'Message:';
$string['moduleinstancename'] = '{$a->instancename} ({$a->modulename})';

117
admin/tool/dataprivacy/tests/manager_observer_test.php Normal file
View file

@ -0,0 +1,117 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Tests for the manager observer.
*
* @package tool_dataprivacy
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
/**
* API tests.
*
* @package tool_dataprivacy
* @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class tool_dataprivacy_manager_observer_testcase extends advanced_testcase {
/**
* Helper to set andn return two users who are DPOs.
*/
protected function setup_site_dpos() {
global $DB;
$this->resetAfterTest();
$generator = new testing_data_generator();
$u1 = $this->getDataGenerator()->create_user();
$u2 = $this->getDataGenerator()->create_user();
$context = context_system::instance();
// Give the manager role with the capability to manage data requests.
$managerroleid = $DB->get_field('role', 'id', array('shortname' => 'manager'));
assign_capability('tool/dataprivacy:managedatarequests', CAP_ALLOW, $managerroleid, $context->id, true);
// Assign both users as manager.
role_assign($managerroleid, $u1->id, $context->id);
role_assign($managerroleid, $u2->id, $context->id);
// Only map the manager role to the DPO role.
set_config('dporoles', $managerroleid, 'tool_dataprivacy');
return \tool_dataprivacy\api::get_site_dpos();
}
/**
* Ensure that when users are configured as DPO, they are sent an message upon failure.
*/
public function test_handle_component_failure() {
$this->resetAfterTest();
// Create another user who is not a DPO.
$this->getDataGenerator()->create_user();
// Create the DPOs.
$dpos = $this->setup_site_dpos();
$observer = new \tool_dataprivacy\manager_observer();
// Handle the failure, catching messages.
$mailsink = $this->redirectMessages();
$mailsink->clear();
$observer->handle_component_failure(new \Exception('error'), 'foo', 'bar', 'baz', ['foobarbaz', 'bum']);
// Messages should be sent to both DPOs only.
$this->assertEquals(2, $mailsink->count());
$messages = $mailsink->get_messages();
$messageusers = array_map(function($message) {
return $message->useridto;
}, $messages);
$this->assertEquals(array_keys($dpos), $messageusers, '', 0.0, 0, true);
}
/**
* Ensure that when no user is configured as DPO, the message is sent to admin instead.
*/
public function test_handle_component_failure_no_dpo() {
$this->resetAfterTest();
// Create another user who is not a DPO or admin.
$this->getDataGenerator()->create_user();
$observer = new \tool_dataprivacy\manager_observer();
$mailsink = $this->redirectMessages();
$mailsink->clear();
$observer->handle_component_failure(new \Exception('error'), 'foo', 'bar', 'baz', ['foobarbaz', 'bum']);
// Messages should have been sent only to the admin.
$this->assertEquals(1, $mailsink->count());
$messages = $mailsink->get_messages();
$message = reset($messages);
$admin = \core_user::get_user_by_username('admin');
$this->assertEquals($admin->id, $message->useridto);
}
}

2
admin/tool/dataprivacy/version.php
View file

@ -24,6 +24,6 @@
defined('MOODLE_INTERNAL') || die;
$plugin->version = 2018051400;
$plugin->version = 2018051401;
$plugin->requires = 2018050800; // Moodle 3.5dev (Build 2018031600) and upwards.
$plugin->component = 'tool_dataprivacy';