weekly release 3.6dev
[moodle.git] / admin / tool / dataprivacy / createdatarequest.php
CommitLineData
5efc1f9e
DM
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Prints the contact form to the site's Data Protection Officer
19 *
20 * @copyright 2018 onwards Jun Pataleta
21 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
22 * @package tool_dataprivacy
23 */
24
25require_once('../../../config.php');
26require_once('lib.php');
27require_once('classes/api.php');
28require_once('createdatarequest_form.php');
29
30$manage = optional_param('manage', 0, PARAM_INT);
31
32$url = new moodle_url('/admin/tool/dataprivacy/createdatarequest.php', ['manage' => $manage]);
33
34$PAGE->set_url($url);
35
36require_login();
37if (isguestuser()) {
38 print_error('noguest');
39}
40
41// Return URL and context.
42if ($manage) {
43 // For the case where DPO creates data requests on behalf of another user.
44 $returnurl = new moodle_url($CFG->wwwroot . '/admin/tool/dataprivacy/datarequests.php');
45 $context = context_system::instance();
46 // Make sure the user has the proper capability.
47 require_capability('tool/dataprivacy:managedatarequests', $context);
48} else {
49 // For the case where a user makes request for themselves (or for their children if they are the parent).
50 $returnurl = new moodle_url($CFG->wwwroot . '/admin/tool/dataprivacy/mydatarequests.php');
51 $context = context_user::instance($USER->id);
52}
53$PAGE->set_context($context);
54
55// If contactdataprotectionofficer is disabled, send the user back to the profile page, or the privacy policy page.
97009b73
JD
56// That is, unless you have sufficient capabilities to perform this on behalf of a user.
57if (!$manage && !\tool_dataprivacy\api::can_contact_dpo()) {
df751f00 58 redirect($returnurl, get_string('contactdpoviaprivacypolicy', 'tool_dataprivacy'), 0, \core\output\notification::NOTIFY_ERROR);
5efc1f9e
DM
59}
60
f946d875 61$mform = new tool_dataprivacy_data_request_form($url->out(false), ['manage' => !empty($manage)]);
5efc1f9e
DM
62
63// Data request cancelled.
64if ($mform->is_cancelled()) {
65 redirect($returnurl);
66}
67
68// Data request submitted.
69if ($data = $mform->get_data()) {
70 \tool_dataprivacy\api::create_data_request($data->userid, $data->type, $data->comments);
71
f946d875
JP
72 if ($manage) {
73 $foruser = core_user::get_user($data->userid);
74 $redirectmessage = get_string('datarequestcreatedforuser', 'tool_dataprivacy', fullname($foruser));
75 } else {
76 $redirectmessage = get_string('requestsubmitted', 'tool_dataprivacy');
77 }
78 redirect($returnurl, $redirectmessage);
5efc1f9e
DM
79}
80
457047de
MG
81$title = get_string('createnewdatarequest', 'tool_dataprivacy');
82$PAGE->set_heading($SITE->fullname);
5efc1f9e
DM
83$PAGE->set_title($title);
84echo $OUTPUT->header();
85echo $OUTPUT->heading($title);
86
87echo $OUTPUT->box_start();
88$mform->display();
89echo $OUTPUT->box_end();
90
91echo $OUTPUT->footer();