weekly release 3.6dev
[moodle.git] / mod / quiz / classes / privacy / provider.php
CommitLineData
4c729982
AN
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Privacy Subsystem implementation for mod_quiz.
19 *
20 * @package mod_quiz
21 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25namespace mod_quiz\privacy;
26
27use \core_privacy\local\request\writer;
28use \core_privacy\local\request\transform;
29use \core_privacy\local\request\contextlist;
30use \core_privacy\local\request\approved_contextlist;
31use \core_privacy\local\request\deletion_criteria;
32use \core_privacy\local\metadata\collection;
33use \core_privacy\manager;
34
35defined('MOODLE_INTERNAL') || die();
36
37require_once($CFG->dirroot . '/mod/quiz/lib.php');
38require_once($CFG->dirroot . '/mod/quiz/locallib.php');
39
40/**
41 * Privacy Subsystem implementation for mod_quiz.
42 *
43 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
44 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
45 */
46class provider implements
47 // This plugin has data.
48 \core_privacy\local\metadata\provider,
49
50 // This plugin currently implements the original plugin_provider interface.
51 \core_privacy\local\request\plugin\provider {
52
53 /**
54 * Get the list of contexts that contain user information for the specified user.
55 *
56 * @param collection $items The collection to add metadata to.
57 * @return collection The array of metadata
58 */
59 public static function get_metadata(collection $items) : collection {
60 // The table 'quiz' stores a record for each quiz.
61 // It does not contain user personal data, but data is returned from it for contextual requirements.
62
63 // The table 'quiz_attempts' stores a record of each quiz attempt.
64 // It contains a userid which links to the user making the attempt and contains information about that attempt.
65 $items->add_database_table('quiz_attempts', [
66 'attempt' => 'privacy:metadata:quiz_attempts:attempt',
67 'currentpage' => 'privacy:metadata:quiz_attempts:currentpage',
68 'preview' => 'privacy:metadata:quiz_attempts:preview',
69 'state' => 'privacy:metadata:quiz_attempts:state',
70 'timestart' => 'privacy:metadata:quiz_attempts:timestart',
71 'timefinish' => 'privacy:metadata:quiz_attempts:timefinish',
72 'timemodified' => 'privacy:metadata:quiz_attempts:timemodified',
73 'timemodifiedoffline' => 'privacy:metadata:quiz_attempts:timemodifiedoffline',
74 'timecheckstate' => 'privacy:metadata:quiz_attempts:timecheckstate',
75 'sumgrades' => 'privacy:metadata:quiz_attempts:sumgrades',
76 ], 'privacy:metadata:quiz_attempts');
77
78 // The table 'quiz_feedback' contains the feedback responses which will be shown to users depending upon the
79 // grade they achieve in the quiz.
80 // It does not identify the user who wrote the feedback item so cannot be returned directly and is not
81 // described, but relevant feedback items will be included with the quiz export for a user who has a grade.
82
83 // The table 'quiz_grades' contains the current grade for each quiz/user combination.
84 $items->add_database_table('quiz_grades', [
85 'quiz' => 'privacy:metadata:quiz_grades:quiz',
86 'userid' => 'privacy:metadata:quiz_grades:userid',
87 'grade' => 'privacy:metadata:quiz_grades:grade',
88 'timemodified' => 'privacy:metadata:quiz_grades:timemodified',
89 ], 'privacy:metadata:quiz_grades');
90
91 // The table 'quiz_overrides' contains any user or group overrides for users.
92 // It should be included where data exists for a user.
93 $items->add_database_table('quiz_overrides', [
94 'quiz' => 'privacy:metadata:quiz_overrides:quiz',
95 'userid' => 'privacy:metadata:quiz_overrides:userid',
96 'timeopen' => 'privacy:metadata:quiz_overrides:timeopen',
97 'timeclose' => 'privacy:metadata:quiz_overrides:timeclose',
98 'timelimit' => 'privacy:metadata:quiz_overrides:timelimit',
99 ], 'privacy:metadata:quiz_overrides');
100
101 // These define the structure of the quiz.
102
103 // The table 'quiz_sections' contains data about the structure of a quiz.
104 // It does not contain any user identifying data and does not need a mapping.
105
106 // The table 'quiz_slots' contains data about the structure of a quiz.
107 // It does not contain any user identifying data and does not need a mapping.
108
109 // The table 'quiz_reports' does not contain any user identifying data and does not need a mapping.
110
111 // The table 'quiz_statistics' contains abstract statistics about question usage and cannot be mapped to any
112 // specific user.
113 // It does not contain any user identifying data and does not need a mapping.
114
115 // The quiz links to the 'core_question' subsystem for all question functionality.
116 $items->add_subsystem_link('core_question', [], 'privacy:metadata:core_question');
117
118 // The quiz has two subplugins..
119 $items->add_plugintype_link('quiz', [], 'privacy:metadata:quiz');
120 $items->add_plugintype_link('quizaccess', [], 'privacy:metadata:quizaccess');
121
122 // Although the quiz supports the core_completion API and defines custom completion items, these will be
123 // noted by the manager as all activity modules are capable of supporting this functionality.
124
125 return $items;
126 }
127
128 /**
129 * Get the list of contexts where the specified user has attempted a quiz, or been involved with manual marking
130 * and/or grading of a quiz.
131 *
132 * @param int $userid The user to search.
133 * @return contextlist $contextlist The contextlist containing the list of contexts used in this plugin.
134 */
135 public static function get_contexts_for_userid(int $userid) : contextlist {
136 // Get the SQL used to link indirect question usages for the user.
137 // This includes where a user is the manual marker on a question attempt.
138 $qubaid = \core_question\privacy\provider::get_related_question_usages_for_user('rel', 'mod_quiz', 'qa.uniqueid', $userid);
139
140 // Select the context of any quiz attempt where a user has an attempt, plus the related usages.
141 $sql = "SELECT c.id
142 FROM {context} c
143 JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
144 JOIN {modules} m ON m.id = cm.module AND m.name = :modname
145 JOIN {quiz} q ON q.id = cm.instance
146 JOIN {quiz_attempts} qa ON qa.quiz = q.id
147 LEFT JOIN {quiz_overrides} qo ON qo.quiz = q.id AND qo.userid = :qouserid
148 " . $qubaid->from . "
149 WHERE (
150 qa.userid = :qauserid OR
03702723
AN
151 " . $qubaid->where() . " OR
152 qo.id IS NOT NULL
4c729982
AN
153 ) AND qa.preview = 0
154 ";
155
156 $params = array_merge(
157 [
158 'contextlevel' => CONTEXT_MODULE,
159 'modname' => 'quiz',
160 'qauserid' => $userid,
161 'qouserid' => $userid,
162 ],
163 $qubaid->from_where_params()
164 );
165
166 $resultset = new contextlist();
167 $resultset->add_from_sql($sql, $params);
168
169 return $resultset;
170 }
171
172 /**
173 * Delete all data for all users in the specified context.
174 *
175 * @param approved_contextlist $contextlist The approved contexts to export information for.
176 */
177 public static function export_user_data(approved_contextlist $contextlist) {
178 global $DB;
179
180 if (!count($contextlist)) {
181 return;
182 }
183
184 $user = $contextlist->get_user();
185 $userid = $user->id;
186 list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
187
188 $sql = "SELECT
189 q.*,
190 qg.id AS hasgrade,
191 qg.grade AS bestgrade,
192 qg.timemodified AS grademodified,
193 qo.id AS hasoverride,
194 qo.timeopen AS override_timeopen,
195 qo.timeclose AS override_timeclose,
196 qo.timelimit AS override_timelimit,
197 c.id AS contextid,
198 cm.id AS cmid
199 FROM {context} c
200 INNER JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
201 INNER JOIN {modules} m ON m.id = cm.module AND m.name = :modname
202 INNER JOIN {quiz} q ON q.id = cm.instance
203 LEFT JOIN {quiz_overrides} qo ON qo.quiz = q.id AND qo.userid = :qouserid
204 LEFT JOIN {quiz_grades} qg ON qg.quiz = q.id AND qg.userid = :qguserid
205 WHERE c.id {$contextsql}";
206
207 $params = [
208 'contextlevel' => CONTEXT_MODULE,
209 'modname' => 'quiz',
210 'qguserid' => $userid,
211 'qouserid' => $userid,
212 ];
213 $params += $contextparams;
214
215 // Fetch the individual quizzes.
216 $quizzes = $DB->get_recordset_sql($sql, $params);
217 foreach ($quizzes as $quiz) {
218 list($course, $cm) = get_course_and_cm_from_cmid($quiz->cmid, 'quiz');
219 $quizobj = new \quiz($quiz, $cm, $course);
220 $context = $quizobj->get_context();
221
222 $quizdata = \core_privacy\local\request\helper::get_context_data($context, $contextlist->get_user());
223 \core_privacy\local\request\helper::export_context_files($context, $contextlist->get_user());
224
225 if (!empty($quizdata->timeopen)) {
226 $quizdata->timeopen = transform::datetime($quiz->timeopen);
227 }
228 if (!empty($quizdata->timeclose)) {
229 $quizdata->timeclose = transform::datetime($quiz->timeclose);
230 }
231 if (!empty($quizdata->timelimit)) {
232 $quizdata->timelimit = $quiz->timelimit;
233 }
234
235 if (!empty($quiz->hasoverride)) {
236 $quizdata->override = (object) [];
237
238 if (!empty($quizdata->override_override_timeopen)) {
239 $quizdata->override->timeopen = transform::datetime($quiz->override_timeopen);
240 }
241 if (!empty($quizdata->override_timeclose)) {
242 $quizdata->override->timeclose = transform::datetime($quiz->override_timeclose);
243 }
244 if (!empty($quizdata->override_timelimit)) {
245 $quizdata->override->timelimit = $quiz->override_timelimit;
246 }
247 }
248
249 $quizdata->accessdata = (object) [];
250
251 $components = \core_component::get_plugin_list('quizaccess');
252 $exportparams = [
253 $quizobj,
254 $user,
255 ];
256 foreach (array_keys($components) as $component) {
257 $classname = manager::get_provider_classname_for_component("quizaccess_$component");
258 if (class_exists($classname) && is_subclass_of($classname, quizaccess_provider::class)) {
259 $result = component_class_callback($classname, 'export_quizaccess_user_data', $exportparams);
260 if (count((array) $result)) {
261 $quizdata->accessdata->$component = $result;
262 }
263 }
264 }
265
266 if (empty((array) $quizdata->accessdata)) {
267 unset($quizdata->accessdata);
268 }
269
270 writer::with_context($context)
271 ->export_data([], $quizdata);
272 }
273 $quizzes->close();
274
275 // Store all quiz attempt data.
276 static::export_quiz_attempts($contextlist);
277 }
278
279 /**
280 * Delete all data for all users in the specified context.
281 *
282 * @param context $context The specific context to delete data for.
283 */
284 public static function delete_data_for_all_users_in_context(\context $context) {
63b0f627
AN
285 if ($context->contextlevel != CONTEXT_MODULE) {
286 // Only quiz module will be handled.
287 return;
288 }
289
4c729982
AN
290 $cm = get_coursemodule_from_id('quiz', $context->instanceid);
291 if (!$cm) {
292 // Only quiz module will be handled.
293 return;
294 }
63b0f627
AN
295
296 $quizobj = \quiz::create($cm->instance);
297 $quiz = $quizobj->get_quiz();
4c729982
AN
298
299 // Handle the 'quizaccess' subplugin.
300 manager::plugintype_class_callback(
301 'quizaccess',
302 quizaccess_provider::class,
303 'delete_subplugin_data_for_all_users_in_context',
63b0f627 304 [$quizobj]
4c729982
AN
305 );
306
307 // Delete all overrides - do not log.
308 quiz_delete_all_overrides($quiz, false);
309
310 // This will delete all question attempts, quiz attempts, and quiz grades for this quiz.
311 quiz_delete_all_attempts($quiz);
312 }
313
314 /**
315 * Delete all user data for the specified user, in the specified contexts.
316 *
317 * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
318 */
319 public static function delete_data_for_user(approved_contextlist $contextlist) {
320 global $DB;
321
322 foreach ($contextlist as $context) {
63b0f627
AN
323 if ($context->contextlevel != CONTEXT_MODULE) {
324 // Only quiz module will be handled.
325 continue;
326 }
327
4c729982 328 $cm = get_coursemodule_from_id('quiz', $context->instanceid);
63b0f627
AN
329 if (!$cm) {
330 // Only quiz module will be handled.
331 continue;
332 }
333
334 // Fetch the details of the data to be removed.
335 $quizobj = \quiz::create($cm->instance);
336 $quiz = $quizobj->get_quiz();
4c729982
AN
337 $user = $contextlist->get_user();
338
339 // Handle the 'quizaccess' quizaccess.
340 manager::plugintype_class_callback(
341 'quizaccess',
342 quizaccess_provider::class,
343 'delete_quizaccess_data_for_user',
63b0f627 344 [$quizobj, $user]
4c729982
AN
345 );
346
63b0f627 347 // Remove overrides for this user.
4c729982 348 $overrides = $DB->get_records('quiz_overrides' , [
63b0f627
AN
349 'quiz' => $quizobj->get_quizid(),
350 'userid' => $user->id,
351 ]);
4c729982
AN
352
353 foreach ($overrides as $override) {
354 quiz_delete_override($quiz, $override->id, false);
355 }
356
357 // This will delete all question attempts, quiz attempts, and quiz grades for this quiz.
63b0f627 358 quiz_delete_user_attempts($quizobj, $user);
4c729982
AN
359 }
360 }
361
362 /**
363 * Store all quiz attempts for the contextlist.
364 *
365 * @param approved_contextlist $contextlist
366 */
367 protected static function export_quiz_attempts(approved_contextlist $contextlist) {
368 global $DB;
369
370 $userid = $contextlist->get_user()->id;
371 list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
372 $qubaid = \core_question\privacy\provider::get_related_question_usages_for_user('rel', 'mod_quiz', 'qa.uniqueid', $userid);
373
374 $sql = "SELECT
375 c.id AS contextid,
376 cm.id AS cmid,
377 qa.*
378 FROM {context} c
379 JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
380 JOIN {modules} m ON m.id = cm.module AND m.name = 'quiz'
381 JOIN {quiz} q ON q.id = cm.instance
382 JOIN {quiz_attempts} qa ON qa.quiz = q.id
383 " . $qubaid->from. "
384 WHERE (
385 qa.userid = :qauserid OR
386 " . $qubaid->where() . "
387 ) AND qa.preview = 0
388 ";
389
390 $params = array_merge(
391 [
392 'contextlevel' => CONTEXT_MODULE,
393 'qauserid' => $userid,
394 ],
395 $qubaid->from_where_params()
396 );
397
398 $attempts = $DB->get_recordset_sql($sql, $params);
399 foreach ($attempts as $attempt) {
400 $quiz = $DB->get_record('quiz', ['id' => $attempt->quiz]);
401 $context = \context_module::instance($attempt->cmid);
402 $attemptsubcontext = helper::get_quiz_attempt_subcontext($attempt, $contextlist->get_user());
403 $options = quiz_get_review_options($quiz, $attempt, $context);
404
405 if ($attempt->userid == $userid) {
406 // This attempt was made by the user.
407 // They 'own' all data on it.
408 // Store the question usage data.
409 \core_question\privacy\provider::export_question_usage($userid,
410 $context,
411 $attemptsubcontext,
412 $attempt->uniqueid,
413 $options,
414 true
415 );
416
417 // Store the quiz attempt data.
418 $data = (object) [
419 'state' => \quiz_attempt::state_name($attempt->state),
420 ];
421
422 if (!empty($attempt->timestart)) {
423 $data->timestart = transform::datetime($attempt->timestart);
424 }
425 if (!empty($attempt->timefinish)) {
426 $data->timefinish = transform::datetime($attempt->timefinish);
427 }
428 if (!empty($attempt->timemodified)) {
429 $data->timemodified = transform::datetime($attempt->timemodified);
430 }
431 if (!empty($attempt->timemodifiedoffline)) {
432 $data->timemodifiedoffline = transform::datetime($attempt->timemodifiedoffline);
433 }
434 if (!empty($attempt->timecheckstate)) {
435 $data->timecheckstate = transform::datetime($attempt->timecheckstate);
436 }
437
438 if ($options->marks == \question_display_options::MARK_AND_MAX) {
439 $grade = quiz_rescale_grade($attempt->sumgrades, $quiz, false);
440 $data->grade = (object) [
441 'grade' => quiz_format_grade($quiz, $grade),
442 'feedback' => quiz_feedback_for_grade($grade, $quiz, $context),
443 ];
444 }
445
446 writer::with_context($context)
447 ->export_data($attemptsubcontext, $data);
448 } else {
449 // This attempt was made by another user.
450 // The current user may have marked part of the quiz attempt.
451 \core_question\privacy\provider::export_question_usage(
452 $userid,
453 $context,
454 $attemptsubcontext,
455 $attempt->uniqueid,
456 $options,
457 false
458 );
459 }
460 }
461 $attempts->close();
462 }
463}