on-demand release 3.5beta+
[moodle.git] / mod / quiz / classes / privacy / provider.php
CommitLineData
4c729982
AN
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Privacy Subsystem implementation for mod_quiz.
19 *
20 * @package mod_quiz
21 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25namespace mod_quiz\privacy;
26
27use \core_privacy\local\request\writer;
28use \core_privacy\local\request\transform;
29use \core_privacy\local\request\contextlist;
30use \core_privacy\local\request\approved_contextlist;
31use \core_privacy\local\request\deletion_criteria;
32use \core_privacy\local\metadata\collection;
33use \core_privacy\manager;
34
35defined('MOODLE_INTERNAL') || die();
36
37require_once($CFG->dirroot . '/mod/quiz/lib.php');
38require_once($CFG->dirroot . '/mod/quiz/locallib.php');
39
40/**
41 * Privacy Subsystem implementation for mod_quiz.
42 *
43 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
44 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
45 */
46class provider implements
47 // This plugin has data.
48 \core_privacy\local\metadata\provider,
49
50 // This plugin currently implements the original plugin_provider interface.
51 \core_privacy\local\request\plugin\provider {
52
53 /**
54 * Get the list of contexts that contain user information for the specified user.
55 *
56 * @param collection $items The collection to add metadata to.
57 * @return collection The array of metadata
58 */
59 public static function get_metadata(collection $items) : collection {
60 // The table 'quiz' stores a record for each quiz.
61 // It does not contain user personal data, but data is returned from it for contextual requirements.
62
63 // The table 'quiz_attempts' stores a record of each quiz attempt.
64 // It contains a userid which links to the user making the attempt and contains information about that attempt.
65 $items->add_database_table('quiz_attempts', [
66 'attempt' => 'privacy:metadata:quiz_attempts:attempt',
67 'currentpage' => 'privacy:metadata:quiz_attempts:currentpage',
68 'preview' => 'privacy:metadata:quiz_attempts:preview',
69 'state' => 'privacy:metadata:quiz_attempts:state',
70 'timestart' => 'privacy:metadata:quiz_attempts:timestart',
71 'timefinish' => 'privacy:metadata:quiz_attempts:timefinish',
72 'timemodified' => 'privacy:metadata:quiz_attempts:timemodified',
73 'timemodifiedoffline' => 'privacy:metadata:quiz_attempts:timemodifiedoffline',
74 'timecheckstate' => 'privacy:metadata:quiz_attempts:timecheckstate',
75 'sumgrades' => 'privacy:metadata:quiz_attempts:sumgrades',
76 ], 'privacy:metadata:quiz_attempts');
77
78 // The table 'quiz_feedback' contains the feedback responses which will be shown to users depending upon the
79 // grade they achieve in the quiz.
80 // It does not identify the user who wrote the feedback item so cannot be returned directly and is not
81 // described, but relevant feedback items will be included with the quiz export for a user who has a grade.
82
83 // The table 'quiz_grades' contains the current grade for each quiz/user combination.
84 $items->add_database_table('quiz_grades', [
85 'quiz' => 'privacy:metadata:quiz_grades:quiz',
86 'userid' => 'privacy:metadata:quiz_grades:userid',
87 'grade' => 'privacy:metadata:quiz_grades:grade',
88 'timemodified' => 'privacy:metadata:quiz_grades:timemodified',
89 ], 'privacy:metadata:quiz_grades');
90
91 // The table 'quiz_overrides' contains any user or group overrides for users.
92 // It should be included where data exists for a user.
93 $items->add_database_table('quiz_overrides', [
94 'quiz' => 'privacy:metadata:quiz_overrides:quiz',
95 'userid' => 'privacy:metadata:quiz_overrides:userid',
96 'timeopen' => 'privacy:metadata:quiz_overrides:timeopen',
97 'timeclose' => 'privacy:metadata:quiz_overrides:timeclose',
98 'timelimit' => 'privacy:metadata:quiz_overrides:timelimit',
99 ], 'privacy:metadata:quiz_overrides');
100
101 // These define the structure of the quiz.
102
103 // The table 'quiz_sections' contains data about the structure of a quiz.
104 // It does not contain any user identifying data and does not need a mapping.
105
106 // The table 'quiz_slots' contains data about the structure of a quiz.
107 // It does not contain any user identifying data and does not need a mapping.
108
109 // The table 'quiz_reports' does not contain any user identifying data and does not need a mapping.
110
111 // The table 'quiz_statistics' contains abstract statistics about question usage and cannot be mapped to any
112 // specific user.
113 // It does not contain any user identifying data and does not need a mapping.
114
115 // The quiz links to the 'core_question' subsystem for all question functionality.
116 $items->add_subsystem_link('core_question', [], 'privacy:metadata:core_question');
117
118 // The quiz has two subplugins..
119 $items->add_plugintype_link('quiz', [], 'privacy:metadata:quiz');
120 $items->add_plugintype_link('quizaccess', [], 'privacy:metadata:quizaccess');
121
122 // Although the quiz supports the core_completion API and defines custom completion items, these will be
123 // noted by the manager as all activity modules are capable of supporting this functionality.
124
125 return $items;
126 }
127
128 /**
129 * Get the list of contexts where the specified user has attempted a quiz, or been involved with manual marking
130 * and/or grading of a quiz.
131 *
132 * @param int $userid The user to search.
133 * @return contextlist $contextlist The contextlist containing the list of contexts used in this plugin.
134 */
135 public static function get_contexts_for_userid(int $userid) : contextlist {
136 // Get the SQL used to link indirect question usages for the user.
137 // This includes where a user is the manual marker on a question attempt.
138 $qubaid = \core_question\privacy\provider::get_related_question_usages_for_user('rel', 'mod_quiz', 'qa.uniqueid', $userid);
139
140 // Select the context of any quiz attempt where a user has an attempt, plus the related usages.
141 $sql = "SELECT c.id
142 FROM {context} c
143 JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
144 JOIN {modules} m ON m.id = cm.module AND m.name = :modname
145 JOIN {quiz} q ON q.id = cm.instance
146 JOIN {quiz_attempts} qa ON qa.quiz = q.id
147 LEFT JOIN {quiz_overrides} qo ON qo.quiz = q.id AND qo.userid = :qouserid
148 " . $qubaid->from . "
149 WHERE (
150 qa.userid = :qauserid OR
03702723
AN
151 " . $qubaid->where() . " OR
152 qo.id IS NOT NULL
4c729982
AN
153 ) AND qa.preview = 0
154 ";
155
156 $params = array_merge(
157 [
158 'contextlevel' => CONTEXT_MODULE,
159 'modname' => 'quiz',
160 'qauserid' => $userid,
161 'qouserid' => $userid,
162 ],
163 $qubaid->from_where_params()
164 );
165
166 $resultset = new contextlist();
167 $resultset->add_from_sql($sql, $params);
168
169 return $resultset;
170 }
171
172 /**
173 * Delete all data for all users in the specified context.
174 *
175 * @param approved_contextlist $contextlist The approved contexts to export information for.
176 */
177 public static function export_user_data(approved_contextlist $contextlist) {
178 global $DB;
179
180 if (!count($contextlist)) {
181 return;
182 }
183
184 $user = $contextlist->get_user();
185 $userid = $user->id;
186 list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
187
188 $sql = "SELECT
189 q.*,
190 qg.id AS hasgrade,
191 qg.grade AS bestgrade,
192 qg.timemodified AS grademodified,
193 qo.id AS hasoverride,
194 qo.timeopen AS override_timeopen,
195 qo.timeclose AS override_timeclose,
196 qo.timelimit AS override_timelimit,
197 c.id AS contextid,
198 cm.id AS cmid
199 FROM {context} c
200 INNER JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
201 INNER JOIN {modules} m ON m.id = cm.module AND m.name = :modname
202 INNER JOIN {quiz} q ON q.id = cm.instance
203 LEFT JOIN {quiz_overrides} qo ON qo.quiz = q.id AND qo.userid = :qouserid
204 LEFT JOIN {quiz_grades} qg ON qg.quiz = q.id AND qg.userid = :qguserid
205 WHERE c.id {$contextsql}";
206
207 $params = [
208 'contextlevel' => CONTEXT_MODULE,
209 'modname' => 'quiz',
210 'qguserid' => $userid,
211 'qouserid' => $userid,
212 ];
213 $params += $contextparams;
214
215 // Fetch the individual quizzes.
216 $quizzes = $DB->get_recordset_sql($sql, $params);
217 foreach ($quizzes as $quiz) {
218 list($course, $cm) = get_course_and_cm_from_cmid($quiz->cmid, 'quiz');
219 $quizobj = new \quiz($quiz, $cm, $course);
220 $context = $quizobj->get_context();
221
222 $quizdata = \core_privacy\local\request\helper::get_context_data($context, $contextlist->get_user());
223 \core_privacy\local\request\helper::export_context_files($context, $contextlist->get_user());
224
225 if (!empty($quizdata->timeopen)) {
226 $quizdata->timeopen = transform::datetime($quiz->timeopen);
227 }
228 if (!empty($quizdata->timeclose)) {
229 $quizdata->timeclose = transform::datetime($quiz->timeclose);
230 }
231 if (!empty($quizdata->timelimit)) {
232 $quizdata->timelimit = $quiz->timelimit;
233 }
234
235 if (!empty($quiz->hasoverride)) {
236 $quizdata->override = (object) [];
237
238 if (!empty($quizdata->override_override_timeopen)) {
239 $quizdata->override->timeopen = transform::datetime($quiz->override_timeopen);
240 }
241 if (!empty($quizdata->override_timeclose)) {
242 $quizdata->override->timeclose = transform::datetime($quiz->override_timeclose);
243 }
244 if (!empty($quizdata->override_timelimit)) {
245 $quizdata->override->timelimit = $quiz->override_timelimit;
246 }
247 }
248
249 $quizdata->accessdata = (object) [];
250
251 $components = \core_component::get_plugin_list('quizaccess');
252 $exportparams = [
253 $quizobj,
254 $user,
255 ];
256 foreach (array_keys($components) as $component) {
257 $classname = manager::get_provider_classname_for_component("quizaccess_$component");
258 if (class_exists($classname) && is_subclass_of($classname, quizaccess_provider::class)) {
259 $result = component_class_callback($classname, 'export_quizaccess_user_data', $exportparams);
260 if (count((array) $result)) {
261 $quizdata->accessdata->$component = $result;
262 }
263 }
264 }
265
266 if (empty((array) $quizdata->accessdata)) {
267 unset($quizdata->accessdata);
268 }
269
270 writer::with_context($context)
271 ->export_data([], $quizdata);
272 }
273 $quizzes->close();
274
275 // Store all quiz attempt data.
276 static::export_quiz_attempts($contextlist);
277 }
278
279 /**
280 * Delete all data for all users in the specified context.
281 *
282 * @param context $context The specific context to delete data for.
283 */
284 public static function delete_data_for_all_users_in_context(\context $context) {
285 $cm = get_coursemodule_from_id('quiz', $context->instanceid);
286 if (!$cm) {
287 // Only quiz module will be handled.
288 return;
289 }
290 $quiz = \quiz::create($cm->instance);
291
292 // Handle the 'quizaccess' subplugin.
293 manager::plugintype_class_callback(
294 'quizaccess',
295 quizaccess_provider::class,
296 'delete_subplugin_data_for_all_users_in_context',
297 [$quiz]
298 );
299
300 // Delete all overrides - do not log.
301 quiz_delete_all_overrides($quiz, false);
302
303 // This will delete all question attempts, quiz attempts, and quiz grades for this quiz.
304 quiz_delete_all_attempts($quiz);
305 }
306
307 /**
308 * Delete all user data for the specified user, in the specified contexts.
309 *
310 * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
311 */
312 public static function delete_data_for_user(approved_contextlist $contextlist) {
313 global $DB;
314
315 foreach ($contextlist as $context) {
316 $cm = get_coursemodule_from_id('quiz', $context->instanceid);
317 $quiz = \quiz::create($cm->instance);
318 $user = $contextlist->get_user();
319
320 // Handle the 'quizaccess' quizaccess.
321 manager::plugintype_class_callback(
322 'quizaccess',
323 quizaccess_provider::class,
324 'delete_quizaccess_data_for_user',
325 [$quiz, $user]
326 );
327
328 $overrides = $DB->get_records('quiz_overrides' , [
329 'quiz' => $quiz->get_quizid(),
330 'userid' => $user->id,
331 ]);
332
333 foreach ($overrides as $override) {
334 quiz_delete_override($quiz, $override->id, false);
335 }
336
337 // This will delete all question attempts, quiz attempts, and quiz grades for this quiz.
338 quiz_delete_user_attempts($quiz, $user);
339 }
340 }
341
342 /**
343 * Store all quiz attempts for the contextlist.
344 *
345 * @param approved_contextlist $contextlist
346 */
347 protected static function export_quiz_attempts(approved_contextlist $contextlist) {
348 global $DB;
349
350 $userid = $contextlist->get_user()->id;
351 list($contextsql, $contextparams) = $DB->get_in_or_equal($contextlist->get_contextids(), SQL_PARAMS_NAMED);
352 $qubaid = \core_question\privacy\provider::get_related_question_usages_for_user('rel', 'mod_quiz', 'qa.uniqueid', $userid);
353
354 $sql = "SELECT
355 c.id AS contextid,
356 cm.id AS cmid,
357 qa.*
358 FROM {context} c
359 JOIN {course_modules} cm ON cm.id = c.instanceid AND c.contextlevel = :contextlevel
360 JOIN {modules} m ON m.id = cm.module AND m.name = 'quiz'
361 JOIN {quiz} q ON q.id = cm.instance
362 JOIN {quiz_attempts} qa ON qa.quiz = q.id
363 " . $qubaid->from. "
364 WHERE (
365 qa.userid = :qauserid OR
366 " . $qubaid->where() . "
367 ) AND qa.preview = 0
368 ";
369
370 $params = array_merge(
371 [
372 'contextlevel' => CONTEXT_MODULE,
373 'qauserid' => $userid,
374 ],
375 $qubaid->from_where_params()
376 );
377
378 $attempts = $DB->get_recordset_sql($sql, $params);
379 foreach ($attempts as $attempt) {
380 $quiz = $DB->get_record('quiz', ['id' => $attempt->quiz]);
381 $context = \context_module::instance($attempt->cmid);
382 $attemptsubcontext = helper::get_quiz_attempt_subcontext($attempt, $contextlist->get_user());
383 $options = quiz_get_review_options($quiz, $attempt, $context);
384
385 if ($attempt->userid == $userid) {
386 // This attempt was made by the user.
387 // They 'own' all data on it.
388 // Store the question usage data.
389 \core_question\privacy\provider::export_question_usage($userid,
390 $context,
391 $attemptsubcontext,
392 $attempt->uniqueid,
393 $options,
394 true
395 );
396
397 // Store the quiz attempt data.
398 $data = (object) [
399 'state' => \quiz_attempt::state_name($attempt->state),
400 ];
401
402 if (!empty($attempt->timestart)) {
403 $data->timestart = transform::datetime($attempt->timestart);
404 }
405 if (!empty($attempt->timefinish)) {
406 $data->timefinish = transform::datetime($attempt->timefinish);
407 }
408 if (!empty($attempt->timemodified)) {
409 $data->timemodified = transform::datetime($attempt->timemodified);
410 }
411 if (!empty($attempt->timemodifiedoffline)) {
412 $data->timemodifiedoffline = transform::datetime($attempt->timemodifiedoffline);
413 }
414 if (!empty($attempt->timecheckstate)) {
415 $data->timecheckstate = transform::datetime($attempt->timecheckstate);
416 }
417
418 if ($options->marks == \question_display_options::MARK_AND_MAX) {
419 $grade = quiz_rescale_grade($attempt->sumgrades, $quiz, false);
420 $data->grade = (object) [
421 'grade' => quiz_format_grade($quiz, $grade),
422 'feedback' => quiz_feedback_for_grade($grade, $quiz, $context),
423 ];
424 }
425
426 writer::with_context($context)
427 ->export_data($attemptsubcontext, $data);
428 } else {
429 // This attempt was made by another user.
430 // The current user may have marked part of the quiz attempt.
431 \core_question\privacy\provider::export_question_usage(
432 $userid,
433 $context,
434 $attemptsubcontext,
435 $attempt->uniqueid,
436 $options,
437 false
438 );
439 }
440 }
441 $attempts->close();
442 }
443}