MDL-63496 tool_dataprivacy: Add configuration for per-role retention
[moodle.git] / rating / classes / privacy / provider.php
CommitLineData
cbc63252
AN
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * Privacy Subsystem implementation for core_ratings.
19 *
20 * @package core_rating
21 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23 */
24
25namespace core_rating\privacy;
26
27use \core_privacy\local\metadata\collection;
28
29defined('MOODLE_INTERNAL') || die();
30
31require_once($CFG->dirroot . '/rating/lib.php');
32
33/**
34 * Privacy Subsystem implementation for core_ratings.
35 *
36 * @copyright 2018 Andrew Nicols <andrew@nicols.co.uk>
37 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
38 */
39class provider implements
40 // The ratings subsystem contains data.
41 \core_privacy\local\metadata\provider,
42
43 // The ratings subsystem is only ever used to store data for other components.
44 // It does not store any data of its own and does not need to implement the \core_privacy\local\request\subsystem\provider
45 // as a result.
46
47 // The ratings subsystem provides a data service to other components.
48 \core_privacy\local\request\subsystem\plugin_provider {
49
50 /**
51 * Returns metadata about the ratings subsystem.
52 *
53 * @param collection $collection The initialised collection to add items to.
54 * @return collection A listing of user data stored through the subsystem.
55 */
56 public static function get_metadata(collection $collection) : collection {
57 // The table 'rating' cotains data that a user has entered.
58 // It stores the user-entered rating alongside a mapping to describe what was mapped.
59 $collection->add_database_table('rating', [
60 'rating' => 'privacy:metadata:rating:rating',
61 'userid' => 'privacy:metadata:rating:userid',
62 'timecreated' => 'privacy:metadata:rating:timecreated',
63 'timemodified' => 'privacy:metadata:rating:timemodified',
64 ], 'privacy:metadata:rating');
65
66 return $collection;
67 }
68
69 /**
70 * Export all ratings which match the specified component, areaid, and itemid.
71 *
72 * If requesting ratings for a users own content, and you wish to include all ratings of that content, specify
73 * $onlyuser as false.
74 *
75 * When requesting ratings for another users content, you should only export the ratings that the specified user
76 * made themselves.
77 *
78 * @param int $userid The user whose information is to be exported
79 * @param \context $context The context being stored.
80 * @param array $subcontext The subcontext within the context to export this information
81 * @param string $component The component to fetch data from
82 * @param string $ratingarea The ratingarea that the data was stored in within the component
83 * @param int $itemid The itemid within that ratingarea
84 * @param bool $onlyuser Whether to only export ratings that the current user has made, or all ratings
85 */
86 public static function export_area_ratings(
87 int $userid,
88 \context $context,
89 array $subcontext,
90 string $component,
91 string $ratingarea,
92 int $itemid,
93 bool $onlyuser = true
94 ) {
95 global $DB;
96
97 $rm = new \rating_manager();
98 $ratings = $rm->get_all_ratings_for_item((object) [
99 'context' => $context,
100 'component' => $component,
101 'ratingarea' => $ratingarea,
102 'itemid' => $itemid,
103 ]);
104
105 if ($onlyuser) {
106 $ratings = array_filter($ratings, function($rating) use ($userid){
107 return ($rating->userid == $userid);
108 });
109 }
110
111 if (empty($ratings)) {
112 return;
113 }
114
115 $toexport = array_map(function($rating) {
116 return (object) [
117 'rating' => $rating->rating,
118 'author' => $rating->userid,
119 ];
120 }, $ratings);
121
122 $writer = \core_privacy\local\request\writer::with_context($context)
123 ->export_related_data($subcontext, 'rating', $toexport);
124 }
125
126 /**
127 * Get the SQL required to find all submission items where this user has had any involvements.
128 *
129 * @param string $alias The name of the table alias to use.
130 * @param string $component The na eof the component to fetch ratings for.
131 * @param string $ratingarea The rating area to fetch results for.
132 * @param string $itemidjoin The right-hand-side of the JOIN ON clause.
133 * @param int $userid The ID of the user being stored.
134 * @return \stdClass
135 */
136 public static function get_sql_join($alias, $component, $ratingarea, $itemidjoin, $userid) {
137 static $count = 0;
138 $count++;
139
140 // Join the rating table with the specified alias and the relevant join params.
141 $join = "LEFT JOIN {rating} {$alias} ON ";
38e68521 142 $join .= "{$alias}.userid = :ratinguserid{$count} AND ";
cbc63252
AN
143 $join .= "{$alias}.component = :ratingcomponent{$count} AND ";
144 $join .= "{$alias}.ratingarea = :ratingarea{$count} AND ";
145 $join .= "{$alias}.itemid = {$itemidjoin}";
146
147 // Match against the specified user.
38e68521 148 $userwhere = "{$alias}.id IS NOT NULL";
cbc63252
AN
149
150 $params = [
151 'ratingcomponent' . $count => $component,
152 'ratingarea' . $count => $ratingarea,
153 'ratinguserid' . $count => $userid,
154 ];
155
156 $return = (object) [
157 'join' => $join,
158 'params' => $params,
159 'userwhere' => $userwhere,
160 ];
161 return $return;
162 }
e5ec530a
MG
163
164 /**
165 * Deletes all ratings for a specified context, component, ratingarea and itemid.
166 *
167 * Only delete ratings when the item itself was deleted.
168 *
169 * We never delete ratings for one user but not others - this may affect grades, therefore ratings
170 * made by particular user are not considered personal information.
171 *
172 * @param \context $context Details about which context to delete ratings for.
173 * @param string $component Component to delete.
174 * @param string $ratingarea Rating area to delete.
175 * @param int $itemid The item ID for use with deletion.
176 */
177 public static function delete_ratings(\context $context, string $component = null,
178 string $ratingarea = null, int $itemid = null) {
179 global $DB;
180
181 $options = ['contextid' => $context->id];
182 if ($component) {
183 $options['component'] = $component;
184 }
185 if ($ratingarea) {
186 $options['ratingarea'] = $ratingarea;
187 }
188 if ($itemid) {
189 $options['itemid'] = $itemid;
190 }
191
192 $DB->delete_records('rating', $options);
193 }
194
195 /**
196 * Deletes all tag instances for given context, component, itemtype using subquery for itemids
197 *
198 * In most situations you will want to specify $userid as null. Per-user tag instances
199 * are possible in Tags API, however there are no components or standard plugins that actually use them.
200 *
201 * @param \context $context Details about which context to delete ratings for.
202 * @param string $component Component to delete.
203 * @param string $ratingarea Rating area to delete.
204 * @param string $itemidstest an SQL fragment that the itemid must match. Used
205 * in the query like WHERE itemid $itemidstest. Must use named parameters,
206 * and may not use named parameters called contextid, component or ratingarea.
207 * @param array $params any query params used by $itemidstest.
208 */
209 public static function delete_ratings_select(\context $context, string $component,
210 string $ratingarea, $itemidstest, $params = []) {
211 global $DB;
212 $params += ['contextid' => $context->id, 'component' => $component, 'ratingarea' => $ratingarea];
213 $DB->delete_records_select('rating',
214 'contextid = :contextid AND component = :component AND ratingarea = :ratingarea AND itemid ' . $itemidstest,
215 $params);
216 }
cbc63252 217}