MDL-63637 block_rss_client: Add support for removal of context users
authorMihail Geshoski <mihail@moodle.com>
Fri, 12 Oct 2018 05:12:42 +0000 (13:12 +0800)
committerDavid Monllao <davidm@moodle.com>
Mon, 22 Oct 2018 10:50:12 +0000 (12:50 +0200)
This issue is part of the MDL-62560 Epic.

blocks/rss_client/classes/privacy/provider.php
blocks/rss_client/tests/privacy_test.php

index c1ea54f..214148e 100644 (file)
@@ -28,6 +28,8 @@ defined('MOODLE_INTERNAL') || die();
 use \core_privacy\local\metadata\collection;
 use \core_privacy\local\request\contextlist;
 use \core_privacy\local\request\approved_contextlist;
+use \core_privacy\local\request\userlist;
+use \core_privacy\local\request\approved_userlist;
 
 /**
  * Privacy class for requesting user data.
@@ -36,7 +38,10 @@ use \core_privacy\local\request\approved_contextlist;
  * @copyright  2018 Mihail Geshoski <mihail@moodle.com>
  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  */
-class provider implements \core_privacy\local\metadata\provider, \core_privacy\local\request\plugin\provider {
+class provider implements
+        \core_privacy\local\metadata\provider,
+        \core_privacy\local\request\core_userlist_provider,
+        \core_privacy\local\request\plugin\provider {
 
     /**
      * Returns meta data about this system.
@@ -81,6 +86,33 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l
         return $contextlist;
     }
 
+    /**
+     * Get the list of users within a specific context.
+     *
+     * @param userlist $userlist The userlist containing the list of users who have data in this context/plugin combination.
+     */
+    public static function get_users_in_context(userlist $userlist) {
+        $context = $userlist->get_context();
+
+        if (!$context instanceof \context_user) {
+            return;
+        }
+
+        $params = [
+            'contextid' => $context->id,
+            'contextuser' => CONTEXT_USER,
+        ];
+
+        $sql = "SELECT brc.userid as userid
+                  FROM {block_rss_client} brc
+                  JOIN {context} ctx
+                       ON ctx.instanceid = brc.userid
+                       AND ctx.contextlevel = :contextuser
+                 WHERE ctx.id = :contextid";
+
+        $userlist->add_from_sql('userid', $sql, $params);
+    }
+
     /**
      * Export all user data for the specified user, in the specified contexts.
      *
@@ -118,6 +150,19 @@ class provider implements \core_privacy\local\metadata\provider, \core_privacy\l
         }
     }
 
+    /**
+     * Delete multiple users within a single context.
+     *
+     * @param approved_userlist $userlist The approved context and user information to delete information for.
+     */
+    public static function delete_data_for_users(approved_userlist $userlist) {
+        $context = $userlist->get_context();
+
+        if ($context instanceof \context_user) {
+            static::delete_data($context->instanceid);
+        }
+    }
+
     /**
      * Delete all user data for the specified user, in the specified contexts.
      *
index 901d198..68035ef 100644 (file)
@@ -24,6 +24,8 @@
 defined('MOODLE_INTERNAL') || die();
 
 use \core_privacy\tests\provider_testcase;
+use \block_rss_client\privacy\provider;
+use \core_privacy\local\request\approved_userlist;
 
 /**
  * Unit tests for blocks\rss_client\classes\privacy\provider.php
@@ -50,7 +52,7 @@ class block_rss_client_testcase extends provider_testcase {
 
         $this->add_rss_feed($user);
 
-        $contextlist = \block_rss_client\privacy\provider::get_contexts_for_userid($user->id);
+        $contextlist = provider::get_contexts_for_userid($user->id);
 
         $this->assertEquals($context, $contextlist->current());
     }
@@ -80,6 +82,93 @@ class block_rss_client_testcase extends provider_testcase {
         $this->assertEquals('http://feeds.bbci.co.uk/news/world/rss.xml?edition=uk', $feed1->url);
     }
 
+    /**
+     * Test that only users within a course context are fetched.
+     */
+    public function test_get_users_in_context() {
+        $component = 'block_rss_client';
+
+        // Create a user.
+        $user = $this->getDataGenerator()->create_user();
+        $usercontext = context_user::instance($user->id);
+
+        $userlist = new \core_privacy\local\request\userlist($usercontext, $component);
+        provider::get_users_in_context($userlist);
+        $this->assertCount(0, $userlist);
+
+        $this->add_rss_feed($user);
+
+        // The list of users within the user context should contain user.
+        provider::get_users_in_context($userlist);
+        $this->assertCount(1, $userlist);
+        $expected = [$user->id];
+        $actual = $userlist->get_userids();
+        $this->assertEquals($expected, $actual);
+
+        // The list of users within the system context should be empty.
+        $systemcontext = context_system::instance();
+        $userlist2 = new \core_privacy\local\request\userlist($systemcontext, $component);
+        provider::get_users_in_context($userlist2);
+        $this->assertCount(0, $userlist2);
+    }
+
+    /**
+     * Test that data for users in approved userlist is deleted.
+     */
+    public function test_delete_data_for_users() {
+        $component = 'block_rss_client';
+
+        $user1 = $this->getDataGenerator()->create_user();
+        $usercontext1 = context_user::instance($user1->id);
+        $user2 = $this->getDataGenerator()->create_user();
+        $usercontext2 = context_user::instance($user2->id);
+
+        $this->add_rss_feed($user1);
+        $this->add_rss_feed($user2);
+
+        $userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
+        provider::get_users_in_context($userlist1);
+        $this->assertCount(1, $userlist1);
+        $expected = [$user1->id];
+        $actual = $userlist1->get_userids();
+        $this->assertEquals($expected, $actual);
+
+        $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
+        provider::get_users_in_context($userlist2);
+        $this->assertCount(1, $userlist2);
+        $expected = [$user2->id];
+        $actual = $userlist2->get_userids();
+        $this->assertEquals($expected, $actual);
+
+        // Convert $userlist1 into an approved_contextlist.
+        $approvedlist1 = new approved_userlist($usercontext1, $component, $userlist1->get_userids());
+        // Delete using delete_data_for_user.
+        provider::delete_data_for_users($approvedlist1);
+
+        // Re-fetch users in usercontext1.
+        $userlist1 = new \core_privacy\local\request\userlist($usercontext1, $component);
+        provider::get_users_in_context($userlist1);
+        // The user data in usercontext1 should be deleted.
+        $this->assertCount(0, $userlist1);
+
+        // Re-fetch users in usercontext2.
+        $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
+        provider::get_users_in_context($userlist2);
+        // The user data in usercontext2 should be still present.
+        $this->assertCount(1, $userlist2);
+
+        // Convert $userlist2 into an approved_contextlist in the system context.
+        $systemcontext = context_system::instance();
+        $approvedlist2 = new approved_userlist($systemcontext, $component, $userlist2->get_userids());
+        // Delete using delete_data_for_user.
+        provider::delete_data_for_users($approvedlist2);
+        // Re-fetch users in usercontext2.
+        $userlist2 = new \core_privacy\local\request\userlist($usercontext2, $component);
+        provider::get_users_in_context($userlist2);
+        // The user data in systemcontext should not be deleted.
+        $this->assertCount(1, $userlist2);
+    }
+
     /**
      * Test that user data is deleted using the context.
      */
@@ -95,7 +184,7 @@ class block_rss_client_testcase extends provider_testcase {
         $rssfeeds = $DB->get_records('block_rss_client', ['userid' => $user->id]);
         $this->assertCount(1, $rssfeeds);
 
-        \block_rss_client\privacy\provider::delete_data_for_all_users_in_context($context);
+        provider::delete_data_for_all_users_in_context($context);
 
         // Check that it has now been deleted.
         $rssfeeds = $DB->get_records('block_rss_client', ['userid' => $user->id]);
@@ -119,7 +208,7 @@ class block_rss_client_testcase extends provider_testcase {
 
         $approvedlist = new \core_privacy\local\request\approved_contextlist($user, 'block_rss_feed',
                 [$context->id]);
-        \block_rss_client\privacy\provider::delete_data_for_user($approvedlist);
+        provider::delete_data_for_user($approvedlist);
 
         // Check that it has now been deleted.
         $rssfeeds = $DB->get_records('block_rss_client', ['userid' => $user->id]);