MDL-62414 tool_dataprivacy: Only show user's children in mydatarequests

* When coming from the DPO's "My data requests" page, don't show the
  picker for other users (unless the DPO is a parent of another user).
* When creating a data request as a DPO, show a more appropriate
  notification after redirecting back to the data requests page.

diff --git a/admin/tool/dataprivacy/createdatarequest.php b/admin/tool/dataprivacy/createdatarequest.php
index b5121f1..cd7f575 100644 (file)
--- a/admin/tool/dataprivacy/createdatarequest.php
+++ b/admin/tool/dataprivacy/createdatarequest.php
@@ -57,7 +57,7 @@ if (!\tool_dataprivacy\api::can_contact_dpo()) {
     redirect($returnurl, get_string('contactdpoviaprivacypolicy', 'tool_dataprivacy'), \core\output\notification::NOTIFY_ERROR);
 }
 
-$mform = new tool_dataprivacy_data_request_form($url->out(false));
+$mform = new tool_dataprivacy_data_request_form($url->out(false), ['manage' => !empty($manage)]);
 
 // Data request cancelled.
 if ($mform->is_cancelled()) {
@@ -68,7 +68,13 @@ if ($mform->is_cancelled()) {
 if ($data = $mform->get_data()) {
     \tool_dataprivacy\api::create_data_request($data->userid, $data->type, $data->comments);
 
-    redirect($returnurl, get_string('requestsubmitted', 'tool_dataprivacy'));
+    if ($manage) {
+        $foruser = core_user::get_user($data->userid);
+        $redirectmessage = get_string('datarequestcreatedforuser', 'tool_dataprivacy', fullname($foruser));
+    } else {
+        $redirectmessage = get_string('requestsubmitted', 'tool_dataprivacy');
+    }
+    redirect($returnurl, $redirectmessage);
 }
 
 $title = get_string('contactdataprotectionofficer', 'tool_dataprivacy');

diff --git a/admin/tool/dataprivacy/createdatarequest_form.php b/admin/tool/dataprivacy/createdatarequest_form.php
index b42aaf3..306461c 100644 (file)
--- a/admin/tool/dataprivacy/createdatarequest_form.php
+++ b/admin/tool/dataprivacy/createdatarequest_form.php
@@ -37,6 +37,9 @@ require_once($CFG->libdir.'/formslib.php');
  */
 class tool_dataprivacy_data_request_form extends moodleform {
 
+    /** @var bool Flag to indicate whether this form is being rendered for managing data requests or for regular requests. */
+    protected $manage = false;
+
     /**
      * Form definition.
      *
@@ -48,7 +51,8 @@ class tool_dataprivacy_data_request_form extends moodleform {
         global $DB, $USER;
         $mform =& $this->_form;
 
-        if (api::is_site_dpo($USER->id)) {
+        $this->manage = $this->_customdata['manage'];
+        if ($this->manage) {
             $options = [
                 'ajax' => 'tool_dataprivacy/form-user-selector',
                 'multiple' => false

diff --git a/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php b/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php
index 999ba5e..4e81f01 100644 (file)
--- a/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php
+++ b/admin/tool/dataprivacy/lang/en/tool_dataprivacy.php
@@ -63,6 +63,7 @@ $string['dataprivacy:makedatarequestsforchildren'] = 'Make data requests for chi
 $string['dataprivacy:managedatarequests'] = 'Manage data requests';
 $string['dataprivacy:managedataregistry'] = 'Manage data registry';
 $string['dataregistry'] = 'Data registry';
+$string['datarequestcreatedforuser'] = 'Data request created for {$a}';
 $string['datarequestemailsubject'] = 'Data request: {$a}';
 $string['datarequests'] = 'Data requests';
 $string['daterequested'] = 'Date requested';