Commit Graph

54 Commits

Author SHA1 Message Date
Andrew Nicols e5d0a83285 MDL-67529 tool_dataprivacy: Coding style updates 2023-06-28 21:39:22 +08:00
Kiet Chan 65be92f661 MDL-67529 GDPR: Option to filter which courses are included 2023-06-27 18:45:07 +08:00
Paul Holden 0a9d31e988 MDL-72983 tool_dataprivacy: respect capability to export own data. 2022-06-06 20:50:32 +01:00
sam marshall 5e72715e4f MDL-71099 Lib: Move new user_fields class from core to core_user
This class would belong more appropriately within the 'user' API
(core_user) instead of within the 'core' API, since it is
directly related to user data.

Since the class has only just been added to Moodle, now is a good
time to move it.
2021-03-25 13:47:23 +00:00
sam marshall 558cc1b85e MDL-45242 Lib: Replace calls to deprecated functions
In all cases changes have been kept to a minimum while not making
the code completely horrible. For example, there are many instances
where it would probably be better to rewrite a query entirely, but
I have not done that (in order to reduce the risk of changes).
2021-03-10 10:57:10 +00:00
Jun Pataleta 12c1e8b2ff MDL-66752 tool_dataprivacy: Add automatic data request approval feature 2020-01-06 11:40:31 +08:00
Paul Holden d7367ecafa MDL-64695 tool_dataprivacy: filter site fullname in outgoing messages. 2019-12-12 18:20:13 +00:00
Paul Holden 3903a26896 MDL-62915 tool_dataprivacy: don't let primary admin delete themselves. 2019-09-15 21:36:07 +01:00
Kiet.Chan 84bcd65885 MDL-64322 GDPR: Mechanism for restricting delete requests 2019-04-08 15:12:17 +07:00
Andrew Nicols 26ce2c0a81 MDL-64030 tool_dataprivacy: Process requests when system purpose not set 2018-11-23 07:54:22 +08:00
Eloy Lafuente (stronk7) baf3fd4177 MDL-63919 tool_dataprivacy: admin & notify fixes
This includes the following:

1) Replace $ADMIN->id by get_admin()->id. The former doesn't exist.
2) Only change the notify parameter when it has not been specified
   at creation time (null). If specified, observe it.
3) Set the current user in tests to admin, able to create those
   requests.
2018-11-10 02:22:12 +01:00
Andrew Nicols 56c2b941df MDL-63919 tool_dataprivacy: Notify by default 2018-11-09 18:39:42 +08:00
Andrew Nicols 03acfa408a MDL-63897 tool_dataprivacy: Send notifications for new requests 2018-11-09 11:25:57 +08:00
Andrew Nicols b838d85cbc MDL-63897 dataprivacy: Kill the preprocess stage 2018-11-09 11:08:07 +08:00
Jun Pataleta 120edbe65f Merge branch 'MDL-62589-master' of git://github.com/andrewnicols/moodle 2018-11-09 10:36:52 +08:00
Andrew Nicols 50208b5ca5 MDL-62589 dataprivacy: Add ability to resubmit a request 2018-11-08 11:45:36 +08:00
Mihail Geshoski b4ecfa38c2 MDL-62564 privacy: Improve bulk deletion 2018-11-08 09:28:36 +08:00
Andrew Nicols 4c1fc0b6d6 MDL-62589 dataprivacy: Correct not in sql 2018-11-07 19:24:07 +08:00
Mihail Geshoski c13c4569a9 MDL-62563 privacy: Create delete data request for existing deleted users 2018-11-05 16:20:37 +08:00
Andrew Nicols d2aed78933 MDL-63619 tool_dataprivacy: Fix inheritance from parent contexts
Inheritance should behave such that all contexts inherit from their
parent context.

Prior to this fix, if the value was not set on a context, then it was
getting a default of 'Inherit', but instead of inheritting from the
parent context, it was inheritting from its parent context _level_ which
is just wrong.
2018-10-24 08:48:18 +08:00
Andrew Nicols bf347c4d2b MDL-63496 tool_dataprivacy: Add configuration for per-role retention
This issue is a part of the MDL-62560 Epic.
2018-10-17 13:12:18 +08:00
Andrew Nicols b107016c88 MDL-63496 tool_dataprivacy: Respect expiry with protected flag
This issue is a part of the MDL-62560 Epic.
2018-10-17 13:12:18 +08:00
Andrew Nicols 7200ab20cd MDL-63401 tool_dataprivacy: Move final cap check to endpoint 2018-10-09 08:21:25 +08:00
Andrew Nicols 2136ec3da3 MDL-63401 tool_dataprivacy: Rewrite expired deletion handling
This change rewrites the way in which expiry is calculated and addresses
a number of closely related issues:

Users can customise, and add blocks with data to, their dashboard.  When
a user had done so, the user could be flagged for deletion, but the
blocks in their Dashboard were subject to the default block retention
policy. In addition there is no way to override the retention policy for
user blocks.

This change modifies the structure of the expiry mechanism:
- to consider any subcontext of the user context to be a part of the user
  context during calculation. User child contexts are not the property
  of the system, and should not be treated separately.
- the way in which the context expiry mechanism worked was to select
  use a multiple different managers based solely on the context level.
  Because of the use of user blocks, this proved to be unreliable as
  blocks has been attributed purely to courses.
  This has been changed to a single manager which is aware of hierarchy
  and deletions as a whole.
- to prepare for upcoming work relating to more detailed expiry
  mechanisms, a new expiry_info class is introduced and used to
  merge the expiry of child contexts into a working in-memory view.

This changeset includes extensive unit tests.
2018-10-08 20:49:55 +08:00
Andrew Nicols cbae8dcd57 MDL-63401 tool_dataprivacy: Move cap checks to endpoints from API 2018-10-08 20:49:17 +08:00
Eloy Lafuente (stronk7) 4cde0a5212 Merge branch 'MDL-63116-master-1' of git://github.com/mihailges/moodle 2018-09-18 23:26:51 +02:00
Eloy Lafuente (stronk7) 4ab33be074 Merge branch 'MDL-63009-master' of git://github.com/mickhawkins/moodle 2018-09-17 23:30:13 +02:00
Eloy Lafuente (stronk7) 01d7b4b6dd Merge branch 'MDL-63184-master-2' of git://github.com/junpataleta/moodle 2018-09-17 23:10:39 +02:00
Jun Pataleta 302089f52b MDL-63184 tool_dataprivacy: Ensure PO roles have correct capability 2018-09-17 22:12:34 +08:00
Mihail Geshoski 19bad13a55 MDL-63116 privacy: Add bulk actions to the privacy request table 2018-09-17 08:13:06 +08:00
Jun Pataleta 01f098afaa MDL-62554 tool_dataprivacy: Integration review fixes 2018-09-13 14:07:25 +08:00
Michael Hawkins 0971131a78 MDL-63009 tool_dataprivacy: Added site name/link to request emails 2018-09-12 17:41:58 +08:00
Jun Pataleta f7bcdf61c5 MDL-62554 tool_dataprivacy: Allow setting of activity defaults
* Allow the setting of data registry defaults for activity modules.
* Rewrite the defaults page so that it uses templates.
* Use a tabbed layout for the defaults page that shows the default
  category and purpose per context level.
* New API and web service functions that enables the setting of the
  defaults.
2018-09-10 12:16:12 +08:00
Michael Hawkins 693f690c18 MDL-62660 tool_dataprivacy: Add ability to expire data requests
Also replaced Completed status with situation specific statuses.
Also improved UX on request pages in line with expiries and the aadditional statuses.
2018-08-20 15:31:20 +08:00
Michael Hawkins 161a5c8ab9 MDL-62600 tool_dataprivacy: Corrected availability of PO pages to admins 2018-08-14 11:28:31 +08:00
sam marshall 635c7b29a0 MDL-61652 tool_dataprivacy: Add capabilities to control data downloads 2018-07-24 14:23:16 +08:00
Jun Pataleta ef7f7cfdf8 MDL-62026 tool_dataprivacy: Allow manual completion of general enquiries 2018-07-10 12:30:56 +08:00
Jun Pataleta 4c72ffa5ef MDL-62211 tool_dataprivacy: Request filtering and pagination
* Make data requests page use table_sql to make it sortable
* Also, add an autocomplete element that enables filtering by
  status and request type.
2018-06-29 10:32:04 +08:00
Jun Pataleta dd26f1be12 MDL-61889 tool_dataprivacy: Fix CI errors 2018-06-26 13:20:31 +08:00
David Monllao bcd677bc6a Merge branch 'wip-MDL-62445-master' of git://github.com/marinaglancy/moodle 2018-05-15 13:33:25 +02:00
Marina Glancy 8880510d40 MDL-62445 tool_privacy: pass correct user to message_send 2018-05-15 10:27:52 +08:00
Jun Pataleta 7bdb9d877d MDL-62409 tool_dataprivacy: Properly validate data request creation
Creating data requests
 * Add capability check when creating data requests for another user.
Ad-hoc task that processes pending data requests
 * Check if the requesting user has the capability to create the data
   request for another user. Reject otherwise.
Ad-hoc task that processes approved data requests
 * Validate that the requester can receive the notification about the
   data request processing results.
 * Do not send the confirmation link to DPOs/admins
2018-05-13 16:03:21 +02:00
Jun Pataleta 0f7fb98747 MDL-62299 tool_dataprivacy: Show requests correctly in mydatarequests
For DPOs viewing their personal data requests page (mydatarequests.php),
show only the requests they made for themselves and for their children.
2018-05-13 16:18:58 +08:00
Jun Pataleta 195f6fe37e Merge branch 'MDL-62388_master' of git://github.com/dmonllao/moodle 2018-05-11 10:03:44 +08:00
Andrew Nicols 00293f90a4 MDL-61635 tool_dataprivacy: Filter out protected contexts in delete 2018-05-10 20:36:02 +02:00
David Monllao bdc43d7729 MDL-62388 tool_dataprivacy: Default value if no sensitive data provided 2018-05-10 14:57:43 +02:00
Jun Pataleta 38ffa48cf5 MDL-62209 tool_dataprivacy: Sort requests by ascending status
Sort requests by ascending status and request date so that the DPO
can go through the list in a FIFO fashion
2018-04-26 12:17:24 +08:00
David Monllao 05564a4cc6 MDL-61899 tool_dataprivacy: Add missing get_role_users fields 2018-04-20 17:46:49 +02:00
Jun Pataleta 329241335f MDL-61899 tool_dataprivacy: Use default parameters for get_role_users()
* To avoid failures in Oracle.
2018-04-20 11:26:03 +08:00
Jun Pataleta ba5b59c0af MDL-61899 tool_dataprivacy: Fixes during integration review
* Disable tool by default.
* Add format columns for 'comments' and 'dpocomment' fields in
tool_dataprivacy_request table.
* Use data request exporter when sending email notification to DPO
2018-04-18 18:23:13 +02:00