Proyectos de Subversion Moodle

<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Privacy Subsystem implementation for core_payment.
 *
 * @package    core_payment
 * @category   privacy
 * @copyright  2020 Shamim Rezaie <shamim@moodle.com>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

namespace core_payment\privacy;

use core_privacy\local\metadata\collection;
use core_privacy\local\request\approved_contextlist;
use core_privacy\local\request\approved_userlist;
use core_privacy\local\request\contextlist;
use core_privacy\local\request\transform;
use core_privacy\local\request\userlist;
use core_privacy\local\request\writer;
use core_payment\helper as payment_helper;

/**
 * Privacy Subsystem implementation for core_payment.
 *
 * @copyright  2020 Shamim Rezaie <shamim@moodle.com>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
class provider implements
    // This component has data.
    // We need to return all payment information where the user is
    // listed in the payment.userid field.
    // We may also need to fetch this informtion from individual plugins in some cases.
    // e.g. to fetch the full and other gateway-specific meta-data.
    \core_privacy\local\metadata\provider,

    // This is a subsysytem which provides information to core.
    \core_privacy\local\request\subsystem\provider,

    // This is a subsysytem which provides information to plugins.
    \core_privacy\local\request\subsystem\plugin_provider,

    // This plugin is capable of determining which users have data within it.
    \core_privacy\local\request\core_userlist_provider,

    // This plugin is capable of determining which users have data within it for the plugins it provides data to.
    \core_privacy\local\request\shared_userlist_provider
{

    /**
     * Returns meta data about this system.
     *
     * @param   collection $collection The initialised collection to add items to.
     * @return  collection A listing of user data stored through this system.
     */
    public static function get_metadata(collection $collection): collection {
        // The 'payments' table contains data about payments.
        $collection->add_database_table('payments', [
            'userid'       => 'privacy:metadata:database:payments:userid',
            'amount'       => 'privacy:metadata:database:payments:amount',
            'currency'     => 'privacy:metadata:database:payments:currency',
            'gateway'      => 'privacy:metadata:database:payments:gateway',
            'timecreated'  => 'privacy:metadata:database:payments:timecreated',
            'timemodified' => 'privacy:metadata:database:payments:timemodified',
        ], 'privacy:metadata:database:payments');

        return $collection;
    }

    /**
     * Get the list of users who have data within a context.
     *
     * @param   int $userid The user to search.
     * @return  contextlist The contextlist containing the list of contexts used in this plugin.
     */
    public static function get_contexts_for_userid(int $userid): contextlist {
        global $DB;

        $contextids = [];
        $payments = $DB->get_recordset('payments', ['userid' => $userid]);
        foreach ($payments as $payment) {
            $contextids[] = \core_privacy\manager::component_class_callback(
                $payment->component,
                consumer_provider::class,
                'get_contextid_for_payment',
                [$payment->paymentarea, $payment->itemid]
            ) ?: SYSCONTEXTID;
        }
        $payments->close();

        $contextlist = new contextlist();

        if (!empty($contextids)) {
            [$insql, $inparams] = $DB->get_in_or_equal(array_unique($contextids), SQL_PARAMS_NAMED);
            $contextlist->add_from_sql("SELECT id FROM {context} WHERE id {$insql}", $inparams);
        }

        return $contextlist;
    }

    /**
     * Get the list of users who have data within a context.
     *
     * @param   userlist    $userlist   The userlist containing the list of users who have data in this context/plugin combination.
     */
    public static function get_users_in_context(userlist $userlist) {
        global $DB;

        $providers = static::get_consumer_providers();

        foreach ($providers as $provider) {
            $provider::get_users_in_context($userlist);
        }

        // Orphaned payments.
        $context = $userlist->get_context();
        if ($context instanceof \context_system) {
            [$notinsql, $notinparams] = $DB->get_in_or_equal($providers, SQL_PARAMS_NAMED, 'param', false);
            $sql = "SELECT p.userid
                      FROM {payments} p
                     WHERE component $notinsql";

            $userlist->add_from_sql('userid', $sql, $notinparams);
        }
    }

    /**
     * Export all user data for the specified user, in the specified contexts.
     *
     * @param approved_contextlist $contextlist The approved contexts to export information for.
     */
    public static function export_user_data(approved_contextlist $contextlist) {
        global $DB;

        $providers = static::get_consumer_providers();

        foreach ($providers as $provider) {
            $provider::export_user_data($contextlist);
        }

        // Orphaned payments.
        if (in_array(SYSCONTEXTID, $contextlist->get_contextids())) {
            [$notinsql, $notinparams] = $DB->get_in_or_equal($providers, SQL_PARAMS_NAMED, 'param', false);
            $params = ['userid' => $contextlist->get_user()->id] + $notinparams;
            $orphanedpayments = $DB->get_records_sql(
                "SELECT *
                   FROM {payments}
                  WHERE userid = :userid AND component $notinsql",
                $params
            );

            foreach ($orphanedpayments as $payment) {
                static::export_payment_data_for_user_in_context(
                    \context_system::instance(),
                    [''],
                    $payment->userid,
                    $payment->component,
                    $payment->paymentarea,
                    $payment->itemid
                );
            }
        }
    }

    /**
     * Delete all data for all users in the specified context.
     *
     * @param context $context The specific context to delete data for.
     */
    public static function delete_data_for_all_users_in_context(\context $context) {
        global $DB;

        $providers = static::get_consumer_providers();

        foreach ($providers as $provider) {
            $provider::delete_data_for_all_users_in_context($context);
        }

        // Orphaned payments.
        if ($context instanceof \context_system) {
            [$notinsql, $params] = $DB->get_in_or_equal($providers, SQL_PARAMS_NAMED, 'param', false);
            $paymentsql = "SELECT id FROM {payments} WHERE component $notinsql";

            static::delete_data_for_payment_sql($paymentsql, $params);
        }
    }

    /**
     * Delete all user data for the specified user, in the specified contexts.
     *
     * @param approved_contextlist $contextlist The approved contexts and user information to delete information for.
     */
    public static function delete_data_for_user(approved_contextlist $contextlist) {
        global $DB;

        $providers = static::get_consumer_providers();

        foreach ($providers as $provider) {
            $provider::delete_data_for_user($contextlist);
        }

        // Orphaned payments.
        if (in_array(SYSCONTEXTID, $contextlist->get_contextids())) {
            [$notinsql, $notinparams] = $DB->get_in_or_equal($providers, SQL_PARAMS_NAMED, 'param', false);
            $paymentsql = "SELECT id
                             FROM {payments}
                            WHERE userid = :userid AND component $notinsql";
            $paymentparams = ['userid' => $contextlist->get_user()->id] + $notinparams;

            static::delete_data_for_payment_sql($paymentsql, $paymentparams);
        }
    }

    /**
     * Delete multiple users within a single context.
     *
     * @param   approved_userlist   $userlist   The approved context and user information to delete information for.
     */
    public static function delete_data_for_users(approved_userlist $userlist) {
        global $DB;

        $providers = static::get_consumer_providers();

        foreach ($providers as $provider) {
            $provider::delete_data_for_users($userlist);
        }

        // Orphaned payments.
        if ($userlist->get_context() instanceof \context_system) {
            [$notinsql, $notinparams] = $DB->get_in_or_equal($providers, SQL_PARAMS_NAMED, 'param', false);
            [$usersql, $userparams] = $DB->get_in_or_equal($userlist->get_userids(), SQL_PARAMS_NAMED);

            $paymentsql = "SELECT id
                             FROM {payments}
                            WHERE component $notinsql AND userid $usersql";
            $paymentparams = $notinparams + $userparams;

            static::delete_data_for_payment_sql($paymentsql, $paymentparams);
        }
    }

    /**
     * Returns the list of plugins that use the payment subsystem and implement the consumer_provider interface.
     *
     * @return string[] provider class names
     */
    private static function get_consumer_providers(): array {
        $providers = [];
        foreach (array_keys(\core_component::get_plugin_types()) as $plugintype) {
            $potentialproviders = \core_component::get_plugin_list_with_class($plugintype, 'privacy\provider');
            foreach ($potentialproviders as $potentialprovider) {
                if (is_a($potentialprovider, consumer_provider::class, true)) {
                    $providers[] = $potentialprovider;
                }
            }
        }
        return $providers;
    }

    /**
     * Export all user data for the specified user, in the specified context.
     *
     * @param \context $context The context that the payment belongs to
     * @param string[] $subpath Sub-path to be used during export
     * @param int $userid User id
     * @param string $component Component name
     * @param string $paymentarea Payment area
     * @param int $itemid An internal identifier that is used by the component
     */
    public static function export_payment_data_for_user_in_context(\context $context, array $subpath, int $userid,
            string $component, string $paymentarea, int $itemid) {
        global $DB;

        $payments = $DB->get_records('payments', [
            'component' => $component,
            'paymentarea' => $paymentarea,
            'itemid' => $itemid,
            'userid' => $userid,
        ]);

        foreach ($payments as $payment) {
            $data = (object) [
                'userid'       => transform::user($payment->userid),
                'amount'       => payment_helper::get_cost_as_string($payment->amount, $payment->currency),
                'timecreated'  => transform::datetime($payment->timecreated),
                'timemodified' => transform::datetime($payment->timemodified),
            ];
            $subcontext = array_merge(
                [get_string('payments', 'payment')],
                $subpath,
                ['payment-' . $payment->id]
            );
            writer::with_context($context)->export_data(
                $subcontext,
                $data
            );
            \core_privacy\manager::component_class_callback(
                'paygw_' . $payment->gateway,
                paygw_provider::class,
                'export_payment_data',
                [$context, $subcontext, $payment]
            );
        }
    }

    /**
     * Delete all user data related to the given payments.
     *
     * @param string $paymentsql SQL query that selects payment.id field for the payments
     * @param array $paymentparams Array of parameters for $paymentsql
     */
    public static function delete_data_for_payment_sql(string $paymentsql, array $paymentparams) {
        global $DB;

        \core_privacy\manager::plugintype_class_callback(
            'paygw',
            paygw_provider::class,
            'delete_data_for_payment_sql',
            [$paymentsql, $paymentparams]
        );

        $DB->delete_records_subquery('payments', 'id', 'id', $paymentsql, $paymentparams);
    }
}