Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-61477

Allow plugins to overwrite $CFG->sitepolicy and $CFG->sitepolicyguest

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Test 1

      1. Enable self registration
      2. Make sure users can sign up and they are not asked to accept site policy in the signup form
      3. As admin set 'sitepolicy' to some URL - https://docs.moodle.org/34/en/Site_policies#Site_policy_URL
      4. Again make sure users can sign up and they ARE asked to accept site policy as part of the sign up form
      5. As admin create a new user
      6. Login as this user and make sure you are requested to agree to site policy before you can browse the site
      7. As admin set 'sitepolicyguest' to some URL
      8. Open at least one course for guests (in Enrolment methods)
      9. Log out and try to browse this course logged in as a guest, you should be prompted to accept the site policy
      10. Login as admin, enable course legacy files, add a file to the course legacy files in some course and note it's URL (should be something like /file.php?.... )
      11. Set this URL as a sitepolicy
      12. Force login for all users
      13. Logout and try to signup, open site policy link from the registration form. You should see contents of this file as a site policy

      Test 2 (continue with the same settings that you had in the end of Test 1)

      1. In autoloaded location of any plugin create class PLUGINNAME\privacy\sitepolicy\handler extends \core_privacy\local\sitepolicy\handler where pluginname is full plugin name as it is specified in version.php ; overwrite two abstract methods and return null in each of them
      2. Purge all caches
      3. As admin find setting sitepolicyhandler and set it to this plugin
      4. As admin create a new user
      5. Login as this new user, make sure you ARE NOT asked to agree to the site policy (even though $CFG->sitepolicy is still set after the previous test)
      6. Log out and try to sign up, make sure you ARE NOT asked to agree to the site policy
      7. As a guest try to view the URL to file.php you set in the previous test, it should not be displayed but will ask you to login
      8. As admin remove "force login"
      9. Logout and try to browse an open course as a guest, you should not be asked to agree to the site policy
      Show
      Test 1 Enable self registration Make sure users can sign up and they are not asked to accept site policy in the signup form As admin set 'sitepolicy' to some URL - https://docs.moodle.org/34/en/Site_policies#Site_policy_URL Again make sure users can sign up and they ARE asked to accept site policy as part of the sign up form As admin create a new user Login as this user and make sure you are requested to agree to site policy before you can browse the site As admin set 'sitepolicyguest' to some URL Open at least one course for guests (in Enrolment methods) Log out and try to browse this course logged in as a guest, you should be prompted to accept the site policy Login as admin, enable course legacy files, add a file to the course legacy files in some course and note it's URL (should be something like /file.php?.... ) Set this URL as a sitepolicy Force login for all users Logout and try to signup, open site policy link from the registration form. You should see contents of this file as a site policy Test 2 (continue with the same settings that you had in the end of Test 1) In autoloaded location of any plugin create class PLUGINNAME\privacy\sitepolicy\handler extends \core_privacy\local\sitepolicy\handler where pluginname is full plugin name as it is specified in version.php ; overwrite two abstract methods and return null in each of them Purge all caches As admin find setting sitepolicyhandler and set it to this plugin As admin create a new user Login as this new user, make sure you ARE NOT asked to agree to the site policy (even though $CFG->sitepolicy is still set after the previous test) Log out and try to sign up, make sure you ARE NOT asked to agree to the site policy As a guest try to view the URL to file.php you set in the previous test, it should not be displayed but will ask you to login As admin remove "force login" Logout and try to browse an open course as a guest, you should not be asked to agree to the site policy
    • Affected Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE
    • Fixed Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE
    • Pull Master Branch:
      wip-MDL-61477-master-manager

      Description

      For GDPR compliance we develop a plugin that will allow to have multiple site policies, version them, require users to agree to new versions, etc.

      Currently in moodle the configuration settings $CFG->sitepolicy and $CFG->sitepolicyguest allow to specify site policy.

      Allow plugins to overwrite the core functionality by introducing the callback site_policy_handler and also the admin setting to select which plugin is responsible for handling site policies

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  19/Mar/18