[MDL-62516] Request to delete forum data for a user will delete files of all users - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 3.3.6, 3.4.3, 3.5
Fix Version/s: 3.3.7, 3.4.4, 3.5.1
Component/s: Forum, Privacy
Labels:
- ci
- partner
- release_notes
- triaged

Affected Branches:
MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
Fixed Branches:
MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
Epic Link:
GDPR Followups
Pull from Repository:
git://github.com/andrewnicols/moodle.git
Pull Master Branch:
~~MDL-62516~~-master
Pull Master Diff URL:
https://github.com/andrewnicols/moodle/compare/22744b745b...MDL-62516-master
Testing Instructions:
1. Testing is adequately covered by unit tests. Manual testing instructions available upon request

Sprint:
Privacy Sprint 1

Description

The GDPR privacy provider for mod_forum will delete the files in the 'post' file area for all users when a request is made to delete data for a single user.

At the end of the delete_data_for_user function, it simply calls:

$fs->delete_area_files($context->id, 'mod_forum', 'post');

This will delete files for all posts in that forum, not just ones from that user. It also doesn't appear to touch the 'attachment' file area at all, which it should.

Attachments

Activity

People

Assignee:: Andrew Lyons

Reporter:: Adam Olley

Peer reviewer:: Shamim Rezaie

Integrator:: David Monllaó

Tester:: CiBoT

Participants:: Adam Olley, Andrew Lyons, CiBoT, David Monllaó, Shamim Rezaie

Component watchers:: Adrian Greeve, Ilya Tregubov, Kevin Percy, Mathew May, Mihail Geshoski, Shamim Rezaie, Andrew Lyons, Adrian Greeve, David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 2 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 21/May/18 5:37 PM

Updated:: 13/Sep/18 7:04 AM

Resolved:: 25/May/18 5:21 AM

Fix Release Date:: 9/Jul/18