Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-63867

initiate_data_request_task fails if tool unconfigured

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.4.5, 3.5.2, 3.6
    • Fix Version/s: 3.4.6, 3.5.3
    • Component/s: Privacy
    • Labels:
    • Testing Instructions:
      Hide

      Setup

      1. Create a new Moodle site, so no data privacy purposes are set.
      2. Ensure an admin user plus at least one other user (referred to in these steps as user1) exist.
      3. Enrol the user in a course.

      Test - master

      1. Log in as admin.
      2. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'.
      3. Click 'New request'.
      4. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'.
      5. Approve the request.
      6. Run the site cron.
      7. CONFIRM the cron runs without errors.
      8. Refresh the Data requests page.
      9. CONFIRM the request is showing as rejected.
      10. Navigate to Site administration > Users > Privacy and policies > Data registry.
      11. Click 'Site' in the data registry navigation.
      12. Click the '+' icon next to Category, fill in the compulsory fields with test values, then click save.
      13. Ensure your test category is selected in the Category dropdown, then click 'Save changes'.
      14. Click the '+' icon next to Purpose, fill in the compulsory fields with test values, then click save.
      15. Ensure your test purpose is selected in the Purpose dropdown, then click 'Save changes'.
      16. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'.
      17. Click 'New request'.
      18. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'.
      19. Approve the request.
      20. Run the site cron.
      21. CONFIRM the cron runs to completion without receiving the error.
      22. Refresh the Data requests page.
      23. CONFIRM the status of your delete request is now 'deleted'.

      Test - 35 and 34

      Test

      1. Log in as admin.
      2. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'.
      3. Click 'New request'.
      4. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'.
      5. Run cron on your site.
      6. CONFIRM that cron runs to completion without any errors.
      7. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'.
      8. CONFIRM the request is now showing as rejected.
      9. Click 'New request'.
      10. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'.
      11. Click 'Site' in the data registry navigation.
      12. Click the '+' icon next to Category, fill in the compulsory fields with test values, then click save.
      13. Ensure your test category is selected in the Category dropdown, then click 'Save changes'.
      14. Click the '+' icon next to Purpose, fill in the compulsory fields with test values, then click save.
      15. Ensure your test purpose is selected in the Purpose dropdown, then click 'Save changes'.
      16. Re-run cron.
      17. CONFIRM the cron runs to completion without receiving an error.
      18. Return to Site administration > Users > Privacy > Data requests.
      19. CONFIRM the status of your delete request is now 'Awaiting approval'.
      20. Approve the request.
      21. Re-run cron.
      22. CONFIRM the cron runs without any errors.
      23. Refresh the Data requests page.
      24. CONFIRM The request is now showing as deleted.
      Show
      Setup Create a  new Moodle site, so no data privacy purposes are set. Ensure an admin user plus at least one other user (referred to in these steps as user1) exist. Enrol the user in a course. Test - master Log in as admin. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'. Click 'New request'. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'. Approve the request. Run the site cron. CONFIRM the cron runs without errors. Refresh the Data requests page. CONFIRM the request is showing as rejected. Navigate to Site administration > Users > Privacy and policies > Data registry. Click 'Site' in the data registry navigation. Click the '+' icon next to Category, fill in the compulsory fields with test values, then click save. Ensure your test category is selected in the Category dropdown, then click 'Save changes'. Click the '+' icon next to Purpose, fill in the compulsory fields with test values, then click save. Ensure your test purpose is selected in the Purpose dropdown, then click 'Save changes'. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'. Click 'New request'. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'. Approve the request. Run the site cron. CONFIRM the cron runs to completion without receiving the error. Refresh the Data requests page. CONFIRM the status of your delete request is now 'deleted'. Test - 35 and 34 Test Log in as admin. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'. Click 'New request'. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'. Run cron on your site. CONFIRM that cron runs to completion without any errors. Navigate to Site administration > Users > Privacy and policies and click on 'Data requests'. CONFIRM the request is now showing as rejected. Click 'New request'. In the user search, select user1, set type to 'Delete all of my personal data', then click 'Save changes'. Click 'Site' in the data registry navigation. Click the '+' icon next to Category, fill in the compulsory fields with test values, then click save. Ensure your test category is selected in the Category dropdown, then click 'Save changes'. Click the '+' icon next to Purpose, fill in the compulsory fields with test values, then click save. Ensure your test purpose is selected in the Purpose dropdown, then click 'Save changes'. Re-run cron. CONFIRM the cron runs to completion without receiving an error. Return to Site administration > Users > Privacy > Data requests. CONFIRM the status of your delete request is now 'Awaiting approval'. Approve the request. Re-run cron. CONFIRM the cron runs without any errors. Refresh the Data requests page. CONFIRM The request is now showing as deleted.
    • Affected Branches:
      MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • Fixed Branches:
      MOODLE_34_STABLE, MOODLE_35_STABLE
    • Epic Link:
    • Pull 3.5 Branch:
    • Pull Master Branch:
      MDL-63867-master
    • Sprint:
      GDPR Followup Sprint 1

      Description

      This is a must fix for minor releases.

      Adhoc task failed: tool_dataprivacy\task\initiate_data_request_task,Coding error detected, it must be fixed by a programmer: Something went wrong, system defaults should be set and we should already have a value.
      Backtrace:
      * line 273 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\data_registry::get_effective_contextlevel_value()
      * line 211 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\expired_contexts_manager::get_nested_expiry_info_from_sql()
      * line 819 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\expired_contexts_manager::get_nested_expiry_info_for_courses()
      * line 809 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\expired_contexts_manager::is_course_context_expired()
      * line 872 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\expired_contexts_manager::is_course_expired()
      * line 897 of /admin/tool/dataprivacy/classes/expired_contexts_manager.php: call to tool_dataprivacy\expired_contexts_manager::are_user_context_dependencies_expired()
      * line 1004 of /admin/tool/dataprivacy/classes/api.php: call to tool_dataprivacy\expired_contexts_manager::is_context_expired_or_unprotected_for_user()
      * line 103 of /admin/tool/dataprivacy/classes/task/initiate_data_request_task.php: call to tool_dataprivacy\api::add_request_contexts_with_status()
      * line 185 of /lib/cronlib.php: call to tool_dataprivacy\task\initiate_data_request_task->execute()
      * line 113 of /admin/tool/task/cli/adhoc_task.php: call to cron_run_inner_adhoc_task()
      

      The easiest solution is to add a new "is_system_purpose_defined" function. Essentially, the inverse of:

              $classname = \context_helper::get_class_for_level($record->contextlevel);
              list($purposevar, $categoryvar) = data_registry::var_names_from_context($classname);
              set_config($purposevar, $record->purposeid, 'tool_dataprivacy');
              set_config($categoryvar, $record->categoryid, 'tool_dataprivacy');
      

      Following that we call the function in expired_contexts_manager::is_context_expired_or_unprotected_for_user() and have the function return true if the site is not configured (equivalent to meaning allow deletion of anything if GDPR is not configured).

      We may need to hook into other places too.

      To reproduce this issue, setup a new site, request a user deletion, and run the adhoc task.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  12/Nov/18

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour
                  1h