Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-64714

Privacy API delete_data_for user function in oauth2 and mnet exit early

    XMLWordPrintable

    Details

      Description

      In the core auth plugins, "oauth2" and "mnet", the privacy provider function "delete_data_for_user" may exit the function without actually doing what they need to do.

      The code loops through the provided contextlist and exits the function if it encounters a context that is not CONTEXT_USER:

      foreach ($contextlist->get_contexts() as $context) {
       if ($context->contextlevel != CONTEXT_USER) {
       return;
       }
       
       // Because we only use user contexts the instance ID is the user ID.
       $DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
      }

      If the contextlist has multiple contexts that include a CONTEXT_USER, but encounters a non CONTEXT_USER before them, it will exit without processing the CONTEXT_USER. Shouldn't it be written as:

      foreach ($contextlist->get_contexts() as $context) {
       if ($context->contextlevel != CONTEXT_USER) {
       continue;
       }
       
       // Because we only use user contexts the instance ID is the user ID.
       $DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
      }

      I have replaced "return" with "continue".

        Attachments

          Activity

            People

            • Assignee:
              cescobedo Carlos Escobedo
              Reporter:
              mchurch Mike Churchward
              Peer reviewer:
              Mark Nelson
              Integrator:
              Andrew Nicols
              Tester:
              CiBoT
              Participants:
              Component watchers:
              Jake Dallimore, Jun Pataleta, Ryan Wyllie, Andrew Nicols, Mathew May, Michael Hawkins, Shamim Rezaie, Simey Lameze
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                11/Mar/19

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour
                1h