Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-64714

Privacy API delete_data_for user function in oauth2 and mnet exit early

    XMLWordPrintable

Details

    Description

      In the core auth plugins, "oauth2" and "mnet", the privacy provider function "delete_data_for_user" may exit the function without actually doing what they need to do.

      The code loops through the provided contextlist and exits the function if it encounters a context that is not CONTEXT_USER:

      foreach ($contextlist->get_contexts() as $context) {
       if ($context->contextlevel != CONTEXT_USER) {
       return;
       }
       
       // Because we only use user contexts the instance ID is the user ID.
       $DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
      }

      If the contextlist has multiple contexts that include a CONTEXT_USER, but encounters a non CONTEXT_USER before them, it will exit without processing the CONTEXT_USER. Shouldn't it be written as:

      foreach ($contextlist->get_contexts() as $context) {
       if ($context->contextlevel != CONTEXT_USER) {
       continue;
       }
       
       // Because we only use user contexts the instance ID is the user ID.
       $DB->delete_records('mnet_log', ['userid' => $context->instanceid]);
      }

      I have replaced "return" with "continue".

      Attachments

        Activity

          People

            cescobedo Carlos Escobedo
            mchurch Mike Churchward
            Mark Nelson Mark Nelson
            Andrew Lyons Andrew Lyons
            CiBoT CiBoT
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan, Andrew Lyons, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              11/Mar/19

              Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour
                1h