[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * @package     Joomla.Plugin
   5   * @subpackage  Privacy.user
   6   *
   7   * @copyright   (C) 2018 Open Source Matters, Inc. <https://www.joomla.org>
   8   * @license     GNU General Public License version 2 or later; see LICENSE.txt
   9  
  10   * @phpcs:disable PSR1.Classes.ClassDeclaration.MissingNamespace
  11   */
  12  
  13  use Joomla\CMS\Application\CMSApplicationInterface;
  14  use Joomla\CMS\Language\Text;
  15  use Joomla\CMS\Table\User as TableUser;
  16  use Joomla\CMS\User\User;
  17  use Joomla\CMS\User\UserHelper;
  18  use Joomla\Component\Privacy\Administrator\Plugin\PrivacyPlugin;
  19  use Joomla\Component\Privacy\Administrator\Removal\Status;
  20  use Joomla\Component\Privacy\Administrator\Table\RequestTable;
  21  use Joomla\Database\ParameterType;
  22  use Joomla\Utilities\ArrayHelper;
  23  
  24  // phpcs:disable PSR1.Files.SideEffects
  25  \defined('_JEXEC') or die;
  26  // phpcs:enable PSR1.Files.SideEffects
  27  
  28  /**
  29   * Privacy plugin managing Joomla user data
  30   *
  31   * @since  3.9.0
  32   */
  33  class PlgPrivacyUser extends PrivacyPlugin
  34  {
  35      /**
  36       * Application object
  37       *
  38       * @var    CMSApplicationInterface
  39       * @since  4.0.0
  40       */
  41      protected $app;
  42  
  43      /**
  44       * Performs validation to determine if the data associated with a remove information request can be processed
  45       *
  46       * This event will not allow a super user account to be removed
  47       *
  48       * @param   RequestTable  $request  The request record being processed
  49       * @param   User          $user     The user account associated with this request if available
  50       *
  51       * @return  Status
  52       *
  53       * @since   3.9.0
  54       */
  55      public function onPrivacyCanRemoveData(RequestTable $request, User $user = null)
  56      {
  57          $status = new Status();
  58  
  59          if (!$user) {
  60              return $status;
  61          }
  62  
  63          if ($user->authorise('core.admin')) {
  64              $status->canRemove = false;
  65              $status->reason    = Text::_('PLG_PRIVACY_USER_ERROR_CANNOT_REMOVE_SUPER_USER');
  66          }
  67  
  68          return $status;
  69      }
  70  
  71      /**
  72       * Processes an export request for Joomla core user data
  73       *
  74       * This event will collect data for the following core tables:
  75       *
  76       * - #__users (excluding the password, otpKey, and otep columns)
  77       * - #__user_notes
  78       * - #__user_profiles
  79       * - User custom fields
  80       *
  81       * @param   RequestTable  $request  The request record being processed
  82       * @param   User          $user     The user account associated with this request if available
  83       *
  84       * @return  \Joomla\Component\Privacy\Administrator\Export\Domain[]
  85       *
  86       * @since   3.9.0
  87       */
  88      public function onPrivacyExportRequest(RequestTable $request, User $user = null)
  89      {
  90          if (!$user) {
  91              return array();
  92          }
  93  
  94          /** @var TableUser $userTable */
  95          $userTable = User::getTable();
  96          $userTable->load($user->id);
  97  
  98          $domains = array();
  99          $domains[] = $this->createUserDomain($userTable);
 100          $domains[] = $this->createNotesDomain($userTable);
 101          $domains[] = $this->createProfileDomain($userTable);
 102          $domains[] = $this->createCustomFieldsDomain('com_users.user', array($userTable));
 103  
 104          return $domains;
 105      }
 106  
 107      /**
 108       * Removes the data associated with a remove information request
 109       *
 110       * This event will pseudoanonymise the user account
 111       *
 112       * @param   RequestTable  $request  The request record being processed
 113       * @param   User          $user     The user account associated with this request if available
 114       *
 115       * @return  void
 116       *
 117       * @since   3.9.0
 118       */
 119      public function onPrivacyRemoveData(RequestTable $request, User $user = null)
 120      {
 121          // This plugin only processes data for registered user accounts
 122          if (!$user) {
 123              return;
 124          }
 125  
 126          $pseudoanonymisedData = [
 127              'name'      => 'User ID ' . $user->id,
 128              'username'  => bin2hex(random_bytes(12)),
 129              'email'     => 'UserID' . $user->id . '[email protected]',
 130              'block'     => true,
 131          ];
 132  
 133          $user->bind($pseudoanonymisedData);
 134  
 135          $user->save();
 136  
 137          // Destroy all sessions for the user account
 138          UserHelper::destroyUserSessions($user->id);
 139      }
 140  
 141      /**
 142       * Create the domain for the user notes data
 143       *
 144       * @param   TableUser  $user  The TableUser object to process
 145       *
 146       * @return  \Joomla\Component\Privacy\Administrator\Export\Domain
 147       *
 148       * @since   3.9.0
 149       */
 150      private function createNotesDomain(TableUser $user)
 151      {
 152          $domain = $this->createDomain('user_notes', 'joomla_user_notes_data');
 153          $db     = $this->db;
 154  
 155          $query = $db->getQuery(true)
 156              ->select('*')
 157              ->from($db->quoteName('#__user_notes'))
 158              ->where($db->quoteName('user_id') . ' = :userid')
 159              ->bind(':userid', $user->id, ParameterType::INTEGER);
 160  
 161          $items = $db->setQuery($query)->loadAssocList();
 162  
 163          // Remove user ID columns
 164          foreach (['user_id', 'created_user_id', 'modified_user_id'] as $column) {
 165              $items = ArrayHelper::dropColumn($items, $column);
 166          }
 167  
 168          foreach ($items as $item) {
 169              $domain->addItem($this->createItemFromArray($item, $item['id']));
 170          }
 171  
 172          return $domain;
 173      }
 174  
 175      /**
 176       * Create the domain for the user profile data
 177       *
 178       * @param   TableUser  $user  The TableUser object to process
 179       *
 180       * @return  \Joomla\Component\Privacy\Administrator\Export\Domain
 181       *
 182       * @since   3.9.0
 183       */
 184      private function createProfileDomain(TableUser $user)
 185      {
 186          $domain = $this->createDomain('user_profile', 'joomla_user_profile_data');
 187          $db     = $this->db;
 188  
 189          $query = $db->getQuery(true)
 190              ->select('*')
 191              ->from($db->quoteName('#__user_profiles'))
 192              ->where($db->quoteName('user_id') . ' = :userid')
 193              ->order($db->quoteName('ordering') . ' ASC')
 194              ->bind(':userid', $user->id, ParameterType::INTEGER);
 195  
 196          $items = $db->setQuery($query)->loadAssocList();
 197  
 198          foreach ($items as $item) {
 199              $domain->addItem($this->createItemFromArray($item));
 200          }
 201  
 202          return $domain;
 203      }
 204  
 205      /**
 206       * Create the domain for the user record
 207       *
 208       * @param   TableUser  $user  The TableUser object to process
 209       *
 210       * @return  \Joomla\Component\Privacy\Administrator\Export\Domain
 211       *
 212       * @since   3.9.0
 213       */
 214      private function createUserDomain(TableUser $user)
 215      {
 216          $domain = $this->createDomain('users', 'joomla_users_data');
 217          $domain->addItem($this->createItemForUserTable($user));
 218  
 219          return $domain;
 220      }
 221  
 222      /**
 223       * Create an item object for a TableUser object
 224       *
 225       * @param   TableUser  $user  The TableUser object to convert
 226       *
 227       * @return  \Joomla\Component\Privacy\Administrator\Export\Item
 228       *
 229       * @since   3.9.0
 230       */
 231      private function createItemForUserTable(TableUser $user)
 232      {
 233          $data    = [];
 234          $exclude = ['password', 'otpKey', 'otep'];
 235  
 236          foreach (array_keys($user->getFields()) as $fieldName) {
 237              if (!in_array($fieldName, $exclude)) {
 238                  $data[$fieldName] = $user->$fieldName;
 239              }
 240          }
 241  
 242          return $this->createItemFromArray($data, $user->id);
 243      }
 244  }