diff --git a/block_panopto.php b/block_panopto.php index fc36ef0..14f9a72 100644 --- a/block_panopto.php +++ b/block_panopto.php @@ -82,6 +82,19 @@ public function instance_config_save($data, $nolongerused = false) { $publisherroles = (isset($data->publisher)) ? $data->publisher : array(); $creatorroles = (isset($data->creator)) ? $data->creator : array(); + // Get the current role mappings set for the current course from the db. + $mappings = panopto_data::get_course_role_mappings($this->page->course->id); + + $oldcreators = array_diff($mappings['creator'], $creatorroles); + $oldpublishers = array_diff($mappings['publisher'], $publisherroles); + + // Make sure the old unassigned roles get unset. + panopto_data::unset_course_role_permissions( + $this->page->course->id, + $oldpublishers, + $oldcreators + ); + panopto_data::set_course_role_permissions( $this->page->course->id, $publisherroles, diff --git a/classes/privacy/provider.php b/classes/privacy/provider.php new file mode 100644 index 0000000..85109fd --- /dev/null +++ b/classes/privacy/provider.php @@ -0,0 +1,21 @@ +add_external_location_link('block_panopto', [ + 'username' => 'privacy:metadata:block_panopto:username', + 'firstname' => 'privacy:metadata:block_panopto:firstname', + 'lastname' => 'privacy:metadata:block_panopto:lastname', + 'email' => 'privacy:metadata:block_panopto:email', + ], 'privacy:metadata:bloack_panopto'); + + return $collection; + } +} diff --git a/db/upgrade.php b/db/upgrade.php index 7554f47..25069a1 100644 --- a/db/upgrade.php +++ b/db/upgrade.php @@ -254,6 +254,10 @@ function xmldb_block_panopto_upgrade($oldversion = 0) { $oldfoldermaptable->addKey($mappingkey); $dbman->create_table($oldfoldermaptable); } + + // Delete any existing tasks since those would be from the old plug-in generation. + $DB->delete_records_select('task_adhoc', $DB->sql_like('classname', '?'), array('%block_panopto%task%')); + // Panopto savepoint reached. upgrade_block_savepoint(true, 2017110600, 'panopto'); } diff --git a/lang/en/block_panopto.php b/lang/en/block_panopto.php index e252098..318c3c4 100644 --- a/lang/en/block_panopto.php +++ b/lang/en/block_panopto.php @@ -137,6 +137,11 @@ $string['podcast_audio'] = 'Audio Podcast'; $string['podcast_feeds'] = 'Podcast Feeds'; $string['podcast_video'] = 'Video Podcast'; +$string['privacy:metadata:block_panopto'] = 'In order to integrate with a Panopto service, user data needs to be exchanged with that service.'; +$string['privacy:metadata:block_panopto:firstname'] = 'Your first name is sent to Panopto to allow showing user\'s real name in Panopto\'s user experience.'; +$string['privacy:metadata:block_panopto:lastname'] = 'Your last name is sent to Panopto to allow showing user\'s real name in Panopto\'s user experience.'; +$string['privacy:metadata:block_panopto:email'] = 'Your email is sent to Panopto to allow use of Panopto\'s email features.'; +$string['privacy:metadata:block_panopto:username'] = 'Your username is sent to Panopto to allow it to create a Panopto account using the Moodle username as the Panopto username.'; $string['provision'] = 'Provision'; $string['provision_course_link_text'] = 'Provision Course'; $string['provision_access_error'] = 'Course already provisioned to a Panopto folder and the current user does not have access to perform operations on that folder (User needs at least viewer access to target Panopto folder).'; @@ -150,8 +155,9 @@ $string['publishers'] = 'Publishers'; $string['reinitialize_import_started'] = 'Beginning to reininitialize import.'; $string['reinitialize_import_finished'] = 'finished reininitialize import.'; -$string['removing_corrupt_folder_row'] = 'Foldermap entry appears corrupted, moving entry to old_foldermap for user reference. Corrupted row used for course with Moodle Id: '; +$string['removing_corrupt_folder_row'] = 'Foldermap entry appears corrupted, moving entry to old_foldermap for user reference. Corrupted row used for course with Moodle Id: {$a}'; $string['result'] = 'Result'; +$string['removed_panopto_adhoc_tasks'] = 'All existing Panopto adhoc tasks were deleted'; $string['require_panopto_version_title'] = 'Minimum Panopto version required for this version of the Moodle Panopto block'; $string['missing_moodle_required_version'] = 'Panopto block requires a Moodle version newer than {$a->requiredversion}, your current Moodle version is: {$a->currentversion}'; $string['role_map_header'] = 'Change Panopto Role Mappings'; diff --git a/lib/cli/remove_all_panopto_adhoc_tasks.php b/lib/cli/remove_all_panopto_adhoc_tasks.php new file mode 100644 index 0000000..20edc15 --- /dev/null +++ b/lib/cli/remove_all_panopto_adhoc_tasks.php @@ -0,0 +1,50 @@ +. + +/** + * This logic will get a list of all current Panopto folders on a Moodle server then it will go through each folder + * and reprovision them and reinitialize the imports to that folders if the user has access to the folder. + * This is needed for the Panopto Generation 1 to Generation 2 migration. + * + * @package block_panopto + * @copyright Panopto 2009 - 2017 with contributions from Hittesh Ahuja + * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later + */ + +define('CLI_SCRIPT', 1); +require_once(dirname(__FILE__) . '/../../../../config.php'); + +global $CFG; +require_once("$CFG->libdir/clilib.php"); +require_once("$CFG->libdir/formslib.php"); +require_once(dirname(__FILE__) . '/../panopto_data.php'); + +$admin = get_admin(); +if (!$admin) { + mtrace("Error: No admin account was found"); + die; +} +\core\session\manager::set_user(get_admin()); +cli_heading('Removing all queued Panopto adhoc tasks'); + +function remove_panopto_adhoc_tasks() { + panopto_data::remove_all_panopto_adhoc_tasks(); + + cli_writeln(get_string('removed_panopto_adhoc_tasks', 'block_panopto')); +} + + +remove_panopto_adhoc_tasks(); diff --git a/lib/cli/upgrade_all_folders.php b/lib/cli/upgrade_all_folders.php index fadf555..b07bed2 100644 --- a/lib/cli/upgrade_all_folders.php +++ b/lib/cli/upgrade_all_folders.php @@ -99,7 +99,7 @@ function upgrade_all_panopto_folders() { } } else { // Shouldn't hit this case, but in the case a row in the DB has invalid data move it to the old_foldermap. - cli_writeln(get_string('removing_corrupt_folder_row', 'block_panopto') . $oldcourse->moodleid); + cli_writeln(get_string('removing_corrupt_folder_row', 'block_panopto', $oldcourse->moodleid)); panopto_data::delete_panopto_relation($oldcourse->moodleid, true); // Continue to the next entry assuming this one was cleanup. continue; @@ -150,7 +150,7 @@ function upgrade_all_panopto_folders() { // We can still continue on with the upgrade, assume this was an old entry that was deleted from Panopto side. } } else { - cli_writeln(get_string('removing_corrupt_folder_row', 'block_panopto') . $courseimport); + cli_writeln(get_string('removing_corrupt_folder_row', 'block_panopto', $courseimport)); panopto_data::delete_panopto_relation($courseimport, true); // Continue to the next entry assuming this one was cleanup. continue; diff --git a/lib/panopto_data.php b/lib/panopto_data.php index 105ca39..dd122c9 100644 --- a/lib/panopto_data.php +++ b/lib/panopto_data.php @@ -114,6 +114,13 @@ public static function getpossiblefoldernamestyles() { ); } + + public static function remove_all_panopto_adhoc_tasks() { + global $DB; + + return $DB->delete_records_select('task_adhoc', $DB->sql_like('classname', '?'), array('%block_panopto%task%')); + } + /** * main constructor * @@ -621,7 +628,6 @@ public function sync_external_user($userid) { } } - // Only try to sync the users if he Panopto server is up. if (self::is_server_alive('https://' . $this->servername . '/Panopto')) { @@ -1179,8 +1185,8 @@ public static function build_and_assign_context_capability_to_roles($context, $r } } - // Remove existing capabilities that are no longer needed. - $assignnew = array_diff($existing, $assigned); + // Remove existing capabilities that are no longer needed. This needs to be assoc to take into account the keys + $assignnew = array_diff_assoc($existing, $assigned); if (!empty($assignnew)) { foreach ($assignnew as $roleid => $cap) { unassign_capability($capability, $roleid, $context); @@ -1189,7 +1195,8 @@ public static function build_and_assign_context_capability_to_roles($context, $r } // Add new capabilities that don't exist yet. - $existingnew = array_diff($assigned, $existing); + $existingnew = array_diff_assoc($assigned, $existing); + if (!empty($existingnew)) { foreach ($existingnew as $roleid => $cap) { if (isset($roleid) && trim($roleid) !== '') { @@ -1218,9 +1225,6 @@ public static function build_and_assign_context_capability_to_roles($context, $r public static function set_course_role_permissions($courseid, $publisherroles, $creatorroles) { $coursecontext = context_course::instance($courseid); - // Get the current role mappings set for the current course from the db. - $mappings = self::get_course_role_mappings($courseid); - // Build and process new/old changes to capabilities to be applied to roles and capabilities. $capability = 'block/panopto:provision_aspublisher'; $publisherprocessed = self::build_and_assign_context_capability_to_roles($coursecontext, $publisherroles, $capability); @@ -1249,6 +1253,23 @@ public static function set_course_role_permissions($courseid, $publisherroles, $ self::set_course_role_mappings($courseid, $publisherroles, $creatorroles); } + // If a role was unset from a capability we need to reflect that change on Moodle. + public static function unset_course_role_permissions($courseid, $oldpublisherroles, $oldcreatorroles) { + $coursecontext = context_course::instance($courseid); + + foreach ($oldpublisherroles as $publisherrole) { + unassign_capability('block/panopto:provision_aspublisher', $publisherrole, $coursecontext); + } + + foreach ($oldcreatorroles as $creatorrole) { + unassign_capability('block/panopto:provision_asteacher', $creatorrole, $coursecontext); + } + + if (!empty($oldpublisherroles) || !empty($oldcreatorroles)) { + $coursecontext->mark_dirty(); + } + } + public static function is_server_alive($url = null) { // Only proceed with the cURL check if this toggle is true. This code is dependent on platform/OS specific calls. if (!get_config('block_panopto', 'check_server_status')) { diff --git a/upgrade_all_folders.php b/upgrade_all_folders.php index 547416d..d895a30 100644 --- a/upgrade_all_folders.php +++ b/upgrade_all_folders.php @@ -143,7 +143,7 @@ function upgrade_all_panopto_folders() { } } else { // Shouldn't hit this case, but in the case a row in the DB has invalid data move it to the old_foldermap. - panopto_data::print_log(get_string('removing_corrupt_folder_row', 'block_panopto') . $oldcourse->moodleid); + panopto_data::print_log(get_string('removing_corrupt_folder_row', 'block_panopto', $oldcourse->moodleid)); panopto_data::delete_panopto_relation($oldcourse->moodleid, true); // Continue to the next entry assuming this one was cleanup. continue; @@ -195,7 +195,7 @@ function upgrade_all_panopto_folders() { // We can still continue on with the upgrade, assume this was an old entry that was deleted from Panopto side. } } else { - panopto_data::print_log(get_string('removing_corrupt_folder_row', 'block_panopto') . $courseimport); + panopto_data::print_log(get_string('removing_corrupt_folder_row', 'block_panopto', $courseimport)); panopto_data::delete_panopto_relation($courseimport, true); // Continue to the next entry assuming this one was cleanup. continue; diff --git a/version.php b/version.php index d76af36..9204772 100644 --- a/version.php +++ b/version.php @@ -29,7 +29,7 @@ // Plugin version should normally be the same as the internal version. // If an admin wants to install with an older version number, however, set that here. -$plugin->version = 2018050700; +$plugin->version = 2018070900; // Requires this Moodle version - 2.7. $plugin->requires = 2014051200;