invalid/incorrect privacy api implementation
Closed this issue · 2 comments
This plugin should not be using the null provider class, Your plugin stores user data in a number of tables which will need to be included in the privacy api classes, you will need to implement a class that covers your custom table, but also add_external_location_link functions - take a look at moodle's core enrol_paypal plugin for a good example.
More information on the privacy class is here:
https://docs.moodle.org/dev/Privacy_API
Plugin has only one table and it stores only userid, not lastname or such. Does it still count?
<XMLDB PATH="enrol/sber/db" VERSION="20220117" COMMENT="XMLDB file for Moodle enrol/sber"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="../../../lib/xmldb/xmldb.xsd"
it sure does. the privacy api class does the following:
- Makes it clear what data is sent from Moodle to an external service (I assume you send the users name/email details to the payment provider - so you need to implement the add_external_location_link part to cover that (see the docs and examples in other payment plugins like enrol_paypal)
- Handles user data request - users are able to request all information stored within Moodle about them - this includes transaction information within payment plugins so your api implementation needs to deal with the export_user_data and other related functions
- Handles user deletion request - users are able to request the deletion of all information stored within Moodle about them.
But - as your plugin is similar to enrol_paypal you might find you can copy the paypal enrol privacy class, and update it to point at your custom sber tables.