Merge pull request #11 from iMattPro/updates

Delete consent logs

Author: iMattPro

.github/workflows/merge-master-to-develop.yml

@@ -23,7 +23,7 @@ jobs:
         name: Merge main into develop branch
         # Keep this named after the GitHub repository.
         # GitHub Actions does not allow workflow env values in jobs.<job_id>.if.
-        if: github.repository == 'phpbb-extensions/consentmanager' && github.event.repository.fork == false
+        if: github.repository == 'phpbb-extensions/consent-manager' && github.event.repository.fork == false
         runs-on: ubuntu-latest
 
         steps:

acp/consentmanager_module.php

@@ -29,7 +29,7 @@ public function main($id, $mode)
 			case 'export':
 				$this->tpl_name = 'consentmanager_acp_export';
 				$this->page_title = 'ACP_CONSENTMANAGER_EXPORT';
-				$controller->handle_export();
+				$controller->handle_logs();
 			break;
 
 			default:

adm/style/consentmanager_acp_export.html

@@ -42,7 +42,8 @@ <h3>{{ lang('WARNING') }}</h3>
 	</fieldset>
 
 	<fieldset class="submit-buttons">
-		<input class="button1" type="submit" name="download_csv" value="{{ lang('ACP_CONSENTMANAGER_EXPORT_DOWNLOAD') }}">
+		<input class="button1" type="submit" name="download_csv" value="{{ lang('ACP_CONSENTMANAGER_EXPORT_DOWNLOAD') }}">&nbsp;
+		<input class="button2" type="submit" name="delete_logs" value="{{ lang('ACP_CONSENTMANAGER_DELETE') }}">
 		{{ S_FORM_TOKEN }}
 	</fieldset>
 </form>

composer.json

@@ -3,7 +3,7 @@
 	"type": "phpbb-extension",
 	"description": "Centralized GDPR-compliant consent and deferred script loading for phpBB forums.",
 	"homepage": "https://www.phpbb.com/",
-	"version": "0.2.0-dev",
+	"version": "0.3.0-dev",
 	"keywords": ["phpbb", "extension", "gdpr", "consent", "cookies"],
 	"license": "GPL-2.0-only",
 	"authors": [

controller/acp_controller.php

@@ -89,7 +89,7 @@ public function handle()
 				return;
 			}
 
-			$this->acp_manager->log_admin_settings_updated();
+			$this->acp_manager->log_admin_action('LOG_CONSENTMANAGER_UPDATED');
 			trigger_error($this->language->lang('CONFIG_UPDATED') . adm_back_link($this->u_action));
 		}
 
@@ -98,7 +98,7 @@ public function handle()
 			$this->validate_form_key('phpbb_consentmanager_acp');
 
 			$this->acp_manager->reset_consent_version();
-			$this->acp_manager->log_admin_reprompt();
+			$this->acp_manager->log_admin_action('LOG_CONSENTMANAGER_REPROMPT');
 
 			trigger_error($this->language->lang('ACP_CONSENTMANAGER_REPROMPT_SUCCESS') . adm_back_link($this->u_action));
 		}
@@ -107,50 +107,79 @@ public function handle()
 	}
 
 	/**
-	 * Handle the ACP export page request.
-	 *
-	 * Displays the filter form on GET. On POST with download_csv, streams a
-	 * CSV file of consent log records matching the supplied filters.
+	 * Handle the ACP consent logs page request.
 	 *
 	 * @return void
 	 */
-	public function handle_export()
+	public function handle_logs()
 	{
 		add_form_key('phpbb_consentmanager_export');
+		$form_data = $this->get_logs_form_data();
 
 		if ($this->request->is_set_post('download_csv'))
 		{
 			$this->validate_form_key('phpbb_consentmanager_export');
 
 			$errors = [];
-			$filters = $this->parse_export_filters($errors);
+			$filters = $this->parse_export_filters($form_data, $errors);
 
 			if (!empty($errors))
 			{
-				$this->assign_export_template_vars($errors);
+				$this->assign_export_template_vars($form_data, $errors);
 				return;
 			}
 
-			$this->acp_manager->log_admin_export();
+			$this->acp_manager->log_admin_action('LOG_CONSENTMANAGER_EXPORT');
 			$this->send_csv_download($filters);
 		}
+		else if ($this->request->is_set_post('delete_logs'))
+		{
+			$errors = [];
+			$filters = $this->parse_export_filters($form_data, $errors);
+
+			if (!empty($errors))
+			{
+				$this->assign_export_template_vars($form_data, $errors);
+				return;
+			}
+
+			if (confirm_box(true))
+			{
+				$this->acp_manager->delete_logs($filters);
+				$this->acp_manager->log_admin_action('LOG_CONSENTMANAGER_DELETE');
+
+				trigger_error($this->language->lang('ACP_CONSENTMANAGER_DELETE_SUCCESS') . adm_back_link($this->u_action));
+			}
+			else
+			{
+				confirm_box(
+					false,
+					$this->language->lang('ACP_CONSENTMANAGER_DELETE_CONFIRM'),
+					build_hidden_fields(array_merge([
+						'mode'                   => 'export',
+						'delete_logs'            => 1,
+					], $form_data))
+				);
+			}
+		}
 
-		$this->assign_export_template_vars();
+		$this->assign_export_template_vars($form_data);
 	}
 
 	/**
 	 * Parse and validate filter inputs from the export form.
 	 *
+	 * @param array $form_data Array of form field values
 	 * @param array $errors Reference — validation errors are appended here
 	 *
 	 * @return array Validated filter map (date_from, date_to, user_id, consent_version)
 	 */
-	protected function parse_export_filters(array &$errors)
+	protected function parse_export_filters(array $form_data, array &$errors)
 	{
-		$date_from_str = trim($this->request->variable('export_date_from', ''));
-		$date_to_str   = trim($this->request->variable('export_date_to', ''));
-		$user_id       = $this->request->variable('export_user_id', 0);
-		$consent_ver   = $this->request->variable('export_consent_version', 0);
+		$date_from_str = trim($form_data['export_date_from']);
+		$date_to_str   = trim($form_data['export_date_to']);
+		$user_id       = $form_data['export_user_id'];
+		$consent_ver   = $form_data['export_consent_version'];
 
 		$filters   = [];
 		$date_from = $this->acp_manager->parse_date_filter($date_from_str);
@@ -205,7 +234,7 @@ protected function send_csv_download(array $filters)
 		}
 
 		header('Content-Type: text/csv; charset=UTF-8');
-		header('Content-Disposition: attachment; filename="consent_logs.csv"');
+		header('Content-Disposition: attachment; filename="consent_logs_' . gmdate('Y-m-d_His') . '.csv"');
 		header('Cache-Control: no-cache, no-store, must-revalidate');
 		header('Pragma: no-cache');
 		header('Expires: 0');
@@ -219,17 +248,14 @@ protected function send_csv_download(array $filters)
 		exit;
 	}
 
-	protected function assign_export_template_vars(array $errors = [])
+	protected function get_logs_form_data()
 	{
-		$this->template->assign_vars([
-			'S_ERROR'            => !empty($errors),
-			'ERROR_MSG'          => implode('<br>', $errors),
-			'EXPORT_DATE_FROM'   => $this->request->variable('export_date_from', ''),
-			'EXPORT_DATE_TO'     => $this->request->variable('export_date_to', ''),
-			'EXPORT_USER_ID'     => $this->request->variable('export_user_id', 0),
-			'EXPORT_CONSENT_VER' => $this->request->variable('export_consent_version', 0),
-			'U_ACTION'           => $this->u_action,
-		]);
+		return [
+			'export_date_from'       => $this->request->variable('export_date_from', ''),
+			'export_date_to'         => $this->request->variable('export_date_to', ''),
+			'export_user_id'         => $this->request->variable('export_user_id', 0),
+			'export_consent_version' => $this->request->variable('export_consent_version', 0),
+		];
 	}
 
 	protected function assign_template_vars(array $errors = [])
@@ -244,6 +270,19 @@ protected function assign_template_vars(array $errors = [])
 		));
 	}
 
+	protected function assign_export_template_vars(array $form_data, array $errors = [])
+	{
+		$this->template->assign_vars([
+			'S_ERROR'            => !empty($errors),
+			'ERROR_MSG'          => implode('<br>', $errors),
+			'EXPORT_DATE_FROM'   => $form_data['export_date_from'],
+			'EXPORT_DATE_TO'     => $form_data['export_date_to'],
+			'EXPORT_USER_ID'     => $form_data['export_user_id'],
+			'EXPORT_CONSENT_VER' => $form_data['export_consent_version'],
+			'U_ACTION'           => $this->u_action,
+		]);
+	}
+
 	protected function validate_form_key($form_key)
 	{
 		if (!check_form_key($form_key))

language/en/acp_consentmanager.php

@@ -37,17 +37,20 @@
 	'ACP_CONSENTMANAGER_INVALID_INTEGRATION_ENTRY'	=> 'Integration entry %1$s is invalid. Each entry must include a safe id, supported category, and valid script source URL.',
 	'EXAMPLE'										=> 'Example',
 
-	// Export consent logs
-	'ACP_CONSENTMANAGER_EXPORT_EXPLAIN'				=> 'Download a CSV file of stored consent log records. All fields are optional; leave them blank to export the full log.',
-	'ACP_CONSENTMANAGER_EXPORT_FILTERS'				=> 'Export filters',
+	// Consent logs
+	'ACP_CONSENTMANAGER_EXPORT_EXPLAIN'				=> 'Download a CSV file of stored consent log records or permanently delete matching records from the database. All fields are optional; leave them blank to work with the full log.',
+	'ACP_CONSENTMANAGER_EXPORT_FILTERS'				=> 'Consent log filters',
 	'ACP_CONSENTMANAGER_EXPORT_DATE_FROM'			=> 'Date from',
 	'ACP_CONSENTMANAGER_EXPORT_DATE_TO'				=> 'Date to',
 	'ACP_CONSENTMANAGER_EXPORT_DATE_EXPLAIN'		=> 'Use the browser date picker when available. If you cannot pick a date, enter it in YYYY-MM-DD format. Dates are interpreted in UTC. Leave blank to omit this boundary.',
 	'ACP_CONSENTMANAGER_EXPORT_USER_ID'				=> 'User ID',
-	'ACP_CONSENTMANAGER_EXPORT_USER_ID_EXPLAIN'		=> 'Enter a registered user ID to restrict the export to that user\'s consent records. Leave blank to include all users. Note: records for guests use a session-based identifier and cannot be filtered by user ID.',
+	'ACP_CONSENTMANAGER_EXPORT_USER_ID_EXPLAIN'		=> 'Enter a registered user ID to restrict the export (or delete) to that user’s consent records. Leave blank to include all users.',
 	'ACP_CONSENTMANAGER_EXPORT_VERSION'				=> 'Consent version',
-	'ACP_CONSENTMANAGER_EXPORT_VERSION_EXPLAIN'		=> 'Restrict the export to a specific consent version. Leave blank for all versions.',
+	'ACP_CONSENTMANAGER_EXPORT_VERSION_EXPLAIN'		=> 'Restrict the export (or delete) to a specific consent version. Leave blank for all versions.',
 	'ACP_CONSENTMANAGER_EXPORT_DOWNLOAD'			=> 'Download CSV',
+	'ACP_CONSENTMANAGER_DELETE'						=> 'Delete logs',
+	'ACP_CONSENTMANAGER_DELETE_CONFIRM'				=> 'Are you sure you want to permanently delete the selected consent log records?',
+	'ACP_CONSENTMANAGER_DELETE_SUCCESS'				=> 'The selected consent log records have been deleted.',
 	'ACP_CONSENTMANAGER_EXPORT_INVALID_DATE_FROM'	=> 'The "Date from" value is not a valid date. Use the browser date picker when available, or enter the date in YYYY-MM-DD format.',
 	'ACP_CONSENTMANAGER_EXPORT_INVALID_DATE_TO'		=> 'The "Date to" value is not a valid date. Use the browser date picker when available, or enter the date in YYYY-MM-DD format.',
 	'ACP_CONSENTMANAGER_EXPORT_DATE_RANGE_INVALID'	=> '"Date from" must not be later than "Date to".',

language/en/info_acp_consentmanager.php

@@ -21,8 +21,9 @@
 $lang = array_merge($lang, [
 	'ACP_CONSENTMANAGER'			=> 'Consent Manager',
 	'ACP_CONSENTMANAGER_SETTINGS'	=> 'Settings',
-	'ACP_CONSENTMANAGER_EXPORT'		=> 'Export Consent Logs',
+	'ACP_CONSENTMANAGER_EXPORT'		=> 'Consent Logs',
 	'LOG_CONSENTMANAGER_UPDATED'	=> '<strong>Updated Consent Manager settings</strong>',
 	'LOG_CONSENTMANAGER_REPROMPT'	=> '<strong>Forced Consent Manager re-prompt by increasing the consent version</strong>',
 	'LOG_CONSENTMANAGER_EXPORT'		=> '<strong>Exported Consent Manager logs as CSV</strong>',
+	'LOG_CONSENTMANAGER_DELETE'		=> '<strong>Deleted Consent Manager log records</strong>',
 ]);

service/acp_manager.php

@@ -215,6 +215,21 @@ public function stream_logs_csv($handle, array $filters = [], $batch_size = 500)
 		while ($count === $batch_size);
 	}
 
+	/**
+	 * Delete consent log rows matching the supplied filters.
+	 *
+	 * @param array $filters Optional: date_from, date_to, user_id, consent_version
+	 *
+	 * @return int Number of deleted rows
+	 */
+	public function delete_logs(array $filters = [])
+	{
+		$sql = 'DELETE FROM ' . $this->consent_logs_table . $this->build_delete_filter_where($filters);
+		$this->db->sql_query($sql);
+
+		return (int) $this->db->sql_affectedrows();
+	}
+
 	/**
 	 * Compute the anonymized identifier for a given registered user ID.
 	 *
@@ -234,33 +249,14 @@ public function hash_user_id($user_id)
 	}
 
 	/**
-	 * Add an admin log entry for consent settings changes.
-	 *
-	 * @return void
-	 */
-	public function log_admin_settings_updated()
-	{
-		$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_CONSENTMANAGER_UPDATED');
-	}
-
-	/**
-	 * Add an admin log entry when users are re-prompted for consent.
-	 *
-	 * @return void
-	 */
-	public function log_admin_reprompt()
-	{
-		$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_CONSENTMANAGER_REPROMPT');
-	}
-
-	/**
-	 * Add an admin log entry when consent logs are exported.
+	 * Add an admin log entry for an admin action in the settings.
 	 *
+	 * @param $message string Language key for the log message
 	 * @return void
 	 */
-	public function log_admin_export()
+	public function log_admin_action($message)
 	{
-		$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, 'LOG_CONSENTMANAGER_EXPORT');
+		$this->log->add('admin', $this->user->data['user_id'], $this->user->ip, $message);
 	}
 
 	/**
@@ -342,7 +338,38 @@ protected function get_integrations_json()
 	 */
 	protected function build_filter_where(array $filters, $last_id = 0)
 	{
-		$where = ['consent_log_id > ' . (int) $last_id];
+		$where = array_merge(
+			['consent_log_id > ' . (int) $last_id],
+			$this->build_filter_conditions($filters)
+		);
+
+		return ' WHERE ' . implode(' AND ', $where);
+	}
+
+	/**
+	 * Build a WHERE clause for deleting consent logs.
+	 *
+	 * @param array $filters Filter map from parse_export_filters
+	 *
+	 * @return string SQL WHERE clause, or an empty string when no filters are set
+	 */
+	protected function build_delete_filter_where(array $filters)
+	{
+		$where = $this->build_filter_conditions($filters);
+
+		return empty($where) ? '' : ' WHERE ' . implode(' AND ', $where);
+	}
+
+	/**
+	 * Build SQL filter conditions shared by export and delete operations.
+	 *
+	 * @param array $filters Filter map from parse_export_filters
+	 *
+	 * @return array
+	 */
+	protected function build_filter_conditions(array $filters)
+	{
+		$where = [];
 
 		if (!empty($filters['date_from']))
 		{
@@ -365,7 +392,7 @@ protected function build_filter_where(array $filters, $last_id = 0)
 			$where[] = 'consent_version = ' . (int) $filters['consent_version'];
 		}
 
-		return ' WHERE ' . implode(' AND ', $where);
+		return $where;
 	}
 
 	protected function sanitize_csv_value($value)

tests/acp/acp_module_test.php

@@ -121,7 +121,7 @@ public function test_main_module()
 
 	public function test_main_module_export_mode()
 	{
-		$this->expect_controller_method('handle_export');
+		$this->expect_controller_method('handle_logs');
 
 		$module = new \phpbb\consentmanager\acp\consentmanager_module();
 		$module->u_action = 'adm.php?i=test&mode=export';