mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity

MDL-60548 profile: Show profile email when 'maildisplay' allows it.

Browse Source 
Adds 'email' to hiddenuserfields, which allows:
 * user to view email on their own profile,
 * users with cap site:viewuseridentity to view email on any profile (admins/teachers)
 * admin to veto display of email to users without site:viewuseridentity (except viewing their own)
 * unprivileged users to view if the profile's maildisplay permits it.

Changes in user/lib.php include removal of is_siteadmin() test, which
is redundant due to checks via has_capability().

Fixes regression from 2.9 (MDL-45774).
This commit is contained in:
David Balch 2017-10-23 12:48:31 +01:00
parent 224796f0fa
commit 565f3f25f0
3 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/settings/users.php
View File

@ -150,6 +150,7 @@ if ($hassiteconfig
$temp->add(new admin_setting_configmultiselect('hiddenuserfields', new lang_string('hiddenuserfields', 'admin'),
new lang_string('confighiddenuserfields', 'admin'), array(),
array('description' => new lang_string('description'),
'email' => new lang_string('email'),
'city' => new lang_string('city'),
'country' => new lang_string('country'),
'timezone' => new lang_string('timezone'),

16
lib/myprofilelib.php
View File

@ -127,7 +127,8 @@ function core_myprofile_navigation(core_user\output\myprofile\tree $tree, $user,
} else {
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (has_capability('moodle/site:viewuseridentity', $courseorusercontext)) {
$canviewuseridentity = has_capability('moodle/site:viewuseridentity', $courseorusercontext);
if ($canviewuseridentity) {
$identityfields = array_flip(explode(',', $CFG->showuseridentity));
} else {
$identityfields = array();
@ -151,11 +152,14 @@ function core_myprofile_navigation(core_user\output\myprofile\tree $tree, $user,
$tree->add_node($node);
}
if (isset($identityfields['email']) and ($iscurrentuser
or $user->maildisplay == 1
or has_capability('moodle/course:useremail', $courseorusercontext)
or has_capability('moodle/site:viewuseridentity', $courseorusercontext)
or ($user->maildisplay == 2 and enrol_sharing_course($user, $USER)))) {
if ($iscurrentuser
or (!isset($hiddenfields['email']) and (
$user->maildisplay == core_user::MAILDISPLAY_EVERYONE
or ($user->maildisplay == core_user::MAILDISPLAY_COURSE_MEMBERS_ONLY and enrol_sharing_course($user, $USER))
or has_capability('moodle/course:useremail', $courseorusercontext) // TODO: Deprecate/remove for MDL-37479.
))
or (isset($identityfields['email']) and $canviewuseridentity)
) {
$node = new core_user\output\myprofile\node('contact', 'email', get_string('email'), null, null,
obfuscate_mailto($user->email, ''));
$tree->add_node($node);

15
user/lib.php
View File

@ -463,12 +463,15 @@ function user_get_user_details($user, $course = null, array $userfields = array(
}
}
if (in_array('email', $userfields) && ($isadmin // The admin is allowed the users email.
or $currentuser // Of course the current user is as well.
or $canviewuseremail // This is a capability in course context, it will be false in usercontext.
or in_array('email', $showuseridentityfields)
or $user->maildisplay == 1
or ($user->maildisplay == 2 and enrol_sharing_course($user, $USER)))) {
if (in_array('email', $userfields) && (
$currentuser
or (!isset($hiddenfields['email']) and (
$user->maildisplay == core_user::MAILDISPLAY_EVERYONE
or ($user->maildisplay == core_user::MAILDISPLAY_COURSE_MEMBERS_ONLY and enrol_sharing_course($user, $USER))
or $canviewuseremail // TODO: Deprecate/remove for MDL-37479.
))
or in_array('email', $showuseridentityfields)
)) {
$userdetails['email'] = $user->email;
}