mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-14 13:02:07 +02:00
Code Issues Projects Releases Wiki Activity

MDL-81857 user: don't check whether address is an identity field.

Browse Source 
It can never be selected as one, so the previous comparison could
never pass.
This commit is contained in:
Paul Holden 2024-05-09 22:53:55 +01:00
parent bcd8e0d6ed
commit 89376f78af
No known key found for this signature in database
GPG Key ID: A81A96D6045F6164
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
user/lib.php
View File

@ -430,9 +430,7 @@ function user_get_user_details($user, $course = null, array $userfields = array(
$hiddenfields = array_flip(explode(',', $CFG->hiddenuserfields));
}
if (!empty($user->address) && (in_array('address', $userfields)
&& in_array('address', $showuseridentityfields) || $isadmin)) {
if (!empty($user->address) && (in_array('address', $userfields) || $isadmin)) {
$userdetails['address'] = $user->address;
}
if (!empty($user->phone1) && (in_array('phone1', $userfields)

9
user/tests/userlib_test.php
View File

@ -943,30 +943,33 @@ class userlib_test extends \advanced_testcase {
// Get student details with required fields.
$result = user_get_user_details($student1, $course, array('id', 'fullname', 'timezone', 'city', 'address', 'idnumber'));
$this->assertCount(4, $result); // Ensure address (never returned), idnumber (identity field) are not returned here.
$this->assertCount(5, $result); // Ensure idnumber (identity field) is not returned here.
$this->assertEquals($student1->id, $result['id']);
$this->assertEquals($student1fullname, $result['fullname']);
$this->assertEquals($student1->timezone, $result['timezone']);
$this->assertEquals($student1->city, $result['city']);
$this->assertEquals($student1->address, $result['address']);
// Set new identity fields and hidden fields and try to retrieve them without permission.
$CFG->showuseridentity = $CFG->showuseridentity . ',idnumber';
$CFG->hiddenuserfields = 'city';
$result = user_get_user_details($student1, $course, array('id', 'fullname', 'timezone', 'city', 'address', 'idnumber'));
$this->assertCount(3, $result); // Ensure address, city and idnumber are not returned here.
$this->assertCount(4, $result); // Ensure city and idnumber are not returned here.
$this->assertEquals($student1->id, $result['id']);
$this->assertEquals($student1fullname, $result['fullname']);
$this->assertEquals($student1->timezone, $result['timezone']);
$this->assertEquals($student1->address, $result['address']);
// Now, teacher should have permission to see the idnumber and city fields.
$this->setUser($teacher);
$result = user_get_user_details($student1, $course, array('id', 'fullname', 'timezone', 'city', 'address', 'idnumber'));
$this->assertCount(5, $result); // Ensure address is not returned here.
$this->assertCount(6, $result);
$this->assertEquals($student1->id, $result['id']);
$this->assertEquals($student1fullname, $result['fullname']);
$this->assertEquals($student1->timezone, $result['timezone']);
$this->assertEquals($student1->idnumber, $result['idnumber']);
$this->assertEquals($student1->city, $result['city']);
$this->assertEquals($student1->address, $result['address']);
// And admins can see anything.
$this->setAdminUser();