mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity

MDL-37810 roles: fix profile roles logic to include all roles

Browse Source 
If the user has the role:assign capability then the list of profile roles
will include any role assigned in the context or above.
This commit is contained in:
Jake Dallimore 2017-09-21 19:49:19 +08:00
parent 0e57965154
commit b7e9f1cc42
2 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lib/accesslib.php
View File

@ -2477,18 +2477,21 @@ function get_component_string($component, $contextlevel) {
* Gets the list of roles assigned to this context and up (parents)
* from the aggregation of:
* a) the list of roles that are visible on user profile page and participants page (profileroles setting) and;
* b) if applicable, those roles the current user can assign in the context.
* b) if applicable, those roles that are assigned in the context.
*
* @param context $context
* @return array
*/
function get_profile_roles(context $context) {
global $CFG, $DB;
// If the current user can assign roles, then they can also see those assignable roles on the profile and participants page,
// provided the roles are assigned to at least 1 user in the context.
$policyroles = empty($CFG->profileroles) ? [] : array_map('trim', explode(',', $CFG->profileroles));
$assignableroles = array_keys(get_assignable_roles($context));
$rolesinscope = array_values(array_unique(array_merge($policyroles, $assignableroles)));
// If the current user can assign roles, then they can see all roles on the profile and participants page,
// provided the roles are assigned to at least 1 user in the context. If not, only the policy-defined roles.
if (has_capability('moodle/role:assign', $context)) {
$rolesinscope = array_keys(get_all_roles($context));
} else {
$rolesinscope = empty($CFG->profileroles) ? [] : array_map('trim', explode(',', $CFG->profileroles));
}
if (empty($rolesinscope)) {
return [];
}
@ -2557,11 +2560,13 @@ function get_user_roles_in_course($userid, $courseid) {
} else {
$context = context_course::instance($courseid);
}
// If the current user can assign roles, then they can also see those assignable roles on the profile and participants page,
// provided the roles are assigned to at least 1 user in the context.
$policyroles = empty($CFG->profileroles) ? [] : array_map('trim', explode(',', $CFG->profileroles));
$assignableroles = array_keys(get_assignable_roles($context));
$rolesinscope = array_values(array_unique(array_merge($policyroles, $assignableroles)));
// If the current user can assign roles, then they can see all roles on the profile and participants page,
// provided the roles are assigned to at least 1 user in the context. If not, only the policy-defined roles.
if (has_capability('moodle/role:assign', $context)) {
$rolesinscope = array_keys(get_all_roles($context));
} else {
$rolesinscope = empty($CFG->profileroles) ? [] : array_map('trim', explode(',', $CFG->profileroles));
}
if (empty($rolesinscope)) {
return '';
}

11
lib/tests/accesslib_test.php
View File

@ -3298,7 +3298,7 @@ class core_accesslib_testcase extends advanced_testcase {
$this->setUser($user1);
$this->assertEquals($expectedstudent, get_profile_roles($coursecontext));
// If we have no roles listed in the site policy, the teacher should only see the student and custom roles.
// If we have no roles listed in the site policy, the teacher should be able to see the assigned roles.
$expectedteacher = [
$studentrole->id => (object) [
'id' => $studentrole->id,
@ -3313,7 +3313,14 @@ class core_accesslib_testcase extends advanced_testcase {
'shortname' => $customrole->shortname,
'sortorder' => $customrole->sortorder,
'coursealias' => null
]
],
$teacherrole->id => (object) [
'id' => $teacherrole->id,
'name' => '',
'shortname' => $teacherrole->shortname,
'sortorder' => $teacherrole->sortorder,
'coursealias' => null
],
];
set_config('profileroles', "");
$this->setUser($user2);