MDL-62273 Profile: Callback allows plugins to control profile access

Adds a new callback, <plugin>_control_view_profile. Plugins may return core_user::VIEWPROFILE_PREVENT to prevent access, core_user::VIEWPROFILE_DO_NOT_PREVENT to make no change, or core_user::VIEWPROFILE_FORCE_ALLOW to allow access even when Moodle would normally prevent it. This allows third-party plugins to restrict (or allow) access to profile pages in response to arbitrary business logic.
2025-04-13 12:32:08 +02:00 · 2018-04-30 14:57:52 +01:00 · 2018-04-30 14:57:52 +01:00 · bef86c669c
commit bef86c669c
parent 5b4ca9eb5b
2 changed files with 34 additions and 0 deletions
--- a/lib/classes/user.php
+++ b/lib/classes/user.php
@ -82,6 +82,13 @@ class core_user {
        'alternatename'
    ];

+    /** @var int Indicates that user profile view should be prevented */
+    const VIEWPROFILE_PREVENT = -1;
+    /** @var int Indicates that user profile view should not be prevented */
+    const VIEWPROFILE_DO_NOT_PREVENT = 0;
+    /** @var int Indicates that user profile view should be allowed even if Moodle would prevent it */
+    const VIEWPROFILE_FORCE_ALLOW = 1;
+
    /** @var stdClass keep record of noreply user */
    public static $noreplyuser = false;

--- a/user/lib.php
+++ b/user/lib.php
@ -1154,6 +1154,33 @@ function user_can_view_profile($user, $course = null, $usercontext = null) {
        return true;
    }

+    // Use callbacks so that (primarily) local plugins can prevent or allow profile access.
+    $forceallow = false;
+    $plugintypes = get_plugins_with_function('control_view_profile');
+    foreach ($plugintypes as $plugins) {
+        foreach ($plugins as $pluginfunction) {
+            $result = $pluginfunction($user, $course, $usercontext);
+            switch ($result) {
+                case core_user::VIEWPROFILE_DO_NOT_PREVENT:
+                    // If the plugin doesn't stop access, just continue to next plugin or use
+                    // default behaviour.
+                    break;
+                case core_user::VIEWPROFILE_FORCE_ALLOW:
+                    // Record that we are definitely going to allow it (unless another plugin
+                    // returns _PREVENT).
+                    $forceallow = true;
+                    break;
+                case core_user::VIEWPROFILE_PREVENT:
+                    // If any plugin returns PREVENT then we return false, regardless of what
+                    // other plugins said.
+                    return false;
+            }
+        }
+    }
+    if ($forceallow) {
+        return true;
+    }
+
    // Course contacts have visible profiles always.
    if (has_coursecontact_role($user->id)) {
        return true;