Adds a new callback, <plugin>_control_view_profile. Plugins may
return core_user::VIEWPROFILE_PREVENT to prevent access,
core_user::VIEWPROFILE_DO_NOT_PREVENT to make no change, or
core_user::VIEWPROFILE_FORCE_ALLOW to allow access even when Moodle
would normally prevent it.
This allows third-party plugins to restrict (or allow) access to
profile pages in response to arbitrary business logic.
This includes:
- changing all usernames in feature to lowercase, for cross-db passing. Fixes:
- user/tests/behat/set_email_display.feature
- ensure that course_enrolment_manager::get_potential_users() and
external always returns user->maildisplay attribute, so email
visibility can be calculated by user_get_user_details(). Fixes:
- enrol/tests/behat/enrol_user.feature
- blocks/news_items/tests/behat/display_news.feature
- course/tests/behat/course_creation.feature
In these cases we want to use the method get_list_of_countries() to
obtain translated names of all potential country codes. The country code
is already there in the database. So it does not matter if the country
is among those whitelisted in $CFG->allcountrycodes - we want to see its
name anyway.
- Define sitepolicy handler manager class, base class and the core handler
- Allow to set a plugin as sitepolicyhandler that implements the sitepolicy API
- Modify web services to return information from the 3rd party handler instead of core if needed
The patch introduces a new site setting 'sitepolicyhandler' that can be
either empty or contain a plugin component name. If it is empty, the
site policy feature keeps working as before and the core keeps the
control over it.
If a plugin is specified, it is expected to implement the callback
'site_policy_handler' in its lib.php file. The callback should return a
URL to a script where the user can accept the site policies. The plugin
itself is responsible for setting the 'policyagreed' flag in the users
table. The callback may return an empty value, in which case the user
can continue using the site without being redirected.
The patch adds support for a new pre-config flag NO_SITEPOLICY_CHECK.
This constant should be defined and set to true if we should not check
the user's policyagreed status during the require_login().
This is for pages where the user actually accepts the site policies and
helps to avoid the redirect loop.
* Refactor the code to make it look cleaner and easier to read.
* Fixed incorrect alt-text for the configure icon.
* Fixed missing alt-text for show/hide icon.
Adds 'email' to hiddenuserfields, which allows:
* user to view email on their own profile,
* users with cap site:viewuseridentity to view email on any profile (admins/teachers)
* admin to veto display of email to users without site:viewuseridentity (except viewing their own)
* unprivileged users to view if the profile's maildisplay permits it.
Changes in user/lib.php include removal of is_siteadmin() test, which
is redundant due to checks via has_capability().
Fixes regression from 2.9 (MDL-45774).
We need to get into the habit of not using usernames like 'student1'
and 'student10' as our matches are non-strict, and the tests become
dependent upon DB sort order.
This change adds a character after the varying value to act as a
delimter for all of these tests.
