From: toyomoyo Date: Wed, 12 Dec 2007 07:13:09 +0000 (+0000) Subject: MDL-12544, hide hidden roles in profile when user has no capability X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=6967ba28466e7a8d985e5e27e56676fce9fdb478;p=moodle.git MDL-12544, hide hidden roles in profile when user has no capability --- diff --git a/lib/accesslib.php b/lib/accesslib.php index 0ab6525827..531e7f02f0 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -3927,19 +3927,22 @@ function get_roles_used_in_context($context, $view = false) { /** * This function is used to print roles column in user profile page. * @param int userid - * @param int contextid + * @param object context * @return string */ -function get_user_roles_in_context($userid, $contextid){ - global $CFG; +function get_user_roles_in_context($userid, $context, $view=true){ + global $CFG, $USER; $rolestring = ''; - $SQL = 'select * from '.$CFG->prefix.'role_assignments ra, '.$CFG->prefix.'role r where ra.userid='.$userid.' and ra.contextid='.$contextid.' and ra.roleid = r.id'; + $SQL = 'select * from '.$CFG->prefix.'role_assignments ra, '.$CFG->prefix.'role r where ra.userid='.$userid.' and ra.contextid='.$context->id.' and ra.roleid = r.id'; if ($roles = get_records_sql($SQL)) { foreach ($roles as $userrole) { + // MDL-12544, if we are in view mode and current user has no capability to view hidden assignment, skip it + if ($userrole->hidden && $view && !has_capability('moodle/role:viewhiddenassigns', $context)) { + continue; + } $rolestring .= ''.$userrole->name.', '; } - } return rtrim($rolestring, ', '); } diff --git a/user/view.php b/user/view.php index 2615236cd1..9e98ea7590 100644 --- a/user/view.php +++ b/user/view.php @@ -360,8 +360,8 @@ print_row(get_string("lastaccess").":", $datestring); } /// printing roles - - if ($rolestring = get_user_roles_in_context($id, $coursecontext->id)) { + + if ($rolestring = get_user_roles_in_context($id, $coursecontext)) { print_row(get_string('roles').':', format_string($rolestring, false)); }