Commit 6ddb7507 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Add 'hidemembersfrommembers' group setting (bug #504830)



This creates groups in which members can't search for each other.
Group admins can get to the member listing, but tutors cannot: the
stated use case is anonymous reviewer groups.

Change-Id: Id2550e574b55ceeb43958475340e967de16850f1
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent 15c5fdff
......@@ -53,6 +53,7 @@ $ALLOWEDKEYS = array(
'editroles',
'hidden',
'hidemembers',
'hidemembersfrommembers',
);
if ($USER->get('admin')) {
$ALLOWEDKEYS[] = 'usersautoadded';
......
......@@ -66,13 +66,14 @@ class PluginBlocktypeGroupMembers extends SystemBlocktype {
$groupid = $instance->get_view()->get('group');
// If the group has hidden membership, display nothing to non-members
// If the group has hidden membership, display nothing
$usergroups = $USER->get('grouproles');
if (!isset($usergroups[$groupid])) {
$group = defined('GROUP') && $groupid == GROUP ? group_current_group() : get_record('group', 'id', $groupid);
if ($group->hidemembers) {
return '';
}
$group = defined('GROUP') && $groupid == GROUP ? group_current_group() : get_record('group', 'id', $groupid);
if ($group->hidemembersfrommembers && (!isset($usergroups[$groupid]) || $usergroups[$groupid] != 'admin')) {
return '';
}
if ($group->hidemembers && !isset($usergroups[$groupid])) {
return '';
}
require_once('searchlib.php');
......
......@@ -70,6 +70,7 @@ else {
'editroles' => 'all',
'hidden' => 0,
'hidemembers' => 0,
'hidemembersfrommembers' => 0,
);
}
......@@ -250,6 +251,12 @@ if ($cancreatecontrolled) {
'description' => get_string('hidemembersdescription', 'group'),
'defaultvalue' => $group_data->hidemembers,
);
$elements['hidemembersfrommembers'] = array(
'type' => 'checkbox',
'title' => get_string('hidemembersfrommembers', 'group'),
'description' => get_string('hidemembersfrommembersdescription', 'group'),
'defaultvalue' => $group_data->hidemembersfrommembers,
);
}
else {
$form['elements']['hidden'] = array(
......@@ -260,6 +267,10 @@ else {
'type' => 'hidden',
'value' => $group_data->hidemembers,
);
$form['elements']['hidemembersfrommembers'] = array(
'type' => 'hidden',
'value' => $group_data->hidemembersfrommembers,
);
}
$elements['general'] = array(
......@@ -349,6 +360,7 @@ function editgroup_submit(Pieform $form, $values) {
'editroles' => $values['editroles'],
'hidden' => intval($values['hidden']),
'hidemembers' => intval($values['hidemembers']),
'hidemembersfrommembers' => intval($values['hidemembersfrommembers']),
);
db_begin();
......
......@@ -45,8 +45,13 @@ define('TITLE', $group->name . ' - ' . get_string('Members', 'group'));
$role = group_user_access($group->id);
if ($group->hidemembers && !$role && !$USER->get('admin') && !$USER->get('staff')) {
throw new AccessDeniedException();
if (!$USER->get('admin') && !$USER->get('staff')) {
if (!$role && ($group->hidemembers || $group->hidemembersfrommembers)) {
throw new AccessDeniedException();
}
if ($role != 'admin' && $group->hidemembersfrommembers) {
throw new AccessDeniedException();
}
}
if (!empty($membershiptype) && $role != 'admin') {
......
......@@ -45,8 +45,13 @@ if (!is_logged_in() && !$group->public) {
$role = group_user_access($group->id);
if ($group->hidemembers && !$role && !$USER->get('admin') && !$USER->get('staff')) {
json_reply('local', get_string('accessdenied', 'error'));
if (!$USER->get('admin') && !$USER->get('staff')) {
if (!$role && ($group->hidemembers || $group->hidemembersfrommembers)) {
json_reply('local', get_string('accessdenied', 'error'));
}
if ($role != 'admin' && $group->hidemembersfrommembers) {
json_reply('local', get_string('accessdenied', 'error'));
}
}
$membershiptype = param_variable('membershiptype', '');
......
......@@ -100,6 +100,8 @@ $string['hiddengroup'] = 'Hidden group';
$string['hiddengroupdescription'] = 'Do not list this group on the Find Groups page.';
$string['hidemembers'] = 'Hide membership';
$string['hidemembersdescription'] = 'Hide the group\'s membership listing from non-members.';
$string['hidemembersfrommembers'] = 'Hide membership from members';
$string['hidemembersfrommembersdescription'] = 'Members cannot be listed except by group admins. Admins will still be listed on the group home page.';
$string['editgroupmembership'] = 'Edit group membership';
$string['editmembershipforuser'] = 'Edit membership for %s';
......
......@@ -346,6 +346,7 @@
<FIELD NAME="editroles" TYPE="char" LENGTH="20" NOTNULL="true" ENUM="true" ENUMVALUES="'all', 'notmember', 'admin'" DEFAULT="all" />
<FIELD NAME="hidden" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" />
<FIELD NAME="hidemembers" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" />
<FIELD NAME="hidemembersfrommembers" TYPE="int" LENGTH="1" NOTNULL="true" DEFAULT="0" />
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" />
......
......@@ -2720,6 +2720,11 @@ function xmldb_core_upgrade($oldversion=0) {
$field = new XMLDBField('hidemembers');
$field->setAttributes(XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
add_field($table, $field);
// Setting to hide group members from members
$field = new XMLDBField('hidemembersfrommembers');
$field->setAttributes(XMLDB_TYPE_INTEGER, 1, null, XMLDB_NOTNULL, null, null, null, 0);
add_field($table, $field);
}
return $status;
......
......@@ -280,6 +280,7 @@ function group_create($data) {
$data['public'] = (isset($data['public'])) ? intval($data['public']) : 0;
$data['hidden'] = (isset($data['hidden'])) ? intval($data['hidden']) : 0;
$data['hidemembers'] = (isset($data['hidemembers'])) ? intval($data['hidemembers']) : 0;
$data['hidemembersfrommembers'] = (isset($data['hidemembersfrommembers'])) ? intval($data['hidemembersfrommembers']) : 0;
$data['usersautoadded'] = (isset($data['usersautoadded'])) ? intval($data['usersautoadded']) : 0;
$data['quota'] = get_config_plugin('artefact', 'file', 'defaultgroupquota');
......@@ -356,6 +357,7 @@ function group_create($data) {
'editroles' => $data['editroles'],
'hidden' => $data['hidden'],
'hidemembers' => $data['hidemembers'],
'hidemembersfrommembers' => $data['hidemembersfrommembers'],
),
'id',
true
......@@ -462,7 +464,8 @@ function group_update($new, $create=false) {
unset($new->institution);
unset($new->shortname);
foreach (array('id', 'grouptype', 'public', 'request', 'submittableto', 'editroles', 'hidden', 'hidemembers') as $f) {
foreach (array('id', 'grouptype', 'public', 'request', 'submittableto', 'editroles',
'hidden', 'hidemembers', 'hidemembersfrommembers') as $f) {
if (!isset($new->$f)) {
$new->$f = $old->$f;
}
......@@ -1464,7 +1467,11 @@ function group_get_menu_tabs() {
),
);
if ($role || !$group->hidemembers) {
$memberstab = !$group->hidemembersfrommembers && !$group->hidemembers
|| $role && !$group->hidemembersfrommembers
|| $role == 'admin';
if ($memberstab) {
$menu['members'] = array(
'path' => 'groups/members',
'url' => 'group/members.php?id='.$group->id,
......
......@@ -2237,7 +2237,7 @@ div.groupbox li.last {
border-top: none;
}
#editgroup th label {
white-space: nowrap;
white-space: normal;
}
form#search, form#filter, div.searchform {
margin-bottom: 10px;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment