Enhance handling of realname visibility

Partially return to pre 2.12.0 behavior - make show_realname independant from show_user_username_threshold - use show_user_username_threshold just on view_user_page and SOAP API - enhance realname access by allowing it also if show_realname is set to ON - refactor code
mantisbt · May 30, 2018 · e740680 · e740680
1 parent d04095f
commit e740680
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 10 deletions.
diff --git a/api/soap/mc_account_api.php b/api/soap/mc_account_api.php
@@ -42,20 +42,22 @@ function mci_account_get_array_by_id( $p_user_id ) {
 		# this deviates from the behaviour of view_user_page.php, but it is more intuitive
 		$t_is_same_user = $t_current_user_id === $p_user_id;
 
-		$t_can_see_realname = access_has_project_level( config_get( 'show_user_realname_threshold' ) );
-		$t_can_see_email = access_has_project_level( config_get( 'show_user_email_threshold' ) );
+		$t_can_see_realname = $t_is_same_user || $t_can_manage || user_show_realname() ||
+			access_has_project_level( config_get( 'show_user_realname_threshold' ) );
+		$t_can_see_email = $t_is_same_user || $t_can_manage ||
+			access_has_project_level( config_get( 'show_user_email_threshold' ) );
 
 		$t_result['name'] = user_get_username( $p_user_id );
 
-		if ( $t_is_same_user || $t_can_manage || $t_can_see_realname ) {
+		if ( $t_can_see_realname ) {
 			$t_realname = user_get_realname( $p_user_id );
 
 			if( !empty( $t_realname ) ) {
 				$t_result['real_name'] = $t_realname;
 			}
 		}
 
-		if ( $t_is_same_user || $t_can_manage || $t_can_see_email ) {
+		if ( $t_can_see_email ) {
 			$t_email = user_get_email( $p_user_id );
 
 			if( !empty( $t_email ) ) {

diff --git a/core/user_api.php b/core/user_api.php
@@ -997,8 +997,7 @@ function user_get_name( $p_user_id ) {
  * @return bool true to show, false otherwise.
  */
 function user_show_realname() {
-	return config_get( 'show_realname' ) == ON &&
-		access_has_project_level( config_get( 'show_user_realname_threshold' ) );
+	return config_get( 'show_realname' ) == ON;
 }
 
 /**

diff --git a/view_user_page.php b/view_user_page.php
@@ -63,8 +63,10 @@
 
 $t_can_manage = access_has_global_level( config_get( 'manage_user_threshold' ) ) &&
 	access_has_global_level( $u_access_level );
-$t_can_see_realname = access_has_project_level( config_get( 'show_user_realname_threshold' ) );
-$t_can_see_email = access_has_project_level( config_get( 'show_user_email_threshold' ) );
+
+$t_can_see_realname = $t_can_manage || user_show_realname() ||
+    access_has_project_level( config_get( 'show_user_realname_threshold' ) );
+$t_can_see_email = $t_can_manage || access_has_project_level( config_get( 'show_user_email_threshold' ) );
 
 # In case we're using LDAP to get the email address... this will pull out
 #  that version instead of the one in the DB
@@ -99,7 +101,7 @@
 		</td>
 	</tr>
 	<?php
-		if( $t_can_manage || $t_can_see_email ) { ?>
+		if( $t_can_see_email ) { ?>
 			<tr>
 				<th class="category">
 					<?php echo lang_get( 'email' ) ?>
@@ -114,7 +116,7 @@
 			</tr>
 	<?php } ?>
 	<?php
-		if( $t_can_manage || $t_can_see_realname ) { ?>
+		if( $t_can_see_realname ) { ?>
 			<tr>
 			<th class="category">
 				<?php echo lang_get( 'realname' ) ?>