From c12c50b6a501850bbca49584bcbd64dc54786637 Mon Sep 17 00:00:00 2001
From: Paul Holden <paulh@moodle.com>
Date: Mon, 16 Dec 2024 20:18:34 +0000
Subject: [PATCH] MDL-83256 user: account for course context instances of
 teacher fields.

---
 user/profile/lib.php       | 3 +++
 user/tests/fields_test.php | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/user/profile/lib.php b/user/profile/lib.php
index fe67d0feed4ce..a3dd768e31122 100644
--- a/user/profile/lib.php
+++ b/user/profile/lib.php
@@ -472,7 +472,10 @@ public function is_visible(?context $context = null): bool {
                     return true;
                 } else if ($this->userid > 0) {
                     return has_capability('moodle/user:viewalldetails', $context);
+                } else if ($context instanceof context_course) {
+                    return has_capability('moodle/site:viewuseridentity', $context);
                 } else {
+                    // Fall back to the global course object.
                     $coursecontext = context_course::instance($COURSE->id);
                     return has_capability('moodle/site:viewuseridentity', $coursecontext);
                 }
diff --git a/user/tests/fields_test.php b/user/tests/fields_test.php
index 5d4ce9058618a..08cb28410821f 100644
--- a/user/tests/fields_test.php
+++ b/user/tests/fields_test.php
@@ -104,7 +104,6 @@ public function test_get_identity_fields(): void {
 
         // Give the student the basic identity fields permission (also makes them count as 'teacher'
         // for the teacher-restricted field).
-        $COURSE = $course; // Horrible hack, because PROFILE_VISIBLE_TEACHERS relies on this global.
         $roleid = $DB->get_field('role', 'id', ['shortname' => 'student']);
         role_change_permission($roleid, $coursecontext, 'moodle/site:viewuseridentity', CAP_ALLOW);
         $this->assertEquals(['department', 'profile_field_a', 'profile_field_d'],
@@ -132,6 +131,7 @@ public function test_get_identity_fields(): void {
         $this->assertEquals([], fields::get_identity_fields($usercontext));
 
         // Give them basic permission.
+        $COURSE = $course; // Horrible hack, because PROFILE_VISIBLE_TEACHERS relies on this global.
         role_change_permission($roleid, $usercontext, 'moodle/site:viewuseridentity', CAP_ALLOW);
         $this->assertEquals(['department', 'profile_field_a', 'profile_field_d'],
                 fields::get_identity_fields($usercontext));