Adding $profileIsReadable in profile.conf.dist.php see BT#6529

config/profile.conf.dist.php

@@ -11,6 +11,7 @@
 define('CHECK_PASS_EASY_TO_FIND', false);
 
 $profileIsEditable = true;
+$profileIsReadable = true;
 
 // User photos
 define('PREFIX_IMAGE_FILENAME_WITH_UID', true); // If true, filename of images on server begin with uid of the user.

main/auth/profile.php

@@ -17,6 +17,10 @@ $language_file = array('registration', 'messages', 'userInfo');
 $cidReset = true;
 require_once '../inc/global.inc.php';
 
+if (api_is_profile_readable() == false) {
+    api_not_allowed(true);
+}
+
 if (api_get_setting('allow_social_tool') == 'true') {
     $this_section = SECTION_SOCIAL;
 } else {
@@ -72,7 +76,6 @@ function show_icon_edit(element_html) {
 }
 </script>';
 
-//$interbreadcrumb[] = array('url' => '../auth/profile.php', 'name' => get_lang('ModifyProfile'));
 if (!empty ($_GET['coursePath'])) {
     $course_url = api_get_path(WEB_COURSE_PATH).htmlentities(strip_tags($_GET['coursePath'])).'/index.php';
     $interbreadcrumb[] = array('url' => $course_url, 'name' => Security::remove_XSS($_GET['courseCode']));
@@ -87,15 +90,15 @@ if (!empty($_GET['fe'])) {
 $jquery_ready_content = '';
 if (api_get_setting('allow_message_tool') == 'true') {
     $jquery_ready_content = <<<EOF
-			$(".message-content .message-delete").click(function(){
-				$(this).parents(".message-content").animate({ opacity: "hide" }, "slow");
-				$(".message-view").animate({ opacity: "show" }, "slow");
-			});
+    $(".message-content .message-delete").click(function(){
+        $(this).parents(".message-content").animate({ opacity: "hide" }, "slow");
+        $(".message-view").animate({ opacity: "show" }, "slow");
+    });
 EOF;
 }
 
 // Libraries
-$tool_name = is_profile_editable() ? get_lang('ModifProfile') : get_lang('ViewProfile');
+$tool_name = api_is_profile_editable() ? get_lang('ModifProfile') : get_lang('ViewProfile');
 $table_user = Database :: get_main_table(TABLE_MAIN_USER);
 
 /*	Form	*/
@@ -188,7 +191,7 @@ if (api_get_setting('registration', 'email') == 'true' && api_get_setting('profi
 }
 
 // OPENID URL
-if (is_profile_editable() && api_get_setting('openid_authentication') == 'true') {
+if (api_is_profile_editable() && api_get_setting('openid_authentication') == 'true') {
     $form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40));
     if (api_get_setting('profile', 'openid') !== 'true') {
         $form->freeze('openid');
@@ -212,7 +215,7 @@ $form->applyFilter('phone', 'trim');
 $form->addRule('phone', get_lang('EmailWrong'), 'email');*/
 
 //	PICTURE
-if (is_profile_editable() && api_get_setting('profile', 'picture') == 'true') {
+if (api_is_profile_editable() && api_get_setting('profile', 'picture') == 'true') {
     $form->addElement(
         'file',
         'picture',
@@ -238,7 +241,7 @@ if (api_get_setting('profile', 'language') !== 'true') {
 }
 
 //THEME
-if (is_profile_editable() && api_get_setting('user_selected_theme') == 'true') {
+if (api_is_profile_editable() && api_get_setting('user_selected_theme') == 'true') {
     $form->addElement('select_theme', 'theme', get_lang('Theme'));
     if (api_get_setting('profile', 'theme') !== 'true') {
         $form->freeze('theme');
@@ -298,7 +301,7 @@ if (api_get_setting('extended_profile') == 'true') {
 }
 
 //	PASSWORD, if auth_source is platform
-if (is_platform_authentication() && is_profile_editable() && api_get_setting('profile', 'password') == 'true') {
+if (is_platform_authentication() && api_is_profile_editable() && api_get_setting('profile', 'password') == 'true') {
     $form->addElement(
         'password',
         'password0',
@@ -344,7 +347,7 @@ if (api_get_setting('profile', 'apikeys') == 'true') {
     ); //generate_open_id_form()
 }
 //	SUBMIT
-if (is_profile_editable()) {
+if (api_is_profile_editable()) {
     $form->addElement('style_submit_button', 'apply_change', get_lang('SaveSettings'), 'class="save"');
 } else {
     $form->freeze();
@@ -368,17 +371,6 @@ function is_platform_authentication()
     return $tab_user_info['auth_source'] == PLATFORM_AUTH_SOURCE;
 }
 
-/**
- * Returns whether a user can edit his/her profile. Defaults to false if
- * profileIsEditable is not set in $GLOBALS.
- *
- * @return    boolean    Editability of the profile
- */
-function is_profile_editable()
-{
-    return isset($GLOBALS['profileIsEditable']) ? $GLOBALS['profileIsEditable'] : false;
-}
-
 /*
 	PRODUCTIONS FUNCTIONS
 */

main/inc/lib/api.lib.php

@@ -7005,3 +7005,15 @@ function api_get_easy_password_list()
     }
     return $passwordList;
 }
+
+function api_is_profile_editable()
+{
+    global $profileIsEditable;
+    return isset($profileIsEditable) ? $profileIsEditable : false;
+}
+
+function api_is_profile_readable()
+{
+    global $profileIsReadable;
+    return isset($profileIsReadable) ? $profileIsReadable : true;
+}

main/inc/lib/template.lib.php

@@ -635,16 +635,23 @@ class Template
 
         // Preparing values for the menu
 
-        // Logout link
+        // Logout link.
         // See the SecurityServiceProvider definition
         $this->assign('logout_link', $this->app['url_generator']->generate('admin_logout'));
 
-        //Profile link
+        // Profile link.
+
+        $this->assign('is_profile_editable', api_is_profile_readable());
+
+        $profile_link = null;
         if (api_get_setting('allow_social_tool') == 'true') {
             $profile_link = '<a href="'.api_get_path(WEB_CODE_PATH).'social/home.php">'.get_lang('Profile').'</a>';
         } else {
-            $profile_link = '<a href="'.api_get_path(WEB_CODE_PATH).'auth/profile.php">'.get_lang('Profile').'</a>';
+            if (api_is_profile_readable()) {
+                $profile_link = '<a href="'.api_get_path(WEB_CODE_PATH).'auth/profile.php">'.get_lang('Profile').'</a>';
+            }
         }
+
         $this->assign('profile_link', $profile_link);
 
         // Message link.
@@ -960,8 +967,10 @@ class Template
         $navigation['mycourses']['title'] = get_lang('MyCourses');
 
         // My Profile
-        $navigation['myprofile']['url'] = api_get_path(WEB_CODE_PATH).'auth/profile.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&amp;courseCode='.$_course['official_code'] : '');
-        $navigation['myprofile']['title'] = get_lang('ModifyProfile');
+        if (api_is_profile_readable()) {
+            $navigation['myprofile']['url'] = api_get_path(WEB_CODE_PATH).'auth/profile.php'.(!empty($_course['path']) ? '?coursePath='.$_course['path'].'&amp;courseCode='.$_course['official_code'] : '');
+            $navigation['myprofile']['title'] = get_lang('ModifyProfile');
+        }
 
         // Link to my agenda
         $navigation['myagenda']['url'] = api_get_path(WEB_CODE_PATH).'calendar/agenda_js.php?type=personal';
@@ -1188,11 +1197,10 @@ class Template
             }
 
             // My Profile
-            if (api_get_setting('show_tabs', 'my_profile') == 'true' && api_get_setting(
-                'allow_social_tool'
-            ) != 'true'
-            ) {
-                $navigation['myprofile'] = $possible_tabs['myprofile'];
+            if (api_get_setting('show_tabs', 'my_profile') == 'true' && api_get_setting('allow_social_tool') != 'true') {
+                if (isset($possible_tabs['myprofile'])) {
+                    $navigation['myprofile'] = $possible_tabs['myprofile'];
+                }
             } else {
                 $menu_navigation['myprofile'] = $possible_tabs['myprofile'];
             }

main/template/default/layout/menu.tpl

@@ -1,5 +1,4 @@
 {% if menu is not null %}
-
 <div class="navbar subnav">
     <div class="navbar-inner">
         {% if app.full_width == 1 %}
@@ -27,18 +26,29 @@
                     </li>
                     {% endif %}
 
-                    <li class="dropdown">
-                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                    {% if is_profile_editable == true %}
+                        <li class="dropdown">
+                            <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                                {{ _u.messages_count }}  <img src="{{ _u.avatar_small }}"/>
+                                {{ _u.complete_name }}
+                                <b class="caret"></b>
+                            </a>
+                            <ul class="dropdown-menu">
+                                <li>
+                                    {{ profile_link }}
+                                    {{ message_link }}
+                                </li>
+                            </ul>
+                        </li>
+                    {% else %}
+                        <li>
+                            <a>
                             {{ _u.messages_count }}  <img src="{{ _u.avatar_small }}"/>
                             {{ _u.complete_name }}
-                            <b class="caret"></b>
-                        </a>
-                        <ul class="dropdown-menu">
-                            <li>
-                                {{ profile_link }}
-                                {{ message_link }}
-                            </li>
-                        </ul>
+                            </a>
+                        </li>
+                    {% endif %}
+
                     <li>
                         <a id="logout_button" class="logout" title="{{ "Logout"|get_lang }}" href="{{ logout_link }}" >
                             <img src="{{ "exit.png"|icon(22) }}">