Merge pull request #19974 from edx/arch/profile-name-field-visibility

Account API: per-field visibility of "name" field

lms/djangoapps/teams/serializers.py

@@ -47,7 +47,7 @@ class UserMembershipSerializer(serializers.ModelSerializer):
     Used for listing team members.
     """
     profile_configuration = deepcopy(settings.ACCOUNT_VISIBILITY_CONFIGURATION)
-    profile_configuration['shareable_fields'].append('url')
+    profile_configuration['bulk_shareable_fields'].append('url')
     profile_configuration['public_fields'].append('url')
 
     user = ExpandableField(
@@ -134,7 +134,7 @@ class CourseTeamSerializerWithoutMembership(CourseTeamSerializer):
 class MembershipSerializer(serializers.ModelSerializer):
     """Serializes CourseTeamMemberships with information about both teams and users."""
     profile_configuration = deepcopy(settings.ACCOUNT_VISIBILITY_CONFIGURATION)
-    profile_configuration['shareable_fields'].append('url')
+    profile_configuration['bulk_shareable_fields'].append('url')
     profile_configuration['public_fields'].append('url')
 
     user = ExpandableField(

lms/envs/common.py

@@ -2942,8 +2942,8 @@ ACCOUNT_VISIBILITY_CONFIGURATION = {
     ],
 }
 
-# The list of all fields that can be shared with other users
-ACCOUNT_VISIBILITY_CONFIGURATION["shareable_fields"] = (
+# The list of all fields that are shared with other users using the bulk 'all_users' privacy setting
+ACCOUNT_VISIBILITY_CONFIGURATION["bulk_shareable_fields"] = (
     ACCOUNT_VISIBILITY_CONFIGURATION["public_fields"] + [
         'bio',
         'course_certificates',
@@ -2959,16 +2959,22 @@ ACCOUNT_VISIBILITY_CONFIGURATION["shareable_fields"] = (
     ]
 )
 
+# The list of all fields that can be shared selectively with other users using the 'custom' privacy setting
+ACCOUNT_VISIBILITY_CONFIGURATION["custom_shareable_fields"] = (
+    ACCOUNT_VISIBILITY_CONFIGURATION["bulk_shareable_fields"] + [
+        "name",
+    ]
+)
+
 # The list of account fields that are visible only to staff and users viewing their own profiles
 ACCOUNT_VISIBILITY_CONFIGURATION["admin_fields"] = (
-    ACCOUNT_VISIBILITY_CONFIGURATION["shareable_fields"] + [
+    ACCOUNT_VISIBILITY_CONFIGURATION["custom_shareable_fields"] + [
         "email",
         "extended_profile",
         "gender",
         "goals",
         "is_active",
         "mailing_address",
-        "name",
         "requires_parental_consent",
         "secondary_email",
         "year_of_birth",

openedx/core/djangoapps/user_api/accounts/serializers.py

@@ -497,7 +497,7 @@ def _visible_fields(user_profile, user, configuration=None):
 
     profile_visibility = get_profile_visibility(user_profile, user, configuration)
     if profile_visibility == ALL_USERS_VISIBILITY:
-        return configuration.get('shareable_fields')
+        return configuration.get('bulk_shareable_fields')
 
     elif profile_visibility == CUSTOM_VISIBILITY:
         return _visible_fields_from_custom_preferences(user, configuration)
@@ -513,7 +513,7 @@ def _visible_fields_from_custom_preferences(user, configuration):
     """
     preferences = UserPreference.get_all_preferences(user)
     fields_shared_with_all_users = [
-        field_name for field_name in configuration.get('shareable_fields')
+        field_name for field_name in configuration.get('custom_shareable_fields')
         if preferences.get('{}{}'.format(VISIBILITY_PREFIX, field_name)) == 'all_users'
     ]
     return set(fields_shared_with_all_users + configuration.get('public_fields'))

openedx/core/djangoapps/user_api/accounts/tests/test_api.py

@@ -103,13 +103,8 @@ class TestAccountApi(UserSettingsEventTestMixin, EmailTemplateTagMixin, Retireme
         """Test the difference in behavior when a configuration is supplied to get_account_settings."""
         config = {
             "default_visibility": "private",
-
-            "shareable_fields": [
-                'name',
-            ],
-
             "public_fields": [
-                'email',
+                'email', 'name',
             ],
         }
 

openedx/core/djangoapps/user_api/accounts/tests/test_serializers.py

@@ -24,11 +24,6 @@ class UserReadOnlySerializerTest(TestCase):
         self.user.save()
         self.config = {
             "default_visibility": "public",
-
-            "shareable_fields": [
-                'name',
-            ],
-
             "public_fields": [
                 'email', 'name', 'username'
             ],

openedx/core/djangoapps/user_api/accounts/tests/test_views.py

@@ -282,6 +282,7 @@ class TestAccountsAPI(CacheIsolationTestCase, UserAPITestCase):
         self.assertIsNotNone(data["social_links"])
         self.assertEqual(UserPreference.get_value(self.user, 'time_zone'), data["time_zone"])
         self.assertIsNotNone(data["accomplishments_shared"])
+        self.assertEqual(self.user.first_name + " " + self.user.last_name, data["name"])
 
         # additional admin fields (10)
         self.assertEqual(self.user.email, data["email"])
@@ -290,7 +291,6 @@ class TestAccountsAPI(CacheIsolationTestCase, UserAPITestCase):
         self.assertEqual("world peace", data["goals"])
         self.assertTrue(data["is_active"])
         self.assertEqual("Park Ave", data['mailing_address'])
-        self.assertEqual(self.user.first_name + " " + self.user.last_name, data["name"])
         self.assertEquals(requires_parental_consent, data["requires_parental_consent"])
         self.assertIsNone(data["secondary_email"])
         self.assertEqual(year_of_birth, data["year_of_birth"])
@@ -403,7 +403,7 @@ class TestAccountsAPI(CacheIsolationTestCase, UserAPITestCase):
         self.create_mock_profile(self.user)
         # set user's custom visibility preferences
         set_user_preference(self.user, ACCOUNT_VISIBILITY_PREF_KEY, CUSTOM_VISIBILITY)
-        shared_fields = ("bio", "language_proficiencies")
+        shared_fields = ("bio", "language_proficiencies", "name")
         for field_name in shared_fields:
             set_user_preference(self.user, "visibility.{}".format(field_name), ALL_USERS_VISIBILITY)
 
@@ -414,7 +414,7 @@ class TestAccountsAPI(CacheIsolationTestCase, UserAPITestCase):
         # verify response
         if requesting_username == "different_user":
             data = response.data
-            self.assertEqual(5, len(data))
+            self.assertEqual(6, len(data))
 
             # public fields
             self.assertEqual(self.user.username, data["username"])
@@ -424,6 +424,7 @@ class TestAccountsAPI(CacheIsolationTestCase, UserAPITestCase):
             # custom shared fields
             self.assertEqual(TEST_BIO_VALUE, data["bio"])
             self.assertEqual([{"code": TEST_LANGUAGE_PROFICIENCY_CODE}], data["language_proficiencies"])
+            self.assertEqual(self.user.first_name + " " + self.user.last_name, data["name"])
         else:
             self._verify_full_account_response(response)