From 2cc3776399b0c5fedf14ab1dcc623cc70360c11b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juan=20Jos=C3=A9=20Mero=C3=B1o=20S=C3=A1nchez?=
 <jjmerono@um.es>
Date: Wed, 22 Jun 2016 12:36:55 +0200
Subject: [PATCH] SAK-31393 Students are allow to see members of other sections
 in roster (#2887)

---
 .../java/org/sakaiproject/roster/impl/SakaiProxyImpl.java   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/roster2/src/java/org/sakaiproject/roster/impl/SakaiProxyImpl.java b/roster2/src/java/org/sakaiproject/roster/impl/SakaiProxyImpl.java
index f27e367226bc..92641665796d 100644
--- a/roster2/src/java/org/sakaiproject/roster/impl/SakaiProxyImpl.java
+++ b/roster2/src/java/org/sakaiproject/roster/impl/SakaiProxyImpl.java
@@ -532,13 +532,13 @@ private List<RosterMember> filterHiddenMembers(List<RosterMember> members,
 		for (RosterMember member : members) {
 			String userId = member.getUserId();
 			
-			// skip if privacy restricted and not the current user
-			if (!userId.equals(currentUserId) && (viewHidden || hiddenUserIds.contains(userId)) && authzGroup.getMember(userId) == null) {
+			// skip if not the current user and privacy restricted or user not in group
+			if (!userId.equals(currentUserId) && ((!viewHidden && hiddenUserIds.contains(userId)) || authzGroup.getMember(userId) == null)) {
 				continue;
 			}
 			
 			// now filter out users based on their role
-			if (filterRoles && !viewHidden) {
+			if (filterRoles) {
 				String memberRoleId = member.getRole();
 				if (ArrayUtils.contains(visibleRoles, memberRoleId)){
 					filtered.add(member);