Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 16.126

This commit is contained in:
Antonio Cañas Vargas 2017-01-27 10:42:20 +01:00
parent cb9515fcb2
commit 012dac0f09
13 changed files with 60 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
swad_ID.c
View File

@ -425,45 +425,6 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0] // and who has no first name (nobody filled user's first name)
);
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && // A student
UsrDat->Accepted) || // who has accepted inscription in course
(
(UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0] // and who has no first name (nobody filled user's first name)
);
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM:
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default:
return false;
}
}
/*****************************************************************************/
/***************** Check if I can change another user's IDs ******************/
/*****************************************************************************/
bool ID_ICanChangeOtherUsrIDs (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to see another user's IDs *****/
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER:
/* If I am a teacher of current course,
I only can change the user's IDs of empty users from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0]; // and who has no first name (nobody filled user's first name)
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
@ -548,7 +509,7 @@ void ID_ShowFormOthIDs (void)
/***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{
if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
{
/***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL);
@ -752,7 +713,7 @@ static void ID_RemoveUsrID (const struct UsrData *UsrDat,bool ItsMe)
char UsrID[ID_MAX_LENGTH_USR_ID+1];
bool ICanRemove;
if (ID_ICanChangeOtherUsrIDs (UsrDat))
if (Usr_ICanChangeOtherUsrData (UsrDat))
{
/***** Get user's ID from form *****/
Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID);
@ -873,7 +834,7 @@ static void ID_NewUsrID (const struct UsrData *UsrDat,bool ItsMe)
unsigned NumIDFound = 0; // Initialized to avoid warning
bool Error = false;
if (ID_ICanChangeOtherUsrIDs (UsrDat))
if (Usr_ICanChangeOtherUsrData (UsrDat))
{
/***** Get new user's ID from form *****/
Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID);
@ -996,7 +957,7 @@ static void ID_ReqConfOrConfOtherUsrID (ID_ReqConfOrConfID_t ReqConfOrConfID)
/***** Get other user's code from form and get user's data *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
if (Gbl.Usrs.Other.UsrDat.UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) // Not me
if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
ICanConfirm = true;
if (ICanConfirm)

1
swad_ID.h
View File

@ -66,7 +66,6 @@ bool ID_CheckIfUsrIDSeemsAValidID (const char *UsrID);
void ID_WriteUsrIDs (struct UsrData *UsrDat);
bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat);
bool ID_ICanChangeOtherUsrIDs (const struct UsrData *UsrDat);
void ID_PutLinkToChangeUsrIDs (void);
void ID_ShowFormOthIDs (void);

6
swad_changelog.h
View File

@ -187,17 +187,21 @@
// TODO: Fix bug when creating a new attendance event: if title is repeated, form is cleared
// TODO: Fix bug: When registering an administrator, the user's name changes are ignored
// TODO: When creating a new user, the ID should be visible and the record card should not have contextual icons
/*****************************************************************************/
/****************************** Public constants *****************************/
/*****************************************************************************/
#define Log_PLATFORM_VERSION "SWAD 16.125 (2017-01-27)"
#define Log_PLATFORM_VERSION "SWAD 16.126 (2017-01-27)"
#define CSS_FILE "swad16.123.css"
#define JS_FILE "swad16.123.js"
// Number of lines (includes comments but not blank lines) has been got with the following command:
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
/*
Version 16.126.1: Jan 27, 2017 A teacher can create and register a new teacher directly in a course. (? lines)
Version 16.126: Jan 27, 2017 Code refactoring related to permissions to view/change another user's data. (212086 lines)
Version 16.125: Jan 27, 2017 Code refactoring related to permissions to view/change another user's data. (212152 lines)
Version 16.124: Jan 26, 2017 Code refactoring related to permissions to view/change another user's data. (212163 lines)
Version 16.123.4: Jan 26, 2017 Surname1 and first name can not be deleted when editing user's data. (212000 lines)

36
swad_enrollment.c
View File

@ -3051,7 +3051,7 @@ static void Enr_AskIfRegRemUsr (struct ListUsrCods *ListUsrCods,Rol_Role_t Role)
extern const char *Txt_THE_USER_X_is_already_in_the_course_Y_but_has_not_yet_accepted_the_enrollment;
extern const char *Txt_THE_USER_X_already_exists_in_Y_but_is_not_yet_enrolled_in_the_course_Z;
extern const char *Txt_THE_USER_X_already_exists_in_Y;
extern const char *Txt_The_user_is_new_does_not_exists_yet_in_X;
extern const char *Txt_The_user_is_new_not_yet_in_X;
extern const char *Txt_If_this_is_a_new_user_in_X_you_should_indicate_her_his_ID;
unsigned NumUsr;
bool NewUsrIDValid;
@ -3129,7 +3129,7 @@ static void Enr_AskIfRegRemUsr (struct ListUsrCods *ListUsrCods,Rol_Role_t Role)
if (NewUsrIDValid)
{
/***** Show form to enter the data of a new user *****/
sprintf (Gbl.Message,Txt_The_user_is_new_does_not_exists_yet_in_X,
sprintf (Gbl.Message,Txt_The_user_is_new_not_yet_in_X,
Cfg_PLATFORM_SHORT_NAME);
Lay_ShowAlert (Lay_INFO,Gbl.Message);
Rec_ShowFormOtherNewSharedRecord (&Gbl.Usrs.Other.UsrDat);
@ -3154,14 +3154,14 @@ static void Enr_ShowFormToEditOtherUsr (void)
/***** Buttons for edition *****/
fprintf (Gbl.F.Out,"<div class=\"CONTEXT_MENU\">");
if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password
if (Mai_ICanChangeOtherUsrEmails (&Gbl.Usrs.Other.UsrDat))
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
{
Mai_PutLinkToChangeOtherUsrEmails (); // Put link (form) to change user's emails
if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
ID_PutLinkToChangeUsrIDs (); // Put link (form) to change user's IDs
}
if (Pho_ICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat))
Pho_PutLinkToChangeOtherUsrPhoto (); // Put link (form) to change user's photo
@ -3669,7 +3669,7 @@ void Enr_ModifyUsr1 (void)
if (ItsMe || Gbl.Usrs.Me.LoggedRole >= Rol_TEACHER)
{
/***** Get user's name from record form *****/
if (Enr_CheckIfICanChangeAnotherUsrData (&Gbl.Usrs.Other.UsrDat))
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
Rec_GetUsrNameFromRecordForm (&Gbl.Usrs.Other.UsrDat);
/***** Update user's data in database *****/
@ -3827,28 +3827,6 @@ void Enr_ModifyUsr2 (void)
}
}
/*****************************************************************************/
/**************** Check if I can change another user's data ******************/
/*****************************************************************************/
bool Enr_CheckIfICanChangeAnotherUsrData (const struct UsrData *UsrDat)
{
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER: // Teachers only can edit data of new users
return !UsrDat->Email[0] || // Email empty
!UsrDat->Surname1[0] || // Surname 1 empty
!UsrDat->FirstName[0]; // First name empty
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM: // Admins always can edit another user's data
return true;
default: // With other roles, I can not edit another user's data
return false;
}
}
/*****************************************************************************/
/********* Set a user's acceptation to true in the current course ************/
/*****************************************************************************/

2
swad_enrollment.h
View File

@ -136,8 +136,6 @@ void Enr_CreateNewUsr2 (void);
void Enr_ModifyUsr1 (void);
void Enr_ModifyUsr2 (void);
bool Enr_CheckIfICanChangeAnotherUsrData (const struct UsrData *UsrDat);
void Enr_AcceptUsrInCrs (long UsrCod);
#endif

37
swad_mail.c
View File

@ -1137,37 +1137,6 @@ void Mai_PutLinkToChangeOtherUsrEmails (void)
NULL);
}
/*****************************************************************************/
/************** Check if I can change the email of another user **************/
/*****************************************************************************/
bool Mai_ICanChangeOtherUsrEmails (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to change another user's emails *****/
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER:
/* If I am a teacher of current course,
I only can change the user's emails
of empty users from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0]; // and who has no first name (nobody filled user's first name)
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM:
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default:
return false;
}
}
/*****************************************************************************/
/*********** Show form to the change the email of another user ***************/
/*****************************************************************************/
@ -1180,7 +1149,7 @@ void Mai_ShowFormOthEmail (void)
/***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{
if (Mai_ICanChangeOtherUsrEmails (&Gbl.Usrs.Other.UsrDat))
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
{
/***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL);
@ -1399,7 +1368,7 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat)
extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
char Email[Usr_MAX_BYTES_USR_EMAIL+1];
if (Mai_ICanChangeOtherUsrEmails (UsrDat))
if (Usr_ICanChangeOtherUsrData (UsrDat))
{
/***** Get new email from form *****/
Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL);
@ -1481,7 +1450,7 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe)
extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
char NewEmail[Usr_MAX_BYTES_USR_EMAIL+1];
if (Mai_ICanChangeOtherUsrEmails (UsrDat))
if (Usr_ICanChangeOtherUsrData (UsrDat))
{
/***** Get new email from form *****/
Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL);

1
swad_mail.h
View File

@ -78,7 +78,6 @@ bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat);
long Mai_GetUsrCodFromEmail (const char *Email);
void Mai_PutLinkToChangeOtherUsrEmails (void);
bool Mai_ICanChangeOtherUsrEmails (const struct UsrData *UsrDat);
void Mai_ShowFormOthEmail (void);
void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe);
void Mai_RemoveMyUsrEmail (void);

17
swad_password.c
View File

@ -491,7 +491,7 @@ void Pwd_UpdateOtherPwd1 (void)
/***** Get other user's code from form and get user's data *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{
if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
{
Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
@ -813,7 +813,7 @@ void Pwd_ShowFormOthPwd (void)
/***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{
if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
{
/***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL);
@ -883,19 +883,6 @@ void Pwd_PutLinkToChangeOtherUsrPassword (void)
NULL);
}
/*****************************************************************************/
/************ Check if I can change the password of another user *************/
/*****************************************************************************/
bool Pwd_ICanChangeOtherUsrPassword (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to change another user's password *****/
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
}
/*****************************************************************************/
/***************** Ask for confirmation on dangerous actions *****************/
/*****************************************************************************/

2
swad_password.h
View File

@ -69,8 +69,6 @@ void Pwd_ShowFormOthPwd (void);
void Pwd_PutLinkToChangeMyPassword (void);
void Pwd_PutLinkToChangeOtherUsrPassword (void);
bool Pwd_ICanChangeOtherUsrPassword (const struct UsrData *UsrDat);
void Pwd_AskForConfirmationOnDangerousAction (void);
bool Pwd_GetConfirmationOnDangerousAction (void);

2
swad_record.c
View File

@ -2123,7 +2123,7 @@ void Rec_ShowSharedUsrRecord (Rec_SharedRecordViewType_t TypeOfView,
ICanEdit = true;
break;
case Rec_SHA_OTHER_EXISTING_USR_FORM:
ICanEdit = Enr_CheckIfICanChangeAnotherUsrData (UsrDat);
ICanEdit = Usr_ICanChangeOtherUsrData (UsrDat);
break;
default: // In other options, I can not edit another user's data
ICanEdit = false;

14
swad_text.c
View File

@ -45985,25 +45985,25 @@ const char *Txt_THE_USER_X_is_already_enrolled_in_the_course_Y = // Warning: it
" in the course <strong>%s</strong>."; // Necessita de tradução
#endif
const char *Txt_The_user_is_new_does_not_exists_yet_in_X = // Warning: it is very important to include %s in the following sentences
const char *Txt_The_user_is_new_not_yet_in_X = // Warning: it is very important to include %s in the following sentences
#if L==1
"El usuario/a es nuevo/a, a&uacute;n no existe en %s."; // Necessita traduccio
"L'usuari &eacute;s nou, encara no existeix en %s.";
#elif L==2
"The user is new, does not exist yet in %s."; // Übersetzung notwendig
"Der Benutzer ist neu, noch nicht in %s.";
#elif L==3
"The user is new, does not exist yet in %s.";
"The user is new, not yet in %s.";
#elif L==4
"El usuario/a es nuevo/a, a&uacute;n no existe en %s.";
#elif L==5
"The user is new, does not exist yet in %s."; // Besoin de traduction
"L'utilisateur est nouveau, pas encore dans %s.";
#elif L==6
"El usuario/a es nuevo/a, a&uacute;n no existe en %s."; // Okoteve traducción
#elif L==7
"L'utente &egrave; nuovo, non esiste ancora in %s.";
#elif L==8
"The user is new, does not exist yet in %s."; // Potrzebujesz tlumaczenie
"U&zdot;ytkownik jest nowa, jeszcze nie w %s.";
#elif L==9
"The user is new, does not exist yet in %s."; // Necessita de tradução
"O usu&aacute;rio &eacute; novo, ainda n&atilde;o existe o %s.";
#endif
const char *Txt_THE_USER_X_is_not_an_administrator_of_Y = // Warning: it is very important to include two %s in the following sentences

30
swad_user.c
View File

@ -821,6 +821,36 @@ bool Usr_CheckIfUsrIsSuperuser (long UsrCod)
return Cache.IsSuperuser;
}
/*****************************************************************************/
/**************** Check if I can change another user's data ******************/
/*****************************************************************************/
bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to see another user's IDs *****/
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER:
/* If I am a teacher of current course,
I only can change the user's data of empty users from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0]; // and who has no first name (nobody filled user's first name)
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM:
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default:
return false;
}
}
/*****************************************************************************/
/************ Check if I (as admin) can edit another user's data *************/
/*****************************************************************************/

1
swad_user.h
View File

@ -234,6 +234,7 @@ void Usr_RestrictLengthAndWriteName (const struct UsrData *UsrDat,unsigned MaxCh
bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod);
bool Usr_CheckIfUsrIsSuperuser (long UsrCod);
bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat);
bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat);
unsigned Usr_GetNumCrssOfUsr (long UsrCod);