Version 16.127.3

2017-01-28 18:08:06 +01:00 · 2017-01-28 18:08:06 +01:00 · 0bfae295e3
parent b135f91e5c
commit 0bfae295e3
9 changed files with 21 additions and 18 deletions
--- a/swad_ID.c
+++ b/swad_ID.c
@ -439,7 +439,7 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat)
      case Rol_CTR_ADM:
      case Rol_INS_ADM:
      case Rol_SYS_ADM:
-         return Usr_AsAdminICanEditOtherUsr (UsrDat);
+         return Usr_ICanEditOtherUsr (UsrDat);
      default:
 	 return false;
     }
@ -519,7 +519,7 @@ void ID_ShowFormOthIDs (void)
   /***** Get user whose password must be changed *****/
   if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
     {
-      if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
+      if (Usr_ICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
 	{
 	 /***** Start frame *****/
         Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL);
@ -723,7 +723,7 @@ static void ID_RemoveUsrID (const struct UsrData *UsrDat,bool ItsMe)
   char UsrID[ID_MAX_LENGTH_USR_ID + 1];
   bool ICanRemove;

-   if (Usr_AsAdminICanEditOtherUsr (UsrDat))
+   if (Usr_ICanEditOtherUsr (UsrDat))
     {
      /***** Get user's ID from form *****/
      Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID);
@ -844,7 +844,7 @@ static void ID_NewUsrID (const struct UsrData *UsrDat,bool ItsMe)
   unsigned NumIDFound = 0;	// Initialized to avoid warning
   bool Error = false;

-   if (Usr_AsAdminICanEditOtherUsr (UsrDat))
+   if (Usr_ICanEditOtherUsr (UsrDat))
     {
      /***** Get new user's ID from form *****/
      Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID);
--- a/swad_account.c
+++ b/swad_account.c
@ -674,8 +674,6 @@ static bool Acc_GetParamsNewAccount (char NewNicknameWithoutArroba[Nck_MAX_BYTES

   /***** Step 3/3: Get new password from form *****/
   Par_GetParToText ("Paswd",NewPlainPassword,Pwd_MAX_LENGTH_PLAIN_PASSWORD);
-   Str_ChangeFormat (Str_FROM_FORM,Str_TO_TEXT,
-		     NewPlainPassword,Pwd_MAX_LENGTH_PLAIN_PASSWORD,true);
   Cry_EncryptSHA512Base64 (NewPlainPassword,NewEncryptedPassword);
   if (!Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword,NewEncryptedPassword,-1L))        // New password is good?
     {
--- a/swad_changelog.h
+++ b/swad_changelog.h
@ -191,13 +191,15 @@
 /****************************** Public constants *****************************/
 /*****************************************************************************/

-#define Log_PLATFORM_VERSION	"SWAD 16.127.1 (2017-01-28)"
+#define Log_PLATFORM_VERSION	"SWAD 16.127.3 (2017-01-28)"
 #define CSS_FILE		"swad16.123.css"
 #define JS_FILE			"swad16.123.js"

 // Number of lines (includes comments but not blank lines) has been got with the following command:
 // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
 /*
+        Version 16.127.3: Jan 28, 2017	Fixed bug in permissions to change another user's data. (212127 lines)
+        Version 16.127.2: Jan 28, 2017	Fixed bug creating a new account. (212124 lines)
        Version 16.127.1: Jan 28, 2017	Fixed bug in listing of users. (212125 lines)
        Version 16.127:   Jan 28, 2017	Code refactoring. (212118 lines)
        Version 16.126.6: Jan 27, 2017	Fixed bug related with list of students. (212098 lines)
--- a/swad_enrollment.c
+++ b/swad_enrollment.c
@ -3154,7 +3154,7 @@ static void Enr_ShowFormToEditOtherUsr (void)
   /***** Buttons for edition *****/
   fprintf (Gbl.F.Out,"<div class=\"CONTEXT_MENU\">");

-   if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
+   if (Usr_ICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
     {
      Pwd_PutLinkToChangeOtherUsrPassword ();	// Put link (form) to change user's password
      Mai_PutLinkToChangeOtherUsrEmails ();	// Put link (form) to change user's emails
--- a/swad_mail.c
+++ b/swad_mail.c
@ -1150,7 +1150,7 @@ void Mai_ShowFormOthEmail (void)
   /***** Get user whose password must be changed *****/
   if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
     {
-      if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
+      if (Usr_ICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
 	{
 	 /***** Start frame *****/
         Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL);
@ -1369,7 +1369,7 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat)
   extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
   char Email[Usr_MAX_BYTES_USR_EMAIL + 1];

-   if (Usr_AsAdminICanEditOtherUsr (UsrDat))
+   if (Usr_ICanEditOtherUsr (UsrDat))
     {
      /***** Get new email from form *****/
      Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL);
@ -1451,7 +1451,7 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe)
   extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
   char NewEmail[Usr_MAX_BYTES_USR_EMAIL + 1];

-   if (Usr_AsAdminICanEditOtherUsr (UsrDat))
+   if (Usr_ICanEditOtherUsr (UsrDat))
     {
      /***** Get new email from form *****/
      Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL);
--- a/swad_password.c
+++ b/swad_password.c
@ -491,7 +491,7 @@ void Pwd_UpdateOtherPwd1 (void)
   /***** Get other user's code from form and get user's data *****/
   if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
     {
-      if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
+      if (Usr_ICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
 	{
 	 Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
 	 Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
@ -813,7 +813,7 @@ void Pwd_ShowFormOthPwd (void)
   /***** Get user whose password must be changed *****/
   if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
     {
-      if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
+      if (Usr_ICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
 	{
 	 /***** Start frame *****/
         Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL);
--- a/swad_photo.c
+++ b/swad_photo.c
@ -150,7 +150,7 @@ bool Pho_ICanChangeOtherUsrPhoto (const struct UsrData *UsrDat)
      case Rol_CTR_ADM:
      case Rol_INS_ADM:
      case Rol_SYS_ADM:
-         return Usr_AsAdminICanEditOtherUsr (UsrDat);
+         return Usr_ICanEditOtherUsr (UsrDat);
      default:
 	 return false;
     }
--- a/swad_user.c
+++ b/swad_user.c
@ -847,18 +847,21 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat)
      case Rol_CTR_ADM:
      case Rol_INS_ADM:
      case Rol_SYS_ADM:
-         return Usr_AsAdminICanEditOtherUsr (UsrDat);
+         return Usr_ICanEditOtherUsr (UsrDat);
      default:
 	 return false;
     }
  }

 /*****************************************************************************/
-/************ Check if I (as admin) can edit another user's data *************/
+/***************** Check if I can edit another user's data *******************/
 /*****************************************************************************/

-bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat)
+bool Usr_ICanEditOtherUsr (const struct UsrData *UsrDat)
  {
+   if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod)	// It's me
+      return true;
+
   switch (Gbl.Usrs.Me.LoggedRole)
     {
      case Rol_DEG_ADM:
--- a/swad_user.h
+++ b/swad_user.h
@ -235,7 +235,7 @@ bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod);
 bool Usr_CheckIfUsrIsSuperuser (long UsrCod);

 bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat);
-bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat);
+bool Usr_ICanEditOtherUsr (const struct UsrData *UsrDat);

 unsigned Usr_GetNumCrssOfUsr (long UsrCod);
 unsigned Usr_GetNumCrssOfUsrNotAccepted (long UsrCod);