mirror of https://github.com/acanas/swad-core.git
Version 16.231
This commit is contained in:
parent
4fc74a80ad
commit
8e48695569
2332
swad_action.c
2332
swad_action.c
File diff suppressed because it is too large
Load Diff
|
@ -231,13 +231,14 @@
|
||||||
/****************************** Public constants *****************************/
|
/****************************** Public constants *****************************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
||||||
#define Log_PLATFORM_VERSION "SWAD 16.230 (2017-05-30)"
|
#define Log_PLATFORM_VERSION "SWAD 16.231 (2017-05-31)"
|
||||||
#define CSS_FILE "swad16.226.css"
|
#define CSS_FILE "swad16.226.css"
|
||||||
#define JS_FILE "swad16.206.3.js"
|
#define JS_FILE "swad16.206.3.js"
|
||||||
|
|
||||||
// Number of lines (includes comments but not blank lines) has been got with the following command:
|
// Number of lines (includes comments but not blank lines) has been got with the following command:
|
||||||
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
|
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
|
||||||
/*
|
/*
|
||||||
|
Version 16.231: May 31, 2017 Non-editing teachers can edit (with restrictions) in private zones. (221031 lines)
|
||||||
Version 16.230: May 30, 2017 Number of teachers and non-editing teachers in list of groups. (220953 lines)
|
Version 16.230: May 30, 2017 Number of teachers and non-editing teachers in list of groups. (220953 lines)
|
||||||
Version 16.229.1: May 30, 2017 Code refactoring in selection of groups.
|
Version 16.229.1: May 30, 2017 Code refactoring in selection of groups.
|
||||||
Fixed bug when printing list of teachers. (220762 lines)
|
Fixed bug when printing list of teachers. (220762 lines)
|
||||||
|
|
|
@ -1607,6 +1607,8 @@ static void Brw_RenameChildrenFilesOrFoldersInDB (const char OldPath[PATH_MAX +
|
||||||
static bool Brw_CheckIfICanEditFileOrFolder (unsigned Level);
|
static bool Brw_CheckIfICanEditFileOrFolder (unsigned Level);
|
||||||
static bool Brw_CheckIfICanCreateIntoFolder (unsigned Level);
|
static bool Brw_CheckIfICanCreateIntoFolder (unsigned Level);
|
||||||
static bool Brw_CheckIfICanModifySharedFileOrFolder (void);
|
static bool Brw_CheckIfICanModifySharedFileOrFolder (void);
|
||||||
|
static bool Brw_CheckIfICanModifyPrivateFileOrFolder (void);
|
||||||
|
static long Brw_GetPublisherOfSubtree (void);
|
||||||
|
|
||||||
static void Brw_WriteRowDocData (unsigned *NumDocsNotHidden,MYSQL_ROW row);
|
static void Brw_WriteRowDocData (unsigned *NumDocsNotHidden,MYSQL_ROW row);
|
||||||
|
|
||||||
|
@ -5271,14 +5273,14 @@ static bool Brw_WriteRowFileBrowser (unsigned Level,Brw_ExpandTree_t ExpandTree,
|
||||||
|
|
||||||
/***** Get the name of the file to show *****/
|
/***** Get the name of the file to show *****/
|
||||||
Brw_GetFileNameToShowDependingOnLevel (Gbl.FileBrowser.Type,Level,
|
Brw_GetFileNameToShowDependingOnLevel (Gbl.FileBrowser.Type,Level,
|
||||||
Gbl.FileBrowser.FileType,
|
Gbl.FileBrowser.FileType,
|
||||||
FileName,FileNameToShow);
|
FileName,FileNameToShow);
|
||||||
|
|
||||||
/***** Start this row *****/
|
/***** Start this row *****/
|
||||||
fprintf (Gbl.F.Out,"<tr>");
|
fprintf (Gbl.F.Out,"<tr>");
|
||||||
|
|
||||||
/****** If current action allows file administration... ******/
|
/****** If current action allows file administration... ******/
|
||||||
Gbl.FileBrowser.ICanEditFileOrFolder = false;
|
Gbl.FileBrowser.ICanEditFileOrFolder = false;
|
||||||
if (Brw_FileBrowserIsEditable[Gbl.FileBrowser.Type] &&
|
if (Brw_FileBrowserIsEditable[Gbl.FileBrowser.Type] &&
|
||||||
!Gbl.FileBrowser.ShowOnlyPublicFiles)
|
!Gbl.FileBrowser.ShowOnlyPublicFiles)
|
||||||
{
|
{
|
||||||
|
@ -10903,22 +10905,28 @@ static bool Brw_CheckIfICanEditFileOrFolder (unsigned Level)
|
||||||
if (Level == 0)
|
if (Level == 0)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/***** I must be student, teacher, admin or superuser to edit *****/
|
/***** I must be student or a superior role to edit *****/
|
||||||
if (Gbl.Usrs.Me.MaxRole < Rol_STD)
|
if (Gbl.Usrs.Me.MaxRole < Rol_STD)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/***** Set depending on browser, level, logged role... *****/
|
/***** Set depending on browser, level, logged role... *****/
|
||||||
switch (Gbl.FileBrowser.Type)
|
switch (Gbl.FileBrowser.Type)
|
||||||
{
|
{
|
||||||
case Brw_ADMI_TEACH_CRS:
|
case Brw_ADMI_DOCUM_CRS:
|
||||||
return (Gbl.Usrs.Me.LoggedRole >= Rol_TCH);
|
return Gbl.Usrs.Me.LoggedRole >= Rol_TCH;
|
||||||
case Brw_ADMI_TEACH_GRP:
|
case Brw_ADMI_DOCUM_GRP:
|
||||||
if (Gbl.Usrs.Me.LoggedRole == Rol_TCH)
|
if (Gbl.Usrs.Me.LoggedRole == Rol_TCH) // A teacher...
|
||||||
return Grp_GetIfIBelongToGrp (Gbl.CurrentCrs.Grps.GrpCod); // A teacher can edit only if hr/she belongs to group
|
// ...can edit only if he/she belongs to group
|
||||||
|
return Grp_GetIfIBelongToGrp (Gbl.CurrentCrs.Grps.GrpCod);
|
||||||
|
// An administrator can edit
|
||||||
return (Gbl.Usrs.Me.LoggedRole > Rol_TCH);
|
return (Gbl.Usrs.Me.LoggedRole > Rol_TCH);
|
||||||
|
case Brw_ADMI_TEACH_CRS:
|
||||||
|
case Brw_ADMI_TEACH_GRP:
|
||||||
|
// Check if I am the publisher of the file/folder
|
||||||
|
return Brw_CheckIfICanModifyPrivateFileOrFolder ();
|
||||||
case Brw_ADMI_SHARE_CRS:
|
case Brw_ADMI_SHARE_CRS:
|
||||||
case Brw_ADMI_SHARE_GRP:
|
case Brw_ADMI_SHARE_GRP:
|
||||||
// Check if I am the publisher of the folder
|
// Check if I am the publisher of the file/folder
|
||||||
return Brw_CheckIfICanModifySharedFileOrFolder ();
|
return Brw_CheckIfICanModifySharedFileOrFolder ();
|
||||||
case Brw_ADMI_ASSIG_USR:
|
case Brw_ADMI_ASSIG_USR:
|
||||||
case Brw_ADMI_ASSIG_CRS:
|
case Brw_ADMI_ASSIG_CRS:
|
||||||
|
@ -10972,6 +10980,32 @@ static bool Brw_CheckIfICanCreateIntoFolder (unsigned Level)
|
||||||
/***** Have I permission to create/paste a new file or folder into the folder? *****/
|
/***** Have I permission to create/paste a new file or folder into the folder? *****/
|
||||||
switch (Gbl.FileBrowser.Type)
|
switch (Gbl.FileBrowser.Type)
|
||||||
{
|
{
|
||||||
|
case Brw_ADMI_DOCUM_CRS:
|
||||||
|
return Gbl.Usrs.Me.LoggedRole >= Rol_TCH;
|
||||||
|
case Brw_ADMI_DOCUM_GRP:
|
||||||
|
if (Gbl.Usrs.Me.LoggedRole == Rol_TCH) // A teacher
|
||||||
|
// ...can create/paste only if he/she belongs to group
|
||||||
|
return Grp_GetIfIBelongToGrp (Gbl.CurrentCrs.Grps.GrpCod);
|
||||||
|
// An administrator can create/paste
|
||||||
|
return (Gbl.Usrs.Me.LoggedRole > Rol_TCH);
|
||||||
|
case Brw_ADMI_TEACH_CRS:
|
||||||
|
return Gbl.Usrs.Me.LoggedRole >= Rol_NET;
|
||||||
|
case Brw_ADMI_TEACH_GRP:
|
||||||
|
if (Gbl.Usrs.Me.LoggedRole == Rol_NET || // A non-editing teacher...
|
||||||
|
Gbl.Usrs.Me.LoggedRole == Rol_TCH) // ...or a teacher
|
||||||
|
// ...can create/paste only if he/she belongs to group
|
||||||
|
return Grp_GetIfIBelongToGrp (Gbl.CurrentCrs.Grps.GrpCod);
|
||||||
|
// An administrator can create/paste
|
||||||
|
return (Gbl.Usrs.Me.LoggedRole > Rol_TCH);
|
||||||
|
case Brw_ADMI_SHARE_CRS:
|
||||||
|
return Gbl.Usrs.Me.LoggedRole >= Rol_STD;
|
||||||
|
case Brw_ADMI_SHARE_GRP:
|
||||||
|
if (Gbl.Usrs.Me.LoggedRole >= Rol_STD && // A student, non-editing teacher...
|
||||||
|
Gbl.Usrs.Me.LoggedRole <= Rol_TCH) // ...or a teacher
|
||||||
|
// ...can create/paste only if he/she belongs to group
|
||||||
|
return Grp_GetIfIBelongToGrp (Gbl.CurrentCrs.Grps.GrpCod);
|
||||||
|
// An administrator can create/paste
|
||||||
|
return Gbl.Usrs.Me.LoggedRole >= Rol_STD;
|
||||||
case Brw_ADMI_ASSIG_USR:
|
case Brw_ADMI_ASSIG_USR:
|
||||||
case Brw_ADMI_ASSIG_CRS:
|
case Brw_ADMI_ASSIG_CRS:
|
||||||
if (Level == 0) // If root folder
|
if (Level == 0) // If root folder
|
||||||
|
@ -11005,47 +11039,19 @@ static bool Brw_CheckIfICanCreateIntoFolder (unsigned Level)
|
||||||
|
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
/********** Check if I have permission to modify a file or folder ************/
|
/********** Check if I have permission to modify a file or folder ************/
|
||||||
/********** in the current common zone ************/
|
/********** in the current shared or private zone ************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
// Returns true if the current user can remove or rename Gbl.FileBrowser.Priv.FullPathInTree, and false if he have not permission
|
// Returns true if I can remove or rename Gbl.FileBrowser.Priv.FullPathInTree, and false if I have not permission
|
||||||
// A user can remove or rename a file if he's the publisher
|
// I can remove or rename a file if I am the publisher
|
||||||
// A user can remove or rename a folder if he's the unique publisher of all the files and folders in the subtree starting there
|
// I can remove or rename a folder if I am the unique publisher of all the files and folders in the subtree starting there
|
||||||
|
|
||||||
static bool Brw_CheckIfICanModifySharedFileOrFolder (void)
|
static bool Brw_CheckIfICanModifySharedFileOrFolder (void)
|
||||||
{
|
{
|
||||||
long Cod = Brw_GetCodForFiles ();
|
|
||||||
char Query[512 + PATH_MAX * 2];
|
|
||||||
MYSQL_RES *mysql_res;
|
|
||||||
MYSQL_ROW row;
|
|
||||||
unsigned long NumRows;
|
|
||||||
long PublisherUsrCod = -1L;
|
|
||||||
|
|
||||||
switch (Gbl.Usrs.Me.LoggedRole)
|
switch (Gbl.Usrs.Me.LoggedRole)
|
||||||
{
|
{
|
||||||
case Rol_STD: // If I am a student or a non-editing teacher...
|
case Rol_STD: // If I am a student or a non-editing teacher...
|
||||||
case Rol_NET: // ...I can modify the file/folder if I am the publisher
|
case Rol_NET: // ...I can modify the file/folder if I am the publisher
|
||||||
/***** Get all the distinct publishers of files starting by Gbl.FileBrowser.Priv.FullPathInTree from database *****/
|
return (Gbl.Usrs.Me.UsrDat.UsrCod == Brw_GetPublisherOfSubtree ()); // Am I the publisher of subtree?
|
||||||
sprintf (Query,"SELECT DISTINCT(PublisherUsrCod) FROM files"
|
|
||||||
" WHERE FileBrowser=%u AND Cod=%ld"
|
|
||||||
" AND (Path='%s' OR Path LIKE '%s/%%')",
|
|
||||||
(unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type],
|
|
||||||
Cod,
|
|
||||||
Gbl.FileBrowser.Priv.FullPathInTree,
|
|
||||||
Gbl.FileBrowser.Priv.FullPathInTree);
|
|
||||||
NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get publishers of files");
|
|
||||||
|
|
||||||
/***** Check all common files that are equal to Gbl.FileBrowser.Priv.FullPathInTree
|
|
||||||
or that are under the folder Gbl.FileBrowser.Priv.FullPathInTree *****/
|
|
||||||
if (NumRows == 1) // Get the publisher of the file(s)
|
|
||||||
{
|
|
||||||
row = mysql_fetch_row (mysql_res);
|
|
||||||
PublisherUsrCod = Str_ConvertStrCodToLongCod (row[0]);
|
|
||||||
}
|
|
||||||
|
|
||||||
/***** Free structure that stores the query result *****/
|
|
||||||
DB_FreeMySQLResult (&mysql_res);
|
|
||||||
|
|
||||||
return (Gbl.Usrs.Me.UsrDat.UsrCod == PublisherUsrCod); // Am I the publisher of subtree?
|
|
||||||
case Rol_TCH:
|
case Rol_TCH:
|
||||||
case Rol_DEG_ADM:
|
case Rol_DEG_ADM:
|
||||||
case Rol_CTR_ADM:
|
case Rol_CTR_ADM:
|
||||||
|
@ -11057,6 +11063,64 @@ static bool Brw_CheckIfICanModifySharedFileOrFolder (void)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool Brw_CheckIfICanModifyPrivateFileOrFolder (void)
|
||||||
|
{
|
||||||
|
switch (Gbl.Usrs.Me.LoggedRole)
|
||||||
|
{
|
||||||
|
case Rol_NET: // If I am a student or a non-editing teacher...
|
||||||
|
// ...I can modify the file/folder if I am the publisher
|
||||||
|
return (Gbl.Usrs.Me.UsrDat.UsrCod == Brw_GetPublisherOfSubtree ()); // Am I the publisher of subtree?
|
||||||
|
case Rol_TCH:
|
||||||
|
case Rol_DEG_ADM:
|
||||||
|
case Rol_CTR_ADM:
|
||||||
|
case Rol_INS_ADM:
|
||||||
|
case Rol_SYS_ADM:
|
||||||
|
return true;
|
||||||
|
default:
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*****************************************************************************/
|
||||||
|
/************************ Get the publisher of a subtree *********************/
|
||||||
|
/*****************************************************************************/
|
||||||
|
|
||||||
|
static long Brw_GetPublisherOfSubtree (void)
|
||||||
|
{
|
||||||
|
char Query[512 + PATH_MAX * 2];
|
||||||
|
MYSQL_RES *mysql_res;
|
||||||
|
MYSQL_ROW row;
|
||||||
|
unsigned long NumRows;
|
||||||
|
long PublisherUsrCod;
|
||||||
|
long Cod = Brw_GetCodForFiles ();
|
||||||
|
|
||||||
|
/***** Get all the distinct publishers of files starting by
|
||||||
|
Gbl.FileBrowser.Priv.FullPathInTree from database *****/
|
||||||
|
sprintf (Query,"SELECT DISTINCT(PublisherUsrCod) FROM files"
|
||||||
|
" WHERE FileBrowser=%u AND Cod=%ld"
|
||||||
|
" AND (Path='%s' OR Path LIKE '%s/%%')",
|
||||||
|
(unsigned) Brw_FileBrowserForDB_files[Gbl.FileBrowser.Type],
|
||||||
|
Cod,
|
||||||
|
Gbl.FileBrowser.Priv.FullPathInTree,
|
||||||
|
Gbl.FileBrowser.Priv.FullPathInTree);
|
||||||
|
NumRows = DB_QuerySELECT (Query,&mysql_res,"can not get publishers of files");
|
||||||
|
|
||||||
|
/***** Check all common files that are equal to Gbl.FileBrowser.Priv.FullPathInTree
|
||||||
|
or that are under the folder Gbl.FileBrowser.Priv.FullPathInTree *****/
|
||||||
|
if (NumRows == 1) // Get the publisher of the file(s)
|
||||||
|
{
|
||||||
|
row = mysql_fetch_row (mysql_res);
|
||||||
|
PublisherUsrCod = Str_ConvertStrCodToLongCod (row[0]);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
PublisherUsrCod = -1L;
|
||||||
|
|
||||||
|
/***** Free structure that stores the query result *****/
|
||||||
|
DB_FreeMySQLResult (&mysql_res);
|
||||||
|
|
||||||
|
return PublisherUsrCod;
|
||||||
|
}
|
||||||
|
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
/************* Remove common zones of all the groups of a type ***************/
|
/************* Remove common zones of all the groups of a type ***************/
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
21
swad_group.c
21
swad_group.c
|
@ -3072,12 +3072,29 @@ static long Grp_GetFirstCodGrpStdBelongsTo (long GrpTypCod,long UsrCod)
|
||||||
bool Grp_GetIfIBelongToGrp (long GrpCod)
|
bool Grp_GetIfIBelongToGrp (long GrpCod)
|
||||||
{
|
{
|
||||||
char Query[256];
|
char Query[256];
|
||||||
|
static struct
|
||||||
|
{
|
||||||
|
long GrpCod;
|
||||||
|
bool IBelongToGrp;
|
||||||
|
} Cached =
|
||||||
|
{
|
||||||
|
-1L,
|
||||||
|
-1L,
|
||||||
|
false
|
||||||
|
}; // A cache. If this function is called consecutive times
|
||||||
|
// with the same group, only the first time is slow
|
||||||
|
|
||||||
/***** Get if I belong to a group from database *****/
|
/***** 1. Fast check: Is already calculated if I belong to group? *****/
|
||||||
|
if (GrpCod == Cached.GrpCod)
|
||||||
|
return Cached.IBelongToGrp;
|
||||||
|
|
||||||
|
/***** 2. Slow check: Get if I belong to a group from database *****/
|
||||||
sprintf (Query,"SELECT COUNT(*) FROM crs_grp_usr"
|
sprintf (Query,"SELECT COUNT(*) FROM crs_grp_usr"
|
||||||
" WHERE GrpCod=%ld AND UsrCod=%ld",
|
" WHERE GrpCod=%ld AND UsrCod=%ld",
|
||||||
GrpCod,Gbl.Usrs.Me.UsrDat.UsrCod);
|
GrpCod,Gbl.Usrs.Me.UsrDat.UsrCod);
|
||||||
return (DB_QueryCOUNT (Query,"can not check if you belong to a group") != 0);
|
Cached.IBelongToGrp = DB_QueryCOUNT (Query,"can not check if you belong to a group") != 0;
|
||||||
|
Cached.GrpCod = GrpCod;
|
||||||
|
return Cached.IBelongToGrp;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
|
|
Loading…
Reference in New Issue