Marown/swad-core
Marown
/
swad-core
mirror of https://github.com/acanas/swad-core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Version 16.125

This commit is contained in:
Antonio Cañas Vargas 2017-01-27 01:02:52 +01:00
parent ba9f87cd11
commit cb9515fcb2
14 changed files with 411 additions and 243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
swad_ID.c
View File

@ -370,22 +370,14 @@ void ID_WriteUsrIDs (struct UsrData *UsrDat)
{ {
extern struct Act_Actions Act_Actions[Act_NUM_ACTIONS]; extern struct Act_Actions Act_Actions[Act_NUM_ACTIONS];
unsigned NumID; unsigned NumID;
bool ItsMe = (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod);
bool ICanSeeUsrID; bool ICanSeeUsrID;
bool ICanConfirmUsrID; bool ICanConfirmUsrID;
if (ItsMe) ICanSeeUsrID = ID_ICanSeeOtherUsrIDs (UsrDat);
{ ICanConfirmUsrID = ICanSeeUsrID &&
ICanSeeUsrID = true; (UsrDat->UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) && // Not me
ICanConfirmUsrID = false; !Gbl.Form.Inside && // Not inside another form
} Act_Actions[Gbl.Action.Act].BrowserWindow == Act_THIS_WINDOW; // Only in main window
else // A user distinct than me
{
ICanSeeUsrID = ID_ICanSeeAnotherUsrID (UsrDat);
ICanConfirmUsrID = ICanSeeUsrID &&
!Gbl.Form.Inside && // Only if not inside another form
Act_Actions[Gbl.Action.Act].BrowserWindow == Act_THIS_WINDOW; // Only in main window
}
for (NumID = 0; for (NumID = 0;
NumID < UsrDat->IDs.Num; NumID < UsrDat->IDs.Num;
@ -412,31 +404,71 @@ void ID_WriteUsrIDs (struct UsrData *UsrDat)
/*****************************************************************************/ /*****************************************************************************/
/***************** Check if I can see another user's IDs *********************/ /***************** Check if I can see another user's IDs *********************/
/*****************************************************************************/ /*****************************************************************************/
// This function should not be called when UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod
bool ID_ICanSeeAnotherUsrID (struct UsrData *UsrDat) bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat)
{ {
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to see another user's IDs *****/ /***** Check if I have permission to see another user's IDs *****/
switch (Gbl.Usrs.Me.LoggedRole) switch (Gbl.Usrs.Me.LoggedRole)
{ {
case Rol_TEACHER: case Rol_TEACHER:
/* If I am a teacher of current course, /* If I am a teacher of current course,
I only can see the user's IDs of students from current course */ I only can see the user's IDs of students from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && UsrDat->Accepted); return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && // A student
UsrDat->Accepted) || // who has accepted inscription in course
(
(UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0] // and who has no first name (nobody filled user's first name)
);
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && // A student
UsrDat->Accepted) || // who has accepted inscription in course
(
(UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0] // and who has no first name (nobody filled user's first name)
);
case Rol_DEG_ADM: case Rol_DEG_ADM:
/* If I am an administrator of current degree,
I only can see the user's IDs of users from current degree */
return Usr_CheckIfUsrBelongsToDeg (UsrDat->UsrCod,Gbl.CurrentDeg.Deg.DegCod,true);
case Rol_CTR_ADM: case Rol_CTR_ADM:
/* If I am an administrator of current centre,
I only can see the user's IDs of users from current centre */
return Usr_CheckIfUsrBelongsToCtr (UsrDat->UsrCod,Gbl.CurrentCtr.Ctr.CtrCod,true);
case Rol_INS_ADM: case Rol_INS_ADM:
/* If I am an administrator of current institution,
I only can see the user's IDs of users from current institution */
return Usr_CheckIfUsrBelongsToIns (UsrDat->UsrCod,Gbl.CurrentIns.Ins.InsCod,true);
case Rol_SYS_ADM: case Rol_SYS_ADM:
return true; return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default:
return false;
}
}
/*****************************************************************************/
/***************** Check if I can change another user's IDs ******************/
/*****************************************************************************/
bool ID_ICanChangeOtherUsrIDs (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to see another user's IDs *****/
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER:
/* If I am a teacher of current course,
I only can change the user's IDs of empty users from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0]; // and who has no first name (nobody filled user's first name)
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM:
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default: default:
return false; return false;
} }
@ -516,7 +548,7 @@ void ID_ShowFormOthIDs (void)
/***** Get user whose password must be changed *****/ /***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{ {
if (Pwd_CheckIfICanChangeOtherUsrPassword (Gbl.Usrs.Other.UsrDat.UsrCod)) if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
{ {
/***** Start frame *****/ /***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL); Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL);
@ -720,7 +752,7 @@ static void ID_RemoveUsrID (const struct UsrData *UsrDat,bool ItsMe)
char UsrID[ID_MAX_LENGTH_USR_ID+1]; char UsrID[ID_MAX_LENGTH_USR_ID+1];
bool ICanRemove; bool ICanRemove;
if (Pwd_CheckIfICanChangeOtherUsrPassword (UsrDat->UsrCod)) if (ID_ICanChangeOtherUsrIDs (UsrDat))
{ {
/***** Get user's ID from form *****/ /***** Get user's ID from form *****/
Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID); Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID);
@ -841,7 +873,7 @@ static void ID_NewUsrID (const struct UsrData *UsrDat,bool ItsMe)
unsigned NumIDFound = 0; // Initialized to avoid warning unsigned NumIDFound = 0; // Initialized to avoid warning
bool Error = false; bool Error = false;
if (Pwd_CheckIfICanChangeOtherUsrPassword (UsrDat->UsrCod)) if (ID_ICanChangeOtherUsrIDs (UsrDat))
{ {
/***** Get new user's ID from form *****/ /***** Get new user's ID from form *****/
Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID); Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID);
@ -964,7 +996,7 @@ static void ID_ReqConfOrConfOtherUsrID (ID_ReqConfOrConfID_t ReqConfOrConfID)
/***** Get other user's code from form and get user's data *****/ /***** Get other user's code from form and get user's data *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
if (Gbl.Usrs.Other.UsrDat.UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) // Not me if (Gbl.Usrs.Other.UsrDat.UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) // Not me
if (ID_ICanSeeAnotherUsrID (&Gbl.Usrs.Other.UsrDat)) if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
ICanConfirm = true; ICanConfirm = true;
if (ICanConfirm) if (ICanConfirm)

3
swad_ID.h
View File

@ -65,7 +65,8 @@ bool ID_CheckIfUsrIDIsValid (const char *UsrID);
bool ID_CheckIfUsrIDSeemsAValidID (const char *UsrID); bool ID_CheckIfUsrIDSeemsAValidID (const char *UsrID);
void ID_WriteUsrIDs (struct UsrData *UsrDat); void ID_WriteUsrIDs (struct UsrData *UsrDat);
bool ID_ICanSeeAnotherUsrID (struct UsrData *UsrDat); bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat);
bool ID_ICanChangeOtherUsrIDs (const struct UsrData *UsrDat);
void ID_PutLinkToChangeUsrIDs (void); void ID_PutLinkToChangeUsrIDs (void);
void ID_ShowFormOthIDs (void); void ID_ShowFormOthIDs (void);

24
swad_action.c
View File

@ -2471,14 +2471,14 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] =
/* ActCnfID_Tch */{1570,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL}, /* ActCnfID_Tch */{1570,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL},
/* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, /* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
/* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, /* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
/* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, /* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
/* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, /* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
/* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, /* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
/* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, /* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
/* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, /* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
/* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, /* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
/* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, /* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
/* ActFrmPwdOth */{1464,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL}, /* ActFrmPwdOth */{1464,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL},
/* ActFrmPwdStd */{1465,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL}, /* ActFrmPwdStd */{1465,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL},
@ -2488,14 +2488,14 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] =
/* ActChgPwdTch */{1469,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL}, /* ActChgPwdTch */{1469,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL},
/* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, /* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
/* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, /* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
/* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, /* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
/* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, /* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
/* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, /* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
/* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, /* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
/* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, /* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
/* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, /* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
/* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, /* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
/* ActRemStdCrs */{1462,-1,TabUnk,ActLstStd ,0x1F8,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL}, /* ActRemStdCrs */{1462,-1,TabUnk,ActLstStd ,0x1F8,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL},
/* ActRemTchCrs */{1463,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL}, /* ActRemTchCrs */{1463,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL},

6
swad_changelog.h
View File

@ -187,19 +187,19 @@
// TODO: Fix bug when creating a new attendance event: if title is repeated, form is cleared // TODO: Fix bug when creating a new attendance event: if title is repeated, form is cleared
// TODO: Fix bug: When registering an administrator, the user's name changes are ignored // TODO: Fix bug: When registering an administrator, the user's name changes are ignored
// TODO: Teachers sbould view ID of students/teachers with no name/email
/*****************************************************************************/ /*****************************************************************************/
/****************************** Public constants *****************************/ /****************************** Public constants *****************************/
/*****************************************************************************/ /*****************************************************************************/
#define Log_PLATFORM_VERSION "SWAD 16.123.4 (2017-01-25)" #define Log_PLATFORM_VERSION "SWAD 16.125 (2017-01-27)"
#define CSS_FILE "swad16.123.css" #define CSS_FILE "swad16.123.css"
#define JS_FILE "swad16.123.js" #define JS_FILE "swad16.123.js"
// Number of lines (includes comments but not blank lines) has been got with the following command: // Number of lines (includes comments but not blank lines) has been got with the following command:
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
/* /*
Version 16.125: Jan 27, 2017 Code refactoring related to permissions to view/change another user's data. (212152 lines)
Version 16.124: Jan 26, 2017 Code refactoring related to permissions to view/change another user's data. (212163 lines)
Version 16.123.4: Jan 26, 2017 Surname1 and first name can not be deleted when editing user's data. (212000 lines) Version 16.123.4: Jan 26, 2017 Surname1 and first name can not be deleted when editing user's data. (212000 lines)
Version 16.123.3: Jan 25, 2017 Code refactoring in edition of user's record. (211987 lines) Version 16.123.3: Jan 25, 2017 Code refactoring in edition of user's record. (211987 lines)
Version 16.123.2: Jan 25, 2017 Teachers can edit names of students/teachers with no name/email. (211989 lines) Version 16.123.2: Jan 25, 2017 Teachers can edit names of students/teachers with no name/email. (211989 lines)

15
swad_enrollment.c
View File

@ -3153,14 +3153,19 @@ static void Enr_ShowFormToEditOtherUsr (void)
{ {
/***** Buttons for edition *****/ /***** Buttons for edition *****/
fprintf (Gbl.F.Out,"<div class=\"CONTEXT_MENU\">"); fprintf (Gbl.F.Out,"<div class=\"CONTEXT_MENU\">");
if (Pwd_CheckIfICanChangeOtherUsrPassword (Gbl.Usrs.Other.UsrDat.UsrCod))
{ if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password
Mai_PutLinkToChangeOtherUsrEmail (); // Put link (form) to change user's email
if (Mai_ICanChangeOtherUsrEmails (&Gbl.Usrs.Other.UsrDat))
Mai_PutLinkToChangeOtherUsrEmails (); // Put link (form) to change user's emails
if (ID_ICanChangeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
ID_PutLinkToChangeUsrIDs (); // Put link (form) to change user's IDs ID_PutLinkToChangeUsrIDs (); // Put link (form) to change user's IDs
}
if (Pho_CheckIfICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat)) if (Pho_ICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat))
Pho_PutLinkToChangeOtherUsrPhoto (); // Put link (form) to change user's photo Pho_PutLinkToChangeOtherUsrPhoto (); // Put link (form) to change user's photo
fprintf (Gbl.F.Out,"</div>"); fprintf (Gbl.F.Out,"</div>");
/***** User's record *****/ /***** User's record *****/

61
swad_mail.c
View File

@ -1114,10 +1114,10 @@ long Mai_GetUsrCodFromEmail (const char *Email)
} }
/*****************************************************************************/ /*****************************************************************************/
/********** Put a link to the action used to change user's email *************/ /********** Put a link to the action used to change user's emails ************/
/*****************************************************************************/ /*****************************************************************************/
void Mai_PutLinkToChangeOtherUsrEmail (void) void Mai_PutLinkToChangeOtherUsrEmails (void)
{ {
extern const char *Txt_Change_email; extern const char *Txt_Change_email;
@ -1137,6 +1137,37 @@ void Mai_PutLinkToChangeOtherUsrEmail (void)
NULL); NULL);
} }
/*****************************************************************************/
/************** Check if I can change the email of another user **************/
/*****************************************************************************/
bool Mai_ICanChangeOtherUsrEmails (const struct UsrData *UsrDat)
{
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true;
/***** Check if I have permission to change another user's emails *****/
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_TEACHER:
/* If I am a teacher of current course,
I only can change the user's emails
of empty users from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0]; // and who has no first name (nobody filled user's first name)
case Rol_DEG_ADM:
case Rol_CTR_ADM:
case Rol_INS_ADM:
case Rol_SYS_ADM:
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default:
return false;
}
}
/*****************************************************************************/ /*****************************************************************************/
/*********** Show form to the change the email of another user ***************/ /*********** Show form to the change the email of another user ***************/
/*****************************************************************************/ /*****************************************************************************/
@ -1149,7 +1180,7 @@ void Mai_ShowFormOthEmail (void)
/***** Get user whose password must be changed *****/ /***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{ {
if (Pwd_CheckIfICanChangeOtherUsrPassword (Gbl.Usrs.Other.UsrDat.UsrCod)) if (Mai_ICanChangeOtherUsrEmails (&Gbl.Usrs.Other.UsrDat))
{ {
/***** Start frame *****/ /***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL); Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL);
@ -1368,7 +1399,7 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat)
extern const char *Txt_User_not_found_or_you_do_not_have_permission_; extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
char Email[Usr_MAX_BYTES_USR_EMAIL+1]; char Email[Usr_MAX_BYTES_USR_EMAIL+1];
if (Pwd_CheckIfICanChangeOtherUsrPassword (UsrDat->UsrCod)) if (Mai_ICanChangeOtherUsrEmails (UsrDat))
{ {
/***** Get new email from form *****/ /***** Get new email from form *****/
Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL); Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL);
@ -1450,7 +1481,7 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe)
extern const char *Txt_User_not_found_or_you_do_not_have_permission_; extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
char NewEmail[Usr_MAX_BYTES_USR_EMAIL+1]; char NewEmail[Usr_MAX_BYTES_USR_EMAIL+1];
if (Pwd_CheckIfICanChangeOtherUsrPassword (UsrDat->UsrCod)) if (Mai_ICanChangeOtherUsrEmails (UsrDat))
{ {
/***** Get new email from form *****/ /***** Get new email from form *****/
Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL); Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL);
@ -1807,7 +1838,7 @@ void Mai_WriteFootNoteEMail (Txt_Language_t Language)
/**************** Check if I can see another user's email ********************/ /**************** Check if I can see another user's email ********************/
/*****************************************************************************/ /*****************************************************************************/
bool Mai_ICanSeeEmail (struct UsrData *UsrDat) bool Mai_ICanSeeEmail (const struct UsrData *UsrDat)
{ {
bool ItsMe = (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod); bool ItsMe = (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod);
@ -1825,21 +1856,27 @@ bool Mai_ICanSeeEmail (struct UsrData *UsrDat)
case Rol_TEACHER: case Rol_TEACHER:
/* If I am a teacher of current course, /* If I am a teacher of current course,
I only can see the user's email of students or teachers from current course */ I only can see the user's email of students or teachers from current course */
return (UsrDat->Accepted && return ((UsrDat->RoleInCurrentCrsDB == Rol_STUDENT ||
(UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // A student or a teacher
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER)); (UsrDat->Accepted || // who has accepted inscription in course
!UsrDat->Email[0] || // or whose email is empty
!UsrDat->Surname1[0] || // or whose surname 1 is empty
!UsrDat->FirstName[0])); // or whose first name is empty
case Rol_DEG_ADM: case Rol_DEG_ADM:
/* If I am an administrator of current degree, /* If I am an administrator of current degree,
I only can see the user's email of users from current degree */ I only can see the user's email of users from current degree */
return Usr_CheckIfUsrBelongsToDeg (UsrDat->UsrCod,Gbl.CurrentDeg.Deg.DegCod,true); return Usr_CheckIfUsrBelongsToDeg (UsrDat->UsrCod,
Gbl.CurrentDeg.Deg.DegCod);
case Rol_CTR_ADM: case Rol_CTR_ADM:
/* If I am an administrator of current centre, /* If I am an administrator of current centre,
I only can see the user's email of users from current centre */ I only can see the user's email of users from current centre */
return Usr_CheckIfUsrBelongsToCtr (UsrDat->UsrCod,Gbl.CurrentCtr.Ctr.CtrCod,true); return Usr_CheckIfUsrBelongsToCtr (UsrDat->UsrCod,
Gbl.CurrentCtr.Ctr.CtrCod);
case Rol_INS_ADM: case Rol_INS_ADM:
/* If I am an administrator of current institution, /* If I am an administrator of current institution,
I only can see the user's email of users from current institution */ I only can see the user's email of users from current institution */
return Usr_CheckIfUsrBelongsToIns (UsrDat->UsrCod,Gbl.CurrentIns.Ins.InsCod,true); return Usr_CheckIfUsrBelongsToIns (UsrDat->UsrCod,
Gbl.CurrentIns.Ins.InsCod);
case Rol_SYS_ADM: case Rol_SYS_ADM:
return true; return true;
default: default:

5
swad_mail.h
View File

@ -77,7 +77,8 @@ bool Mai_CheckIfEmailIsValid (const char *Email);
bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat); bool Mai_GetEmailFromUsrCod (struct UsrData *UsrDat);
long Mai_GetUsrCodFromEmail (const char *Email); long Mai_GetUsrCodFromEmail (const char *Email);
void Mai_PutLinkToChangeOtherUsrEmail (void); void Mai_PutLinkToChangeOtherUsrEmails (void);
bool Mai_ICanChangeOtherUsrEmails (const struct UsrData *UsrDat);
void Mai_ShowFormOthEmail (void); void Mai_ShowFormOthEmail (void);
void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe); void Mai_ShowFormChangeUsrEmail (const struct UsrData *UsrDat,bool ItsMe);
void Mai_RemoveMyUsrEmail (void); void Mai_RemoveMyUsrEmail (void);
@ -95,6 +96,6 @@ void Mai_CreateFileNameMail (void);
void Mai_WriteWelcomeNoteEMail (struct UsrData *UsrDat); void Mai_WriteWelcomeNoteEMail (struct UsrData *UsrDat);
void Mai_WriteFootNoteEMail (Txt_Language_t Language); void Mai_WriteFootNoteEMail (Txt_Language_t Language);
bool Mai_ICanSeeEmail (struct UsrData *UsrDat); bool Mai_ICanSeeEmail (const struct UsrData *UsrDat);
#endif #endif

33
swad_password.c
View File

@ -491,7 +491,7 @@ void Pwd_UpdateOtherPwd1 (void)
/***** Get other user's code from form and get user's data *****/ /***** Get other user's code from form and get user's data *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{ {
if (Pwd_CheckIfICanChangeOtherUsrPassword (Gbl.Usrs.Other.UsrDat.UsrCod)) if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
{ {
Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD); Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD); Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
@ -813,7 +813,7 @@ void Pwd_ShowFormOthPwd (void)
/***** Get user whose password must be changed *****/ /***** Get user whose password must be changed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{ {
if (Pwd_CheckIfICanChangeOtherUsrPassword (Gbl.Usrs.Other.UsrDat.UsrCod)) if (Pwd_ICanChangeOtherUsrPassword (&Gbl.Usrs.Other.UsrDat))
{ {
/***** Start frame *****/ /***** Start frame *****/
Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL); Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL);
@ -884,35 +884,16 @@ void Pwd_PutLinkToChangeOtherUsrPassword (void)
} }
/*****************************************************************************/ /*****************************************************************************/
/************ Check if I can change th password of another user **************/ /************ Check if I can change the password of another user *************/
/*****************************************************************************/ /*****************************************************************************/
bool Pwd_CheckIfICanChangeOtherUsrPassword (long UsrCod) bool Pwd_ICanChangeOtherUsrPassword (const struct UsrData *UsrDat)
{ {
if (UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true; return true;
/* Check if I have permission to change another user's password. /***** Check if I have permission to change another user's password *****/
Only users who have accepted registration in courses are counted */ return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_DEG_ADM:
/* If I am an administrator of current degree,
I only can change the password of users from current degree */
return Usr_CheckIfUsrBelongsToDeg (UsrCod,Gbl.CurrentDeg.Deg.DegCod,true);
case Rol_CTR_ADM:
/* If I am an administrator of current centre,
I only can change the password of users from current centre */
return Usr_CheckIfUsrBelongsToCtr (UsrCod,Gbl.CurrentCtr.Ctr.CtrCod,true);
case Rol_INS_ADM:
/* If I am an administrator of current institution,
I only can change the password of users from current institution */
return Usr_CheckIfUsrBelongsToIns (UsrCod,Gbl.CurrentIns.Ins.InsCod,true);
case Rol_SYS_ADM:
return true;
default:
return false;
}
} }
/*****************************************************************************/ /*****************************************************************************/

2
swad_password.h
View File

@ -69,7 +69,7 @@ void Pwd_ShowFormOthPwd (void);
void Pwd_PutLinkToChangeMyPassword (void); void Pwd_PutLinkToChangeMyPassword (void);
void Pwd_PutLinkToChangeOtherUsrPassword (void); void Pwd_PutLinkToChangeOtherUsrPassword (void);
bool Pwd_CheckIfICanChangeOtherUsrPassword (long UsrCod); bool Pwd_ICanChangeOtherUsrPassword (const struct UsrData *UsrDat);
void Pwd_AskForConfirmationOnDangerousAction (void); void Pwd_AskForConfirmationOnDangerousAction (void);
bool Pwd_GetConfirmationOnDangerousAction (void); bool Pwd_GetConfirmationOnDangerousAction (void);

39
swad_photo.c
View File

@ -131,40 +131,31 @@ static void Pho_ComputePhotoSize (int NumStds,int NumStdsWithPhoto,unsigned *Pho
/************** Check if I can change the photo of another user **************/ /************** Check if I can change the photo of another user **************/
/*****************************************************************************/ /*****************************************************************************/
bool Pho_CheckIfICanChangeOtherUsrPhoto (const struct UsrData *UsrDat) bool Pho_ICanChangeOtherUsrPhoto (const struct UsrData *UsrDat)
{ {
if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me if (UsrDat->UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
return true; return true;
/* Check if I have permission to change user's photo /* Check if I have permission to change user's photo */
Only users who have accepted registration in courses are counted */
switch (Gbl.Usrs.Me.LoggedRole) switch (Gbl.Usrs.Me.LoggedRole)
{ {
case Rol_TEACHER: case Rol_TEACHER:
/* If I am a teacher in current course, /* If I am a teacher in current course,
I only can change the photo of students from current course */ I only can change the photo of students from current course */
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT && // A student
UsrDat->Accepted); UsrDat->Accepted) || // who has accepted inscription in course
(
(UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
!UsrDat->Password[0] && // who has no password (never logged)
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
!UsrDat->FirstName[0] // and who has no first name (nobody filled user's first name)
);
case Rol_DEG_ADM: case Rol_DEG_ADM:
/* If I am an administrator of current degree,
I only can change the photo of users from current degree */
return Usr_CheckIfUsrBelongsToDeg (UsrDat->UsrCod,
Gbl.CurrentDeg.Deg.DegCod,
true);
case Rol_CTR_ADM: case Rol_CTR_ADM:
/* If I am an administrator of current centre,
I only can change the photo of users from current centre */
return Usr_CheckIfUsrBelongsToCtr (UsrDat->UsrCod,
Gbl.CurrentCtr.Ctr.CtrCod,
true);
case Rol_INS_ADM: case Rol_INS_ADM:
/* If I am an administrator of current institution,
I only can change the photo of users from current institution */
return Usr_CheckIfUsrBelongsToIns (UsrDat->UsrCod,
Gbl.CurrentIns.Ins.InsCod,
true);
case Rol_SYS_ADM: case Rol_SYS_ADM:
return true; return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
default: default:
return false; return false;
} }
@ -203,7 +194,7 @@ void Pho_PutLinkToChangeOtherUsrPhoto (void)
if (Gbl.Usrs.Other.UsrDat.UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me if (Gbl.Usrs.Other.UsrDat.UsrCod == Gbl.Usrs.Me.UsrDat.UsrCod) // It's me
Pho_PutLinkToChangeMyPhoto (); Pho_PutLinkToChangeMyPhoto ();
else // Not me else // Not me
if (Pho_CheckIfICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat)) if (Pho_ICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat))
{ {
PhotoExists = Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL); PhotoExists = Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL);
TitleText = PhotoExists ? Txt_Change_photo : TitleText = PhotoExists ? Txt_Change_photo :
@ -360,7 +351,7 @@ void Pho_SendPhotoUsr (void)
/***** Get user whose photo must be sent or removed *****/ /***** Get user whose photo must be sent or removed *****/
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
{ {
if (Pho_CheckIfICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat)) // If I have permission to change user's photo... if (Pho_ICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat)) // If I have permission to change user's photo...
{ {
Gbl.Usrs.Other.UsrDat.Accepted = Usr_CheckIfUsrBelongsToCrs (Gbl.Usrs.Other.UsrDat.UsrCod, Gbl.Usrs.Other.UsrDat.Accepted = Usr_CheckIfUsrBelongsToCrs (Gbl.Usrs.Other.UsrDat.UsrCod,
Gbl.CurrentCrs.Crs.CrsCod, Gbl.CurrentCrs.Crs.CrsCod,
@ -488,7 +479,7 @@ void Pho_ReqRemoveUsrPhoto (void)
/***** Get password, user type and user's data from database *****/ /***** Get password, user type and user's data from database *****/
if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&Gbl.Usrs.Other.UsrDat)) if (Usr_ChkUsrCodAndGetAllUsrDataFromUsrCod (&Gbl.Usrs.Other.UsrDat))
{ {
if (Pho_CheckIfICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat)) if (Pho_ICanChangeOtherUsrPhoto (&Gbl.Usrs.Other.UsrDat))
{ {
/***** Show current photo and help message *****/ /***** Show current photo and help message *****/
if (Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL)) if (Pho_BuildLinkToPhoto (&Gbl.Usrs.Other.UsrDat,PhotoURL))

2
swad_photo.h
View File

@ -80,7 +80,7 @@ typedef enum
/***************************** Public prototypes *****************************/ /***************************** Public prototypes *****************************/
/*****************************************************************************/ /*****************************************************************************/
bool Pho_CheckIfICanChangeOtherUsrPhoto (const struct UsrData *UsrDat); bool Pho_ICanChangeOtherUsrPhoto (const struct UsrData *UsrDat);
void Pho_PutLinkToChangeMyPhoto (void); void Pho_PutLinkToChangeMyPhoto (void);
void Pho_PutLinkToChangeOtherUsrPhoto (void); void Pho_PutLinkToChangeOtherUsrPhoto (void);
void Pho_ReqMyPhotoWithContextLinks (void); void Pho_ReqMyPhotoWithContextLinks (void);

345
swad_user.c
View File

@ -792,12 +792,72 @@ bool Usr_CheckIfUsrIsSuperuser (long UsrCod)
{ {
extern const char *Sco_ScopeDB[Sco_NUM_SCOPES]; extern const char *Sco_ScopeDB[Sco_NUM_SCOPES];
char Query[128]; char Query[128];
static struct
{
long UsrCod;
bool IsSuperuser;
} Cache =
{
-1L,
false
};
/***** Get if a user is superuser from database *****/ if (UsrCod <= 0)
sprintf (Query,"SELECT COUNT(*) FROM admin" {
" WHERE UsrCod='%ld' AND Scope='%s'", /***** Trivial case *****/
UsrCod,Sco_ScopeDB[Sco_SCOPE_SYS]); Cache.UsrCod = -1L;
return (DB_QueryCOUNT (Query,"can not check if a user is superuser") != 0); Cache.IsSuperuser = false;
}
else if (UsrCod != Cache.UsrCod) // If not cached...
{
/***** Get if a user is superuser from database *****/
sprintf (Query,"SELECT COUNT(*) FROM admin"
" WHERE UsrCod='%ld' AND Scope='%s'",
UsrCod,Sco_ScopeDB[Sco_SCOPE_SYS]);
Cache.UsrCod = UsrCod;
Cache.IsSuperuser = (DB_QueryCOUNT (Query,"can not check if a user is superuser") != 0);
}
return Cache.IsSuperuser;
}
/*****************************************************************************/
/************ Check if I (as admin) can edit another user's data *************/
/*****************************************************************************/
bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat)
{
switch (Gbl.Usrs.Me.LoggedRole)
{
case Rol_DEG_ADM:
/* If I am an administrator of current degree,
I only can edit users from current degree who have accepted */
if (Usr_CheckIfUsrBelongsToDeg (UsrDat->UsrCod,Gbl.CurrentDeg.Deg.DegCod))
// Degree admins can't edit superusers' data
if (!Usr_CheckIfUsrIsSuperuser (UsrDat->UsrCod))
return true;
return false;
case Rol_CTR_ADM:
/* If I am an administrator of current centre,
I only can edit from current centre who have accepted */
if (Usr_CheckIfUsrBelongsToCtr (UsrDat->UsrCod,Gbl.CurrentCtr.Ctr.CtrCod))
// Centre admins can't edit superusers' data
if (!Usr_CheckIfUsrIsSuperuser (UsrDat->UsrCod))
return true;
return false;
case Rol_INS_ADM:
/* If I am an administrator of current institution,
I only can edit from current institution who have accepted */
if (Usr_CheckIfUsrBelongsToIns (UsrDat->UsrCod,Gbl.CurrentIns.Ins.InsCod))
// Institution admins can't edit superusers' data
if (!Usr_CheckIfUsrIsSuperuser (UsrDat->UsrCod))
return true;
return false;
case Rol_SYS_ADM:
return true;
default:
return false;
}
} }
/*****************************************************************************/ /*****************************************************************************/
@ -1432,95 +1492,148 @@ static void Usr_RemoveTemporaryTableMyCourses (void)
/**************** Check if a user belongs to an institution ******************/ /**************** Check if a user belongs to an institution ******************/
/*****************************************************************************/ /*****************************************************************************/
bool Usr_CheckIfUsrBelongsToIns (long UsrCod, bool Usr_CheckIfUsrBelongsToIns (long UsrCod,long InsCod)
long InsCod,
bool CountOnlyAcceptedCourses)
{ {
char Query[512]; char Query[512];
const char *SubQuery; static struct
{
long UsrCod;
long InsCod;
bool Belongs;
} Cache =
{
-1L,
-1L,
false
};
/***** Trivial case *****/
if (UsrCod <= 0 || if (UsrCod <= 0 ||
InsCod <= 0) InsCod <= 0)
return false; {
/***** Trivial case *****/
Cache.UsrCod = -1L;
Cache.InsCod = -1L;
Cache.Belongs = false;
}
else if (UsrCod != Cache.UsrCod ||
InsCod != Cache.InsCod) // If not cached...
{
/***** Get is a user belongs to an institution from database *****/
sprintf (Query,"SELECT COUNT(DISTINCT centres.InsCod)"
" FROM crs_usr,courses,degrees,centres"
" WHERE crs_usr.UsrCod='%ld'"
" AND crs_usr.Accepted='Y'"
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod=degrees.DegCod"
" AND degrees.CtrCod=centres.CtrCod"
" AND centres.InsCod='%ld'",
UsrCod,InsCod);
Cache.UsrCod = UsrCod;
Cache.InsCod = InsCod;
Cache.Belongs = (DB_QueryCOUNT (Query,"can not check if a user belongs to an institution") != 0);
}
/***** Get is a user belongs to an institution from database *****/ return Cache.Belongs;
SubQuery = (CountOnlyAcceptedCourses ? " AND crs_usr.Accepted='Y'" :
"");
sprintf (Query,"SELECT COUNT(DISTINCT centres.InsCod)"
" FROM crs_usr,courses,degrees,centres"
" WHERE crs_usr.UsrCod='%ld'%s"
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod=degrees.DegCod"
" AND degrees.CtrCod=centres.CtrCod"
" AND centres.InsCod='%ld'",
UsrCod,SubQuery,InsCod);
return (DB_QueryCOUNT (Query,"can not check if a user belongs to an institution") != 0);
} }
/*****************************************************************************/ /*****************************************************************************/
/******************* Check if a user belongs to a centre *********************/ /******************* Check if a user belongs to a centre *********************/
/*****************************************************************************/ /*****************************************************************************/
bool Usr_CheckIfUsrBelongsToCtr (long UsrCod, bool Usr_CheckIfUsrBelongsToCtr (long UsrCod,long CtrCod)
long CtrCod,
bool CountOnlyAcceptedCourses)
{ {
char Query[512]; char Query[512];
const char *SubQuery; static struct
{
long UsrCod;
long CtrCod;
bool Belongs;
} Cache =
{
-1L,
-1L,
false
};
/***** Trivial case *****/
if (UsrCod <= 0 || if (UsrCod <= 0 ||
CtrCod <= 0) CtrCod <= 0)
return false; {
/***** Trivial case *****/
Cache.UsrCod = -1L;
Cache.CtrCod = -1L;
Cache.Belongs = false;
}
else if (UsrCod != Cache.UsrCod ||
CtrCod != Cache.CtrCod) // If not cached...
{
/***** Get is a user belongs to a centre from database *****/
sprintf (Query,"SELECT COUNT(DISTINCT degrees.CtrCod)"
" FROM crs_usr,courses,degrees"
" WHERE crs_usr.UsrCod='%ld'"
" AND crs_usr.Accepted='Y'" // Only if user accepted
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod=degrees.DegCod"
" AND degrees.CtrCod='%ld'",
UsrCod,CtrCod);
Cache.UsrCod = UsrCod;
Cache.CtrCod = CtrCod;
Cache.Belongs = (DB_QueryCOUNT (Query,"can not check if a user belongs to a centre") != 0);
}
/***** Get is a user belongs to a centre from database *****/ return Cache.Belongs;
SubQuery = (CountOnlyAcceptedCourses ? " AND crs_usr.Accepted='Y'" :
"");
sprintf (Query,"SELECT COUNT(DISTINCT degrees.CtrCod)"
" FROM crs_usr,courses,degrees"
" WHERE crs_usr.UsrCod='%ld'%s"
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod=degrees.DegCod"
" AND degrees.CtrCod='%ld'",
UsrCod,SubQuery,CtrCod);
return (DB_QueryCOUNT (Query,"can not check if a user belongs to a centre") != 0);
} }
/*****************************************************************************/ /*****************************************************************************/
/******************* Check if a user belongs to a degree *********************/ /******************* Check if a user belongs to a degree *********************/
/*****************************************************************************/ /*****************************************************************************/
bool Usr_CheckIfUsrBelongsToDeg (long UsrCod, bool Usr_CheckIfUsrBelongsToDeg (long UsrCod,long DegCod)
long DegCod,
bool CountOnlyAcceptedCourses)
{ {
char Query[512]; char Query[512];
const char *SubQuery; static struct
{
long UsrCod;
long DegCod;
bool Belongs;
} Cache =
{
-1L,
-1L,
false
};
/***** Trivial case *****/
if (UsrCod <= 0 || if (UsrCod <= 0 ||
DegCod <= 0) DegCod <= 0)
return false; {
/***** Trivial case *****/
Cache.UsrCod = -1L;
Cache.DegCod = -1L;
Cache.Belongs = false;
}
else if (UsrCod != Cache.UsrCod ||
DegCod != Cache.DegCod) // If not cached...
{
/***** Get is a user belongs to a degree from database *****/
sprintf (Query,"SELECT COUNT(DISTINCT courses.DegCod)"
" FROM crs_usr,courses"
" WHERE crs_usr.UsrCod='%ld'"
" AND crs_usr.Accepted='Y'" // Only if user accepted
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod='%ld'",
UsrCod,DegCod);
Cache.UsrCod = UsrCod;
Cache.DegCod = DegCod;
Cache.Belongs = (DB_QueryCOUNT (Query,"can not check if a user belongs to a degree") != 0);
}
/***** Get is a user belongs to a degree from database *****/ return Cache.Belongs;
SubQuery = (CountOnlyAcceptedCourses ? " AND crs_usr.Accepted='Y'" :
"");
sprintf (Query,"SELECT COUNT(DISTINCT courses.DegCod)"
" FROM crs_usr,courses"
" WHERE crs_usr.UsrCod='%ld'%s"
" AND crs_usr.CrsCod=courses.CrsCod"
" AND courses.DegCod='%ld'",
UsrCod,SubQuery,DegCod);
return (DB_QueryCOUNT (Query,"can not check if a user belongs to a degree") != 0);
} }
/*****************************************************************************/ /*****************************************************************************/
/******************** Check if a user belongs to a course ********************/ /******************** Check if a user belongs to a course ********************/
/*****************************************************************************/ /*****************************************************************************/
bool Usr_CheckIfUsrBelongsToCrs (long UsrCod, bool Usr_CheckIfUsrBelongsToCrs (long UsrCod,long CrsCod,
long CrsCod,
bool CountOnlyAcceptedCourses) bool CountOnlyAcceptedCourses)
{ {
char Query[512]; char Query[512];
@ -3797,6 +3910,7 @@ static void Usr_BuildQueryToGetUsrsLstCrs (Rol_Role_t Role,
const char *QueryFields = const char *QueryFields =
"usr_data.UsrCod," "usr_data.UsrCod,"
"usr_data.EncryptedUsrCod," "usr_data.EncryptedUsrCod,"
"usr_data.Password,"
"usr_data.Surname1," "usr_data.Surname1,"
"usr_data.Surname2," "usr_data.Surname2,"
"usr_data.FirstName," "usr_data.FirstName,"
@ -3809,15 +3923,16 @@ static void Usr_BuildQueryToGetUsrsLstCrs (Rol_Role_t Role,
/* /*
row[ 0]: usr_data.UsrCod row[ 0]: usr_data.UsrCod
row[ 1]: usr_data.EncryptedUsrCod row[ 1]: usr_data.EncryptedUsrCod
row[ 2]: usr_data.Surname1 row[ 2]: usr_data.Password (used to check if a teacher can edit user's data)
row[ 3]: usr_data.Surname2 row[ 3]: usr_data.Surname1
row[ 4]: usr_data.FirstName row[ 4]: usr_data.Surname2
row[ 5]: usr_data.Sex row[ 5]: usr_data.FirstName
row[ 6]: usr_data.Photo row[ 6]: usr_data.Sex
row[ 7]: usr_data.PhotoVisibility row[ 7]: usr_data.Photo
row[ 8]: usr_data.InsCod row[ 8]: usr_data.PhotoVisibility
row[ 9]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS) row[ 9]: usr_data.InsCod
row[10]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS) row[10]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS)
row[11]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS)
*/ */
/***** If there are no groups selected, don't do anything *****/ /***** If there are no groups selected, don't do anything *****/
@ -3969,6 +4084,7 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
const char *QueryFields = const char *QueryFields =
"DISTINCT usr_data.UsrCod," "DISTINCT usr_data.UsrCod,"
"usr_data.EncryptedUsrCod," "usr_data.EncryptedUsrCod,"
"usr_data.Password,"
"usr_data.Surname1," "usr_data.Surname1,"
"usr_data.Surname2," "usr_data.Surname2,"
"usr_data.FirstName," "usr_data.FirstName,"
@ -3979,15 +4095,16 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
/* /*
row[ 0]: usr_data.UsrCod row[ 0]: usr_data.UsrCod
row[ 1]: usr_data.EncryptedUsrCod row[ 1]: usr_data.EncryptedUsrCod
row[ 2]: usr_data.Surname1 row[ 2]: usr_data.Password (used to check if a teacher can edit user's data)
row[ 3]: usr_data.Surname2 row[ 3]: usr_data.Surname1
row[ 4]: usr_data.FirstName row[ 4]: usr_data.Surname2
row[ 5]: usr_data.Sex row[ 5]: usr_data.FirstName
row[ 6]: usr_data.Photo row[ 6]: usr_data.Sex
row[ 7]: usr_data.PhotoVisibility row[ 7]: usr_data.Photo
row[ 8]: usr_data.InsCod row[ 8]: usr_data.PhotoVisibility
row[ 9]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS) row[ 9]: usr_data.InsCod
row[10]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS) row[10]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS)
row[11]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS)
*/ */
/***** Build query *****/ /***** Build query *****/
@ -3995,7 +4112,8 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
{ {
case Sco_SCOPE_SYS: case Sco_SCOPE_SYS:
/* Get users in courses from the whole platform */ /* Get users in courses from the whole platform */
sprintf (Query,"SELECT %s FROM usr_data,crs_usr" sprintf (Query,"SELECT %s"
" FROM usr_data,crs_usr"
" WHERE usr_data.UsrCod=crs_usr.UsrCod" " WHERE usr_data.UsrCod=crs_usr.UsrCod"
" AND crs_usr.Role='%u'" " AND crs_usr.Role='%u'"
" ORDER BY " " ORDER BY "
@ -4008,7 +4126,8 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
break; break;
case Sco_SCOPE_CTY: case Sco_SCOPE_CTY:
/* Get users in courses from the current country */ /* Get users in courses from the current country */
sprintf (Query,"SELECT %s FROM usr_data,crs_usr,courses,degrees,centres,institutions" sprintf (Query,"SELECT %s"
" FROM usr_data,crs_usr,courses,degrees,centres,institutions"
" WHERE usr_data.UsrCod=crs_usr.UsrCod" " WHERE usr_data.UsrCod=crs_usr.UsrCod"
" AND crs_usr.Role='%u'" " AND crs_usr.Role='%u'"
" AND crs_usr.CrsCod=courses.CrsCod" " AND crs_usr.CrsCod=courses.CrsCod"
@ -4027,7 +4146,8 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
break; break;
case Sco_SCOPE_INS: case Sco_SCOPE_INS:
/* Get users in courses from the current institution */ /* Get users in courses from the current institution */
sprintf (Query,"SELECT %s FROM usr_data,crs_usr,courses,degrees,centres" sprintf (Query,"SELECT %s"
" FROM usr_data,crs_usr,courses,degrees,centres"
" WHERE usr_data.UsrCod=crs_usr.UsrCod" " WHERE usr_data.UsrCod=crs_usr.UsrCod"
" AND crs_usr.Role='%u'" " AND crs_usr.Role='%u'"
" AND crs_usr.CrsCod=courses.CrsCod" " AND crs_usr.CrsCod=courses.CrsCod"
@ -4045,7 +4165,8 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
break; break;
case Sco_SCOPE_CTR: case Sco_SCOPE_CTR:
/* Get users in courses from the current centre */ /* Get users in courses from the current centre */
sprintf (Query,"SELECT %s FROM usr_data,crs_usr,courses,degrees" sprintf (Query,"SELECT %s"
" FROM usr_data,crs_usr,courses,degrees"
" WHERE usr_data.UsrCod=crs_usr.UsrCod" " WHERE usr_data.UsrCod=crs_usr.UsrCod"
" AND crs_usr.Role='%u'" " AND crs_usr.Role='%u'"
" AND crs_usr.CrsCod=courses.CrsCod" " AND crs_usr.CrsCod=courses.CrsCod"
@ -4062,7 +4183,8 @@ void Usr_GetListUsrs (Rol_Role_t Role,Sco_Scope_t Scope)
break; break;
case Sco_SCOPE_DEG: case Sco_SCOPE_DEG:
/* Get users in courses from the current degree */ /* Get users in courses from the current degree */
sprintf (Query,"SELECT %s FROM usr_data,crs_usr,courses" sprintf (Query,"SELECT %s"
" FROM usr_data,crs_usr,courses"
" WHERE usr_data.UsrCod=crs_usr.UsrCod" " WHERE usr_data.UsrCod=crs_usr.UsrCod"
" AND crs_usr.Role='%u'" " AND crs_usr.Role='%u'"
" AND crs_usr.CrsCod=courses.CrsCod" " AND crs_usr.CrsCod=courses.CrsCod"
@ -4690,15 +4812,16 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop
/* /*
row[ 0]: usr_data.UsrCod row[ 0]: usr_data.UsrCod
row[ 1]: usr_data.EncryptedUsrCod row[ 1]: usr_data.EncryptedUsrCod
row[ 2]: usr_data.Surname1 row[ 2]: usr_data.Password (used to check if a teacher can edit user's data)
row[ 3]: usr_data.Surname2 row[ 3]: usr_data.Surname1
row[ 4]: usr_data.FirstName row[ 4]: usr_data.Surname2
row[ 5]: usr_data.Sex row[ 5]: usr_data.FirstName
row[ 6]: usr_data.Photo row[ 6]: usr_data.Sex
row[ 7]: usr_data.PhotoVisibility row[ 7]: usr_data.Photo
row[ 8]: usr_data.InsCod row[ 8]: usr_data.PhotoVisibility
row[ 9]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS) row[ 9]: usr_data.InsCod
row[10]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS) row[10]: crs_usr.Role (only if Scope == Sco_SCOPE_CRS)
row[11]: crs_usr.Accepted (only if Scope == Sco_SCOPE_CRS)
*/ */
UsrInList = &Gbl.Usrs.LstUsrs[Role].Lst[NumUsr]; UsrInList = &Gbl.Usrs.LstUsrs[Role].Lst[NumUsr];
@ -4709,33 +4832,37 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop
Str_Copy (UsrInList->EncryptedUsrCod,row[1], Str_Copy (UsrInList->EncryptedUsrCod,row[1],
Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
/* Get user's surname 1 (row[2]) */ /* Get encrypted password (row[2]) */
Str_Copy (UsrInList->Surname1,row[2], Str_Copy (UsrInList->Password,row[2],
Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64);
/* Get user's surname 1 (row[3]) */
Str_Copy (UsrInList->Surname1,row[3],
Usr_MAX_BYTES_NAME); Usr_MAX_BYTES_NAME);
/* Get user's surname 2 (row[3]) */ /* Get user's surname 2 (row[4]) */
Str_Copy (UsrInList->Surname2,row[3], Str_Copy (UsrInList->Surname2,row[4],
Usr_MAX_BYTES_NAME); Usr_MAX_BYTES_NAME);
/* Get user's first name (row[4]) */ /* Get user's first name (row[5]) */
Str_Copy (UsrInList->FirstName,row[4], Str_Copy (UsrInList->FirstName,row[5],
Usr_MAX_BYTES_NAME); Usr_MAX_BYTES_NAME);
/* Get user's sex (row[5]) */ /* Get user's sex (row[6]) */
UsrInList->Sex = Usr_GetSexFromStr (row[5]); UsrInList->Sex = Usr_GetSexFromStr (row[6]);
/* Get user's photo (row[6]) */ /* Get user's photo (row[7]) */
Str_Copy (UsrInList->Photo,row[6], Str_Copy (UsrInList->Photo,row[7],
Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64); Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64);
/* Get user's photo visibility (row[7]) */ /* Get user's photo visibility (row[8]) */
UsrInList->PhotoVisibility = Pri_GetVisibilityFromStr (row[7]); UsrInList->PhotoVisibility = Pri_GetVisibilityFromStr (row[8]);
/* Get user's institution code (row[8]) */ /* Get user's institution code (row[9]) */
UsrInList->InsCod = Str_ConvertStrCodToLongCod (row[8]); UsrInList->InsCod = Str_ConvertStrCodToLongCod (row[9]);
/* Get user's role and acceptance of enrollment in course(s) /* Get user's role and acceptance of enrollment in course(s)
(row[9], row[10] if Scope == Sco_SCOPE_CRS) */ (row[10], row[11] if Scope == Sco_SCOPE_CRS) */
switch (Role) switch (Role)
{ {
case Rol_UNKNOWN: // Here Rol_UNKNOWN means any user case Rol_UNKNOWN: // Here Rol_UNKNOWN means any user
@ -4762,8 +4889,8 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop
break; break;
case Sco_SCOPE_CRS: // Course case Sco_SCOPE_CRS: // Course
// Query result has a column with the acceptation // Query result has a column with the acceptation
UsrInList->RoleInCurrentCrsDB = Rol_ConvertUnsignedStrToRole (row[9]); UsrInList->RoleInCurrentCrsDB = Rol_ConvertUnsignedStrToRole (row[10]);
UsrInList->Accepted = (row[10][0] == 'Y'); UsrInList->Accepted = (row[11][0] == 'Y');
break; break;
} }
break; break;
@ -4792,8 +4919,8 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop
break; break;
case Sco_SCOPE_CRS: // Course case Sco_SCOPE_CRS: // Course
// Query result has a column with the acceptation // Query result has a column with the acceptation
UsrInList->RoleInCurrentCrsDB = Rol_ConvertUnsignedStrToRole (row[9]); UsrInList->RoleInCurrentCrsDB = Rol_ConvertUnsignedStrToRole (row[10]);
UsrInList->Accepted = (row[10][0] == 'Y'); UsrInList->Accepted = (row[11][0] == 'Y');
break; break;
} }
break; break;

22
swad_user.h
View File

@ -184,12 +184,13 @@ struct UsrLast
struct UsrInList struct UsrInList
{ {
long UsrCod; long UsrCod;
char EncryptedUsrCod [Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1]; char EncryptedUsrCod[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1];
char Password[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1];
char Surname1 [Usr_MAX_BYTES_NAME + 1]; char Surname1 [Usr_MAX_BYTES_NAME + 1];
char Surname2 [Usr_MAX_BYTES_NAME + 1]; char Surname2 [Usr_MAX_BYTES_NAME + 1];
char FirstName[Usr_MAX_BYTES_NAME + 1]; char FirstName[Usr_MAX_BYTES_NAME + 1];
Usr_Sex_t Sex; Usr_Sex_t Sex;
char Photo[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64+1]; // Name of public link to photo char Photo[Cry_LENGTH_ENCRYPTED_STR_SHA256_BASE64 + 1]; // Name of public link to photo
Pri_Visibility_t PhotoVisibility; // Who can see user's photo Pri_Visibility_t PhotoVisibility; // Who can see user's photo
long InsCod; // Institution long InsCod; // Institution
Rol_Role_t RoleInCurrentCrsDB; // Role in current course in database Rol_Role_t RoleInCurrentCrsDB; // Role in current course in database
@ -233,6 +234,8 @@ void Usr_RestrictLengthAndWriteName (const struct UsrData *UsrDat,unsigned MaxCh
bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod); bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod);
bool Usr_CheckIfUsrIsSuperuser (long UsrCod); bool Usr_CheckIfUsrIsSuperuser (long UsrCod);
bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat);
unsigned Usr_GetNumCrssOfUsr (long UsrCod); unsigned Usr_GetNumCrssOfUsr (long UsrCod);
unsigned Usr_GetNumCrssOfUsrNotAccepted (long UsrCod); unsigned Usr_GetNumCrssOfUsrNotAccepted (long UsrCod);
unsigned Usr_GetNumCrssOfUsrWithARole (long UsrCod,Rol_Role_t Role); unsigned Usr_GetNumCrssOfUsrWithARole (long UsrCod,Rol_Role_t Role);
@ -259,17 +262,10 @@ void Usr_FreeMyCentres (void);
void Usr_FreeMyDegrees (void); void Usr_FreeMyDegrees (void);
void Usr_FreeMyCourses (void); void Usr_FreeMyCourses (void);
bool Usr_CheckIfUsrBelongsToIns (long UsrCod, bool Usr_CheckIfUsrBelongsToIns (long UsrCod,long InsCod);
long InsCod, bool Usr_CheckIfUsrBelongsToCtr (long UsrCod,long CtrCod);
bool CountOnlyAcceptedCourses); bool Usr_CheckIfUsrBelongsToDeg (long UsrCod,long DegCod);
bool Usr_CheckIfUsrBelongsToCtr (long UsrCod, bool Usr_CheckIfUsrBelongsToCrs (long UsrCod,long CrsCod,
long CtrCod,
bool CountOnlyAcceptedCourses);
bool Usr_CheckIfUsrBelongsToDeg (long UsrCod,
long DegCod,
bool CountOnlyAcceptedCourses);
bool Usr_CheckIfUsrBelongsToCrs (long UsrCod,
long CrsCod,
bool CountOnlyAcceptedCourses); bool CountOnlyAcceptedCourses);
bool Usr_CheckIfIBelongToCty (long CtyCod); bool Usr_CheckIfIBelongToCty (long CtyCod);

5
swad_web_service.c
View File

@ -1590,10 +1590,7 @@ static void Svc_CopyListUsers (Rol_Role_t Role,struct swad__getUsersOutput *getU
/* Get list of user's IDs */ /* Get list of user's IDs */
ID_GetListIDsFromUsrCod (&UsrDat); ID_GetListIDsFromUsrCod (&UsrDat);
if (Gbl.Usrs.Me.UsrDat.UsrCod == UsrDat.UsrCod) // It's me ICanSeeUsrID = ID_ICanSeeOtherUsrIDs (&UsrDat);
ICanSeeUsrID = true;
else // A user distinct than me
ICanSeeUsrID = ID_ICanSeeAnotherUsrID (&UsrDat);
/* Get nickname */ /* Get nickname */
Nck_GetNicknameFromUsrCod (UsrDat.UsrCod,UsrDat.Nickname); Nck_GetNicknameFromUsrCod (UsrDat.UsrCod,UsrDat.Nickname);