mirror of https://github.com/acanas/swad-core.git
Version 16.126.5
This commit is contained in:
Antonio Cañas Vargas
parent
1770339e5c
commit
d8df950fdf
20
swad_ID.c
20
swad_ID.c
|
|
@ -424,11 +424,14 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat)
|
|||
return true;
|
||||
|
||||
/* Check 3: I can see the IDs of users with user's data empty */
|
||||
// This check is made to not view simultaneously:
|
||||
// - an ID
|
||||
// - a name or an email
|
||||
if (!UsrDat->Password[0] && // User has no password (never logged)
|
||||
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
|
||||
!UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2)
|
||||
!UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name)
|
||||
// Warning: I could view simultaneously ID and email (if filled)
|
||||
!UsrDat->FirstName[0] && // and who has no first name (nobody filled user's first name)
|
||||
!UsrDat->Email[0]) // and who has no email (nobody filled user's email)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
|
|
@ -436,7 +439,7 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat)
|
|||
case Rol_CTR_ADM:
|
||||
case Rol_INS_ADM:
|
||||
case Rol_SYS_ADM:
|
||||
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
|
||||
return Usr_AsAdminICanEditOtherUsr (UsrDat);
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
@ -516,7 +519,7 @@ void ID_ShowFormOthIDs (void)
|
|||
/***** Get user whose password must be changed *****/
|
||||
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
|
||||
{
|
||||
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
{
|
||||
/***** Start frame *****/
|
||||
Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL);
|
||||
|
|
@ -720,7 +723,7 @@ static void ID_RemoveUsrID (const struct UsrData *UsrDat,bool ItsMe)
|
|||
char UsrID[ID_MAX_LENGTH_USR_ID+1];
|
||||
bool ICanRemove;
|
||||
|
||||
if (Usr_ICanChangeOtherUsrData (UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (UsrDat))
|
||||
{
|
||||
/***** Get user's ID from form *****/
|
||||
Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID);
|
||||
|
|
@ -841,7 +844,7 @@ static void ID_NewUsrID (const struct UsrData *UsrDat,bool ItsMe)
|
|||
unsigned NumIDFound = 0; // Initialized to avoid warning
|
||||
bool Error = false;
|
||||
|
||||
if (Usr_ICanChangeOtherUsrData (UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (UsrDat))
|
||||
{
|
||||
/***** Get new user's ID from form *****/
|
||||
Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID);
|
||||
|
|
@ -956,15 +959,16 @@ static void ID_ReqConfOrConfOtherUsrID (ID_ReqConfOrConfID_t ReqConfOrConfID)
|
|||
extern const char *Txt_The_ID_X_has_been_confirmed;
|
||||
extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
|
||||
char UsrID[ID_MAX_LENGTH_USR_ID+1];
|
||||
bool ICanConfirm = false;
|
||||
bool ICanConfirm;
|
||||
bool Found;
|
||||
unsigned NumID;
|
||||
unsigned NumIDFound = 0; // Initialized to avoid warning
|
||||
|
||||
/***** Get other user's code from form and get user's data *****/
|
||||
ICanConfirm = false;
|
||||
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
|
||||
if (Gbl.Usrs.Other.UsrDat.UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) // Not me
|
||||
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
|
||||
if (ID_ICanSeeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat))
|
||||
ICanConfirm = true;
|
||||
|
||||
if (ICanConfirm)
|
||||
|
|
|
|||
|
|
@ -2470,15 +2470,15 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] =
|
|||
/* ActCnfID_Std */{1569,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL},
|
||||
/* ActCnfID_Tch */{1570,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL},
|
||||
|
||||
/* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
/* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
/* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
/* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL},
|
||||
/* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL},
|
||||
/* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
/* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
/* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL},
|
||||
|
||||
/* ActFrmPwdOth */{1464,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL},
|
||||
/* ActFrmPwdStd */{1465,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL},
|
||||
|
|
@ -2487,15 +2487,15 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] =
|
|||
/* ActChgPwdStd */{1468,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL},
|
||||
/* ActChgPwdTch */{1469,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL},
|
||||
|
||||
/* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
/* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL},
|
||||
/* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
/* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL},
|
||||
|
||||
/* ActRemStdCrs */{1462,-1,TabUnk,ActLstStd ,0x1F8,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL},
|
||||
/* ActRemTchCrs */{1463,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL},
|
||||
|
|
|
|||
|
|
@ -187,8 +187,6 @@
|
|||
// TODO: Fix bug when creating a new attendance event: if title is repeated, form is cleared
|
||||
// TODO: Fix bug: When registering an administrator, the user's name changes are ignored
|
||||
|
||||
// TODO: Warning: now a teacher can view ID and email of empty users (uswers without password and name). How to avoid this while allowing teacher editing empty users?
|
||||
|
||||
/*****************************************************************************/
|
||||
/****************************** Public constants *****************************/
|
||||
/*****************************************************************************/
|
||||
|
|
@ -200,6 +198,7 @@
|
|||
// Number of lines (includes comments but not blank lines) has been got with the following command:
|
||||
// nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1
|
||||
/*
|
||||
Version 16.126.5: Jan 27, 2017 Changes in permissions to view/change another user's data. (212093 lines)
|
||||
Version 16.126.4: Jan 27, 2017 Code refactoring related to permissions to view/change another user's data. (212105 lines)
|
||||
Version 16.126.3: Jan 27, 2017 Fixed bug in search of user, reported by Javier Fernández Baldomero. (212086 lines)
|
||||
Version 16.126.2: Jan 27, 2017 When creating a new user, the record card don't have contextual icons. (212083 lines)
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ static void Enr_RemoveEnrollmentRequest (long CrsCod,long UsrCod);
|
|||
static void Enr_RemoveExpiredEnrollmentRequests (void);
|
||||
|
||||
static void Enr_ReqRegRemUsr (Rol_Role_t Role);
|
||||
static bool Enr_CheckIfICanAdminOtherUsrs (void);
|
||||
static bool Enr_ICanAdminOtherUsrs (void);
|
||||
static void Enr_ReqAnotherUsrIDToRegisterRemove (Rol_Role_t Role);
|
||||
static void Enr_AskIfRegRemMe (Rol_Role_t Role);
|
||||
static void Enr_AskIfRegRemAnotherUsr (Rol_Role_t Role);
|
||||
|
|
@ -2882,7 +2882,7 @@ void Enr_PutLinkToAdminOneUsr (Act_Action_t NextAction)
|
|||
{
|
||||
extern const char *Txt_Admin_me;
|
||||
extern const char *Txt_Admin_one_user;
|
||||
const char *TitleText = Enr_CheckIfICanAdminOtherUsrs () ? Txt_Admin_one_user :
|
||||
const char *TitleText = Enr_ICanAdminOtherUsrs () ? Txt_Admin_one_user :
|
||||
Txt_Admin_me;
|
||||
|
||||
Lay_PutContextualLink (NextAction,NULL,
|
||||
|
|
@ -2930,7 +2930,7 @@ void Enr_ReqRegRemTch (void)
|
|||
|
||||
static void Enr_ReqRegRemUsr (Rol_Role_t Role)
|
||||
{
|
||||
if (Enr_CheckIfICanAdminOtherUsrs ())
|
||||
if (Enr_ICanAdminOtherUsrs ())
|
||||
Enr_ReqAnotherUsrIDToRegisterRemove (Role);
|
||||
else
|
||||
Enr_AskIfRegRemMe (Role);
|
||||
|
|
@ -2940,7 +2940,7 @@ static void Enr_ReqRegRemUsr (Rol_Role_t Role)
|
|||
/*********** Check If I can admin other users (distinct to me) ***************/
|
||||
/*****************************************************************************/
|
||||
|
||||
static bool Enr_CheckIfICanAdminOtherUsrs (void)
|
||||
static bool Enr_ICanAdminOtherUsrs (void)
|
||||
{
|
||||
switch (Gbl.Usrs.Me.LoggedRole)
|
||||
{
|
||||
|
|
@ -3154,11 +3154,9 @@ static void Enr_ShowFormToEditOtherUsr (void)
|
|||
/***** Buttons for edition *****/
|
||||
fprintf (Gbl.F.Out,"<div class=\"CONTEXT_MENU\">");
|
||||
|
||||
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password
|
||||
|
||||
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
{
|
||||
Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password
|
||||
Mai_PutLinkToChangeOtherUsrEmails (); // Put link (form) to change user's emails
|
||||
ID_PutLinkToChangeUsrIDs (); // Put link (form) to change user's IDs
|
||||
}
|
||||
|
|
|
|||
38
swad_mail.c
38
swad_mail.c
|
|
@ -1149,7 +1149,7 @@ void Mai_ShowFormOthEmail (void)
|
|||
/***** Get user whose password must be changed *****/
|
||||
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
|
||||
{
|
||||
if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
{
|
||||
/***** Start frame *****/
|
||||
Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL);
|
||||
|
|
@ -1368,7 +1368,7 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat)
|
|||
extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
|
||||
char Email[Usr_MAX_BYTES_USR_EMAIL+1];
|
||||
|
||||
if (Usr_ICanChangeOtherUsrData (UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (UsrDat))
|
||||
{
|
||||
/***** Get new email from form *****/
|
||||
Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL);
|
||||
|
|
@ -1450,7 +1450,7 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe)
|
|||
extern const char *Txt_User_not_found_or_you_do_not_have_permission_;
|
||||
char NewEmail[Usr_MAX_BYTES_USR_EMAIL+1];
|
||||
|
||||
if (Usr_ICanChangeOtherUsrData (UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (UsrDat))
|
||||
{
|
||||
/***** Get new email from form *****/
|
||||
Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL);
|
||||
|
|
@ -1816,30 +1816,16 @@ bool Mai_ICanSeeOtherUsrEmail (const struct UsrData *UsrDat)
|
|||
switch (Gbl.Usrs.Me.LoggedRole)
|
||||
{
|
||||
case Rol_STUDENT:
|
||||
/* If I am a student of current course,
|
||||
I only can see the user's email of teachers from current course */
|
||||
return (UsrDat->RoleInCurrentCrsDB == Rol_TEACHER &&
|
||||
UsrDat->Accepted);
|
||||
/* If I am a student in the current course,
|
||||
I can see the email of confirmed teachers */
|
||||
return (UsrDat->RoleInCurrentCrsDB == Rol_TEACHER && // A teacher
|
||||
UsrDat->Accepted); // who accepted registration
|
||||
case Rol_TEACHER:
|
||||
/* Check 1: I can see the email of users who do not exist in database */
|
||||
if (UsrDat->UsrCod <= 0) // User does not exist (if in the future email is used to create a new user)
|
||||
return true;
|
||||
|
||||
/* Check 2: I can see the email of confirmed students and teachers */
|
||||
if ((UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
|
||||
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
|
||||
UsrDat->Accepted) // who accepted registration
|
||||
return true;
|
||||
|
||||
/* Check 3: I can see the IDs of users with user's data empty */
|
||||
if (!UsrDat->Password[0] && // User has no password (never logged)
|
||||
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
|
||||
!UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2)
|
||||
!UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name)
|
||||
// Warning: I could view simultaneously ID and email (if filled)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
/* If I am a teacher in the current course,
|
||||
I can see the email of confirmed students and teachers */
|
||||
return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student
|
||||
UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher
|
||||
UsrDat->Accepted; // who accepted registration
|
||||
case Rol_DEG_ADM:
|
||||
/* If I am an administrator of current degree,
|
||||
I only can see the user's email of users from current degree */
|
||||
|
|
|
|||
|
|
@ -491,7 +491,7 @@ void Pwd_UpdateOtherPwd1 (void)
|
|||
/***** Get other user's code from form and get user's data *****/
|
||||
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
|
||||
{
|
||||
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
{
|
||||
Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
|
||||
Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD);
|
||||
|
|
@ -813,7 +813,7 @@ void Pwd_ShowFormOthPwd (void)
|
|||
/***** Get user whose password must be changed *****/
|
||||
if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ())
|
||||
{
|
||||
if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat))
|
||||
{
|
||||
/***** Start frame *****/
|
||||
Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL);
|
||||
|
|
|
|||
|
|
@ -150,7 +150,7 @@ bool Pho_ICanChangeOtherUsrPhoto (const struct UsrData *UsrDat)
|
|||
case Rol_CTR_ADM:
|
||||
case Rol_INS_ADM:
|
||||
case Rol_SYS_ADM:
|
||||
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
|
||||
return Usr_AsAdminICanEditOtherUsr (UsrDat);
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@
|
|||
/********************************** Headers **********************************/
|
||||
/*****************************************************************************/
|
||||
|
||||
|
||||
/*****************************************************************************/
|
||||
/************************** Public constant and types ************************/
|
||||
/*****************************************************************************/
|
||||
|
|
|
|||
12
swad_user.c
12
swad_user.c
|
|
@ -838,12 +838,8 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat)
|
|||
if (UsrDat->UsrCod <= 0) // User does not exist (when creating a new user)
|
||||
return true;
|
||||
|
||||
/* Check 2: I change data of users with user's data empty */
|
||||
if (!UsrDat->Password[0] && // User has no password (never logged)
|
||||
!UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1)
|
||||
!UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2)
|
||||
!UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name)
|
||||
// Warning: I could view simultaneously ID and email (if filled)
|
||||
/* Check 2: I change data of users without password */
|
||||
if (!UsrDat->Password[0]) // User has no password (never logged)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
|
|
@ -851,7 +847,7 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat)
|
|||
case Rol_CTR_ADM:
|
||||
case Rol_INS_ADM:
|
||||
case Rol_SYS_ADM:
|
||||
return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat);
|
||||
return Usr_AsAdminICanEditOtherUsr (UsrDat);
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
@ -861,7 +857,7 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat)
|
|||
/************ Check if I (as admin) can edit another user's data *************/
|
||||
/*****************************************************************************/
|
||||
|
||||
bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat)
|
||||
bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat)
|
||||
{
|
||||
switch (Gbl.Usrs.Me.LoggedRole)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod);
|
|||
bool Usr_CheckIfUsrIsSuperuser (long UsrCod);
|
||||
|
||||
bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat);
|
||||
bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat);
|
||||
bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat);
|
||||
|
||||
unsigned Usr_GetNumCrssOfUsr (long UsrCod);
|
||||
unsigned Usr_GetNumCrssOfUsrNotAccepted (long UsrCod);
|
||||
|
|
|
|||
Loading…
Reference in New Issue