From d8df950fdf51d9d0b347423008a4239ba091e4d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Ca=C3=B1as=20Vargas?= Date: Fri, 27 Jan 2017 18:45:38 +0100 Subject: [PATCH] Version 16.126.5 --- swad_ID.c | 20 ++++++++++++-------- swad_action.c | 36 ++++++++++++++++++------------------ swad_changelog.h | 3 +-- swad_enrollment.c | 14 ++++++-------- swad_mail.c | 38 ++++++++++++-------------------------- swad_password.c | 4 ++-- swad_photo.c | 2 +- swad_role_type.h | 1 - swad_user.c | 12 ++++-------- swad_user.h | 2 +- 10 files changed, 57 insertions(+), 75 deletions(-) diff --git a/swad_ID.c b/swad_ID.c index 851095d9..c37c5c64 100644 --- a/swad_ID.c +++ b/swad_ID.c @@ -424,11 +424,14 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat) return true; /* Check 3: I can see the IDs of users with user's data empty */ + // This check is made to not view simultaneously: + // - an ID + // - a name or an email if (!UsrDat->Password[0] && // User has no password (never logged) !UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1) !UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2) - !UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name) - // Warning: I could view simultaneously ID and email (if filled) + !UsrDat->FirstName[0] && // and who has no first name (nobody filled user's first name) + !UsrDat->Email[0]) // and who has no email (nobody filled user's email) return true; return false; @@ -436,7 +439,7 @@ bool ID_ICanSeeOtherUsrIDs (const struct UsrData *UsrDat) case Rol_CTR_ADM: case Rol_INS_ADM: case Rol_SYS_ADM: - return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat); + return Usr_AsAdminICanEditOtherUsr (UsrDat); default: return false; } @@ -516,7 +519,7 @@ void ID_ShowFormOthIDs (void) /***** Get user whose password must be changed *****/ if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) { - if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) { /***** Start frame *****/ Lay_StartRoundFrame (NULL,Txt_ID,NULL,NULL); @@ -720,7 +723,7 @@ static void ID_RemoveUsrID (const struct UsrData *UsrDat,bool ItsMe) char UsrID[ID_MAX_LENGTH_USR_ID+1]; bool ICanRemove; - if (Usr_ICanChangeOtherUsrData (UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (UsrDat)) { /***** Get user's ID from form *****/ Par_GetParToText ("UsrID",UsrID,ID_MAX_LENGTH_USR_ID); @@ -841,7 +844,7 @@ static void ID_NewUsrID (const struct UsrData *UsrDat,bool ItsMe) unsigned NumIDFound = 0; // Initialized to avoid warning bool Error = false; - if (Usr_ICanChangeOtherUsrData (UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (UsrDat)) { /***** Get new user's ID from form *****/ Par_GetParToText ("NewID",NewID,ID_MAX_LENGTH_USR_ID); @@ -956,15 +959,16 @@ static void ID_ReqConfOrConfOtherUsrID (ID_ReqConfOrConfID_t ReqConfOrConfID) extern const char *Txt_The_ID_X_has_been_confirmed; extern const char *Txt_User_not_found_or_you_do_not_have_permission_; char UsrID[ID_MAX_LENGTH_USR_ID+1]; - bool ICanConfirm = false; + bool ICanConfirm; bool Found; unsigned NumID; unsigned NumIDFound = 0; // Initialized to avoid warning /***** Get other user's code from form and get user's data *****/ + ICanConfirm = false; if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) if (Gbl.Usrs.Other.UsrDat.UsrCod != Gbl.Usrs.Me.UsrDat.UsrCod) // Not me - if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat)) + if (ID_ICanSeeOtherUsrIDs (&Gbl.Usrs.Other.UsrDat)) ICanConfirm = true; if (ICanConfirm) diff --git a/swad_action.c b/swad_action.c index dfe44891..5ec7e4c2 100644 --- a/swad_action.c +++ b/swad_action.c @@ -2470,15 +2470,15 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] = /* ActCnfID_Std */{1569,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL}, /* ActCnfID_Tch */{1570,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ConfirmOtherUsrID ,NULL}, - /* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, - /* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, - /* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, - /* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, - /* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, - /* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, - /* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, - /* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, - /* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, + /* ActFrmIDsOth */{1447,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, + /* ActFrmIDsStd */{1448,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, + /* ActFrmIDsTch */{1449,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_ShowFormOthIDs ,NULL}, + /* ActRemID_Oth */{1450,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, + /* ActRemID_Std */{1451,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, + /* ActRemID_Tch */{1452,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_RemoveOtherUsrID ,NULL}, + /* ActNewID_Oth */{1453,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, + /* ActNewID_Std */{1454,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, + /* ActNewID_Tch */{1455,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,ID_NewOtherUsrID ,NULL}, /* ActFrmPwdOth */{1464,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL}, /* ActFrmPwdStd */{1465,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Pwd_ShowFormOthPwd ,NULL}, @@ -2487,15 +2487,15 @@ struct Act_Actions Act_Actions[Act_NUM_ACTIONS] = /* ActChgPwdStd */{1468,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL}, /* ActChgPwdTch */{1469,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,Pwd_UpdateOtherPwd1 ,Pwd_UpdateOtherPwd2 ,NULL}, - /* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, - /* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, - /* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, - /* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, - /* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, - /* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, - /* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, - /* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, - /* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, + /* ActFrmMaiOth */{1475,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, + /* ActFrmMaiStd */{1476,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, + /* ActFrmMaiTch */{1477,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_ShowFormOthEmail ,NULL}, + /* ActRemMaiOth */{1478,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, + /* ActRemMaiStd */{1479,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, + /* ActRemMaiTch */{1480,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_RemoveOtherUsrEmail ,NULL}, + /* ActNewMaiOth */{1481,-1,TabUnk,ActLstOth ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, + /* ActNewMaiStd */{1482,-1,TabUnk,ActLstStd ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, + /* ActNewMaiTch */{1483,-1,TabUnk,ActLstTch ,0x1E0,0x1E0,0x1E0,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Mai_NewOtherUsrEmail ,NULL}, /* ActRemStdCrs */{1462,-1,TabUnk,ActLstStd ,0x1F8,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL}, /* ActRemTchCrs */{1463,-1,TabUnk,ActLstTch ,0x1F0,0x1E0,0x000,Act_CONT_NORM,Act_THIS_WINDOW,NULL ,Enr_RemUsrFromCrs ,NULL}, diff --git a/swad_changelog.h b/swad_changelog.h index 9119211e..aa56079c 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -187,8 +187,6 @@ // TODO: Fix bug when creating a new attendance event: if title is repeated, form is cleared // TODO: Fix bug: When registering an administrator, the user's name changes are ignored -// TODO: Warning: now a teacher can view ID and email of empty users (uswers without password and name). How to avoid this while allowing teacher editing empty users? - /*****************************************************************************/ /****************************** Public constants *****************************/ /*****************************************************************************/ @@ -200,6 +198,7 @@ // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 /* + Version 16.126.5: Jan 27, 2017 Changes in permissions to view/change another user's data. (212093 lines) Version 16.126.4: Jan 27, 2017 Code refactoring related to permissions to view/change another user's data. (212105 lines) Version 16.126.3: Jan 27, 2017 Fixed bug in search of user, reported by Javier Fernández Baldomero. (212086 lines) Version 16.126.2: Jan 27, 2017 When creating a new user, the record card don't have contextual icons. (212083 lines) diff --git a/swad_enrollment.c b/swad_enrollment.c index a4342eb5..1c12a1d3 100644 --- a/swad_enrollment.c +++ b/swad_enrollment.c @@ -109,7 +109,7 @@ static void Enr_RemoveEnrollmentRequest (long CrsCod,long UsrCod); static void Enr_RemoveExpiredEnrollmentRequests (void); static void Enr_ReqRegRemUsr (Rol_Role_t Role); -static bool Enr_CheckIfICanAdminOtherUsrs (void); +static bool Enr_ICanAdminOtherUsrs (void); static void Enr_ReqAnotherUsrIDToRegisterRemove (Rol_Role_t Role); static void Enr_AskIfRegRemMe (Rol_Role_t Role); static void Enr_AskIfRegRemAnotherUsr (Rol_Role_t Role); @@ -2882,7 +2882,7 @@ void Enr_PutLinkToAdminOneUsr (Act_Action_t NextAction) { extern const char *Txt_Admin_me; extern const char *Txt_Admin_one_user; - const char *TitleText = Enr_CheckIfICanAdminOtherUsrs () ? Txt_Admin_one_user : + const char *TitleText = Enr_ICanAdminOtherUsrs () ? Txt_Admin_one_user : Txt_Admin_me; Lay_PutContextualLink (NextAction,NULL, @@ -2930,7 +2930,7 @@ void Enr_ReqRegRemTch (void) static void Enr_ReqRegRemUsr (Rol_Role_t Role) { - if (Enr_CheckIfICanAdminOtherUsrs ()) + if (Enr_ICanAdminOtherUsrs ()) Enr_ReqAnotherUsrIDToRegisterRemove (Role); else Enr_AskIfRegRemMe (Role); @@ -2940,7 +2940,7 @@ static void Enr_ReqRegRemUsr (Rol_Role_t Role) /*********** Check If I can admin other users (distinct to me) ***************/ /*****************************************************************************/ -static bool Enr_CheckIfICanAdminOtherUsrs (void) +static bool Enr_ICanAdminOtherUsrs (void) { switch (Gbl.Usrs.Me.LoggedRole) { @@ -3154,11 +3154,9 @@ static void Enr_ShowFormToEditOtherUsr (void) /***** Buttons for edition *****/ fprintf (Gbl.F.Out,"
"); - if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) - Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password - - if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) { + Pwd_PutLinkToChangeOtherUsrPassword (); // Put link (form) to change user's password Mai_PutLinkToChangeOtherUsrEmails (); // Put link (form) to change user's emails ID_PutLinkToChangeUsrIDs (); // Put link (form) to change user's IDs } diff --git a/swad_mail.c b/swad_mail.c index 10618b96..137ecf57 100644 --- a/swad_mail.c +++ b/swad_mail.c @@ -1149,7 +1149,7 @@ void Mai_ShowFormOthEmail (void) /***** Get user whose password must be changed *****/ if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) { - if (Usr_ICanChangeOtherUsrData (&Gbl.Usrs.Other.UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) { /***** Start frame *****/ Lay_StartRoundFrame (NULL,Txt_Email,NULL,NULL); @@ -1368,7 +1368,7 @@ static void Mai_RemoveEmail (struct UsrData *UsrDat) extern const char *Txt_User_not_found_or_you_do_not_have_permission_; char Email[Usr_MAX_BYTES_USR_EMAIL+1]; - if (Usr_ICanChangeOtherUsrData (UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (UsrDat)) { /***** Get new email from form *****/ Par_GetParToText ("Email",Email,Usr_MAX_BYTES_USR_EMAIL); @@ -1450,7 +1450,7 @@ static void Mai_NewUsrEmail (struct UsrData *UsrDat,bool ItsMe) extern const char *Txt_User_not_found_or_you_do_not_have_permission_; char NewEmail[Usr_MAX_BYTES_USR_EMAIL+1]; - if (Usr_ICanChangeOtherUsrData (UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (UsrDat)) { /***** Get new email from form *****/ Par_GetParToText ("NewEmail",NewEmail,Usr_MAX_BYTES_USR_EMAIL); @@ -1816,30 +1816,16 @@ bool Mai_ICanSeeOtherUsrEmail (const struct UsrData *UsrDat) switch (Gbl.Usrs.Me.LoggedRole) { case Rol_STUDENT: - /* If I am a student of current course, - I only can see the user's email of teachers from current course */ - return (UsrDat->RoleInCurrentCrsDB == Rol_TEACHER && - UsrDat->Accepted); + /* If I am a student in the current course, + I can see the email of confirmed teachers */ + return (UsrDat->RoleInCurrentCrsDB == Rol_TEACHER && // A teacher + UsrDat->Accepted); // who accepted registration case Rol_TEACHER: - /* Check 1: I can see the email of users who do not exist in database */ - if (UsrDat->UsrCod <= 0) // User does not exist (if in the future email is used to create a new user) - return true; - - /* Check 2: I can see the email of confirmed students and teachers */ - if ((UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student - UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher - UsrDat->Accepted) // who accepted registration - return true; - - /* Check 3: I can see the IDs of users with user's data empty */ - if (!UsrDat->Password[0] && // User has no password (never logged) - !UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1) - !UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2) - !UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name) - // Warning: I could view simultaneously ID and email (if filled) - return true; - - return false; + /* If I am a teacher in the current course, + I can see the email of confirmed students and teachers */ + return (UsrDat->RoleInCurrentCrsDB == Rol_STUDENT || // A student + UsrDat->RoleInCurrentCrsDB == Rol_TEACHER) && // or a teacher + UsrDat->Accepted; // who accepted registration case Rol_DEG_ADM: /* If I am an administrator of current degree, I only can see the user's email of users from current degree */ diff --git a/swad_password.c b/swad_password.c index 630f582f..73958ced 100644 --- a/swad_password.c +++ b/swad_password.c @@ -491,7 +491,7 @@ void Pwd_UpdateOtherPwd1 (void) /***** Get other user's code from form and get user's data *****/ if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) { - if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) { Par_GetParToText ("Paswd1",NewPlainPassword[0],Pwd_MAX_LENGTH_PLAIN_PASSWORD); Par_GetParToText ("Paswd2",NewPlainPassword[1],Pwd_MAX_LENGTH_PLAIN_PASSWORD); @@ -813,7 +813,7 @@ void Pwd_ShowFormOthPwd (void) /***** Get user whose password must be changed *****/ if (Usr_GetParamOtherUsrCodEncryptedAndGetUsrData ()) { - if (Usr_CheckIfIAsAdminCanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) + if (Usr_AsAdminICanEditOtherUsr (&Gbl.Usrs.Other.UsrDat)) { /***** Start frame *****/ Lay_StartRoundFrame (NULL,Txt_Password,NULL,NULL); diff --git a/swad_photo.c b/swad_photo.c index 3f386997..1ab37963 100644 --- a/swad_photo.c +++ b/swad_photo.c @@ -150,7 +150,7 @@ bool Pho_ICanChangeOtherUsrPhoto (const struct UsrData *UsrDat) case Rol_CTR_ADM: case Rol_INS_ADM: case Rol_SYS_ADM: - return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat); + return Usr_AsAdminICanEditOtherUsr (UsrDat); default: return false; } diff --git a/swad_role_type.h b/swad_role_type.h index a9359c05..4ec2c97b 100644 --- a/swad_role_type.h +++ b/swad_role_type.h @@ -27,7 +27,6 @@ /********************************** Headers **********************************/ /*****************************************************************************/ - /*****************************************************************************/ /************************** Public constant and types ************************/ /*****************************************************************************/ diff --git a/swad_user.c b/swad_user.c index 301a7600..326962dc 100644 --- a/swad_user.c +++ b/swad_user.c @@ -838,12 +838,8 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat) if (UsrDat->UsrCod <= 0) // User does not exist (when creating a new user) return true; - /* Check 2: I change data of users with user's data empty */ - if (!UsrDat->Password[0] && // User has no password (never logged) - !UsrDat->Surname1[0] && // and who has no surname 1 (nobody filled user's surname 1) - !UsrDat->Surname2[0] && // and who has no surname 2 (nobody filled user's surname 2) - !UsrDat->FirstName[0]) // and who has no first name (nobody filled user's first name) - // Warning: I could view simultaneously ID and email (if filled) + /* Check 2: I change data of users without password */ + if (!UsrDat->Password[0]) // User has no password (never logged) return true; return false; @@ -851,7 +847,7 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat) case Rol_CTR_ADM: case Rol_INS_ADM: case Rol_SYS_ADM: - return Usr_CheckIfIAsAdminCanEditOtherUsr (UsrDat); + return Usr_AsAdminICanEditOtherUsr (UsrDat); default: return false; } @@ -861,7 +857,7 @@ bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat) /************ Check if I (as admin) can edit another user's data *************/ /*****************************************************************************/ -bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat) +bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat) { switch (Gbl.Usrs.Me.LoggedRole) { diff --git a/swad_user.h b/swad_user.h index df5bf061..01544491 100644 --- a/swad_user.h +++ b/swad_user.h @@ -235,7 +235,7 @@ bool Usr_CheckIfUsrIsAdm (long UsrCod,Sco_Scope_t Scope,long Cod); bool Usr_CheckIfUsrIsSuperuser (long UsrCod); bool Usr_ICanChangeOtherUsrData (const struct UsrData *UsrDat); -bool Usr_CheckIfIAsAdminCanEditOtherUsr (const struct UsrData *UsrDat); +bool Usr_AsAdminICanEditOtherUsr (const struct UsrData *UsrDat); unsigned Usr_GetNumCrssOfUsr (long UsrCod); unsigned Usr_GetNumCrssOfUsrNotAccepted (long UsrCod);