diff --git a/app.py b/app.py
index 60fe4fb..413a4b7 100644
--- a/app.py
+++ b/app.py
@@ -231,7 +231,7 @@ def solar_register_post():
portal.solar.send_admins_new_user_notification_mail(user_id, upload_handler_solar.config)
- flash('Podatki so bili poslani v potrditev. Ko bo registracija potrjena, boste o tem obveščeni po e-mailu, ki ste ga posredovali zgoraj.')
+ flash('Podatki so bili poslani v potrditev. Ko bo registracija potrjena, boste o tem obveščeni po e-mailu.')
return redirect('/login')
@@ -679,8 +679,15 @@ def change_user_email():
@app.route('/changeuserrole', methods=['POST'])
@login_required
def change_user_role():
+ institution = portal.solar.get_user_institution(current_user.id)
if not portal.solar.is_admin(current_user.id):
- return '', 404
+
+ # Institution coordinators can only assign roles of users in their own
+ # institution.
+ if institution and portal.solar.is_institution_coordinator(current_user.id, institution.id):
+ pass
+ else:
+ return '', 404
user_id = request.form.get('user-id')
role = request.form.get('role')
@@ -717,7 +724,7 @@ def add_user_institution_mapping():
if institution:
institution_id = institution.id
- if not (portal.solar.is_admin(current_user.id) or portal.solar.is_institution_coordinator(current_user.id, institution_id)):
+ if not portal.solar.is_admin(current_user.id):
return '', 404
user_id = request.form['user_id']
diff --git a/templates/solar-manage-institution.html b/templates/solar-manage-institution.html
index f36a751..493cc1e 100644
--- a/templates/solar-manage-institution.html
+++ b/templates/solar-manage-institution.html
@@ -57,26 +57,6 @@
{% endif %}
{% endwith %}
- Seznam vseh aktivnih uporabnikov
-
-
-
-
- | ID |
- Ime in priimek |
- Email |
-
-
-
- {% for item in users %}
-
- | {{item.id}} |
- {{item.name}} |
- {{item.email}} |
-
- {% endfor %}
-
-
Seznam uporabnikov v vaši instituciji
@@ -99,18 +79,6 @@
- Dodaj uporabnika instituciji
-
Odstrani uporabnika iz institucije