From d44d7efd36073ccee91fb925c42cad4d226da7fd Mon Sep 17 00:00:00 2001
From: =?utf8?q?Petr=20P=C3=ADsa=C5=99?= <petr.pisar@atlas.cz>
Date: Fri, 29 Jan 2010 11:37:50 +0100
Subject: [PATCH] doc, client: Ajdust how UpdateDataBoxUser works

ISDS apparently does not use old user data only to identify changed user. It
uses these client supplied data to detect differences against new user data
and to authorize these changes.

Thus client must supply complete original old user data. Therefore application
will usually need to duplicate user data. Appropriate functions has been
implemented into library and exported.
---
 client/changeuser.c          | 7 +------
 doc/maintanance_web_services | 9 +++++++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/client/changeuser.c b/client/changeuser.c
index 743310c..9e8e19e 100644
--- a/client/changeuser.c
+++ b/client/changeuser.c
@@ -93,16 +93,11 @@ int main(int argc, char **argv) {
     if (db_user_info && db_owner_info) {
         /* Update user info */
         struct isds_DbUserInfo *old_user_info = NULL;
-        old_user_info = calloc(1, sizeof(*old_user_info));
+        old_user_info = isds_DbUserInfo_duplicate(db_user_info);
         if (!old_user_info) {
             fprintf(stderr, "No enough memory\n");
             exit(EXIT_FAILURE);
         }
-        old_user_info->userID = strdup(db_user_info->userID);
-        if (!old_user_info->userID) {
-            fprintf(stderr, "No enough memory\n");
-            exit(EXIT_FAILURE);
-        }
 
         printf("Updating info about my account: with no change\n");
         err = isds_UpdateDataBoxUser(ctx, db_owner_info,
diff --git a/doc/maintanance_web_services b/doc/maintanance_web_services
index 3bc0b57..582b8b5 100644
--- a/doc/maintanance_web_services
+++ b/doc/maintanance_web_services
@@ -83,8 +83,13 @@ UpdateDataBoxUser
 
 Change data about user assigned to given box.
 
-Input is box description (box ID or other criteria), old user data (to
-identify user to changed) and new user data.
+Input is box description (box ID or other criteria), old user data and new
+user data.
+
+Non-normative: old user data are used not only to identify user in ISDS, they
+are used by ISDS to recognise data changes. Permission to change data are
+tested against these differences. In other words, client must supply complete
+old user data, not only user ID.
 
 One can change any data (even user permissions) except user type of PRIMARY
 user. However PRIMARY user assigned to PO or OVM box can be removed
-- 
2.11.4.GIT