- Add "deviceReadonly" user field

- Allow users edit tokens
- Managers can create users with deviceLimit = 0 only
- Manager can't create users with expirationTime later then their
- Other permissions improvements

1 files changed, 3 insertions, 2 deletions

diff --git a/setup/default.xml b/setup/default.xml
index 0ab3163f0..1b3722626 100644
--- a/setup/default.xml
+++ b/setup/default.xml
@@ -64,8 +64,8 @@
     </entry>
 
     <entry key='database.insertUser'>
-        INSERT INTO users (name, email, hashedPassword, salt, readonly, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, coordinateFormat, disabled, expirationTime, deviceLimit, userLimit, token, attributes)
-        VALUES (:name, :email, :hashedPassword, :salt, :readonly, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :coordinateFormat, :disabled, :expirationTime, :deviceLimit, :userLimit, :token, :attributes)
+        INSERT INTO users (name, email, hashedPassword, salt, readonly, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, coordinateFormat, disabled, expirationTime, deviceLimit, userLimit, deviceReadonly, token, attributes)
+        VALUES (:name, :email, :hashedPassword, :salt, :readonly, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :coordinateFormat, :disabled, :expirationTime, :deviceLimit, :userLimit, :deviceReadonly, :token, :attributes)
     </entry>
 
     <entry key='database.updateUser'>
@@ -86,6 +86,7 @@
         expirationTime = :expirationTime,
         deviceLimit = :deviceLimit,
         userLimit = :userLimit,
+        deviceReadonly = :deviceReadonly,
         token = :token,
         attributes = :attributes
         WHERE id = :id