Fossil SCM

Implemented all suggested changes to the self-register related code.

lrem 2011-01-04 17:13 self-register

Commit 13deb4321bda1f1060be8b014f5e9f0ba5a64ba6

Parent fedf27e483764c5…

4 files changed +11 +19 -6 +16 +4 -3

~ src/db.c ~ src/login.c ~ src/setup.c ~ src/user.c

M src/db.c

+11

		--- src/db.c
		+++ src/db.c
		@@ -1584,10 +1584,11 @@
1584	1584	{ "auto-captcha", "autocaptcha", 0, "on" },
1585	1585	{ "auto-shun", 0, 0, "on" },
1586	1586	{ "autosync", 0, 0, "on" },
1587	1587	{ "binary-glob", 0, 32, "" },
1588	1588	{ "clearsign", 0, 0, "off" },
	1589	+ { "default-perms", 0, 16, "u" },
1589	1590	{ "diff-command", 0, 16, "" },
1590	1591	{ "dont-push", 0, 0, "off" },
1591	1592	{ "editor", 0, 16, "" },
1592	1593	{ "gdiff-command", 0, 16, "gdiff" },
1593	1594	{ "ignore-glob", 0, 40, "" },
		@@ -1596,10 +1597,11 @@
1596	1597	{ "manifest", 0, 0, "off" },
1597	1598	{ "mtime-changes", 0, 0, "on" },
1598	1599	{ "pgp-command", 0, 32, "gpg --clearsign -o " },
1599	1600	{ "proxy", 0, 32, "off" },
1600	1601	{ "repo-cksum", 0, 0, "on" },
	1602	+ { "self-register", 0, 0, "off" },
1601	1603	{ "ssh-command", 0, 32, "" },
1602	1604	{ "web-browser", 0, 32, "" },
1603	1605	{ 0,0,0,0 }
1604	1606	};
1605	1607
		@@ -1634,10 +1636,14 @@
1634	1636	** purposes. Example: *.xml
1635	1637	**
1636	1638	** clearsign When enabled, fossil will attempt to sign all commits
1637	1639	** with gpg. When disabled (the default), commits will
1638	1640	** be unsigned. Default: off
	1641	+**
	1642	+** default-perms Permissions given automatically to new users. For more
	1643	+** information on permissions see Users page in Server
	1644	+** Administration of the HTTP UI. Default: u.
1639	1645	**
1640	1646	** diff-command External command to run when performing a diff.
1641	1647	** If undefined, the internal text diff will be used.
1642	1648	**
1643	1649	** dont-push Prevent this repository from pushing from client to
		@@ -1677,10 +1683,15 @@
1677	1683	**
1678	1684	** repo-cksum Compute checksums over all files in each checkout
1679	1685	** as a double-check of correctness. Defaults to "on".
1680	1686	** Disable on large repositories for a performance
1681	1687	** improvement.
	1688	+**
	1689	+** self-register Allow users to register themselves through the HTTP UI.
	1690	+** This is useful if you want to see other names than
	1691	+** "Anonymous" in e.g. ticketing system. On the other hand
	1692	+** users can not be deleted. Default: off.
1682	1693	**
1683	1694	** ssh-command Command used to talk to a remote machine with
1684	1695	** the "ssh://" protocol.
1685	1696	**
1686	1697	** web-browser A shell command used to launch your preferred
1687	1698

	--- src/db.c
	+++ src/db.c
	@@ -1584,10 +1584,11 @@
1584	{ "auto-captcha", "autocaptcha", 0, "on" },
1585	{ "auto-shun", 0, 0, "on" },
1586	{ "autosync", 0, 0, "on" },
1587	{ "binary-glob", 0, 32, "" },
1588	{ "clearsign", 0, 0, "off" },

1589	{ "diff-command", 0, 16, "" },
1590	{ "dont-push", 0, 0, "off" },
1591	{ "editor", 0, 16, "" },
1592	{ "gdiff-command", 0, 16, "gdiff" },
1593	{ "ignore-glob", 0, 40, "" },
	@@ -1596,10 +1597,11 @@
1596	{ "manifest", 0, 0, "off" },
1597	{ "mtime-changes", 0, 0, "on" },
1598	{ "pgp-command", 0, 32, "gpg --clearsign -o " },
1599	{ "proxy", 0, 32, "off" },
1600	{ "repo-cksum", 0, 0, "on" },

1601	{ "ssh-command", 0, 32, "" },
1602	{ "web-browser", 0, 32, "" },
1603	{ 0,0,0,0 }
1604	};
1605
	@@ -1634,10 +1636,14 @@
1634	** purposes. Example: *.xml
1635	**
1636	** clearsign When enabled, fossil will attempt to sign all commits
1637	** with gpg. When disabled (the default), commits will
1638	** be unsigned. Default: off




1639	**
1640	** diff-command External command to run when performing a diff.
1641	** If undefined, the internal text diff will be used.
1642	**
1643	** dont-push Prevent this repository from pushing from client to
	@@ -1677,10 +1683,15 @@
1677	**
1678	** repo-cksum Compute checksums over all files in each checkout
1679	** as a double-check of correctness. Defaults to "on".
1680	** Disable on large repositories for a performance
1681	** improvement.





1682	**
1683	** ssh-command Command used to talk to a remote machine with
1684	** the "ssh://" protocol.
1685	**
1686	** web-browser A shell command used to launch your preferred
1687

	--- src/db.c
	+++ src/db.c
	@@ -1584,10 +1584,11 @@
1584	{ "auto-captcha", "autocaptcha", 0, "on" },
1585	{ "auto-shun", 0, 0, "on" },
1586	{ "autosync", 0, 0, "on" },
1587	{ "binary-glob", 0, 32, "" },
1588	{ "clearsign", 0, 0, "off" },
1589	{ "default-perms", 0, 16, "u" },
1590	{ "diff-command", 0, 16, "" },
1591	{ "dont-push", 0, 0, "off" },
1592	{ "editor", 0, 16, "" },
1593	{ "gdiff-command", 0, 16, "gdiff" },
1594	{ "ignore-glob", 0, 40, "" },
	@@ -1596,10 +1597,11 @@
1597	{ "manifest", 0, 0, "off" },
1598	{ "mtime-changes", 0, 0, "on" },
1599	{ "pgp-command", 0, 32, "gpg --clearsign -o " },
1600	{ "proxy", 0, 32, "off" },
1601	{ "repo-cksum", 0, 0, "on" },
1602	{ "self-register", 0, 0, "off" },
1603	{ "ssh-command", 0, 32, "" },
1604	{ "web-browser", 0, 32, "" },
1605	{ 0,0,0,0 }
1606	};
1607
	@@ -1634,10 +1636,14 @@
1636	** purposes. Example: *.xml
1637	**
1638	** clearsign When enabled, fossil will attempt to sign all commits
1639	** with gpg. When disabled (the default), commits will
1640	** be unsigned. Default: off
1641	**
1642	** default-perms Permissions given automatically to new users. For more
1643	** information on permissions see Users page in Server
1644	** Administration of the HTTP UI. Default: u.
1645	**
1646	** diff-command External command to run when performing a diff.
1647	** If undefined, the internal text diff will be used.
1648	**
1649	** dont-push Prevent this repository from pushing from client to
	@@ -1677,10 +1683,15 @@
1683	**
1684	** repo-cksum Compute checksums over all files in each checkout
1685	** as a double-check of correctness. Defaults to "on".
1686	** Disable on large repositories for a performance
1687	** improvement.
1688	**
1689	** self-register Allow users to register themselves through the HTTP UI.
1690	** This is useful if you want to see other names than
1691	** "Anonymous" in e.g. ticketing system. On the other hand
1692	** users can not be deleted. Default: off.
1693	**
1694	** ssh-command Command used to talk to a remote machine with
1695	** the "ssh://" protocol.
1696	**
1697	** web-browser A shell command used to launch your preferred
1698

M src/login.c

+19 -6

		--- src/login.c
		+++ src/login.c
		@@ -266,13 +266,14 @@
266	266	}
267	267	@ your user-id and password at the left and press the
268	268	@ "Login" button. Your user name will be stored in a browser cookie.
269	269	@ You must configure your web browser to accept cookies in order for
270	270	@ the login to take.</p>
271		- @
272		- @ <p>If you do not have an account, you can
273		- @ <a href="%s(g.zTop)/register?g=%T(P("G"))">create one</a>.
	271	+ if( db_get_boolean("self-register", 0) ){
	272	+ @ <p>If you do not have an account, you can
	273	+ @ <a href="%s(g.zTop)/register?g=%T(P("G"))">create one</a>.
	274	+ }
274	275	if( zAnonPw ){
275	276	unsigned int uSeed = captcha_seed();
276	277	char const *zDecoded = captcha_decode(uSeed);
277	278	int bAutoCaptcha = db_get_boolean("auto-captcha", 1);
278	279	char *zCaptcha = captcha_render(zDecoded);
		@@ -636,10 +637,17 @@
636	637	** Generate the register page.
637	638	**
638	639	*/
639	640	void register_page(void){
640	641	const char zUsername, zPasswd, zConfirm, zContact, zCS, zPw, *zCap;
	642	+ if( !db_get_boolean("self-register", 0) ){
	643	+ style_header("Registration not possible");
	644	+ @ <p>This project does not allow user self-registration. Please contact the
	645	+ @ project administrator to obtain an account.</p>
	646	+ style_footer();
	647	+ return;
	648	+ }
641	649
642	650	style_header("Register");
643	651	zUsername = P("u");
644	652	zPasswd = P("p");
645	653	zConfirm = P("cp");
		@@ -652,10 +660,14 @@
652	660	if( zCS==0 ) fossil_redirect_home(); /* Forged request */
653	661	zPw = captcha_decode((unsigned int)atoi(zCS));
654	662	if( !(zUsername && zPasswd && zConfirm && zContact) ){
655	663	@ <p><span class="loginError">
656	664	@ All fields are obligatory.
	665	+ @ </span></p>
	666	+ }else if( strlen(zPasswd) < 6){
	667	+ @ <p><span class="loginError">
	668	+ @ Password too weak.
657	669	@ </span></p>
658	670	}else if( strcmp(zPasswd,zConfirm)!=0 ){
659	671	@ <p><span class="loginError">
660	672	@ The two copies of your new passwords do not match.
661	673	@ </span></p>
		@@ -663,14 +675,15 @@
663	675	@ <p><span class="loginError">
664	676	@ Captcha text invalid.
665	677	@ </span></p>
666	678	}else{
667	679	/* This almost is stupid copy-paste of code from user.c:user_cmd(). */
668		- Blob passwd, login, contact;
	680	+ Blob passwd, login, caps, contact;
669	681
670	682	blob_init(&login, zUsername, -1);
671	683	blob_init(&contact, zContact, -1);
	684	+ blob_init(&caps, db_get("default-perms", "u"), -1);
672	685	blob_init(&passwd, zPasswd, -1);
673	686
674	687	if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){
675	688	/* Here lies the reason I don't use zErrMsg - it would not substitute
676	689	* this %s(zUsername), or at least I don't know how to force it to.*/
		@@ -679,12 +692,12 @@
679	692	@ </span></p>
680	693	}else{
681	694	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
682	695	db_multi_exec(
683	696	"INSERT INTO user(login,pw,cap,info)"
684		- "VALUES(%B,%Q,'u',%B)", /* u - register as reader, not developer! */
685		- &login, zPw, &contact
	697	+ "VALUES(%B,%Q,%B,%B)",
	698	+ &login, zPw, &caps, &contact
686	699	);
687	700	free(zPw);
688	701
689	702	/* The user is registered, now just log him in. */
690	703	int uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername);
691	704

	--- src/login.c
	+++ src/login.c
	@@ -266,13 +266,14 @@
266	}
267	@ your user-id and password at the left and press the
268	@ "Login" button. Your user name will be stored in a browser cookie.
269	@ You must configure your web browser to accept cookies in order for
270	@ the login to take.</p>
271	@
272	@ <p>If you do not have an account, you can
273	@ <a href="%s(g.zTop)/register?g=%T(P("G"))">create one</a>.

274	if( zAnonPw ){
275	unsigned int uSeed = captcha_seed();
276	char const *zDecoded = captcha_decode(uSeed);
277	int bAutoCaptcha = db_get_boolean("auto-captcha", 1);
278	char *zCaptcha = captcha_render(zDecoded);
	@@ -636,10 +637,17 @@
636	** Generate the register page.
637	**
638	*/
639	void register_page(void){
640	const char zUsername, zPasswd, zConfirm, zContact, zCS, zPw, *zCap;







641
642	style_header("Register");
643	zUsername = P("u");
644	zPasswd = P("p");
645	zConfirm = P("cp");
	@@ -652,10 +660,14 @@
652	if( zCS==0 ) fossil_redirect_home(); /* Forged request */
653	zPw = captcha_decode((unsigned int)atoi(zCS));
654	if( !(zUsername && zPasswd && zConfirm && zContact) ){
655	@ <p><span class="loginError">
656	@ All fields are obligatory.




657	@ </span></p>
658	}else if( strcmp(zPasswd,zConfirm)!=0 ){
659	@ <p><span class="loginError">
660	@ The two copies of your new passwords do not match.
661	@ </span></p>
	@@ -663,14 +675,15 @@
663	@ <p><span class="loginError">
664	@ Captcha text invalid.
665	@ </span></p>
666	}else{
667	/* This almost is stupid copy-paste of code from user.c:user_cmd(). */
668	Blob passwd, login, contact;
669
670	blob_init(&login, zUsername, -1);
671	blob_init(&contact, zContact, -1);

672	blob_init(&passwd, zPasswd, -1);
673
674	if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){
675	/* Here lies the reason I don't use zErrMsg - it would not substitute
676	* this %s(zUsername), or at least I don't know how to force it to.*/
	@@ -679,12 +692,12 @@
679	@ </span></p>
680	}else{
681	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
682	db_multi_exec(
683	"INSERT INTO user(login,pw,cap,info)"
684	"VALUES(%B,%Q,'u',%B)", /* u - register as reader, not developer! */
685	&login, zPw, &contact
686	);
687	free(zPw);
688
689	/* The user is registered, now just log him in. */
690	int uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername);
691

	--- src/login.c
	+++ src/login.c
	@@ -266,13 +266,14 @@
266	}
267	@ your user-id and password at the left and press the
268	@ "Login" button. Your user name will be stored in a browser cookie.
269	@ You must configure your web browser to accept cookies in order for
270	@ the login to take.</p>
271	if( db_get_boolean("self-register", 0) ){
272	@ <p>If you do not have an account, you can
273	@ <a href="%s(g.zTop)/register?g=%T(P("G"))">create one</a>.
274	}
275	if( zAnonPw ){
276	unsigned int uSeed = captcha_seed();
277	char const *zDecoded = captcha_decode(uSeed);
278	int bAutoCaptcha = db_get_boolean("auto-captcha", 1);
279	char *zCaptcha = captcha_render(zDecoded);
	@@ -636,10 +637,17 @@
637	** Generate the register page.
638	**
639	*/
640	void register_page(void){
641	const char zUsername, zPasswd, zConfirm, zContact, zCS, zPw, *zCap;
642	if( !db_get_boolean("self-register", 0) ){
643	style_header("Registration not possible");
644	@ <p>This project does not allow user self-registration. Please contact the
645	@ project administrator to obtain an account.</p>
646	style_footer();
647	return;
648	}
649
650	style_header("Register");
651	zUsername = P("u");
652	zPasswd = P("p");
653	zConfirm = P("cp");
	@@ -652,10 +660,14 @@
660	if( zCS==0 ) fossil_redirect_home(); /* Forged request */
661	zPw = captcha_decode((unsigned int)atoi(zCS));
662	if( !(zUsername && zPasswd && zConfirm && zContact) ){
663	@ <p><span class="loginError">
664	@ All fields are obligatory.
665	@ </span></p>
666	}else if( strlen(zPasswd) < 6){
667	@ <p><span class="loginError">
668	@ Password too weak.
669	@ </span></p>
670	}else if( strcmp(zPasswd,zConfirm)!=0 ){
671	@ <p><span class="loginError">
672	@ The two copies of your new passwords do not match.
673	@ </span></p>
	@@ -663,14 +675,15 @@
675	@ <p><span class="loginError">
676	@ Captcha text invalid.
677	@ </span></p>
678	}else{
679	/* This almost is stupid copy-paste of code from user.c:user_cmd(). */
680	Blob passwd, login, caps, contact;
681
682	blob_init(&login, zUsername, -1);
683	blob_init(&contact, zContact, -1);
684	blob_init(&caps, db_get("default-perms", "u"), -1);
685	blob_init(&passwd, zPasswd, -1);
686
687	if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){
688	/* Here lies the reason I don't use zErrMsg - it would not substitute
689	* this %s(zUsername), or at least I don't know how to force it to.*/
	@@ -679,12 +692,12 @@
692	@ </span></p>
693	}else{
694	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
695	db_multi_exec(
696	"INSERT INTO user(login,pw,cap,info)"
697	"VALUES(%B,%Q,%B,%B)",
698	&login, zPw, &caps, &contact
699	);
700	free(zPw);
701
702	/* The user is registered, now just log him in. */
703	int uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername);
704

M src/setup.c

+16

		--- src/setup.c
		+++ src/setup.c
		@@ -790,10 +790,26 @@
790	790	@ <p>Fossil tries to limit out-bound sync, clone, and pull packets
791	791	@ to this many bytes, uncompressed. If the client requires more data
792	792	@ than this, then the client will issue multiple HTTP requests.
793	793	@ Values below 1 million are not recommended. 5 million is a
794	794	@ reasonable number.</p>
	795	+
	796	+ @ <hr />
	797	+ onoff_attribute("Allow users to register themselves",
	798	+ "self-register", "selfregister", 0);
	799	+ @ <p>Allow users to register themselves through the HTTP UI.
	800	+ @ The registration form always requires filling in a CAPTCHA
	801	+ @ (<em>auto-captcha</em> setting is ignored). Still, bear in mind that anyone
	802	+ @ can register under any user name. This option is useful for public projects
	803	+ @ where you do not want everyone in any ticket discussion to be named
	804	+ @ "Anonymous".</p>
	805	+
	806	+ @ <hr />
	807	+ entry_attribute("Default privileges", 10, "default-perms", "defaultperms", "u");
	808	+ @ <p>Permissions given to users that register themselves using the HTTP UI
	809	+ @ or are registered by the administrator using the command line interface.
	810	+ @ </p>
795	811
796	812	@ <hr />
797	813	onoff_attribute("Show javascript button to fill in CAPTCHA",
798	814	"auto-captcha", "autocaptcha", 0);
799	815	@ <p>When enabled, a button appears on the login screen for user
800	816

	--- src/setup.c
	+++ src/setup.c
	@@ -790,10 +790,26 @@
790	@ <p>Fossil tries to limit out-bound sync, clone, and pull packets
791	@ to this many bytes, uncompressed. If the client requires more data
792	@ than this, then the client will issue multiple HTTP requests.
793	@ Values below 1 million are not recommended. 5 million is a
794	@ reasonable number.</p>
















795
796	@ <hr />
797	onoff_attribute("Show javascript button to fill in CAPTCHA",
798	"auto-captcha", "autocaptcha", 0);
799	@ <p>When enabled, a button appears on the login screen for user
800

	--- src/setup.c
	+++ src/setup.c
	@@ -790,10 +790,26 @@
790	@ <p>Fossil tries to limit out-bound sync, clone, and pull packets
791	@ to this many bytes, uncompressed. If the client requires more data
792	@ than this, then the client will issue multiple HTTP requests.
793	@ Values below 1 million are not recommended. 5 million is a
794	@ reasonable number.</p>
795
796	@ <hr />
797	onoff_attribute("Allow users to register themselves",
798	"self-register", "selfregister", 0);
799	@ <p>Allow users to register themselves through the HTTP UI.
800	@ The registration form always requires filling in a CAPTCHA
801	@ (<em>auto-captcha</em> setting is ignored). Still, bear in mind that anyone
802	@ can register under any user name. This option is useful for public projects
803	@ where you do not want everyone in any ticket discussion to be named
804	@ "Anonymous".</p>
805
806	@ <hr />
807	entry_attribute("Default privileges", 10, "default-perms", "defaultperms", "u");
808	@ <p>Permissions given to users that register themselves using the HTTP UI
809	@ or are registered by the administrator using the command line interface.
810	@ </p>
811
812	@ <hr />
813	onoff_attribute("Show javascript button to fill in CAPTCHA",
814	"auto-captcha", "autocaptcha", 0);
815	@ <p>When enabled, a button appears on the login screen for user
816

M src/user.c

+4 -3

		--- src/user.c
		+++ src/user.c
		@@ -180,12 +180,13 @@
180	180	if( g.argc<3 ){
181	181	usage("capabilities\|default\|list\|new\|password ...");
182	182	}
183	183	n = strlen(g.argv[2]);
184	184	if( n>=2 && strncmp(g.argv[2],"new",n)==0 ){
185		- Blob passwd, login, contact;
	185	+ Blob passwd, login, caps, contact;
186	186	char *zPw;
	187	+ blob_init(&caps, db_get("default-perms", "u"), -1);
187	188
188	189	if( g.argc>=4 ){
189	190	blob_init(&login, g.argv[3], -1);
190	191	}else{
191	192	prompt_user("login: ", &login);
		@@ -204,12 +205,12 @@
204	205	prompt_for_password("password: ", &passwd, 1);
205	206	}
206	207	zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
207	208	db_multi_exec(
208	209	"INSERT INTO user(login,pw,cap,info)"
209		- "VALUES(%B,%Q,'v',%B)",
210		- &login, zPw, &contact
	210	+ "VALUES(%B,%Q,%B,%B)",
	211	+ &login, zPw, &caps, &contact
211	212	);
212	213	free(zPw);
213	214	}else if( n>=2 && strncmp(g.argv[2],"default",n)==0 ){
214	215	user_select();
215	216	if( g.argc==3 ){
216	217

	--- src/user.c
	+++ src/user.c
	@@ -180,12 +180,13 @@
180	if( g.argc<3 ){
181	usage("capabilities\|default\|list\|new\|password ...");
182	}
183	n = strlen(g.argv[2]);
184	if( n>=2 && strncmp(g.argv[2],"new",n)==0 ){
185	Blob passwd, login, contact;
186	char *zPw;

187
188	if( g.argc>=4 ){
189	blob_init(&login, g.argv[3], -1);
190	}else{
191	prompt_user("login: ", &login);
	@@ -204,12 +205,12 @@
204	prompt_for_password("password: ", &passwd, 1);
205	}
206	zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
207	db_multi_exec(
208	"INSERT INTO user(login,pw,cap,info)"
209	"VALUES(%B,%Q,'v',%B)",
210	&login, zPw, &contact
211	);
212	free(zPw);
213	}else if( n>=2 && strncmp(g.argv[2],"default",n)==0 ){
214	user_select();
215	if( g.argc==3 ){
216

	--- src/user.c
	+++ src/user.c
	@@ -180,12 +180,13 @@
180	if( g.argc<3 ){
181	usage("capabilities\|default\|list\|new\|password ...");
182	}
183	n = strlen(g.argv[2]);
184	if( n>=2 && strncmp(g.argv[2],"new",n)==0 ){
185	Blob passwd, login, caps, contact;
186	char *zPw;
187	blob_init(&caps, db_get("default-perms", "u"), -1);
188
189	if( g.argc>=4 ){
190	blob_init(&login, g.argv[3], -1);
191	}else{
192	prompt_user("login: ", &login);
	@@ -204,12 +205,12 @@
205	prompt_for_password("password: ", &passwd, 1);
206	}
207	zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login));
208	db_multi_exec(
209	"INSERT INTO user(login,pw,cap,info)"
210	"VALUES(%B,%Q,%B,%B)",
211	&login, zPw, &caps, &contact
212	);
213	free(zPw);
214	}else if( n>=2 && strncmp(g.argv[2],"default",n)==0 ){
215	user_select();
216	if( g.argc==3 ){
217

Fossil SCM

Keyboard Shortcuts