Fossil SCM

Initial steps toward more prominently recording when a user's permissions are elevated. This currently only changes the admin log output but the eventual intent is to enable optional email notifications when a user account is elevated.

stephan 2025-03-08 11:31 trunk

Commit 22b648e9e5893ee22ab292de537996ac2ac7d2738502258aa0663e79cb37700e

Parent 74b149f2e25916f…

1 file changed +35 -6

~ src/setupuser.c

M src/setupuser.c

+35 -6

		--- src/setupuser.c
		+++ src/setupuser.c
		@@ -302,10 +302,34 @@
302	302	if( zPw==0 ) return 0;
303	303	if( zPw[0]==0 ) return 1;
304	304	while( zPw[0]=='*' ){ zPw++; }
305	305	return zPw[0]!=0;
306	306	}
	307	+
	308	+/*
	309	+** Return 1 if user capability string zCaps contains the given
	310	+** capability letter, else 0.
	311	+*/
	312	+static int userCapsContain(const char *zCaps, const char letter){
	313	+ for( ; zCaps && *zCaps; ++zCaps ){
	314	+ if( letter==*zCaps ) return 1;
	315	+ }
	316	+ return 0;
	317	+}
	318	+
	319	+/*
	320	+** Return 1 if user capability string zNew contains any capability
	321	+** letter which is not in user capability string zOrig, else 0.
	322	+*/
	323	+static int userCapsAreElevated(const char zOrig, const char zNew){
	324	+ for( ; zNew && *zNew; ++zNew ){
	325	+ if( !userCapsContain(zOrig, *zNew) ){
	326	+ return 1;
	327	+ }
	328	+ }
	329	+ return 0;
	330	+}
307	331
308	332	/*
309	333	** WEBPAGE: setup_uedit
310	334	**
311	335	** Edit information about a user or create a new user.
		@@ -314,10 +338,11 @@
314	338	void user_edit(void){
315	339	const char zId, zLogin, zInfo, zCap, *zPw;
316	340	const char *zGroup;
317	341	const char *zOldLogin;
318	342	int uid, i;
	343	+ char zOldCaps = 0; / Capabilities before edit */
319	344	char zDeleteVerify = 0; / Delete user verification text */
320	345	int higherUser = 0; /* True if user being edited is SETUP and the */
321	346	/* user doing the editing is ADMIN. Disallow editing */
322	347	const char *inherit[128];
323	348	int a[128];
		@@ -331,14 +356,15 @@
331	356	/* Check to see if an ADMIN user is trying to edit a SETUP account.
332	357	** Don't allow that.
333	358	*/
334	359	zId = PD("id", "0");
335	360	uid = atoi(zId);
336		- if( zId && !g.perm.Setup && uid>0 ){
337		- char *zOldCaps;
	361	+ if( uid>0 ){
338	362	zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid);
339		- higherUser = zOldCaps && strchr(zOldCaps,'s');
	363	+ if( zId && !g.perm.Setup ){
	364	+ higherUser = zOldCaps && strchr(zOldCaps,'s');
	365	+ }
340	366	}
341	367
342	368	if( P("can") ){
343	369	/* User pressed the cancel button */
344	370	cgi_redirect(cgi_referer("setup_ulist"));
		@@ -460,12 +486,15 @@
460	486	}
461	487	admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin );
462	488	}
463	489	db_protect_pop();
464	490	setup_incr_cfgcnt();
465		- admin_log( "Updated user [%q] with capabilities [%q].",
466		- zLogin, &aCap[0] );
	491	+ admin_log( "Updated user [%q] with%s capabilities [%q].",
	492	+ zLogin,
	493	+ userCapsAreElevated(zOldCaps, &aCap[0])
	494	+ ? " elevated" : "",
	495	+ &aCap[0] );
467	496	if( atoi(PD("all","0"))>0 ){
468	497	Blob sql;
469	498	char *zErr = 0;
470	499	blob_zero(&sql);
471	500	if( zOldLogin==0 ){
		@@ -526,11 +555,11 @@
526	555
527	556	/* Load the existing information about the user, if any
528	557	*/
529	558	zLogin = "";
530	559	zInfo = "";
531		- zCap = "";
	560	+ zCap = zOldCaps;
532	561	zPw = "";
533	562	for(i='a'; i<='z'; i++) oa[i] = "";
534	563	for(i='0'; i<='9'; i++) oa[i] = "";
535	564	for(i='A'; i<='Z'; i++) oa[i] = "";
536	565	if( uid ){
537	566

	--- src/setupuser.c
	+++ src/setupuser.c
	@@ -302,10 +302,34 @@
302	if( zPw==0 ) return 0;
303	if( zPw[0]==0 ) return 1;
304	while( zPw[0]=='*' ){ zPw++; }
305	return zPw[0]!=0;
306	}
























307
308	/*
309	** WEBPAGE: setup_uedit
310	**
311	** Edit information about a user or create a new user.
	@@ -314,10 +338,11 @@
314	void user_edit(void){
315	const char zId, zLogin, zInfo, zCap, *zPw;
316	const char *zGroup;
317	const char *zOldLogin;
318	int uid, i;

319	char zDeleteVerify = 0; / Delete user verification text */
320	int higherUser = 0; /* True if user being edited is SETUP and the */
321	/* user doing the editing is ADMIN. Disallow editing */
322	const char *inherit[128];
323	int a[128];
	@@ -331,14 +356,15 @@
331	/* Check to see if an ADMIN user is trying to edit a SETUP account.
332	** Don't allow that.
333	*/
334	zId = PD("id", "0");
335	uid = atoi(zId);
336	if( zId && !g.perm.Setup && uid>0 ){
337	char *zOldCaps;
338	zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid);
339	higherUser = zOldCaps && strchr(zOldCaps,'s');


340	}
341
342	if( P("can") ){
343	/* User pressed the cancel button */
344	cgi_redirect(cgi_referer("setup_ulist"));
	@@ -460,12 +486,15 @@
460	}
461	admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin );
462	}
463	db_protect_pop();
464	setup_incr_cfgcnt();
465	admin_log( "Updated user [%q] with capabilities [%q].",
466	zLogin, &aCap[0] );



467	if( atoi(PD("all","0"))>0 ){
468	Blob sql;
469	char *zErr = 0;
470	blob_zero(&sql);
471	if( zOldLogin==0 ){
	@@ -526,11 +555,11 @@
526
527	/* Load the existing information about the user, if any
528	*/
529	zLogin = "";
530	zInfo = "";
531	zCap = "";
532	zPw = "";
533	for(i='a'; i<='z'; i++) oa[i] = "";
534	for(i='0'; i<='9'; i++) oa[i] = "";
535	for(i='A'; i<='Z'; i++) oa[i] = "";
536	if( uid ){
537

	--- src/setupuser.c
	+++ src/setupuser.c
	@@ -302,10 +302,34 @@
302	if( zPw==0 ) return 0;
303	if( zPw[0]==0 ) return 1;
304	while( zPw[0]=='*' ){ zPw++; }
305	return zPw[0]!=0;
306	}
307
308	/*
309	** Return 1 if user capability string zCaps contains the given
310	** capability letter, else 0.
311	*/
312	static int userCapsContain(const char *zCaps, const char letter){
313	for( ; zCaps && *zCaps; ++zCaps ){
314	if( letter==*zCaps ) return 1;
315	}
316	return 0;
317	}
318
319	/*
320	** Return 1 if user capability string zNew contains any capability
321	** letter which is not in user capability string zOrig, else 0.
322	*/
323	static int userCapsAreElevated(const char zOrig, const char zNew){
324	for( ; zNew && *zNew; ++zNew ){
325	if( !userCapsContain(zOrig, *zNew) ){
326	return 1;
327	}
328	}
329	return 0;
330	}
331
332	/*
333	** WEBPAGE: setup_uedit
334	**
335	** Edit information about a user or create a new user.
	@@ -314,10 +338,11 @@
338	void user_edit(void){
339	const char zId, zLogin, zInfo, zCap, *zPw;
340	const char *zGroup;
341	const char *zOldLogin;
342	int uid, i;
343	char zOldCaps = 0; / Capabilities before edit */
344	char zDeleteVerify = 0; / Delete user verification text */
345	int higherUser = 0; /* True if user being edited is SETUP and the */
346	/* user doing the editing is ADMIN. Disallow editing */
347	const char *inherit[128];
348	int a[128];
	@@ -331,14 +356,15 @@
356	/* Check to see if an ADMIN user is trying to edit a SETUP account.
357	** Don't allow that.
358	*/
359	zId = PD("id", "0");
360	uid = atoi(zId);
361	if( uid>0 ){

362	zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid);
363	if( zId && !g.perm.Setup ){
364	higherUser = zOldCaps && strchr(zOldCaps,'s');
365	}
366	}
367
368	if( P("can") ){
369	/* User pressed the cancel button */
370	cgi_redirect(cgi_referer("setup_ulist"));
	@@ -460,12 +486,15 @@
486	}
487	admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin );
488	}
489	db_protect_pop();
490	setup_incr_cfgcnt();
491	admin_log( "Updated user [%q] with%s capabilities [%q].",
492	zLogin,
493	userCapsAreElevated(zOldCaps, &aCap[0])
494	? " elevated" : "",
495	&aCap[0] );
496	if( atoi(PD("all","0"))>0 ){
497	Blob sql;
498	char *zErr = 0;
499	blob_zero(&sql);
500	if( zOldLogin==0 ){
	@@ -526,11 +555,11 @@
555
556	/* Load the existing information about the user, if any
557	*/
558	zLogin = "";
559	zInfo = "";
560	zCap = zOldCaps;
561	zPw = "";
562	for(i='a'; i<='z'; i++) oa[i] = "";
563	for(i='0'; i<='9'; i++) oa[i] = "";
564	for(i='A'; i<='Z'; i++) oa[i] = "";
565	if( uid ){
566

Fossil SCM

Keyboard Shortcuts