Fossil SCM
Add separate "clone" permissions. Previously, one needed "History" premission in order to clone. But sometimes we want to grant clone without granting history.
Commit
22c1ac41d4c02c44fe1763b9267a5f06e95c5a24
Parent
4ac16995e8d85ec…
6 files changed
+2
-1
+17
-16
+26
-17
+26
+8
-3
+1
-1
+2
-1
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -287,16 +287,17 @@ | ||
| 287 | 287 | for(i=0; zCap[i]; i++){ |
| 288 | 288 | switch( zCap[i] ){ |
| 289 | 289 | case 's': g.okSetup = g.okDelete = 1; |
| 290 | 290 | case 'a': g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery = |
| 291 | 291 | g.okRdWiki = g.okWrWiki = g.okHistory = |
| 292 | - g.okNewTkt = g.okPassword = 1; | |
| 292 | + g.okNewTkt = g.okPassword = g.okClone = 1; | |
| 293 | 293 | case 'i': g.okRead = g.okWrite = 1; break; |
| 294 | 294 | case 'o': g.okRead = 1; break; |
| 295 | 295 | |
| 296 | 296 | case 'd': g.okDelete = 1; break; |
| 297 | 297 | case 'h': g.okHistory = 1; break; |
| 298 | + case 'g': g.okClone = 1; break; | |
| 298 | 299 | case 'p': g.okPassword = 1; break; |
| 299 | 300 | case 'q': g.okQuery = 1; break; |
| 300 | 301 | |
| 301 | 302 | case 'j': g.okRdWiki = 1; break; |
| 302 | 303 | case 'k': g.okWrWiki = g.okRdWiki = g.okApndWiki =1; break; |
| 303 | 304 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -287,16 +287,17 @@ | |
| 287 | for(i=0; zCap[i]; i++){ |
| 288 | switch( zCap[i] ){ |
| 289 | case 's': g.okSetup = g.okDelete = 1; |
| 290 | case 'a': g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery = |
| 291 | g.okRdWiki = g.okWrWiki = g.okHistory = |
| 292 | g.okNewTkt = g.okPassword = 1; |
| 293 | case 'i': g.okRead = g.okWrite = 1; break; |
| 294 | case 'o': g.okRead = 1; break; |
| 295 | |
| 296 | case 'd': g.okDelete = 1; break; |
| 297 | case 'h': g.okHistory = 1; break; |
| 298 | case 'p': g.okPassword = 1; break; |
| 299 | case 'q': g.okQuery = 1; break; |
| 300 | |
| 301 | case 'j': g.okRdWiki = 1; break; |
| 302 | case 'k': g.okWrWiki = g.okRdWiki = g.okApndWiki =1; break; |
| 303 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -287,16 +287,17 @@ | |
| 287 | for(i=0; zCap[i]; i++){ |
| 288 | switch( zCap[i] ){ |
| 289 | case 's': g.okSetup = g.okDelete = 1; |
| 290 | case 'a': g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery = |
| 291 | g.okRdWiki = g.okWrWiki = g.okHistory = |
| 292 | g.okNewTkt = g.okPassword = g.okClone = 1; |
| 293 | case 'i': g.okRead = g.okWrite = 1; break; |
| 294 | case 'o': g.okRead = 1; break; |
| 295 | |
| 296 | case 'd': g.okDelete = 1; break; |
| 297 | case 'h': g.okHistory = 1; break; |
| 298 | case 'g': g.okClone = 1; break; |
| 299 | case 'p': g.okPassword = 1; break; |
| 300 | case 'q': g.okQuery = 1; break; |
| 301 | |
| 302 | case 'j': g.okRdWiki = 1; break; |
| 303 | case 'k': g.okWrWiki = g.okRdWiki = g.okApndWiki =1; break; |
| 304 |
+17
-16
| --- src/main.c | ||
| +++ src/main.c | ||
| @@ -85,26 +85,27 @@ | ||
| 85 | 85 | int rcvid; /* The rcvid. 0 if not yet defined. */ |
| 86 | 86 | char *zIpAddr; /* The remote IP address */ |
| 87 | 87 | char *zNonce; /* The nonce used for login */ |
| 88 | 88 | |
| 89 | 89 | /* permissions used by the server */ |
| 90 | - int okRead; /* xfer outbound */ | |
| 91 | - int okWrite; /* xfer inbound */ | |
| 92 | - int okSetup; /* use Setup screens on web interface */ | |
| 93 | - int okRdTkt; /* view tickets via web */ | |
| 94 | - int okWrTkt; /* make changes to tickets via web */ | |
| 95 | - int okNewTkt; /* create new tickets */ | |
| 96 | - int okApndTkt; /* append to tickets via the web */ | |
| 97 | - int okRdWiki; /* view wiki via web */ | |
| 98 | - int okWrWiki; /* edit wiki via web */ | |
| 99 | - int okNewWiki; /* create new wiki via web */ | |
| 100 | - int okApndWiki; /* append to wiki via web */ | |
| 101 | - int okPassword; /* change password */ | |
| 102 | - int okAdmin; /* administrative permission */ | |
| 103 | - int okDelete; /* delete wiki or tickets */ | |
| 104 | - int okQuery; /* create new reports */ | |
| 105 | - int okHistory; /* access historical information */ | |
| 90 | + int okSetup; /* s: use Setup screens on web interface */ | |
| 91 | + int okAdmin; /* a: administrative permission */ | |
| 92 | + int okDelete; /* d: delete wiki or tickets */ | |
| 93 | + int okPassword; /* p: change password */ | |
| 94 | + int okQuery; /* q: create new reports */ | |
| 95 | + int okWrite; /* i: xfer inbound. checkin */ | |
| 96 | + int okRead; /* o: xfer outbound. checkout */ | |
| 97 | + int okHistory; /* h: access historical information. */ | |
| 98 | + int okClone; /* g: clone */ | |
| 99 | + int okRdWiki; /* j: view wiki via web */ | |
| 100 | + int okNewWiki; /* f: create new wiki via web */ | |
| 101 | + int okApndWiki; /* m: append to wiki via web */ | |
| 102 | + int okWrWiki; /* k: edit wiki via web */ | |
| 103 | + int okRdTkt; /* r: view tickets via web */ | |
| 104 | + int okNewTkt; /* n: create new tickets */ | |
| 105 | + int okApndTkt; /* c: append to tickets via the web */ | |
| 106 | + int okWrTkt; /* w: make changes to tickets via web */ | |
| 106 | 107 | |
| 107 | 108 | FILE *fDebug; /* Write debug information here, if the file exists */ |
| 108 | 109 | }; |
| 109 | 110 | |
| 110 | 111 | /* |
| 111 | 112 |
| --- src/main.c | |
| +++ src/main.c | |
| @@ -85,26 +85,27 @@ | |
| 85 | int rcvid; /* The rcvid. 0 if not yet defined. */ |
| 86 | char *zIpAddr; /* The remote IP address */ |
| 87 | char *zNonce; /* The nonce used for login */ |
| 88 | |
| 89 | /* permissions used by the server */ |
| 90 | int okRead; /* xfer outbound */ |
| 91 | int okWrite; /* xfer inbound */ |
| 92 | int okSetup; /* use Setup screens on web interface */ |
| 93 | int okRdTkt; /* view tickets via web */ |
| 94 | int okWrTkt; /* make changes to tickets via web */ |
| 95 | int okNewTkt; /* create new tickets */ |
| 96 | int okApndTkt; /* append to tickets via the web */ |
| 97 | int okRdWiki; /* view wiki via web */ |
| 98 | int okWrWiki; /* edit wiki via web */ |
| 99 | int okNewWiki; /* create new wiki via web */ |
| 100 | int okApndWiki; /* append to wiki via web */ |
| 101 | int okPassword; /* change password */ |
| 102 | int okAdmin; /* administrative permission */ |
| 103 | int okDelete; /* delete wiki or tickets */ |
| 104 | int okQuery; /* create new reports */ |
| 105 | int okHistory; /* access historical information */ |
| 106 | |
| 107 | FILE *fDebug; /* Write debug information here, if the file exists */ |
| 108 | }; |
| 109 | |
| 110 | /* |
| 111 |
| --- src/main.c | |
| +++ src/main.c | |
| @@ -85,26 +85,27 @@ | |
| 85 | int rcvid; /* The rcvid. 0 if not yet defined. */ |
| 86 | char *zIpAddr; /* The remote IP address */ |
| 87 | char *zNonce; /* The nonce used for login */ |
| 88 | |
| 89 | /* permissions used by the server */ |
| 90 | int okSetup; /* s: use Setup screens on web interface */ |
| 91 | int okAdmin; /* a: administrative permission */ |
| 92 | int okDelete; /* d: delete wiki or tickets */ |
| 93 | int okPassword; /* p: change password */ |
| 94 | int okQuery; /* q: create new reports */ |
| 95 | int okWrite; /* i: xfer inbound. checkin */ |
| 96 | int okRead; /* o: xfer outbound. checkout */ |
| 97 | int okHistory; /* h: access historical information. */ |
| 98 | int okClone; /* g: clone */ |
| 99 | int okRdWiki; /* j: view wiki via web */ |
| 100 | int okNewWiki; /* f: create new wiki via web */ |
| 101 | int okApndWiki; /* m: append to wiki via web */ |
| 102 | int okWrWiki; /* k: edit wiki via web */ |
| 103 | int okRdTkt; /* r: view tickets via web */ |
| 104 | int okNewTkt; /* n: create new tickets */ |
| 105 | int okApndTkt; /* c: append to tickets via the web */ |
| 106 | int okWrTkt; /* w: make changes to tickets via web */ |
| 107 | |
| 108 | FILE *fDebug; /* Write debug information here, if the file exists */ |
| 109 | }; |
| 110 | |
| 111 | /* |
| 112 |
+26
-17
| --- src/setup.c | ||
| +++ src/setup.c | ||
| @@ -117,36 +117,41 @@ | ||
| 117 | 117 | @ <p style="clear:both"> |
| 118 | 118 | @ <b>Notes:</b> |
| 119 | 119 | @ <ol> |
| 120 | 120 | @ <li><p>The permission flags are as follows:</p> |
| 121 | 121 | @ <table> |
| 122 | + @ <tr><td>s</td><td></td><td>Setup: Superuser can do anything</td></tr> | |
| 122 | 123 | @ <tr><td>a</td><td width="10"></td> |
| 123 | 124 | @ <td>Admin: Create or delete users and ticket report formats</td></tr> |
| 124 | 125 | @ <tr><td>d</td><td></td> |
| 125 | 126 | @ <td>Delete: Erase anonymous wiki, tickets, and attachments</td></tr> |
| 126 | - @ <tr><td>h</td><td></td> | |
| 127 | - @ <td>History: Access older version of code, tickets, or wiki</td></tr> | |
| 127 | + @ <tr><td>p</td><td></td><td>Password: Change password</td></tr> | |
| 128 | + @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr> | |
| 128 | 129 | @ <tr><td>i</td><td></td> |
| 129 | 130 | @ <td>Check-in: Add new code to the repository</td></tr> |
| 130 | - @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr> | |
| 131 | - @ <tr><td>k</td><td></td><td>Wiki: Create or modify wiki pages</td></tr> | |
| 132 | - @ <tr><td>n</td><td></td><td>New: Create new tickets</td></tr> | |
| 133 | 131 | @ <tr><td>o</td><td></td> |
| 134 | 132 | @ <td>Check-out: Read code out of the repository</td></tr> |
| 135 | - @ <tr><td>p</td><td></td><td>Password: Change password</td></tr> | |
| 136 | - @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr> | |
| 137 | - @ <tr><td>r</td><td></td><td>Read: View tickets and change histories</td></tr> | |
| 138 | - @ <tr><td>s</td><td></td><td>Setup: Change CVSTrac options</td></tr> | |
| 139 | - @ <tr><td>w</td><td></td><td>Write: Edit tickets</td></tr> | |
| 133 | + @ <tr><td>h</td><td></td> | |
| 134 | + @ <td>History: Access older version of code, tickets, or wiki</td></tr> | |
| 135 | + @ <tr><td>g</td><td></td><td>Clone: Clone the repository</td></tr> | |
| 136 | + @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr> | |
| 137 | + @ <tr><td>f</td><td></td><td>New-Wiki: Create new wiki pages</td></tr> | |
| 138 | + @ <tr><td>m</td><td></td><td>Append-Wiki: Append to wiki pages</td></tr> | |
| 139 | + @ <tr><td>k</td><td></td><td>Write-Wiki: Modify wiki pages</td></tr> | |
| 140 | + @ <tr><td>r</td><td></td> | |
| 141 | + @ <td>Read-Tkt: View tickets and change histories</td></tr> | |
| 142 | + @ <tr><td>n</td><td></td><td>New-Tkt: Create new tickets</td></tr> | |
| 143 | + @ <tr><td>c</td><td></td><td>Append-Tkt: Append to tickets</td></tr> | |
| 144 | + @ <tr><td>w</td><td></td><td>Write-Tkt: Edit tickets</td></tr> | |
| 140 | 145 | @ </table> |
| 141 | 146 | @ </p></li> |
| 142 | 147 | @ |
| 143 | 148 | @ <li><p> |
| 144 | - @ If a user named "<b>anonymous</b>" exists, then anyone can access | |
| 145 | - @ the server without having to log in. The permissions on the | |
| 146 | - @ anonymous user determine the access rights for anyone who is not | |
| 147 | - @ logged in. | |
| 149 | + @ Every user, logged in or not, has the privileges of <b>nobody</b>. | |
| 150 | + @ Any human can login as <b>anonymous</b> since the password is | |
| 151 | + @ clearly displayed on the login page for them to type. The purpose | |
| 152 | + @ of requiring anonymous to log in is to prevent access by spiders. | |
| 148 | 153 | @ </p></li> |
| 149 | 154 | @ |
| 150 | 155 | @ </ol> |
| 151 | 156 | style_footer(); |
| 152 | 157 | } |
| @@ -155,11 +160,11 @@ | ||
| 155 | 160 | ** WEBPAGE: /setup_uedit |
| 156 | 161 | */ |
| 157 | 162 | void user_edit(void){ |
| 158 | 163 | const char *zId, *zLogin, *zInfo, *zCap; |
| 159 | 164 | char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ; |
| 160 | - char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah; | |
| 165 | + char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah, *oag; | |
| 161 | 166 | int doWrite; |
| 162 | 167 | int uid; |
| 163 | 168 | int higherUser = 0; /* True if user being edited is SETUP and the */ |
| 164 | 169 | /* user doing the editing is ADMIN. Disallow editing */ |
| 165 | 170 | |
| @@ -208,15 +213,17 @@ | ||
| 208 | 213 | int aw = P("aw")!=0; |
| 209 | 214 | int ac = P("ac")!=0; |
| 210 | 215 | int af = P("af")!=0; |
| 211 | 216 | int am = P("am")!=0; |
| 212 | 217 | int ah = P("ah")!=0; |
| 218 | + int ag = P("ag")!=0; | |
| 213 | 219 | if( aa ){ zCap[i++] = 'a'; } |
| 214 | 220 | if( ac ){ zCap[i++] = 'c'; } |
| 215 | 221 | if( ad ){ zCap[i++] = 'd'; } |
| 216 | 222 | if( af ){ zCap[i++] = 'f'; } |
| 217 | 223 | if( ah ){ zCap[i++] = 'h'; } |
| 224 | + if( ag ){ zCap[i++] = 'g'; } | |
| 218 | 225 | if( ai ){ zCap[i++] = 'i'; } |
| 219 | 226 | if( aj ){ zCap[i++] = 'j'; } |
| 220 | 227 | if( ak ){ zCap[i++] = 'k'; } |
| 221 | 228 | if( am ){ zCap[i++] = 'm'; } |
| 222 | 229 | if( an ){ zCap[i++] = 'n'; } |
| @@ -256,20 +263,21 @@ | ||
| 256 | 263 | /* Load the existing information about the user, if any |
| 257 | 264 | */ |
| 258 | 265 | zLogin = ""; |
| 259 | 266 | zInfo = ""; |
| 260 | 267 | zCap = ""; |
| 261 | - oaa = oac = oad = oaf = oah = oai = oaj = oak = oam = | |
| 268 | + oaa = oac = oad = oaf = oag = oah = oai = oaj = oak = oam = | |
| 262 | 269 | oan = oao = oap = oaq = oar = oas = oaw = ""; |
| 263 | 270 | if( uid ){ |
| 264 | 271 | zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid); |
| 265 | 272 | zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid); |
| 266 | 273 | zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid); |
| 267 | 274 | if( strchr(zCap, 'a') ) oaa = " checked"; |
| 268 | 275 | if( strchr(zCap, 'c') ) oac = " checked"; |
| 269 | 276 | if( strchr(zCap, 'd') ) oad = " checked"; |
| 270 | 277 | if( strchr(zCap, 'f') ) oaf = " checked"; |
| 278 | + if( strchr(zCap, 'g') ) oag = " checked"; | |
| 271 | 279 | if( strchr(zCap, 'h') ) oah = " checked"; |
| 272 | 280 | if( strchr(zCap, 'i') ) oai = " checked"; |
| 273 | 281 | if( strchr(zCap, 'j') ) oaj = " checked"; |
| 274 | 282 | if( strchr(zCap, 'k') ) oak = " checked"; |
| 275 | 283 | if( strchr(zCap, 'm') ) oam = " checked"; |
| @@ -320,10 +328,11 @@ | ||
| 320 | 328 | @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> |
| 321 | 329 | @ <input type="checkbox" name="aq"%s(oaq)>Query</input><br> |
| 322 | 330 | @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> |
| 323 | 331 | @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> |
| 324 | 332 | @ <input type="checkbox" name="ah"%s(oah)>History</input><br> |
| 333 | + @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br> | |
| 325 | 334 | @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> |
| 326 | 335 | @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> |
| 327 | 336 | @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> |
| 328 | 337 | @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> |
| 329 | 338 | @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> |
| @@ -373,11 +382,11 @@ | ||
| 373 | 382 | @ </p></li> |
| 374 | 383 | @ |
| 375 | 384 | @ <li><p> |
| 376 | 385 | @ The <b>History</b> privilege allows a user to see a timeline |
| 377 | 386 | @ with hyperlinks to version information, to download ZIP archives |
| 378 | - @ of individual versions, and to clone the repository. | |
| 387 | + @ of individual versions. | |
| 379 | 388 | @ </p></li> |
| 380 | 389 | @ |
| 381 | 390 | @ <li><p> |
| 382 | 391 | @ No login is required for user "<b>nobody</b>". The capabilities |
| 383 | 392 | @ of this user are available to anyone without supplying a username or |
| 384 | 393 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -117,36 +117,41 @@ | |
| 117 | @ <p style="clear:both"> |
| 118 | @ <b>Notes:</b> |
| 119 | @ <ol> |
| 120 | @ <li><p>The permission flags are as follows:</p> |
| 121 | @ <table> |
| 122 | @ <tr><td>a</td><td width="10"></td> |
| 123 | @ <td>Admin: Create or delete users and ticket report formats</td></tr> |
| 124 | @ <tr><td>d</td><td></td> |
| 125 | @ <td>Delete: Erase anonymous wiki, tickets, and attachments</td></tr> |
| 126 | @ <tr><td>h</td><td></td> |
| 127 | @ <td>History: Access older version of code, tickets, or wiki</td></tr> |
| 128 | @ <tr><td>i</td><td></td> |
| 129 | @ <td>Check-in: Add new code to the repository</td></tr> |
| 130 | @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr> |
| 131 | @ <tr><td>k</td><td></td><td>Wiki: Create or modify wiki pages</td></tr> |
| 132 | @ <tr><td>n</td><td></td><td>New: Create new tickets</td></tr> |
| 133 | @ <tr><td>o</td><td></td> |
| 134 | @ <td>Check-out: Read code out of the repository</td></tr> |
| 135 | @ <tr><td>p</td><td></td><td>Password: Change password</td></tr> |
| 136 | @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr> |
| 137 | @ <tr><td>r</td><td></td><td>Read: View tickets and change histories</td></tr> |
| 138 | @ <tr><td>s</td><td></td><td>Setup: Change CVSTrac options</td></tr> |
| 139 | @ <tr><td>w</td><td></td><td>Write: Edit tickets</td></tr> |
| 140 | @ </table> |
| 141 | @ </p></li> |
| 142 | @ |
| 143 | @ <li><p> |
| 144 | @ If a user named "<b>anonymous</b>" exists, then anyone can access |
| 145 | @ the server without having to log in. The permissions on the |
| 146 | @ anonymous user determine the access rights for anyone who is not |
| 147 | @ logged in. |
| 148 | @ </p></li> |
| 149 | @ |
| 150 | @ </ol> |
| 151 | style_footer(); |
| 152 | } |
| @@ -155,11 +160,11 @@ | |
| 155 | ** WEBPAGE: /setup_uedit |
| 156 | */ |
| 157 | void user_edit(void){ |
| 158 | const char *zId, *zLogin, *zInfo, *zCap; |
| 159 | char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ; |
| 160 | char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah; |
| 161 | int doWrite; |
| 162 | int uid; |
| 163 | int higherUser = 0; /* True if user being edited is SETUP and the */ |
| 164 | /* user doing the editing is ADMIN. Disallow editing */ |
| 165 | |
| @@ -208,15 +213,17 @@ | |
| 208 | int aw = P("aw")!=0; |
| 209 | int ac = P("ac")!=0; |
| 210 | int af = P("af")!=0; |
| 211 | int am = P("am")!=0; |
| 212 | int ah = P("ah")!=0; |
| 213 | if( aa ){ zCap[i++] = 'a'; } |
| 214 | if( ac ){ zCap[i++] = 'c'; } |
| 215 | if( ad ){ zCap[i++] = 'd'; } |
| 216 | if( af ){ zCap[i++] = 'f'; } |
| 217 | if( ah ){ zCap[i++] = 'h'; } |
| 218 | if( ai ){ zCap[i++] = 'i'; } |
| 219 | if( aj ){ zCap[i++] = 'j'; } |
| 220 | if( ak ){ zCap[i++] = 'k'; } |
| 221 | if( am ){ zCap[i++] = 'm'; } |
| 222 | if( an ){ zCap[i++] = 'n'; } |
| @@ -256,20 +263,21 @@ | |
| 256 | /* Load the existing information about the user, if any |
| 257 | */ |
| 258 | zLogin = ""; |
| 259 | zInfo = ""; |
| 260 | zCap = ""; |
| 261 | oaa = oac = oad = oaf = oah = oai = oaj = oak = oam = |
| 262 | oan = oao = oap = oaq = oar = oas = oaw = ""; |
| 263 | if( uid ){ |
| 264 | zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid); |
| 265 | zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid); |
| 266 | zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid); |
| 267 | if( strchr(zCap, 'a') ) oaa = " checked"; |
| 268 | if( strchr(zCap, 'c') ) oac = " checked"; |
| 269 | if( strchr(zCap, 'd') ) oad = " checked"; |
| 270 | if( strchr(zCap, 'f') ) oaf = " checked"; |
| 271 | if( strchr(zCap, 'h') ) oah = " checked"; |
| 272 | if( strchr(zCap, 'i') ) oai = " checked"; |
| 273 | if( strchr(zCap, 'j') ) oaj = " checked"; |
| 274 | if( strchr(zCap, 'k') ) oak = " checked"; |
| 275 | if( strchr(zCap, 'm') ) oam = " checked"; |
| @@ -320,10 +328,11 @@ | |
| 320 | @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> |
| 321 | @ <input type="checkbox" name="aq"%s(oaq)>Query</input><br> |
| 322 | @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> |
| 323 | @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> |
| 324 | @ <input type="checkbox" name="ah"%s(oah)>History</input><br> |
| 325 | @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> |
| 326 | @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> |
| 327 | @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> |
| 328 | @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> |
| 329 | @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> |
| @@ -373,11 +382,11 @@ | |
| 373 | @ </p></li> |
| 374 | @ |
| 375 | @ <li><p> |
| 376 | @ The <b>History</b> privilege allows a user to see a timeline |
| 377 | @ with hyperlinks to version information, to download ZIP archives |
| 378 | @ of individual versions, and to clone the repository. |
| 379 | @ </p></li> |
| 380 | @ |
| 381 | @ <li><p> |
| 382 | @ No login is required for user "<b>nobody</b>". The capabilities |
| 383 | @ of this user are available to anyone without supplying a username or |
| 384 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -117,36 +117,41 @@ | |
| 117 | @ <p style="clear:both"> |
| 118 | @ <b>Notes:</b> |
| 119 | @ <ol> |
| 120 | @ <li><p>The permission flags are as follows:</p> |
| 121 | @ <table> |
| 122 | @ <tr><td>s</td><td></td><td>Setup: Superuser can do anything</td></tr> |
| 123 | @ <tr><td>a</td><td width="10"></td> |
| 124 | @ <td>Admin: Create or delete users and ticket report formats</td></tr> |
| 125 | @ <tr><td>d</td><td></td> |
| 126 | @ <td>Delete: Erase anonymous wiki, tickets, and attachments</td></tr> |
| 127 | @ <tr><td>p</td><td></td><td>Password: Change password</td></tr> |
| 128 | @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr> |
| 129 | @ <tr><td>i</td><td></td> |
| 130 | @ <td>Check-in: Add new code to the repository</td></tr> |
| 131 | @ <tr><td>o</td><td></td> |
| 132 | @ <td>Check-out: Read code out of the repository</td></tr> |
| 133 | @ <tr><td>h</td><td></td> |
| 134 | @ <td>History: Access older version of code, tickets, or wiki</td></tr> |
| 135 | @ <tr><td>g</td><td></td><td>Clone: Clone the repository</td></tr> |
| 136 | @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr> |
| 137 | @ <tr><td>f</td><td></td><td>New-Wiki: Create new wiki pages</td></tr> |
| 138 | @ <tr><td>m</td><td></td><td>Append-Wiki: Append to wiki pages</td></tr> |
| 139 | @ <tr><td>k</td><td></td><td>Write-Wiki: Modify wiki pages</td></tr> |
| 140 | @ <tr><td>r</td><td></td> |
| 141 | @ <td>Read-Tkt: View tickets and change histories</td></tr> |
| 142 | @ <tr><td>n</td><td></td><td>New-Tkt: Create new tickets</td></tr> |
| 143 | @ <tr><td>c</td><td></td><td>Append-Tkt: Append to tickets</td></tr> |
| 144 | @ <tr><td>w</td><td></td><td>Write-Tkt: Edit tickets</td></tr> |
| 145 | @ </table> |
| 146 | @ </p></li> |
| 147 | @ |
| 148 | @ <li><p> |
| 149 | @ Every user, logged in or not, has the privileges of <b>nobody</b>. |
| 150 | @ Any human can login as <b>anonymous</b> since the password is |
| 151 | @ clearly displayed on the login page for them to type. The purpose |
| 152 | @ of requiring anonymous to log in is to prevent access by spiders. |
| 153 | @ </p></li> |
| 154 | @ |
| 155 | @ </ol> |
| 156 | style_footer(); |
| 157 | } |
| @@ -155,11 +160,11 @@ | |
| 160 | ** WEBPAGE: /setup_uedit |
| 161 | */ |
| 162 | void user_edit(void){ |
| 163 | const char *zId, *zLogin, *zInfo, *zCap; |
| 164 | char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ; |
| 165 | char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah, *oag; |
| 166 | int doWrite; |
| 167 | int uid; |
| 168 | int higherUser = 0; /* True if user being edited is SETUP and the */ |
| 169 | /* user doing the editing is ADMIN. Disallow editing */ |
| 170 | |
| @@ -208,15 +213,17 @@ | |
| 213 | int aw = P("aw")!=0; |
| 214 | int ac = P("ac")!=0; |
| 215 | int af = P("af")!=0; |
| 216 | int am = P("am")!=0; |
| 217 | int ah = P("ah")!=0; |
| 218 | int ag = P("ag")!=0; |
| 219 | if( aa ){ zCap[i++] = 'a'; } |
| 220 | if( ac ){ zCap[i++] = 'c'; } |
| 221 | if( ad ){ zCap[i++] = 'd'; } |
| 222 | if( af ){ zCap[i++] = 'f'; } |
| 223 | if( ah ){ zCap[i++] = 'h'; } |
| 224 | if( ag ){ zCap[i++] = 'g'; } |
| 225 | if( ai ){ zCap[i++] = 'i'; } |
| 226 | if( aj ){ zCap[i++] = 'j'; } |
| 227 | if( ak ){ zCap[i++] = 'k'; } |
| 228 | if( am ){ zCap[i++] = 'm'; } |
| 229 | if( an ){ zCap[i++] = 'n'; } |
| @@ -256,20 +263,21 @@ | |
| 263 | /* Load the existing information about the user, if any |
| 264 | */ |
| 265 | zLogin = ""; |
| 266 | zInfo = ""; |
| 267 | zCap = ""; |
| 268 | oaa = oac = oad = oaf = oag = oah = oai = oaj = oak = oam = |
| 269 | oan = oao = oap = oaq = oar = oas = oaw = ""; |
| 270 | if( uid ){ |
| 271 | zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid); |
| 272 | zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid); |
| 273 | zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid); |
| 274 | if( strchr(zCap, 'a') ) oaa = " checked"; |
| 275 | if( strchr(zCap, 'c') ) oac = " checked"; |
| 276 | if( strchr(zCap, 'd') ) oad = " checked"; |
| 277 | if( strchr(zCap, 'f') ) oaf = " checked"; |
| 278 | if( strchr(zCap, 'g') ) oag = " checked"; |
| 279 | if( strchr(zCap, 'h') ) oah = " checked"; |
| 280 | if( strchr(zCap, 'i') ) oai = " checked"; |
| 281 | if( strchr(zCap, 'j') ) oaj = " checked"; |
| 282 | if( strchr(zCap, 'k') ) oak = " checked"; |
| 283 | if( strchr(zCap, 'm') ) oam = " checked"; |
| @@ -320,10 +328,11 @@ | |
| 328 | @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> |
| 329 | @ <input type="checkbox" name="aq"%s(oaq)>Query</input><br> |
| 330 | @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> |
| 331 | @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> |
| 332 | @ <input type="checkbox" name="ah"%s(oah)>History</input><br> |
| 333 | @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br> |
| 334 | @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> |
| 335 | @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> |
| 336 | @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> |
| 337 | @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> |
| 338 | @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> |
| @@ -373,11 +382,11 @@ | |
| 382 | @ </p></li> |
| 383 | @ |
| 384 | @ <li><p> |
| 385 | @ The <b>History</b> privilege allows a user to see a timeline |
| 386 | @ with hyperlinks to version information, to download ZIP archives |
| 387 | @ of individual versions. |
| 388 | @ </p></li> |
| 389 | @ |
| 390 | @ <li><p> |
| 391 | @ No login is required for user "<b>nobody</b>". The capabilities |
| 392 | @ of this user are available to anyone without supplying a username or |
| 393 |
+26
| --- src/wiki.c | ||
| +++ src/wiki.c | ||
| @@ -36,5 +36,31 @@ | ||
| 36 | 36 | void wiki_page(void){ |
| 37 | 37 | style_header("Wiki"); |
| 38 | 38 | @ extra=%h(g.zExtra) |
| 39 | 39 | style_footer(); |
| 40 | 40 | } |
| 41 | + | |
| 42 | +/* | |
| 43 | +** WEBPAGE: ambiguous | |
| 44 | +** | |
| 45 | +** This is the destination for UUID hyperlinks that are ambiguous. | |
| 46 | +** Show all possible choices for the destination with links to each. | |
| 47 | +** | |
| 48 | +** The ambiguous UUID prefix is in g.zExtra | |
| 49 | +*/ | |
| 50 | +void ambiguous_page(void){ | |
| 51 | + Stmt q; | |
| 52 | + style_header("Ambiguous UUID"); | |
| 53 | + @ <p>The link <a href="%s(g.zBaseURL)/ambiguous/%T(g.zExtra)"> | |
| 54 | + @ [%h(g.zExtra)]</a> is ambiguous. It might mean any of the following:</p> | |
| 55 | + @ <ul> | |
| 56 | + db_prepare(&q, "SELECT uuid, rid FROM blob WHERE uuid>=%Q AND uuid<'%qz'" | |
| 57 | + " ORDER BY uuid", g.zExtra, g.zExtra); | |
| 58 | + while( db_step(&q)==SQLITE_ROW ){ | |
| 59 | + const char *zUuid = db_column_text(&q, 0); | |
| 60 | + int rid = db_column_int(&q, 1); | |
| 61 | + @ <li> %s(zUuid) - %d(rid) | |
| 62 | + } | |
| 63 | + db_finalize(&q); | |
| 64 | + @ </ul> | |
| 65 | + style_footer(); | |
| 66 | +} | |
| 41 | 67 |
| --- src/wiki.c | |
| +++ src/wiki.c | |
| @@ -36,5 +36,31 @@ | |
| 36 | void wiki_page(void){ |
| 37 | style_header("Wiki"); |
| 38 | @ extra=%h(g.zExtra) |
| 39 | style_footer(); |
| 40 | } |
| 41 |
| --- src/wiki.c | |
| +++ src/wiki.c | |
| @@ -36,5 +36,31 @@ | |
| 36 | void wiki_page(void){ |
| 37 | style_header("Wiki"); |
| 38 | @ extra=%h(g.zExtra) |
| 39 | style_footer(); |
| 40 | } |
| 41 | |
| 42 | /* |
| 43 | ** WEBPAGE: ambiguous |
| 44 | ** |
| 45 | ** This is the destination for UUID hyperlinks that are ambiguous. |
| 46 | ** Show all possible choices for the destination with links to each. |
| 47 | ** |
| 48 | ** The ambiguous UUID prefix is in g.zExtra |
| 49 | */ |
| 50 | void ambiguous_page(void){ |
| 51 | Stmt q; |
| 52 | style_header("Ambiguous UUID"); |
| 53 | @ <p>The link <a href="%s(g.zBaseURL)/ambiguous/%T(g.zExtra)"> |
| 54 | @ [%h(g.zExtra)]</a> is ambiguous. It might mean any of the following:</p> |
| 55 | @ <ul> |
| 56 | db_prepare(&q, "SELECT uuid, rid FROM blob WHERE uuid>=%Q AND uuid<'%qz'" |
| 57 | " ORDER BY uuid", g.zExtra, g.zExtra); |
| 58 | while( db_step(&q)==SQLITE_ROW ){ |
| 59 | const char *zUuid = db_column_text(&q, 0); |
| 60 | int rid = db_column_int(&q, 1); |
| 61 | @ <li> %s(zUuid) - %d(rid) |
| 62 | } |
| 63 | db_finalize(&q); |
| 64 | @ </ul> |
| 65 | style_footer(); |
| 66 | } |
| 67 |
+8
-3
| --- src/wikiformat.c | ||
| +++ src/wikiformat.c | ||
| @@ -524,13 +524,15 @@ | ||
| 524 | 524 | char cTerm; /* Original argument termination character */ |
| 525 | 525 | } aAttr[10]; |
| 526 | 526 | }; |
| 527 | 527 | |
| 528 | 528 | /* |
| 529 | -** Parse the markup in z[] into the p structure. The content | |
| 530 | -** of z[] is modified by converting characters to lowercase | |
| 531 | -** and by inserting some "\000" characters. | |
| 529 | +** z[] is an HTML markup element - something that begins with '<'. | |
| 530 | +** Parse this element into the p structure. | |
| 531 | +** | |
| 532 | +** The content of z[] might be modified by converting characters | |
| 533 | +** to lowercase and by inserting some "\000" characters. | |
| 532 | 534 | */ |
| 533 | 535 | static void parseMarkup(ParsedMarkup *p, char *z){ |
| 534 | 536 | int i, c; |
| 535 | 537 | char *zTag, *zValue; |
| 536 | 538 | int seen = 0; |
| @@ -700,10 +702,13 @@ | ||
| 700 | 702 | return 1; |
| 701 | 703 | } |
| 702 | 704 | |
| 703 | 705 | /* |
| 704 | 706 | ** Add missing markup in preparation for writing text. |
| 707 | +** | |
| 708 | +** "Missing" markup are things like start tags for table rows | |
| 709 | +** or table columns or paragraphs that are omitted from input. | |
| 705 | 710 | */ |
| 706 | 711 | static void addMissingMarkup(Renderer *p){ |
| 707 | 712 | /* TBD */ |
| 708 | 713 | } |
| 709 | 714 | |
| 710 | 715 |
| --- src/wikiformat.c | |
| +++ src/wikiformat.c | |
| @@ -524,13 +524,15 @@ | |
| 524 | char cTerm; /* Original argument termination character */ |
| 525 | } aAttr[10]; |
| 526 | }; |
| 527 | |
| 528 | /* |
| 529 | ** Parse the markup in z[] into the p structure. The content |
| 530 | ** of z[] is modified by converting characters to lowercase |
| 531 | ** and by inserting some "\000" characters. |
| 532 | */ |
| 533 | static void parseMarkup(ParsedMarkup *p, char *z){ |
| 534 | int i, c; |
| 535 | char *zTag, *zValue; |
| 536 | int seen = 0; |
| @@ -700,10 +702,13 @@ | |
| 700 | return 1; |
| 701 | } |
| 702 | |
| 703 | /* |
| 704 | ** Add missing markup in preparation for writing text. |
| 705 | */ |
| 706 | static void addMissingMarkup(Renderer *p){ |
| 707 | /* TBD */ |
| 708 | } |
| 709 | |
| 710 |
| --- src/wikiformat.c | |
| +++ src/wikiformat.c | |
| @@ -524,13 +524,15 @@ | |
| 524 | char cTerm; /* Original argument termination character */ |
| 525 | } aAttr[10]; |
| 526 | }; |
| 527 | |
| 528 | /* |
| 529 | ** z[] is an HTML markup element - something that begins with '<'. |
| 530 | ** Parse this element into the p structure. |
| 531 | ** |
| 532 | ** The content of z[] might be modified by converting characters |
| 533 | ** to lowercase and by inserting some "\000" characters. |
| 534 | */ |
| 535 | static void parseMarkup(ParsedMarkup *p, char *z){ |
| 536 | int i, c; |
| 537 | char *zTag, *zValue; |
| 538 | int seen = 0; |
| @@ -700,10 +702,13 @@ | |
| 702 | return 1; |
| 703 | } |
| 704 | |
| 705 | /* |
| 706 | ** Add missing markup in preparation for writing text. |
| 707 | ** |
| 708 | ** "Missing" markup are things like start tags for table rows |
| 709 | ** or table columns or paragraphs that are omitted from input. |
| 710 | */ |
| 711 | static void addMissingMarkup(Renderer *p){ |
| 712 | /* TBD */ |
| 713 | } |
| 714 | |
| 715 |
+1
-1
| --- src/xfer.c | ||
| +++ src/xfer.c | ||
| @@ -516,11 +516,11 @@ | ||
| 516 | 516 | ** The client knows nothing. Tell all. |
| 517 | 517 | */ |
| 518 | 518 | if( blob_eq(&xfer.aToken[0], "clone") ){ |
| 519 | 519 | int rootid; |
| 520 | 520 | login_check_credentials(); |
| 521 | - if( !g.okRead || !g.okHistory ){ | |
| 521 | + if( !g.okClone ){ | |
| 522 | 522 | cgi_reset_content(); |
| 523 | 523 | @ error not\sauthorized\sto\sclone |
| 524 | 524 | nErr++; |
| 525 | 525 | break; |
| 526 | 526 | } |
| 527 | 527 |
| --- src/xfer.c | |
| +++ src/xfer.c | |
| @@ -516,11 +516,11 @@ | |
| 516 | ** The client knows nothing. Tell all. |
| 517 | */ |
| 518 | if( blob_eq(&xfer.aToken[0], "clone") ){ |
| 519 | int rootid; |
| 520 | login_check_credentials(); |
| 521 | if( !g.okRead || !g.okHistory ){ |
| 522 | cgi_reset_content(); |
| 523 | @ error not\sauthorized\sto\sclone |
| 524 | nErr++; |
| 525 | break; |
| 526 | } |
| 527 |
| --- src/xfer.c | |
| +++ src/xfer.c | |
| @@ -516,11 +516,11 @@ | |
| 516 | ** The client knows nothing. Tell all. |
| 517 | */ |
| 518 | if( blob_eq(&xfer.aToken[0], "clone") ){ |
| 519 | int rootid; |
| 520 | login_check_credentials(); |
| 521 | if( !g.okClone ){ |
| 522 | cgi_reset_content(); |
| 523 | @ error not\sauthorized\sto\sclone |
| 524 | nErr++; |
| 525 | break; |
| 526 | } |
| 527 |