Fossil SCM
Documented Public Pages and the default user capability set in www/caps/index.md.
Commit
4671ddb17966a6e134f9d20185d18ed1c6ec6d36ca8cee19b79e37c3a0d8175d
Parent
78ad8b749615fa5…
1 file changed
+29
-1
+29
-1
| --- www/caps/index.md | ||
| +++ www/caps/index.md | ||
| @@ -194,18 +194,20 @@ | ||
| 194 | 194 | affected only by OS file permissions and such. If you need to prevent |
| 195 | 195 | that, you want to deny **Clone** capability instead. |
| 196 | 196 | |
| 197 | 197 | Withholding the **Read** capability has a different effect: it |
| 198 | 198 | prevents a web client from viewing [embedded |
| 199 | -documentation](../embeddeddoc.wiki), using [the file | |
| 199 | +documentation][edoc], using [the file | |
| 200 | 200 | browser](/help?cmd=/dir), and pulling file content via the |
| 201 | 201 | [`/artifact`](/help?cmd=/artifact), [`/file`](/help?cmd=/file), and |
| 202 | 202 | [`/raw`](/help?cmd=/raw) URLs. |
| 203 | 203 | It is is common to withhold **Read** capability from low-status visitors |
| 204 | 204 | on private or semi-private repos to prevent them from pulling individual |
| 205 | 205 | elements of the repo over the web one at a time, as someone may do when |
| 206 | 206 | denied the bulk **Clone** capability. |
| 207 | + | |
| 208 | +[edoc]: ../embeddeddoc.wiki | |
| 207 | 209 | |
| 208 | 210 | |
| 209 | 211 | ## <a name="defuser"></a>Default User Name |
| 210 | 212 | |
| 211 | 213 | By default, Fossil assumes your OS user account name is the same as the |
| @@ -279,10 +281,35 @@ | ||
| 279 | 281 | Fossil reuses the HTTP-based [sync protocol][sp] in both cases above, |
| 280 | 282 | tunnelling HTTP through an OS pipe or through SSH (FIXME?), but because |
| 281 | 283 | the checks for capabilities like [**Read**][o] and [**Write**][i] are |
| 282 | 284 | done against your effective Setup user on the other repo, the check only |
| 283 | 285 | has an effect when done over an `http[s]://` URL. |
| 286 | + | |
| 287 | + | |
| 288 | +## <a name="pubpg"></a>Public Pages | |
| 289 | + | |
| 290 | +In Admin → Access, there is an option for giving a list of [globs][glob] | |
| 291 | +to name URLs which get treated as if the visitor had [the default cap | |
| 292 | +set](#defcap). For example, you could take the [**Read**][o] capability | |
| 293 | +away from the “nobody” user category, who has it by default, to prevent | |
| 294 | +users without logins from pulling down your repository contents one | |
| 295 | +artifact at a time, yet give those users the ability to read the project | |
| 296 | +documentation by setting the glob to match your [embedded | |
| 297 | +documentation][edoc]’s URL root. | |
| 298 | + | |
| 299 | + | |
| 300 | +## <a name="defcap"></a>Default User Capability Set | |
| 301 | + | |
| 302 | +In Admin → Access, you can define a default user capability set, which | |
| 303 | +is used as: | |
| 304 | + | |
| 305 | +1. the default caps for users newly created by an Admin or Setup user | |
| 306 | +2. the default caps for self-registered users, an option in that same UI | |
| 307 | +3. the effective caps for URIs considered [public pages](#pubpg) | |
| 308 | + | |
| 309 | +This defaults to [**Reader**][u]. | |
| 310 | + | |
| 284 | 311 | |
| 285 | 312 | <!-- add padding so anchor links always scroll ref’d section to top --> |
| 286 | 313 | <div style="height: 75em"></div> |
| 287 | 314 | |
| 288 | 315 | [ref]: ./ref.html |
| @@ -319,9 +346,10 @@ | ||
| 319 | 346 | [4]: ./ref.html#4 |
| 320 | 347 | [5]: ./ref.html#5 |
| 321 | 348 | [6]: ./ref.html#6 |
| 322 | 349 | [7]: ./ref.html#7 |
| 323 | 350 | |
| 351 | +[glob]: https://en.wikipedia.org/wiki/Glob_(programming) | |
| 324 | 352 | [japi]: https://docs.google.com/document/d/1fXViveNhDbiXgCuE7QDXQOKeFzf2qNUkBEgiUvoqFN4/view#heading=h.6k0k5plm18p1 |
| 325 | 353 | [sp]: ../sync.wiki |
| 326 | 354 | [sync]: /help?cmd=sync |
| 327 | 355 | [wp]: /help#webpages |
| 328 | 356 |
| --- www/caps/index.md | |
| +++ www/caps/index.md | |
| @@ -194,18 +194,20 @@ | |
| 194 | affected only by OS file permissions and such. If you need to prevent |
| 195 | that, you want to deny **Clone** capability instead. |
| 196 | |
| 197 | Withholding the **Read** capability has a different effect: it |
| 198 | prevents a web client from viewing [embedded |
| 199 | documentation](../embeddeddoc.wiki), using [the file |
| 200 | browser](/help?cmd=/dir), and pulling file content via the |
| 201 | [`/artifact`](/help?cmd=/artifact), [`/file`](/help?cmd=/file), and |
| 202 | [`/raw`](/help?cmd=/raw) URLs. |
| 203 | It is is common to withhold **Read** capability from low-status visitors |
| 204 | on private or semi-private repos to prevent them from pulling individual |
| 205 | elements of the repo over the web one at a time, as someone may do when |
| 206 | denied the bulk **Clone** capability. |
| 207 | |
| 208 | |
| 209 | ## <a name="defuser"></a>Default User Name |
| 210 | |
| 211 | By default, Fossil assumes your OS user account name is the same as the |
| @@ -279,10 +281,35 @@ | |
| 279 | Fossil reuses the HTTP-based [sync protocol][sp] in both cases above, |
| 280 | tunnelling HTTP through an OS pipe or through SSH (FIXME?), but because |
| 281 | the checks for capabilities like [**Read**][o] and [**Write**][i] are |
| 282 | done against your effective Setup user on the other repo, the check only |
| 283 | has an effect when done over an `http[s]://` URL. |
| 284 | |
| 285 | <!-- add padding so anchor links always scroll ref’d section to top --> |
| 286 | <div style="height: 75em"></div> |
| 287 | |
| 288 | [ref]: ./ref.html |
| @@ -319,9 +346,10 @@ | |
| 319 | [4]: ./ref.html#4 |
| 320 | [5]: ./ref.html#5 |
| 321 | [6]: ./ref.html#6 |
| 322 | [7]: ./ref.html#7 |
| 323 | |
| 324 | [japi]: https://docs.google.com/document/d/1fXViveNhDbiXgCuE7QDXQOKeFzf2qNUkBEgiUvoqFN4/view#heading=h.6k0k5plm18p1 |
| 325 | [sp]: ../sync.wiki |
| 326 | [sync]: /help?cmd=sync |
| 327 | [wp]: /help#webpages |
| 328 |
| --- www/caps/index.md | |
| +++ www/caps/index.md | |
| @@ -194,18 +194,20 @@ | |
| 194 | affected only by OS file permissions and such. If you need to prevent |
| 195 | that, you want to deny **Clone** capability instead. |
| 196 | |
| 197 | Withholding the **Read** capability has a different effect: it |
| 198 | prevents a web client from viewing [embedded |
| 199 | documentation][edoc], using [the file |
| 200 | browser](/help?cmd=/dir), and pulling file content via the |
| 201 | [`/artifact`](/help?cmd=/artifact), [`/file`](/help?cmd=/file), and |
| 202 | [`/raw`](/help?cmd=/raw) URLs. |
| 203 | It is is common to withhold **Read** capability from low-status visitors |
| 204 | on private or semi-private repos to prevent them from pulling individual |
| 205 | elements of the repo over the web one at a time, as someone may do when |
| 206 | denied the bulk **Clone** capability. |
| 207 | |
| 208 | [edoc]: ../embeddeddoc.wiki |
| 209 | |
| 210 | |
| 211 | ## <a name="defuser"></a>Default User Name |
| 212 | |
| 213 | By default, Fossil assumes your OS user account name is the same as the |
| @@ -279,10 +281,35 @@ | |
| 281 | Fossil reuses the HTTP-based [sync protocol][sp] in both cases above, |
| 282 | tunnelling HTTP through an OS pipe or through SSH (FIXME?), but because |
| 283 | the checks for capabilities like [**Read**][o] and [**Write**][i] are |
| 284 | done against your effective Setup user on the other repo, the check only |
| 285 | has an effect when done over an `http[s]://` URL. |
| 286 | |
| 287 | |
| 288 | ## <a name="pubpg"></a>Public Pages |
| 289 | |
| 290 | In Admin → Access, there is an option for giving a list of [globs][glob] |
| 291 | to name URLs which get treated as if the visitor had [the default cap |
| 292 | set](#defcap). For example, you could take the [**Read**][o] capability |
| 293 | away from the “nobody” user category, who has it by default, to prevent |
| 294 | users without logins from pulling down your repository contents one |
| 295 | artifact at a time, yet give those users the ability to read the project |
| 296 | documentation by setting the glob to match your [embedded |
| 297 | documentation][edoc]’s URL root. |
| 298 | |
| 299 | |
| 300 | ## <a name="defcap"></a>Default User Capability Set |
| 301 | |
| 302 | In Admin → Access, you can define a default user capability set, which |
| 303 | is used as: |
| 304 | |
| 305 | 1. the default caps for users newly created by an Admin or Setup user |
| 306 | 2. the default caps for self-registered users, an option in that same UI |
| 307 | 3. the effective caps for URIs considered [public pages](#pubpg) |
| 308 | |
| 309 | This defaults to [**Reader**][u]. |
| 310 | |
| 311 | |
| 312 | <!-- add padding so anchor links always scroll ref’d section to top --> |
| 313 | <div style="height: 75em"></div> |
| 314 | |
| 315 | [ref]: ./ref.html |
| @@ -319,9 +346,10 @@ | |
| 346 | [4]: ./ref.html#4 |
| 347 | [5]: ./ref.html#5 |
| 348 | [6]: ./ref.html#6 |
| 349 | [7]: ./ref.html#7 |
| 350 | |
| 351 | [glob]: https://en.wikipedia.org/wiki/Glob_(programming) |
| 352 | [japi]: https://docs.google.com/document/d/1fXViveNhDbiXgCuE7QDXQOKeFzf2qNUkBEgiUvoqFN4/view#heading=h.6k0k5plm18p1 |
| 353 | [sp]: ../sync.wiki |
| 354 | [sync]: /help?cmd=sync |
| 355 | [wp]: /help#webpages |
| 356 |