Fossil SCM

The /secaudit0 page was checking for both Admin and Setup capabilities, which means it was only accessible to users with Setup users, since that is the only class that can have both capabilities. Since it's documented as being available to Admin users, changed the logic to allow access to Admin *OR* Setup users.

wyoung 2018-11-28 18:34 trunk
Commit 558952c8d36a20fb712dcdc6ddc89782445ee4e1daf53d2786ce4bc2736a4ed4
Parent c523d0a9b5dc738…
1 file changed +1 -1
~ src/security_audit.c
M src/security_audit.c
+1 -1
--- src/security_audit.c
+++ src/security_audit.c
@@ -47,11 +47,11 @@
4747
 const char *zSelfCap; /* Capabilities of self-registered users */
4848
 char *z;
4949
 int n;
5050
5151
 login_check_credentials();
52
- if( !g.perm.Setup && !g.perm.Admin ){
52
+ if( !g.perm.Setup || !g.perm.Admin ){
5353
 login_needed(0);
5454
 return;
5555
 }
5656
 style_header("Security Audit");
5757
 @ <ol>
5858
--- src/security_audit.c
+++ src/security_audit.c
@@ -47,11 +47,11 @@
47 const char *zSelfCap; /* Capabilities of self-registered users */
48 char *z;
49 int n;
50
51 login_check_credentials();
52 if( !g.perm.Setup && !g.perm.Admin ){
53 login_needed(0);
54 return;
55 }
56 style_header("Security Audit");
57 @ <ol>
58
--- src/security_audit.c
+++ src/security_audit.c
@@ -47,11 +47,11 @@
47 const char *zSelfCap; /* Capabilities of self-registered users */
48 char *z;
49 int n;
50
51 login_check_credentials();
52 if( !g.perm.Setup || !g.perm.Admin ){
53 login_needed(0);
54 return;
55 }
56 style_header("Security Audit");
57 @ <ol>
58

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button