Fossil SCM
Distinguish between new and edited users in the admin log and the new alert. Self-registered users do not trigger an alert.
Commit
a2ad05a855e8a96fcd0597356288e239e48f9af0f90216ba66b48effc9ef3256
Parent
a69c933e0cddf1f…
1 file changed
+41
-17
+41
-17
| --- src/setupuser.c | ||
| +++ src/setupuser.c | ||
| @@ -324,28 +324,37 @@ | ||
| 324 | 324 | ** Sends notification of user permission elevation changes to all |
| 325 | 325 | ** subscribers with a "u" subscription. |
| 326 | 326 | */ |
| 327 | 327 | static void alert_user_elevation(const char *zLogin, /*Affected user*/ |
| 328 | 328 | int uid, /*[user].uid*/ |
| 329 | + int bIsNew, /*true if new user*/ | |
| 329 | 330 | const char *zOrigCaps,/*Old caps*/ |
| 330 | 331 | const char *zNewCaps /*New caps*/){ |
| 331 | 332 | Blob hdr, body; |
| 332 | 333 | Stmt q; |
| 333 | - int nUsed; | |
| 334 | + int nBody; | |
| 334 | 335 | AlertSender *pSender; |
| 335 | 336 | char *zSubname = db_get("email-subname", "[Fossil Repo]"); |
| 336 | 337 | char *zURL = db_get("email-url",0); |
| 337 | - char * zSubject = mprintf("User [%q] permissions elevated", zLogin); | |
| 338 | + char * zSubject = bIsNew | |
| 339 | + ? mprintf("New user created: [%q]", zLogin) | |
| 340 | + : mprintf("User [%q] permissions elevated", zLogin); | |
| 338 | 341 | blob_init(&body, 0, 0); |
| 339 | 342 | blob_init(&hdr, 0, 0); |
| 340 | - blob_appendf(&body, "Permissions for user [%q] where elevated " | |
| 341 | - "from [%q] to [%q] by user [%q].\n", | |
| 342 | - zLogin, zOrigCaps, zNewCaps, g.zLogin); | |
| 343 | + if( bIsNew ){ | |
| 344 | + blob_appendf(&body, "User [%q] was created by with " | |
| 345 | + "permissions [%q] by user [%q].\n", | |
| 346 | + zLogin, zNewCaps, g.zLogin); | |
| 347 | + } else { | |
| 348 | + blob_appendf(&body, "Permissions for user [%q] where elevated " | |
| 349 | + "from [%q] to [%q] by user [%q].\n", | |
| 350 | + zLogin, zOrigCaps, zNewCaps, g.zLogin); | |
| 351 | + } | |
| 343 | 352 | if( zURL ){ |
| 344 | - blob_appendf(&body, "User editor: %s/setup_uedit?uid=%d\n", zURL, uid); | |
| 353 | + blob_appendf(&body, "\nUser editor: %s/setup_uedit?uid=%d\n", zURL, uid); | |
| 345 | 354 | } |
| 346 | - nUsed = blob_size(&body); | |
| 355 | + nBody = blob_size(&body); | |
| 347 | 356 | pSender = alert_sender_new(0, 0); |
| 348 | 357 | db_prepare(&q, |
| 349 | 358 | "SELECT semail, hex(subscriberCode)" |
| 350 | 359 | " FROM subscriber, user " |
| 351 | 360 | " WHERE sverified AND NOT sdonotcall" |
| @@ -357,10 +366,11 @@ | ||
| 357 | 366 | blob_truncate(&hdr, 0); |
| 358 | 367 | blob_appendf(&hdr, "To: <%s>\r\nSubject: %s %s\r\n", |
| 359 | 368 | zTo, zSubname, zSubject); |
| 360 | 369 | if( zURL ){ |
| 361 | 370 | const char *zCode = db_column_text(&q, 1); |
| 371 | + blob_truncate(&body, nBody); | |
| 362 | 372 | blob_appendf(&body,"\n-- \nSubscription info: %s/alerts/%s\n", |
| 363 | 373 | zURL, zCode); |
| 364 | 374 | } |
| 365 | 375 | alert_send(pSender, &hdr, &body, 0); |
| 366 | 376 | } |
| @@ -462,10 +472,11 @@ | ||
| 462 | 472 | /* This might be a cross-site request forgery, so ignore it */ |
| 463 | 473 | }else{ |
| 464 | 474 | /* We have all the information we need to make the change to the user */ |
| 465 | 475 | char c; |
| 466 | 476 | int bHasNewCaps = 0 /* 1 if user's permissions are increased */; |
| 477 | + const int bIsNew = uid<=0; | |
| 467 | 478 | char aCap[70], zNm[4]; |
| 468 | 479 | zNm[0] = 'a'; |
| 469 | 480 | zNm[2] = 0; |
| 470 | 481 | for(i=0, c='a'; c<='z'; c++){ |
| 471 | 482 | zNm[1] = c; |
| @@ -514,15 +525,24 @@ | ||
| 514 | 525 | style_finish_page(); |
| 515 | 526 | return; |
| 516 | 527 | } |
| 517 | 528 | cgi_csrf_verify(); |
| 518 | 529 | db_unprotect(PROTECT_USER); |
| 519 | - db_multi_exec( | |
| 520 | - "REPLACE INTO user(uid,login,info,pw,cap,mtime) " | |
| 521 | - "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())", | |
| 522 | - uid, zLogin, P("info"), zPw, &aCap[0] | |
| 523 | - ); | |
| 530 | + { | |
| 531 | + Stmt q; | |
| 532 | + db_prepare(&q, | |
| 533 | + "REPLACE INTO user(uid,login,info,pw,cap,mtime) " | |
| 534 | + "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now()) " | |
| 535 | + "RETURNING uid", | |
| 536 | + uid, zLogin, P("info"), zPw, &aCap[0]); | |
| 537 | + if( SQLITE_ROW==db_step(&q) ){ | |
| 538 | + uid = db_column_int(&q, 0); | |
| 539 | + }else{ | |
| 540 | + fossil_fatal("Inserting new user failed"); | |
| 541 | + } | |
| 542 | + db_finalize(&q); | |
| 543 | + } | |
| 524 | 544 | if( zOldLogin && fossil_strcmp(zLogin, zOldLogin)!=0 ){ |
| 525 | 545 | if( alert_tables_exist() ){ |
| 526 | 546 | /* Rename matching subscriber entry, else the user cannot |
| 527 | 547 | re-subscribe with their same email address. */ |
| 528 | 548 | db_multi_exec("UPDATE subscriber SET suname=%Q WHERE suname=%Q", |
| @@ -530,13 +550,17 @@ | ||
| 530 | 550 | } |
| 531 | 551 | admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin ); |
| 532 | 552 | } |
| 533 | 553 | db_protect_pop(); |
| 534 | 554 | setup_incr_cfgcnt(); |
| 535 | - admin_log( "Updated user [%q] with%s capabilities [%q].", | |
| 536 | - zLogin, bHasNewCaps ? " new" : "", | |
| 537 | - &aCap[0] ); | |
| 555 | + if( bIsNew ){ | |
| 556 | + admin_log( "Added user [%q] with capabilities [%q].", | |
| 557 | + zLogin, &aCap[0] ); | |
| 558 | + }else { | |
| 559 | + admin_log( "Updated user [%q] with capabilities [%q].", | |
| 560 | + zLogin, &aCap[0] ); | |
| 561 | + } | |
| 538 | 562 | if( atoi(PD("all","0"))>0 ){ |
| 539 | 563 | Blob sql; |
| 540 | 564 | char *zErr = 0; |
| 541 | 565 | blob_zero(&sql); |
| 542 | 566 | if( zOldLogin==0 ){ |
| @@ -587,17 +611,17 @@ | ||
| 587 | 611 | @ |
| 588 | 612 | @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> |
| 589 | 613 | @ [Bummer]</a></p> |
| 590 | 614 | style_finish_page(); |
| 591 | 615 | if( bHasNewCaps ){ |
| 592 | - alert_user_elevation(zLogin, uid, zOldCaps, &aCap[0]); | |
| 616 | + alert_user_elevation(zLogin, uid, bIsNew, zOldCaps, &aCap[0]); | |
| 593 | 617 | } |
| 594 | 618 | return; |
| 595 | 619 | } |
| 596 | 620 | } |
| 597 | 621 | if( bHasNewCaps ){ |
| 598 | - alert_user_elevation(zLogin, uid, zOldCaps, &aCap[0]); | |
| 622 | + alert_user_elevation(zLogin, uid, bIsNew, zOldCaps, &aCap[0]); | |
| 599 | 623 | } |
| 600 | 624 | cgi_redirect(cgi_referer("setup_ulist")); |
| 601 | 625 | return; |
| 602 | 626 | } |
| 603 | 627 | |
| 604 | 628 |
| --- src/setupuser.c | |
| +++ src/setupuser.c | |
| @@ -324,28 +324,37 @@ | |
| 324 | ** Sends notification of user permission elevation changes to all |
| 325 | ** subscribers with a "u" subscription. |
| 326 | */ |
| 327 | static void alert_user_elevation(const char *zLogin, /*Affected user*/ |
| 328 | int uid, /*[user].uid*/ |
| 329 | const char *zOrigCaps,/*Old caps*/ |
| 330 | const char *zNewCaps /*New caps*/){ |
| 331 | Blob hdr, body; |
| 332 | Stmt q; |
| 333 | int nUsed; |
| 334 | AlertSender *pSender; |
| 335 | char *zSubname = db_get("email-subname", "[Fossil Repo]"); |
| 336 | char *zURL = db_get("email-url",0); |
| 337 | char * zSubject = mprintf("User [%q] permissions elevated", zLogin); |
| 338 | blob_init(&body, 0, 0); |
| 339 | blob_init(&hdr, 0, 0); |
| 340 | blob_appendf(&body, "Permissions for user [%q] where elevated " |
| 341 | "from [%q] to [%q] by user [%q].\n", |
| 342 | zLogin, zOrigCaps, zNewCaps, g.zLogin); |
| 343 | if( zURL ){ |
| 344 | blob_appendf(&body, "User editor: %s/setup_uedit?uid=%d\n", zURL, uid); |
| 345 | } |
| 346 | nUsed = blob_size(&body); |
| 347 | pSender = alert_sender_new(0, 0); |
| 348 | db_prepare(&q, |
| 349 | "SELECT semail, hex(subscriberCode)" |
| 350 | " FROM subscriber, user " |
| 351 | " WHERE sverified AND NOT sdonotcall" |
| @@ -357,10 +366,11 @@ | |
| 357 | blob_truncate(&hdr, 0); |
| 358 | blob_appendf(&hdr, "To: <%s>\r\nSubject: %s %s\r\n", |
| 359 | zTo, zSubname, zSubject); |
| 360 | if( zURL ){ |
| 361 | const char *zCode = db_column_text(&q, 1); |
| 362 | blob_appendf(&body,"\n-- \nSubscription info: %s/alerts/%s\n", |
| 363 | zURL, zCode); |
| 364 | } |
| 365 | alert_send(pSender, &hdr, &body, 0); |
| 366 | } |
| @@ -462,10 +472,11 @@ | |
| 462 | /* This might be a cross-site request forgery, so ignore it */ |
| 463 | }else{ |
| 464 | /* We have all the information we need to make the change to the user */ |
| 465 | char c; |
| 466 | int bHasNewCaps = 0 /* 1 if user's permissions are increased */; |
| 467 | char aCap[70], zNm[4]; |
| 468 | zNm[0] = 'a'; |
| 469 | zNm[2] = 0; |
| 470 | for(i=0, c='a'; c<='z'; c++){ |
| 471 | zNm[1] = c; |
| @@ -514,15 +525,24 @@ | |
| 514 | style_finish_page(); |
| 515 | return; |
| 516 | } |
| 517 | cgi_csrf_verify(); |
| 518 | db_unprotect(PROTECT_USER); |
| 519 | db_multi_exec( |
| 520 | "REPLACE INTO user(uid,login,info,pw,cap,mtime) " |
| 521 | "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())", |
| 522 | uid, zLogin, P("info"), zPw, &aCap[0] |
| 523 | ); |
| 524 | if( zOldLogin && fossil_strcmp(zLogin, zOldLogin)!=0 ){ |
| 525 | if( alert_tables_exist() ){ |
| 526 | /* Rename matching subscriber entry, else the user cannot |
| 527 | re-subscribe with their same email address. */ |
| 528 | db_multi_exec("UPDATE subscriber SET suname=%Q WHERE suname=%Q", |
| @@ -530,13 +550,17 @@ | |
| 530 | } |
| 531 | admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin ); |
| 532 | } |
| 533 | db_protect_pop(); |
| 534 | setup_incr_cfgcnt(); |
| 535 | admin_log( "Updated user [%q] with%s capabilities [%q].", |
| 536 | zLogin, bHasNewCaps ? " new" : "", |
| 537 | &aCap[0] ); |
| 538 | if( atoi(PD("all","0"))>0 ){ |
| 539 | Blob sql; |
| 540 | char *zErr = 0; |
| 541 | blob_zero(&sql); |
| 542 | if( zOldLogin==0 ){ |
| @@ -587,17 +611,17 @@ | |
| 587 | @ |
| 588 | @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> |
| 589 | @ [Bummer]</a></p> |
| 590 | style_finish_page(); |
| 591 | if( bHasNewCaps ){ |
| 592 | alert_user_elevation(zLogin, uid, zOldCaps, &aCap[0]); |
| 593 | } |
| 594 | return; |
| 595 | } |
| 596 | } |
| 597 | if( bHasNewCaps ){ |
| 598 | alert_user_elevation(zLogin, uid, zOldCaps, &aCap[0]); |
| 599 | } |
| 600 | cgi_redirect(cgi_referer("setup_ulist")); |
| 601 | return; |
| 602 | } |
| 603 | |
| 604 |
| --- src/setupuser.c | |
| +++ src/setupuser.c | |
| @@ -324,28 +324,37 @@ | |
| 324 | ** Sends notification of user permission elevation changes to all |
| 325 | ** subscribers with a "u" subscription. |
| 326 | */ |
| 327 | static void alert_user_elevation(const char *zLogin, /*Affected user*/ |
| 328 | int uid, /*[user].uid*/ |
| 329 | int bIsNew, /*true if new user*/ |
| 330 | const char *zOrigCaps,/*Old caps*/ |
| 331 | const char *zNewCaps /*New caps*/){ |
| 332 | Blob hdr, body; |
| 333 | Stmt q; |
| 334 | int nBody; |
| 335 | AlertSender *pSender; |
| 336 | char *zSubname = db_get("email-subname", "[Fossil Repo]"); |
| 337 | char *zURL = db_get("email-url",0); |
| 338 | char * zSubject = bIsNew |
| 339 | ? mprintf("New user created: [%q]", zLogin) |
| 340 | : mprintf("User [%q] permissions elevated", zLogin); |
| 341 | blob_init(&body, 0, 0); |
| 342 | blob_init(&hdr, 0, 0); |
| 343 | if( bIsNew ){ |
| 344 | blob_appendf(&body, "User [%q] was created by with " |
| 345 | "permissions [%q] by user [%q].\n", |
| 346 | zLogin, zNewCaps, g.zLogin); |
| 347 | } else { |
| 348 | blob_appendf(&body, "Permissions for user [%q] where elevated " |
| 349 | "from [%q] to [%q] by user [%q].\n", |
| 350 | zLogin, zOrigCaps, zNewCaps, g.zLogin); |
| 351 | } |
| 352 | if( zURL ){ |
| 353 | blob_appendf(&body, "\nUser editor: %s/setup_uedit?uid=%d\n", zURL, uid); |
| 354 | } |
| 355 | nBody = blob_size(&body); |
| 356 | pSender = alert_sender_new(0, 0); |
| 357 | db_prepare(&q, |
| 358 | "SELECT semail, hex(subscriberCode)" |
| 359 | " FROM subscriber, user " |
| 360 | " WHERE sverified AND NOT sdonotcall" |
| @@ -357,10 +366,11 @@ | |
| 366 | blob_truncate(&hdr, 0); |
| 367 | blob_appendf(&hdr, "To: <%s>\r\nSubject: %s %s\r\n", |
| 368 | zTo, zSubname, zSubject); |
| 369 | if( zURL ){ |
| 370 | const char *zCode = db_column_text(&q, 1); |
| 371 | blob_truncate(&body, nBody); |
| 372 | blob_appendf(&body,"\n-- \nSubscription info: %s/alerts/%s\n", |
| 373 | zURL, zCode); |
| 374 | } |
| 375 | alert_send(pSender, &hdr, &body, 0); |
| 376 | } |
| @@ -462,10 +472,11 @@ | |
| 472 | /* This might be a cross-site request forgery, so ignore it */ |
| 473 | }else{ |
| 474 | /* We have all the information we need to make the change to the user */ |
| 475 | char c; |
| 476 | int bHasNewCaps = 0 /* 1 if user's permissions are increased */; |
| 477 | const int bIsNew = uid<=0; |
| 478 | char aCap[70], zNm[4]; |
| 479 | zNm[0] = 'a'; |
| 480 | zNm[2] = 0; |
| 481 | for(i=0, c='a'; c<='z'; c++){ |
| 482 | zNm[1] = c; |
| @@ -514,15 +525,24 @@ | |
| 525 | style_finish_page(); |
| 526 | return; |
| 527 | } |
| 528 | cgi_csrf_verify(); |
| 529 | db_unprotect(PROTECT_USER); |
| 530 | { |
| 531 | Stmt q; |
| 532 | db_prepare(&q, |
| 533 | "REPLACE INTO user(uid,login,info,pw,cap,mtime) " |
| 534 | "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now()) " |
| 535 | "RETURNING uid", |
| 536 | uid, zLogin, P("info"), zPw, &aCap[0]); |
| 537 | if( SQLITE_ROW==db_step(&q) ){ |
| 538 | uid = db_column_int(&q, 0); |
| 539 | }else{ |
| 540 | fossil_fatal("Inserting new user failed"); |
| 541 | } |
| 542 | db_finalize(&q); |
| 543 | } |
| 544 | if( zOldLogin && fossil_strcmp(zLogin, zOldLogin)!=0 ){ |
| 545 | if( alert_tables_exist() ){ |
| 546 | /* Rename matching subscriber entry, else the user cannot |
| 547 | re-subscribe with their same email address. */ |
| 548 | db_multi_exec("UPDATE subscriber SET suname=%Q WHERE suname=%Q", |
| @@ -530,13 +550,17 @@ | |
| 550 | } |
| 551 | admin_log( "Renamed user [%q] to [%q].", zOldLogin, zLogin ); |
| 552 | } |
| 553 | db_protect_pop(); |
| 554 | setup_incr_cfgcnt(); |
| 555 | if( bIsNew ){ |
| 556 | admin_log( "Added user [%q] with capabilities [%q].", |
| 557 | zLogin, &aCap[0] ); |
| 558 | }else { |
| 559 | admin_log( "Updated user [%q] with capabilities [%q].", |
| 560 | zLogin, &aCap[0] ); |
| 561 | } |
| 562 | if( atoi(PD("all","0"))>0 ){ |
| 563 | Blob sql; |
| 564 | char *zErr = 0; |
| 565 | blob_zero(&sql); |
| 566 | if( zOldLogin==0 ){ |
| @@ -587,17 +611,17 @@ | |
| 611 | @ |
| 612 | @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> |
| 613 | @ [Bummer]</a></p> |
| 614 | style_finish_page(); |
| 615 | if( bHasNewCaps ){ |
| 616 | alert_user_elevation(zLogin, uid, bIsNew, zOldCaps, &aCap[0]); |
| 617 | } |
| 618 | return; |
| 619 | } |
| 620 | } |
| 621 | if( bHasNewCaps ){ |
| 622 | alert_user_elevation(zLogin, uid, bIsNew, zOldCaps, &aCap[0]); |
| 623 | } |
| 624 | cgi_redirect(cgi_referer("setup_ulist")); |
| 625 | return; |
| 626 | } |
| 627 | |
| 628 |