Fossil SCM

User edits can be applied to a single repository or across the entire login group.

drh 2011-04-08 18:45 UTC login-groups

Commit a3fbd4fa9d7628568a7744888ff2808d953130dd

Parent eec32b99dd74d22…

2 files changed +47 +1 -1

M src/setup.c

+47

		--- src/setup.c
		+++ src/setup.c
		@@ -248,10 +248,12 @@
248	248	void user_edit(void){
249	249	const char zId, zLogin, zInfo, zCap, *zPw;
250	250	char oaa, oas, oar, oaw, oan, oai, oaj, oao, *oap;
251	251	char oak, oad, oac, oaf, oam, oah, oag, oae;
252	252	char oat, oau, oav, oab, oax, oaz;
	253	+ const char *zGroup;
	254	+ const char *zOldLogin;
253	255	const char *inherit[128];
254	256	int doWrite;
255	257	int uid;
256	258	int higherUser = 0; /* True if user being edited is SETUP and the */
257	259	/* user doing the editing is ADMIN. Disallow editing */
		@@ -338,10 +340,11 @@
338	340	if( isValidPwString(zPw) ){
339	341	zPw = sha1_shared_secret(zPw, zLogin, 0);
340	342	}else{
341	343	zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
342	344	}
	345	+ zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
343	346	if( uid>0 &&
344	347	db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid)
345	348	){
346	349	style_header("User Creation Error");
347	350	@ <span class="loginError">Login "%h(zLogin)" is already used by
		@@ -355,10 +358,43 @@
355	358	db_multi_exec(
356	359	"REPLACE INTO user(uid,login,info,pw,cap) "
357	360	"VALUES(nullif(%d,0),%Q,%Q,%Q,'%s')",
358	361	uid, P("login"), P("info"), zPw, zCap
359	362	);
	363	+ if( atoi(PD("all","0"))>0 ){
	364	+ Blob sql;
	365	+ char *zErr = 0;
	366	+ blob_zero(&sql);
	367	+ if( zOldLogin==0 ){
	368	+ blob_appendf(&sql,
	369	+ "INSERT INTO user(login)"
	370	+ " SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
	371	+ zLogin, zLogin
	372	+ );
	373	+ zOldLogin = zLogin;
	374	+ }
	375	+ blob_appendf(&sql,
	376	+ "UPDATE user SET login=%Q,"
	377	+ " pw=coalesce(shared_secret(%Q,%Q,"
	378	+ "(SELECT value FROM config WHERE name='project-code')),pw),"
	379	+ " info=%Q,"
	380	+ " cap=%Q"
	381	+ " WHERE login=%Q;",
	382	+ zLogin, P("pw"), zLogin, P("info"), zCap,
	383	+ zOldLogin
	384	+ );
	385	+ login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr);
	386	+ blob_reset(&sql);
	387	+ if( zErr ){
	388	+ style_header("User Change Error");
	389	+ @ <span class="loginError">%s(zErr)</span>
	390	+ @
	391	+ @ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p>
	392	+ style_footer();
	393	+ return;
	394	+ }
	395	+ }
360	396	cgi_redirect("setup_ulist");
361	397	return;
362	398	}
363	399
364	400	/* Load the existing information about the user, if any
		@@ -505,10 +541,21 @@
505	541	}else{
506	542	/* Show an empty password as an empty input field */
507	543	@ <td><input type="password" name="pw" value="" /></td>
508	544	}
509	545	@ </tr>
	546	+ zGroup = db_get("login-group-name", 0);
	547	+ if( zGroup ){
	548	+ @ <tr>
	549	+ @ <td valign="top" align="right">Scope:</td>
	550	+ @ <td valign="top">
	551	+ @ <input type="radio" name="all" checked value="0">
	552	+ @ Apply changes to this repository only.<br />
	553	+ @ <input type="radio" name="all" value="1">
	554	+ @ Apply changes to all repositories in the "<b>%h(zGroup)</b>"
	555	+ @ login group.</td></tr>
	556	+ }
510	557	if( !higherUser ){
511	558	@ <tr>
512	559	@ <td> </td>
513	560	@ <td><input type="submit" name="submit" value="Apply Changes" /></td>
514	561	@ </tr>
515	562

	--- src/setup.c
	+++ src/setup.c
	@@ -248,10 +248,12 @@
248	void user_edit(void){
249	const char zId, zLogin, zInfo, zCap, *zPw;
250	char oaa, oas, oar, oaw, oan, oai, oaj, oao, *oap;
251	char oak, oad, oac, oaf, oam, oah, oag, oae;
252	char oat, oau, oav, oab, oax, oaz;


253	const char *inherit[128];
254	int doWrite;
255	int uid;
256	int higherUser = 0; /* True if user being edited is SETUP and the */
257	/* user doing the editing is ADMIN. Disallow editing */
	@@ -338,10 +340,11 @@
338	if( isValidPwString(zPw) ){
339	zPw = sha1_shared_secret(zPw, zLogin, 0);
340	}else{
341	zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
342	}

343	if( uid>0 &&
344	db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid)
345	){
346	style_header("User Creation Error");
347	@ <span class="loginError">Login "%h(zLogin)" is already used by
	@@ -355,10 +358,43 @@
355	db_multi_exec(
356	"REPLACE INTO user(uid,login,info,pw,cap) "
357	"VALUES(nullif(%d,0),%Q,%Q,%Q,'%s')",
358	uid, P("login"), P("info"), zPw, zCap
359	);

































360	cgi_redirect("setup_ulist");
361	return;
362	}
363
364	/* Load the existing information about the user, if any
	@@ -505,10 +541,21 @@
505	}else{
506	/* Show an empty password as an empty input field */
507	@ <td><input type="password" name="pw" value="" /></td>
508	}
509	@ </tr>











510	if( !higherUser ){
511	@ <tr>
512	@ <td> </td>
513	@ <td><input type="submit" name="submit" value="Apply Changes" /></td>
514	@ </tr>
515

	--- src/setup.c
	+++ src/setup.c
	@@ -248,10 +248,12 @@
248	void user_edit(void){
249	const char zId, zLogin, zInfo, zCap, *zPw;
250	char oaa, oas, oar, oaw, oan, oai, oaj, oao, *oap;
251	char oak, oad, oac, oaf, oam, oah, oag, oae;
252	char oat, oau, oav, oab, oax, oaz;
253	const char *zGroup;
254	const char *zOldLogin;
255	const char *inherit[128];
256	int doWrite;
257	int uid;
258	int higherUser = 0; /* True if user being edited is SETUP and the */
259	/* user doing the editing is ADMIN. Disallow editing */
	@@ -338,10 +340,11 @@
340	if( isValidPwString(zPw) ){
341	zPw = sha1_shared_secret(zPw, zLogin, 0);
342	}else{
343	zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
344	}
345	zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
346	if( uid>0 &&
347	db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid)
348	){
349	style_header("User Creation Error");
350	@ <span class="loginError">Login "%h(zLogin)" is already used by
	@@ -355,10 +358,43 @@
358	db_multi_exec(
359	"REPLACE INTO user(uid,login,info,pw,cap) "
360	"VALUES(nullif(%d,0),%Q,%Q,%Q,'%s')",
361	uid, P("login"), P("info"), zPw, zCap
362	);
363	if( atoi(PD("all","0"))>0 ){
364	Blob sql;
365	char *zErr = 0;
366	blob_zero(&sql);
367	if( zOldLogin==0 ){
368	blob_appendf(&sql,
369	"INSERT INTO user(login)"
370	" SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
371	zLogin, zLogin
372	);
373	zOldLogin = zLogin;
374	}
375	blob_appendf(&sql,
376	"UPDATE user SET login=%Q,"
377	" pw=coalesce(shared_secret(%Q,%Q,"
378	"(SELECT value FROM config WHERE name='project-code')),pw),"
379	" info=%Q,"
380	" cap=%Q"
381	" WHERE login=%Q;",
382	zLogin, P("pw"), zLogin, P("info"), zCap,
383	zOldLogin
384	);
385	login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr);
386	blob_reset(&sql);
387	if( zErr ){
388	style_header("User Change Error");
389	@ <span class="loginError">%s(zErr)</span>
390	@
391	@ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p>
392	style_footer();
393	return;
394	}
395	}
396	cgi_redirect("setup_ulist");
397	return;
398	}
399
400	/* Load the existing information about the user, if any
	@@ -505,10 +541,21 @@
541	}else{
542	/* Show an empty password as an empty input field */
543	@ <td><input type="password" name="pw" value="" /></td>
544	}
545	@ </tr>
546	zGroup = db_get("login-group-name", 0);
547	if( zGroup ){
548	@ <tr>
549	@ <td valign="top" align="right">Scope:</td>
550	@ <td valign="top">
551	@ <input type="radio" name="all" checked value="0">
552	@ Apply changes to this repository only.<br />
553	@ <input type="radio" name="all" value="1">
554	@ Apply changes to all repositories in the "<b>%h(zGroup)</b>"
555	@ login group.</td></tr>
556	}
557	if( !higherUser ){
558	@ <tr>
559	@ <td> </td>
560	@ <td><input type="submit" name="submit" value="Apply Changes" /></td>
561	@ </tr>
562

M src/sha1.c

+1 -1

		--- src/sha1.c
		+++ src/sha1.c
		@@ -397,11 +397,11 @@
397	397	const char *zLogin;
398	398	const char *zProjid;
399	399
400	400	assert( argc==2 \|\| argc==3 );
401	401	zPw = (const char*)sqlite3_value_text(argv[0]);
402		- if( zPw==0 ) return;
	402	+ if( zPw==0 \|\| zPw[0]==0 ) return;
403	403	zLogin = (const char*)sqlite3_value_text(argv[1]);
404	404	if( zLogin==0 ) return;
405	405	if( argc==3 ){
406	406	zProjid = (const char*)sqlite3_value_text(argv[2]);
407	407	if( zProjid && zProjid[0]==0 ) zProjid = 0;
408	408

	--- src/sha1.c
	+++ src/sha1.c
	@@ -397,11 +397,11 @@
397	const char *zLogin;
398	const char *zProjid;
399
400	assert( argc==2 \|\| argc==3 );
401	zPw = (const char*)sqlite3_value_text(argv[0]);
402	if( zPw==0 ) return;
403	zLogin = (const char*)sqlite3_value_text(argv[1]);
404	if( zLogin==0 ) return;
405	if( argc==3 ){
406	zProjid = (const char*)sqlite3_value_text(argv[2]);
407	if( zProjid && zProjid[0]==0 ) zProjid = 0;
408

	--- src/sha1.c
	+++ src/sha1.c
	@@ -397,11 +397,11 @@
397	const char *zLogin;
398	const char *zProjid;
399
400	assert( argc==2 \|\| argc==3 );
401	zPw = (const char*)sqlite3_value_text(argv[0]);
402	if( zPw==0 \|\| zPw[0]==0 ) return;
403	zLogin = (const char*)sqlite3_value_text(argv[1]);
404	if( zLogin==0 ) return;
405	if( argc==3 ){
406	zProjid = (const char*)sqlite3_value_text(argv[2]);
407	if( zProjid && zProjid[0]==0 ) zProjid = 0;
408

Fossil SCM

Keyboard Shortcuts