Fossil SCM

In the capability summary matrix (shown on the Security Audit page, for example) do not attribute "anonymous" capabilities to user "nobody".

drh 2020-01-28 15:33 trunk

Commit b833df21f799caadb3b3a612a64304765a316ab8a181b94127ee5dc355f3be1e

Parent e8f24f7ecdc1707…

1 file changed +2 -1

M src/capabilities.c

+2 -1

		--- src/capabilities.c
		+++ src/capabilities.c
		@@ -362,11 +362,12 @@
362	362	void capability_summary(void){
363	363	Stmt q;
364	364	db_prepare(&q,
365	365	"WITH t(id,seq) AS (VALUES('nobody',1),('anonymous',2),('reader',3),"
366	366	"('developer',4))"
367		- " SELECT id, fullcap(user.cap),seq,1"
	367	+ " SELECT id, CASE WHEN user.login='nobody' THEN user.cap"
	368	+ " ELSE fullcap(user.cap) END,seq,1"
368	369	" FROM t LEFT JOIN user ON t.id=user.login"
369	370	" UNION ALL"
370	371	" SELECT 'New User Default', fullcap(%Q), 10, 1"
371	372	" UNION ALL"
372	373	" SELECT 'Regular User', fullcap(capunion(cap)), 20, count(*) FROM user"
373	374

	--- src/capabilities.c
	+++ src/capabilities.c
	@@ -362,11 +362,12 @@
362	void capability_summary(void){
363	Stmt q;
364	db_prepare(&q,
365	"WITH t(id,seq) AS (VALUES('nobody',1),('anonymous',2),('reader',3),"
366	"('developer',4))"
367	" SELECT id, fullcap(user.cap),seq,1"

368	" FROM t LEFT JOIN user ON t.id=user.login"
369	" UNION ALL"
370	" SELECT 'New User Default', fullcap(%Q), 10, 1"
371	" UNION ALL"
372	" SELECT 'Regular User', fullcap(capunion(cap)), 20, count(*) FROM user"
373

	--- src/capabilities.c
	+++ src/capabilities.c
	@@ -362,11 +362,12 @@
362	void capability_summary(void){
363	Stmt q;
364	db_prepare(&q,
365	"WITH t(id,seq) AS (VALUES('nobody',1),('anonymous',2),('reader',3),"
366	"('developer',4))"
367	" SELECT id, CASE WHEN user.login='nobody' THEN user.cap"
368	" ELSE fullcap(user.cap) END,seq,1"
369	" FROM t LEFT JOIN user ON t.id=user.login"
370	" UNION ALL"
371	" SELECT 'New User Default', fullcap(%Q), 10, 1"
372	" UNION ALL"
373	" SELECT 'Regular User', fullcap(capunion(cap)), 20, count(*) FROM user"
374