Fossil SCM
Allow Admin user to changes user information. Add a "User" link on the main menu for Admin users.
Commit
f8831f447afc6de276525f5f47ff6e0f1ce7ee04
Parent
92f6d3d7867af3d…
2 files changed
+12
-10
+2
+12
-10
| --- src/setup.c | ||
| +++ src/setup.c | ||
| @@ -93,11 +93,11 @@ | ||
| 93 | 93 | */ |
| 94 | 94 | void setup_ulist(void){ |
| 95 | 95 | Stmt s; |
| 96 | 96 | |
| 97 | 97 | login_check_credentials(); |
| 98 | - if( !g.okSetup ){ | |
| 98 | + if( !g.okAdmin ){ | |
| 99 | 99 | login_needed(); |
| 100 | 100 | return; |
| 101 | 101 | } |
| 102 | 102 | |
| 103 | 103 | style_submenu_element("Add", "Add User", "setup_uedit"); |
| @@ -112,21 +112,23 @@ | ||
| 112 | 112 | @ <th>Capabilities</th><td width="15"> </td> |
| 113 | 113 | @ <th>Contact Info</th> |
| 114 | 114 | @ </tr> |
| 115 | 115 | db_prepare(&s, "SELECT uid, login, cap, info FROM user ORDER BY login"); |
| 116 | 116 | while( db_step(&s)==SQLITE_ROW ){ |
| 117 | + const char *zCap = db_column_text(&s, 2); | |
| 118 | + if( strstr(zCap, "s") ) zCap = "s"; | |
| 117 | 119 | @ <tr> |
| 118 | 120 | @ <td align="right"> |
| 119 | - if( g.okAdmin ){ | |
| 121 | + if( g.okAdmin && (zCap[0]!='s' || g.okSetup) ){ | |
| 120 | 122 | @ <a href="setup_uedit?id=%d(db_column_int(&s,0))"> |
| 121 | 123 | } |
| 122 | 124 | @ <nobr>%h(db_column_text(&s,1))</nobr> |
| 123 | 125 | if( g.okAdmin ){ |
| 124 | 126 | @ </a> |
| 125 | 127 | } |
| 126 | 128 | @ </td><td> </td> |
| 127 | - @ <td align="center">%s(db_column_text(&s,2))</td> | |
| 129 | + @ <td align="center">%s(zCap)</td> | |
| 128 | 130 | @ <td> </td> |
| 129 | 131 | @ <td align="left">%s(db_column_text(&s,3))</td> |
| 130 | 132 | @ </tr> |
| 131 | 133 | } |
| 132 | 134 | @ </table></td></tr></table> |
| @@ -191,11 +193,11 @@ | ||
| 191 | 193 | */ |
| 192 | 194 | zId = PD("id", "0"); |
| 193 | 195 | uid = atoi(zId); |
| 194 | 196 | if( zId && !g.okSetup && uid>0 ){ |
| 195 | 197 | char *zOldCaps; |
| 196 | - zOldCaps = db_text(0, "SELECT caps FROM user WHERE uid=%d",uid); | |
| 198 | + zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid); | |
| 197 | 199 | higherUser = zOldCaps && strchr(zOldCaps,'s'); |
| 198 | 200 | } |
| 199 | 201 | |
| 200 | 202 | if( P("can") ){ |
| 201 | 203 | cgi_redirect("setup_ulist"); |
| @@ -370,22 +372,22 @@ | ||
| 370 | 372 | } |
| 371 | 373 | @ </table></td></tr></table> |
| 372 | 374 | @ <p><b>Notes:</b></p> |
| 373 | 375 | @ <ol> |
| 374 | 376 | if( higherUser ){ |
| 375 | - @ <li><p> | |
| 376 | - @ User %h(zId) has Setup privileges and you only have Admin privileges | |
| 377 | - @ so you are not permitted to make changes to %h(zId). | |
| 378 | - @ </p></li> | |
| 377 | + @ <li><p><font color="blue"><b> | |
| 378 | + @ User %h(zLogin) has Setup privileges and you only have Admin privileges | |
| 379 | + @ so you are not permitted to make changes to %h(zLogin). | |
| 380 | + @ </b></font></p></li> | |
| 379 | 381 | @ |
| 380 | 382 | } |
| 381 | 383 | @ |
| 382 | 384 | @ <li><p> |
| 383 | 385 | @ The <b>Setup</b> user can make arbitrary configuration changes. |
| 384 | 386 | @ An <b>Admin</b> user can add other users and change user privileges |
| 385 | - @ and reset user passwords. | |
| 386 | - @ Use these two settings with discretion. | |
| 387 | + @ and reset user passwords. Both automatically get all other privileges | |
| 388 | + @ listed below. Use these two settings with discretion. | |
| 387 | 389 | @ </p></li> |
| 388 | 390 | @ |
| 389 | 391 | @ <li><p> |
| 390 | 392 | @ The <b>Delete</b> privilege give the user the ability to erase |
| 391 | 393 | @ wiki, tickets, and attachments that have been added by anonymous |
| 392 | 394 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -93,11 +93,11 @@ | |
| 93 | */ |
| 94 | void setup_ulist(void){ |
| 95 | Stmt s; |
| 96 | |
| 97 | login_check_credentials(); |
| 98 | if( !g.okSetup ){ |
| 99 | login_needed(); |
| 100 | return; |
| 101 | } |
| 102 | |
| 103 | style_submenu_element("Add", "Add User", "setup_uedit"); |
| @@ -112,21 +112,23 @@ | |
| 112 | @ <th>Capabilities</th><td width="15"> </td> |
| 113 | @ <th>Contact Info</th> |
| 114 | @ </tr> |
| 115 | db_prepare(&s, "SELECT uid, login, cap, info FROM user ORDER BY login"); |
| 116 | while( db_step(&s)==SQLITE_ROW ){ |
| 117 | @ <tr> |
| 118 | @ <td align="right"> |
| 119 | if( g.okAdmin ){ |
| 120 | @ <a href="setup_uedit?id=%d(db_column_int(&s,0))"> |
| 121 | } |
| 122 | @ <nobr>%h(db_column_text(&s,1))</nobr> |
| 123 | if( g.okAdmin ){ |
| 124 | @ </a> |
| 125 | } |
| 126 | @ </td><td> </td> |
| 127 | @ <td align="center">%s(db_column_text(&s,2))</td> |
| 128 | @ <td> </td> |
| 129 | @ <td align="left">%s(db_column_text(&s,3))</td> |
| 130 | @ </tr> |
| 131 | } |
| 132 | @ </table></td></tr></table> |
| @@ -191,11 +193,11 @@ | |
| 191 | */ |
| 192 | zId = PD("id", "0"); |
| 193 | uid = atoi(zId); |
| 194 | if( zId && !g.okSetup && uid>0 ){ |
| 195 | char *zOldCaps; |
| 196 | zOldCaps = db_text(0, "SELECT caps FROM user WHERE uid=%d",uid); |
| 197 | higherUser = zOldCaps && strchr(zOldCaps,'s'); |
| 198 | } |
| 199 | |
| 200 | if( P("can") ){ |
| 201 | cgi_redirect("setup_ulist"); |
| @@ -370,22 +372,22 @@ | |
| 370 | } |
| 371 | @ </table></td></tr></table> |
| 372 | @ <p><b>Notes:</b></p> |
| 373 | @ <ol> |
| 374 | if( higherUser ){ |
| 375 | @ <li><p> |
| 376 | @ User %h(zId) has Setup privileges and you only have Admin privileges |
| 377 | @ so you are not permitted to make changes to %h(zId). |
| 378 | @ </p></li> |
| 379 | @ |
| 380 | } |
| 381 | @ |
| 382 | @ <li><p> |
| 383 | @ The <b>Setup</b> user can make arbitrary configuration changes. |
| 384 | @ An <b>Admin</b> user can add other users and change user privileges |
| 385 | @ and reset user passwords. |
| 386 | @ Use these two settings with discretion. |
| 387 | @ </p></li> |
| 388 | @ |
| 389 | @ <li><p> |
| 390 | @ The <b>Delete</b> privilege give the user the ability to erase |
| 391 | @ wiki, tickets, and attachments that have been added by anonymous |
| 392 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -93,11 +93,11 @@ | |
| 93 | */ |
| 94 | void setup_ulist(void){ |
| 95 | Stmt s; |
| 96 | |
| 97 | login_check_credentials(); |
| 98 | if( !g.okAdmin ){ |
| 99 | login_needed(); |
| 100 | return; |
| 101 | } |
| 102 | |
| 103 | style_submenu_element("Add", "Add User", "setup_uedit"); |
| @@ -112,21 +112,23 @@ | |
| 112 | @ <th>Capabilities</th><td width="15"> </td> |
| 113 | @ <th>Contact Info</th> |
| 114 | @ </tr> |
| 115 | db_prepare(&s, "SELECT uid, login, cap, info FROM user ORDER BY login"); |
| 116 | while( db_step(&s)==SQLITE_ROW ){ |
| 117 | const char *zCap = db_column_text(&s, 2); |
| 118 | if( strstr(zCap, "s") ) zCap = "s"; |
| 119 | @ <tr> |
| 120 | @ <td align="right"> |
| 121 | if( g.okAdmin && (zCap[0]!='s' || g.okSetup) ){ |
| 122 | @ <a href="setup_uedit?id=%d(db_column_int(&s,0))"> |
| 123 | } |
| 124 | @ <nobr>%h(db_column_text(&s,1))</nobr> |
| 125 | if( g.okAdmin ){ |
| 126 | @ </a> |
| 127 | } |
| 128 | @ </td><td> </td> |
| 129 | @ <td align="center">%s(zCap)</td> |
| 130 | @ <td> </td> |
| 131 | @ <td align="left">%s(db_column_text(&s,3))</td> |
| 132 | @ </tr> |
| 133 | } |
| 134 | @ </table></td></tr></table> |
| @@ -191,11 +193,11 @@ | |
| 193 | */ |
| 194 | zId = PD("id", "0"); |
| 195 | uid = atoi(zId); |
| 196 | if( zId && !g.okSetup && uid>0 ){ |
| 197 | char *zOldCaps; |
| 198 | zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid); |
| 199 | higherUser = zOldCaps && strchr(zOldCaps,'s'); |
| 200 | } |
| 201 | |
| 202 | if( P("can") ){ |
| 203 | cgi_redirect("setup_ulist"); |
| @@ -370,22 +372,22 @@ | |
| 372 | } |
| 373 | @ </table></td></tr></table> |
| 374 | @ <p><b>Notes:</b></p> |
| 375 | @ <ol> |
| 376 | if( higherUser ){ |
| 377 | @ <li><p><font color="blue"><b> |
| 378 | @ User %h(zLogin) has Setup privileges and you only have Admin privileges |
| 379 | @ so you are not permitted to make changes to %h(zLogin). |
| 380 | @ </b></font></p></li> |
| 381 | @ |
| 382 | } |
| 383 | @ |
| 384 | @ <li><p> |
| 385 | @ The <b>Setup</b> user can make arbitrary configuration changes. |
| 386 | @ An <b>Admin</b> user can add other users and change user privileges |
| 387 | @ and reset user passwords. Both automatically get all other privileges |
| 388 | @ listed below. Use these two settings with discretion. |
| 389 | @ </p></li> |
| 390 | @ |
| 391 | @ <li><p> |
| 392 | @ The <b>Delete</b> privilege give the user the ability to erase |
| 393 | @ wiki, tickets, and attachments that have been added by anonymous |
| 394 |
+2
| --- src/style.c | ||
| +++ src/style.c | ||
| @@ -190,10 +190,12 @@ | ||
| 190 | 190 | @ if {[hascap j]} { |
| 191 | 191 | @ html "<a href='$baseurl/wiki'>Wiki</a>" |
| 192 | 192 | @ } |
| 193 | 193 | @ if {[hascap s]} { |
| 194 | 194 | @ html "<a href='$baseurl/setup'>Setup</a>" |
| 195 | +@ } elseif {[hascap a]} { | |
| 196 | +@ html "<a href='$baseurl/setup_ulist'>Users</a>" | |
| 195 | 197 | @ } |
| 196 | 198 | @ if {[info exists login]} { |
| 197 | 199 | @ html "<a href='$baseurl/login'>Logout</a>" |
| 198 | 200 | @ } else { |
| 199 | 201 | @ html "<a href='$baseurl/login'>Login</a>" |
| 200 | 202 |
| --- src/style.c | |
| +++ src/style.c | |
| @@ -190,10 +190,12 @@ | |
| 190 | @ if {[hascap j]} { |
| 191 | @ html "<a href='$baseurl/wiki'>Wiki</a>" |
| 192 | @ } |
| 193 | @ if {[hascap s]} { |
| 194 | @ html "<a href='$baseurl/setup'>Setup</a>" |
| 195 | @ } |
| 196 | @ if {[info exists login]} { |
| 197 | @ html "<a href='$baseurl/login'>Logout</a>" |
| 198 | @ } else { |
| 199 | @ html "<a href='$baseurl/login'>Login</a>" |
| 200 |
| --- src/style.c | |
| +++ src/style.c | |
| @@ -190,10 +190,12 @@ | |
| 190 | @ if {[hascap j]} { |
| 191 | @ html "<a href='$baseurl/wiki'>Wiki</a>" |
| 192 | @ } |
| 193 | @ if {[hascap s]} { |
| 194 | @ html "<a href='$baseurl/setup'>Setup</a>" |
| 195 | @ } elseif {[hascap a]} { |
| 196 | @ html "<a href='$baseurl/setup_ulist'>Users</a>" |
| 197 | @ } |
| 198 | @ if {[info exists login]} { |
| 199 | @ html "<a href='$baseurl/login'>Logout</a>" |
| 200 | @ } else { |
| 201 | @ html "<a href='$baseurl/login'>Login</a>" |
| 202 |