Overview
| SHA1 Hash: | 22c1ac41d4c02c44fe1763b9267a5f06e95c5a24 |
|---|---|
| Date: | 2007-08-23 19:52:19 |
| User: | drh |
| Comment: | Add separate "clone" permissions. Previously, one needed "History" premission in order to clone. But sometimes we want to grant clone without granting history. |
| Timelines: | ancestors | descendants | both | trunk |
| Other Links: | files | ZIP archive | manifest |
Tags And Properties
- branch=trunk inherited from [a28c83647d]
- sym-trunk inherited from [a28c83647d]
Changes
[hide diffs]Modified src/login.c from [8638b80caa] to [4e89d2580b].
@@ -287,16 +287,17 @@
for(i=0; zCap[i]; i++){
switch( zCap[i] ){
case 's': g.okSetup = g.okDelete = 1;
case 'a': g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery =
g.okRdWiki = g.okWrWiki = g.okHistory =
- g.okNewTkt = g.okPassword = 1;
+ g.okNewTkt = g.okPassword = g.okClone = 1;
case 'i': g.okRead = g.okWrite = 1; break;
case 'o': g.okRead = 1; break;
case 'd': g.okDelete = 1; break;
case 'h': g.okHistory = 1; break;
+ case 'g': g.okClone = 1; break;
case 'p': g.okPassword = 1; break;
case 'q': g.okQuery = 1; break;
case 'j': g.okRdWiki = 1; break;
case 'k': g.okWrWiki = g.okRdWiki = g.okApndWiki =1; break;
Modified src/main.c from [b9c1d09428] to [057090c5e8].
@@ -85,26 +85,27 @@ int rcvid; /* The rcvid. 0 if not yet defined. */ char *zIpAddr; /* The remote IP address */ char *zNonce; /* The nonce used for login */ /* permissions used by the server */ - int okRead; /* xfer outbound */ - int okWrite; /* xfer inbound */ - int okSetup; /* use Setup screens on web interface */ - int okRdTkt; /* view tickets via web */ - int okWrTkt; /* make changes to tickets via web */ - int okNewTkt; /* create new tickets */ - int okApndTkt; /* append to tickets via the web */ - int okRdWiki; /* view wiki via web */ - int okWrWiki; /* edit wiki via web */ - int okNewWiki; /* create new wiki via web */ - int okApndWiki; /* append to wiki via web */ - int okPassword; /* change password */ - int okAdmin; /* administrative permission */ - int okDelete; /* delete wiki or tickets */ - int okQuery; /* create new reports */ - int okHistory; /* access historical information */ + int okSetup; /* s: use Setup screens on web interface */ + int okAdmin; /* a: administrative permission */ + int okDelete; /* d: delete wiki or tickets */ + int okPassword; /* p: change password */ + int okQuery; /* q: create new reports */ + int okWrite; /* i: xfer inbound. checkin */ + int okRead; /* o: xfer outbound. checkout */ + int okHistory; /* h: access historical information. */ + int okClone; /* g: clone */ + int okRdWiki; /* j: view wiki via web */ + int okNewWiki; /* f: create new wiki via web */ + int okApndWiki; /* m: append to wiki via web */ + int okWrWiki; /* k: edit wiki via web */ + int okRdTkt; /* r: view tickets via web */ + int okNewTkt; /* n: create new tickets */ + int okApndTkt; /* c: append to tickets via the web */ + int okWrTkt; /* w: make changes to tickets via web */ FILE *fDebug; /* Write debug information here, if the file exists */ }; /*
Modified src/setup.c from [f186580b82] to [d267e09065].
@@ -117,36 +117,41 @@
@ <p style="clear:both">
@ <b>Notes:</b>
@ <ol>
@ <li><p>The permission flags are as follows:</p>
@ <table>
+ @ <tr><td>s</td><td></td><td>Setup: Superuser can do anything</td></tr>
@ <tr><td>a</td><td width="10"></td>
@ <td>Admin: Create or delete users and ticket report formats</td></tr>
@ <tr><td>d</td><td></td>
@ <td>Delete: Erase anonymous wiki, tickets, and attachments</td></tr>
- @ <tr><td>h</td><td></td>
- @ <td>History: Access older version of code, tickets, or wiki</td></tr>
+ @ <tr><td>p</td><td></td><td>Password: Change password</td></tr>
+ @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr>
@ <tr><td>i</td><td></td>
@ <td>Check-in: Add new code to the repository</td></tr>
- @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr>
- @ <tr><td>k</td><td></td><td>Wiki: Create or modify wiki pages</td></tr>
- @ <tr><td>n</td><td></td><td>New: Create new tickets</td></tr>
@ <tr><td>o</td><td></td>
@ <td>Check-out: Read code out of the repository</td></tr>
- @ <tr><td>p</td><td></td><td>Password: Change password</td></tr>
- @ <tr><td>q</td><td></td><td>Query: Create or edit report formats</td></tr>
- @ <tr><td>r</td><td></td><td>Read: View tickets and change histories</td></tr>
- @ <tr><td>s</td><td></td><td>Setup: Change CVSTrac options</td></tr>
- @ <tr><td>w</td><td></td><td>Write: Edit tickets</td></tr>
+ @ <tr><td>h</td><td></td>
+ @ <td>History: Access older version of code, tickets, or wiki</td></tr>
+ @ <tr><td>g</td><td></td><td>Clone: Clone the repository</td></tr>
+ @ <tr><td>j</td><td></td><td>Read-Wiki: View wiki pages</td></tr>
+ @ <tr><td>f</td><td></td><td>New-Wiki: Create new wiki pages</td></tr>
+ @ <tr><td>m</td><td></td><td>Append-Wiki: Append to wiki pages</td></tr>
+ @ <tr><td>k</td><td></td><td>Write-Wiki: Modify wiki pages</td></tr>
+ @ <tr><td>r</td><td></td>
+ @ <td>Read-Tkt: View tickets and change histories</td></tr>
+ @ <tr><td>n</td><td></td><td>New-Tkt: Create new tickets</td></tr>
+ @ <tr><td>c</td><td></td><td>Append-Tkt: Append to tickets</td></tr>
+ @ <tr><td>w</td><td></td><td>Write-Tkt: Edit tickets</td></tr>
@ </table>
@ </p></li>
@
@ <li><p>
- @ If a user named "<b>anonymous</b>" exists, then anyone can access
- @ the server without having to log in. The permissions on the
- @ anonymous user determine the access rights for anyone who is not
- @ logged in.
+ @ Every user, logged in or not, has the privileges of <b>nobody</b>.
+ @ Any human can login as <b>anonymous</b> since the password is
+ @ clearly displayed on the login page for them to type. The purpose
+ @ of requiring anonymous to log in is to prevent access by spiders.
@ </p></li>
@
@ </ol>
style_footer();
}
@@ -155,11 +160,11 @@
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ;
- char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah;
+ char *oak, *oad, *oaq, *oac, *oaf, *oam, *oah, *oag;
int doWrite;
int uid;
int higherUser = 0; /* True if user being edited is SETUP and the */
/* user doing the editing is ADMIN. Disallow editing */
@@ -208,15 +213,17 @@
int aw = P("aw")!=0;
int ac = P("ac")!=0;
int af = P("af")!=0;
int am = P("am")!=0;
int ah = P("ah")!=0;
+ int ag = P("ag")!=0;
if( aa ){ zCap[i++] = 'a'; }
if( ac ){ zCap[i++] = 'c'; }
if( ad ){ zCap[i++] = 'd'; }
if( af ){ zCap[i++] = 'f'; }
if( ah ){ zCap[i++] = 'h'; }
+ if( ag ){ zCap[i++] = 'g'; }
if( ai ){ zCap[i++] = 'i'; }
if( aj ){ zCap[i++] = 'j'; }
if( ak ){ zCap[i++] = 'k'; }
if( am ){ zCap[i++] = 'm'; }
if( an ){ zCap[i++] = 'n'; }
@@ -256,20 +263,21 @@
/* Load the existing information about the user, if any
*/
zLogin = "";
zInfo = "";
zCap = "";
- oaa = oac = oad = oaf = oah = oai = oaj = oak = oam =
+ oaa = oac = oad = oaf = oag = oah = oai = oaj = oak = oam =
oan = oao = oap = oaq = oar = oas = oaw = "";
if( uid ){
zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid);
zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid);
zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid);
if( strchr(zCap, 'a') ) oaa = " checked";
if( strchr(zCap, 'c') ) oac = " checked";
if( strchr(zCap, 'd') ) oad = " checked";
if( strchr(zCap, 'f') ) oaf = " checked";
+ if( strchr(zCap, 'g') ) oag = " checked";
if( strchr(zCap, 'h') ) oah = " checked";
if( strchr(zCap, 'i') ) oai = " checked";
if( strchr(zCap, 'j') ) oaj = " checked";
if( strchr(zCap, 'k') ) oak = " checked";
if( strchr(zCap, 'm') ) oam = " checked";
@@ -320,10 +328,11 @@
@ <input type="checkbox" name="ap"%s(oap)>Password</input><br>
@ <input type="checkbox" name="aq"%s(oaq)>Query</input><br>
@ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br>
@ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br>
@ <input type="checkbox" name="ah"%s(oah)>History</input><br>
+ @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br>
@ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br>
@ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br>
@ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br>
@ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br>
@ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br>
@@ -373,11 +382,11 @@
@ </p></li>
@
@ <li><p>
@ The <b>History</b> privilege allows a user to see a timeline
@ with hyperlinks to version information, to download ZIP archives
- @ of individual versions, and to clone the repository.
+ @ of individual versions.
@ </p></li>
@
@ <li><p>
@ No login is required for user "<b>nobody</b>". The capabilities
@ of this user are available to anyone without supplying a username or
Modified src/wiki.c from [b7ab86df2b] to [daf8014fa8].
@@ -34,7 +34,33 @@
** the url.
*/
void wiki_page(void){
style_header("Wiki");
@ extra=%h(g.zExtra)
+ style_footer();
+}
+
+/*
+** WEBPAGE: ambiguous
+**
+** This is the destination for UUID hyperlinks that are ambiguous.
+** Show all possible choices for the destination with links to each.
+**
+** The ambiguous UUID prefix is in g.zExtra
+*/
+void ambiguous_page(void){
+ Stmt q;
+ style_header("Ambiguous UUID");
+ @ <p>The link <a href="%s(g.zBaseURL)/ambiguous/%T(g.zExtra)">
+ @ [%h(g.zExtra)]</a> is ambiguous. It might mean any of the following:</p>
+ @ <ul>
+ db_prepare(&q, "SELECT uuid, rid FROM blob WHERE uuid>=%Q AND uuid<'%qz'"
+ " ORDER BY uuid", g.zExtra, g.zExtra);
+ while( db_step(&q)==SQLITE_ROW ){
+ const char *zUuid = db_column_text(&q, 0);
+ int rid = db_column_int(&q, 1);
+ @ <li> %s(zUuid) - %d(rid)
+ }
+ db_finalize(&q);
+ @ </ul>
style_footer();
}
Modified src/wikiformat.c from [a5de2f9f94] to [4db346d773].
@@ -524,13 +524,15 @@
char cTerm; /* Original argument termination character */
} aAttr[10];
};
/*
-** Parse the markup in z[] into the p structure. The content
-** of z[] is modified by converting characters to lowercase
-** and by inserting some "\000" characters.
+** z[] is an HTML markup element - something that begins with '<'.
+** Parse this element into the p structure.
+**
+** The content of z[] might be modified by converting characters
+** to lowercase and by inserting some "\000" characters.
*/
static void parseMarkup(ParsedMarkup *p, char *z){
int i, c;
char *zTag, *zValue;
int seen = 0;
@@ -700,10 +702,13 @@
return 1;
}
/*
** Add missing markup in preparation for writing text.
+**
+** "Missing" markup are things like start tags for table rows
+** or table columns or paragraphs that are omitted from input.
*/
static void addMissingMarkup(Renderer *p){
/* TBD */
}
Modified src/xfer.c from [60457c7427] to [711897e1f2].
@@ -516,11 +516,11 @@
** The client knows nothing. Tell all.
*/
if( blob_eq(&xfer.aToken[0], "clone") ){
int rootid;
login_check_credentials();
- if( !g.okRead || !g.okHistory ){
+ if( !g.okClone ){
cgi_reset_content();
@ error not\sauthorized\sto\sclone
nErr++;
break;
}