Overview
| SHA1 Hash: | f8831f447afc6de276525f5f47ff6e0f1ce7ee04 |
|---|---|
| Date: | 2008-07-19 16:03:02 |
| User: | drh |
| Comment: | Allow Admin user to changes user information. Add a "User" link on the main menu for Admin users. |
| Timelines: | ancestors | descendants | both | trunk |
| Other Links: | files | ZIP archive | manifest |
Tags And Properties
- branch=trunk inherited from [a28c83647d]
- sym-trunk inherited from [a28c83647d]
Changes
[hide diffs]Modified src/setup.c from [04a9ec0926] to [b37cc86b52].
@@ -93,11 +93,11 @@
*/
void setup_ulist(void){
Stmt s;
login_check_credentials();
- if( !g.okSetup ){
+ if( !g.okAdmin ){
login_needed();
return;
}
style_submenu_element("Add", "Add User", "setup_uedit");
@@ -112,21 +112,23 @@
@ <th>Capabilities</th><td width="15"> </td>
@ <th>Contact Info</th>
@ </tr>
db_prepare(&s, "SELECT uid, login, cap, info FROM user ORDER BY login");
while( db_step(&s)==SQLITE_ROW ){
+ const char *zCap = db_column_text(&s, 2);
+ if( strstr(zCap, "s") ) zCap = "s";
@ <tr>
@ <td align="right">
- if( g.okAdmin ){
+ if( g.okAdmin && (zCap[0]!='s' || g.okSetup) ){
@ <a href="setup_uedit?id=%d(db_column_int(&s,0))">
}
@ <nobr>%h(db_column_text(&s,1))</nobr>
if( g.okAdmin ){
@ </a>
}
@ </td><td> </td>
- @ <td align="center">%s(db_column_text(&s,2))</td>
+ @ <td align="center">%s(zCap)</td>
@ <td> </td>
@ <td align="left">%s(db_column_text(&s,3))</td>
@ </tr>
}
@ </table></td></tr></table>
@@ -191,11 +193,11 @@
*/
zId = PD("id", "0");
uid = atoi(zId);
if( zId && !g.okSetup && uid>0 ){
char *zOldCaps;
- zOldCaps = db_text(0, "SELECT caps FROM user WHERE uid=%d",uid);
+ zOldCaps = db_text(0, "SELECT cap FROM user WHERE uid=%d",uid);
higherUser = zOldCaps && strchr(zOldCaps,'s');
}
if( P("can") ){
cgi_redirect("setup_ulist");
@@ -370,22 +372,22 @@
}
@ </table></td></tr></table>
@ <p><b>Notes:</b></p>
@ <ol>
if( higherUser ){
- @ <li><p>
- @ User %h(zId) has Setup privileges and you only have Admin privileges
- @ so you are not permitted to make changes to %h(zId).
- @ </p></li>
+ @ <li><p><font color="blue"><b>
+ @ User %h(zLogin) has Setup privileges and you only have Admin privileges
+ @ so you are not permitted to make changes to %h(zLogin).
+ @ </b></font></p></li>
@
}
@
@ <li><p>
@ The <b>Setup</b> user can make arbitrary configuration changes.
@ An <b>Admin</b> user can add other users and change user privileges
- @ and reset user passwords.
- @ Use these two settings with discretion.
+ @ and reset user passwords. Both automatically get all other privileges
+ @ listed below. Use these two settings with discretion.
@ </p></li>
@
@ <li><p>
@ The <b>Delete</b> privilege give the user the ability to erase
@ wiki, tickets, and attachments that have been added by anonymous
Modified src/style.c from [2c3b74d980] to [1b159a6ade].
@@ -190,10 +190,12 @@
@ if {[hascap j]} {
@ html "<a href='$baseurl/wiki'>Wiki</a>"
@ }
@ if {[hascap s]} {
@ html "<a href='$baseurl/setup'>Setup</a>"
+@ } elseif {[hascap a]} {
+@ html "<a href='$baseurl/setup_ulist'>Users</a>"
@ }
@ if {[info exists login]} {
@ html "<a href='$baseurl/login'>Logout</a>"
@ } else {
@ html "<a href='$baseurl/login'>Login</a>"