Differences From:
File
src/login.c
part of check-in
[b46d6092dc]
- Fix bug from eb24a021d6 which left nobody with too many permissions
by
eric on
2008-08-02 18:32:27.
Also file
src/login.c
part of check-in
[3984b1b2c1]
- Make the info web page handle symbolic tags as well as UUIDs. Start trying
to make the currently-disabled tagview page more useful.
by
eric on
2008-08-04 20:46:52.
[view]
To:
File
src/login.c
part of check-in
[5fb14b9a0f]
- Include non-sym- tags in tagview web page. Also merge mainline into tagview branch.
by
eric on
2008-08-21 20:59:01.
Also file
src/login.c
part of check-in
[018b6050af]
- Include 'z' in login_has_capability()
by
eric on
2008-08-21 19:57:18.
[view]
@@ -114,9 +114,9 @@
cgi_redirect(zGoto);
return;
}
}
- if( zUsername!=0 && zPasswd!=0 ){
+ if( zUsername!=0 && zPasswd!=0 && zPasswd[0]!=0 ){
int uid = db_int(0,
"SELECT uid FROM user"
" WHERE login=%Q AND pw=%Q", zUsername, zPasswd);
if( uid<=0 || strcmp(zUsername,"nobody")==0 ){
@@ -301,11 +301,13 @@
if( g.zLogin && strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
if( uid && g.zLogin ){
+ /* All logged-in users inherit privileges from "nobody" */
zNcap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'");
login_set_capabilities(zNcap);
- if( db_get_int("inherit-anon",0) ){
+ if( strcmp(g.zLogin, "anonymous")!=0 ){
+ /* All logged-in users inherit privileges from "anonymous" */
zAcap = db_text("", "SELECT cap FROM user WHERE login = 'anonymous'");
login_set_capabilities(zAcap);
}
}
@@ -315,8 +317,9 @@
/*
** Set the global capability flags based on a capability string.
*/
void login_set_capabilities(const char *zCap){
+ static char *zDev = 0;
int i;
for(i=0; zCap[i]; i++){
switch( zCap[i] ){
case 's': g.okSetup = 1;
@@ -326,8 +329,9 @@
g.okNewTkt = g.okPassword = g.okRdAddr =
g.okTktFmt = 1;
case 'i': g.okRead = g.okWrite = 1; break;
case 'o': g.okRead = 1; break;
+ case 'z': g.okZip = 1; break;
case 'd': g.okDelete = 1; break;
case 'h': g.okHistory = 1; break;
case 'g': g.okClone = 1; break;
@@ -344,8 +348,18 @@
case 'w': g.okWrTkt = g.okRdTkt = g.okNewTkt =
g.okApndTkt = 1; break;
case 'c': g.okApndTkt = 1; break;
case 't': g.okTktFmt = 1; break;
+
+ /* The "v" privileges is a little different. It recursively
+ ** inherits all privileges of the user named "developer" */
+ case 'v': {
+ if( zDev==0 ){
+ zDev = db_text("", "SELECT cap FROM user WHERE login='developer'");
+ login_set_capabilities(zDev);
+ }
+ break;
+ }
}
}
}
@@ -360,8 +374,9 @@
if( nCap<0 ) nCap = strlen(zCap);
for(i=0; i<nCap && rc && zCap[i]; i++){
switch( zCap[i] ){
case 'a': rc = g.okAdmin; break;
+ /* case 'b': */
case 'c': rc = g.okApndTkt; break;
case 'd': rc = g.okDelete; break;
case 'e': rc = g.okRdAddr; break;
case 'f': rc = g.okNewWiki; break;
@@ -369,16 +384,23 @@
case 'h': rc = g.okHistory; break;
case 'i': rc = g.okWrite; break;
case 'j': rc = g.okRdWiki; break;
case 'k': rc = g.okWrWiki; break;
+ /* case 'l': */
case 'm': rc = g.okApndWiki; break;
case 'n': rc = g.okNewTkt; break;
case 'o': rc = g.okRead; break;
case 'p': rc = g.okPassword; break;
+ /* case 'q': */
case 'r': rc = g.okRdTkt; break;
case 's': rc = g.okSetup; break;
case 't': rc = g.okTktFmt; break;
+ /* case 'u': */
+ /* case 'v': */
case 'w': rc = g.okWrTkt; break;
+ /* case 'x': */
+ /* case 'y': */
+ case 'z': rc = g.okZip; break;
default: rc = 0; break;
}
}
return rc;