Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Users unconditionally inherit capabilities of "anonymous". New capability "v" means to inherit capabilities of user "developer". Login is prohibited if the password is empty. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
1f1d96529c64ef5e9afda16af7d405aa |
User & Date: | drh 2008-08-03 16:47:43.000 |
Context
2008-08-11
| ||
04:03 |
| |
2008-08-03
| ||
16:47 | Users unconditionally inherit capabilities of "anonymous". New capability "v" means to inherit capabilities of user "developer". Login is prohibited if the password is empty. ... (check-in: 1f1d9652 user: drh tags: trunk) | |
2008-08-02
| ||
18:32 | Fix bug from eb24a021d6 which left nobody with too many permissions ... (check-in: b46d6092 user: eric tags: trunk) | |
Changes
Changes to src/admin.c.
︙ | ︙ | |||
106 107 108 109 110 111 112 | */ return; } admin_prepare_submenu(); style_header("Admin"); @ <h2>Links:</h2> @ <ul> | | | 106 107 108 109 110 111 112 113 114 115 116 117 | */ return; } admin_prepare_submenu(); style_header("Admin"); @ <h2>Links:</h2> @ <ul> @ <li><a href='%s(g.zBaseURL)/setup'>Fossil WWW Setup</a></li> @ <li><a href='%s(g.zBaseURL)/admin/sql'>Run SQL queries</a></li> @ </ul> style_footer(); } |
Changes to src/db.c.
︙ | ︙ | |||
787 788 789 790 791 792 793 | } db_multi_exec( "INSERT INTO user(login, pw, cap, info)" "VALUES(%Q,'','s','')", zUser ); db_multi_exec( "INSERT INTO user(login,pw,cap,info)" | | > > | 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 | } db_multi_exec( "INSERT INTO user(login, pw, cap, info)" "VALUES(%Q,'','s','')", zUser ); db_multi_exec( "INSERT INTO user(login,pw,cap,info)" " VALUES('anonymous','anonymous','aghknw','Anon');" "INSERT INTO user(login,pw,cap,info)" " VALUES('nobody','','jor','Nobody');" "INSERT INTO user(login,pw,cap,info)" " VALUES('developer','','deipt','Dev');" ); user_select(); if (makeInitialVersion){ blob_zero(&manifest); blob_appendf(&manifest, "C initial\\sempty\\sbaseline\n"); zDate = db_text(0, "SELECT datetime('now')"); |
︙ | ︙ |
Changes to src/login.c.
︙ | ︙ | |||
111 112 113 114 115 116 117 | db_multi_exec( "UPDATE user SET pw=%Q WHERE uid=%d", zNew1, g.userUid ); cgi_redirect(zGoto); return; } } | | | 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 | db_multi_exec( "UPDATE user SET pw=%Q WHERE uid=%d", zNew1, g.userUid ); cgi_redirect(zGoto); return; } } if( zUsername!=0 && zPasswd!=0 && zPasswd[0]!=0 ){ int uid = db_int(0, "SELECT uid FROM user" " WHERE login=%Q AND pw=%Q", zUsername, zPasswd); if( uid<=0 || strcmp(zUsername,"nobody")==0 ){ sleep(1); zErrMsg = @ <p><font color="red"> |
︙ | ︙ | |||
298 299 300 301 302 303 304 305 306 | } } g.userUid = uid; if( g.zLogin && strcmp(g.zLogin,"nobody")==0 ){ g.zLogin = 0; } if( uid && g.zLogin ){ zNcap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'"); login_set_capabilities(zNcap); | > > | > | 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 | } } g.userUid = uid; if( g.zLogin && strcmp(g.zLogin,"nobody")==0 ){ g.zLogin = 0; } if( uid && g.zLogin ){ /* All logged-in users inherit privileges from "nobody" */ zNcap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'"); login_set_capabilities(zNcap); if( strcmp(g.zLogin, "anonymous")!=0 ){ /* All logged-in users inherit privileges from "anonymous" */ zAcap = db_text("", "SELECT cap FROM user WHERE login = 'anonymous'"); login_set_capabilities(zAcap); } } login_set_capabilities(zCap); } /* ** Set the global capability flags based on a capability string. */ void login_set_capabilities(const char *zCap){ static char *zDev = 0; int i; for(i=0; zCap[i]; i++){ switch( zCap[i] ){ case 's': g.okSetup = 1; case 'a': g.okAdmin = g.okRdTkt = g.okWrTkt = g.okRdWiki = g.okWrWiki = g.okNewWiki = g.okApndWiki = g.okHistory = g.okClone = |
︙ | ︙ | |||
341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 | case 'e': g.okRdAddr = 1; break; case 'r': g.okRdTkt = 1; break; case 'n': g.okNewTkt = 1; break; case 'w': g.okWrTkt = g.okRdTkt = g.okNewTkt = g.okApndTkt = 1; break; case 'c': g.okApndTkt = 1; break; case 't': g.okTktFmt = 1; break; } } } /* ** If the current login lacks any of the capabilities listed in ** the input, then return 0. If all capabilities are present, then ** return 1. */ int login_has_capability(const char *zCap, int nCap){ int i; int rc = 1; if( nCap<0 ) nCap = strlen(zCap); for(i=0; i<nCap && rc && zCap[i]; i++){ switch( zCap[i] ){ case 'a': rc = g.okAdmin; break; case 'c': rc = g.okApndTkt; break; case 'd': rc = g.okDelete; break; case 'e': rc = g.okRdAddr; break; case 'f': rc = g.okNewWiki; break; case 'g': rc = g.okClone; break; case 'h': rc = g.okHistory; break; case 'i': rc = g.okWrite; break; case 'j': rc = g.okRdWiki; break; case 'k': rc = g.okWrWiki; break; case 'm': rc = g.okApndWiki; break; case 'n': rc = g.okNewTkt; break; case 'o': rc = g.okRead; break; case 'p': rc = g.okPassword; break; case 'r': rc = g.okRdTkt; break; case 's': rc = g.okSetup; break; case 't': rc = g.okTktFmt; break; case 'w': rc = g.okWrTkt; break; default: rc = 0; break; } } return rc; } /* | > > > > > > > > > > > > > > > > > > | 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 | case 'e': g.okRdAddr = 1; break; case 'r': g.okRdTkt = 1; break; case 'n': g.okNewTkt = 1; break; case 'w': g.okWrTkt = g.okRdTkt = g.okNewTkt = g.okApndTkt = 1; break; case 'c': g.okApndTkt = 1; break; case 't': g.okTktFmt = 1; break; /* The "v" privileges is a little different. It recursively ** inherits all privileges of the user named "developer" */ case 'v': { if( zDev==0 ){ zDev = db_text("", "SELECT cap FROM user WHERE login='developer'"); login_set_capabilities(zDev); } break; } } } } /* ** If the current login lacks any of the capabilities listed in ** the input, then return 0. If all capabilities are present, then ** return 1. */ int login_has_capability(const char *zCap, int nCap){ int i; int rc = 1; if( nCap<0 ) nCap = strlen(zCap); for(i=0; i<nCap && rc && zCap[i]; i++){ switch( zCap[i] ){ case 'a': rc = g.okAdmin; break; /* case 'b': */ case 'c': rc = g.okApndTkt; break; case 'd': rc = g.okDelete; break; case 'e': rc = g.okRdAddr; break; case 'f': rc = g.okNewWiki; break; case 'g': rc = g.okClone; break; case 'h': rc = g.okHistory; break; case 'i': rc = g.okWrite; break; case 'j': rc = g.okRdWiki; break; case 'k': rc = g.okWrWiki; break; /* case 'l': */ case 'm': rc = g.okApndWiki; break; case 'n': rc = g.okNewTkt; break; case 'o': rc = g.okRead; break; case 'p': rc = g.okPassword; break; /* case 'q': */ case 'r': rc = g.okRdTkt; break; case 's': rc = g.okSetup; break; case 't': rc = g.okTktFmt; break; /* case 'u': */ /* case 'v': */ case 'w': rc = g.okWrTkt; break; /* case 'x': */ /* case 'y': */ /* case 'z': */ default: rc = 0; break; } } return rc; } /* |
︙ | ︙ |
Changes to src/my_page.c.
︙ | ︙ | |||
25 26 27 28 29 30 31 | ** ** Implementation of the Tag View page */ #include <assert.h> #include "config.h" #include "my_page.h" | | | | | | 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | ** ** Implementation of the Tag View page */ #include <assert.h> #include "config.h" #include "my_page.h" /* ** Renders a logout button. */ static void mypage_logout_button() { if( g.zLogin ){ @ <br clear="both"/><hr/> @ <strong>Logout (or "log out", if you prefer):</strong><br/> @ <form action='login' method='POST'> @ <p>To log off the system (and delete your login cookie) @ press the following button:<br> @ <input type="submit" name="out" value="Logout"/></p> @ </form> } } /* ** Renders a password changer. */ static void mypage_password_changer() { if( g.okPassword ){ @ <br clear="both"/><hr/> @ <strong>Change Password:</strong><br/> @ <p>To change your password, enter your old password and your |
︙ | ︙ | |||
69 70 71 72 73 74 75 | @ <td><input type="submit" value="Change Password"></td></tr> @ </tbody></table> @ </form> } } | | | | 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 | @ <td><input type="submit" value="Change Password"></td></tr> @ </tbody></table> @ </form> } } /* ** Default page rendered for /my. */ static void mypage_page_default() { int uid = g.userUid; char * sql = mprintf( "SELECT login,cap,info FROM user WHERE uid=%d", uid ); Stmt st; |
︙ | ︙ |
Changes to src/setup.c.
︙ | ︙ | |||
150 151 152 153 154 155 156 157 158 159 160 161 | @ <li value="13"><b>Append-Wiki</b>: Append to wiki pages</li> @ <li value="14"><b>New-Tkt</b>: Create new tickets</li> @ <li value="15"><b>Check-Out</b>: Check out versions</li> @ <li value="16"><b>Password</b>: Change your own password</li> @ <li value="18"><b>Read-Tkt</b>: View tickets</li> @ <li value="19"><b>Setup:</b> Setup and configure this website</li> @ <li value="20"><b>Tkt-Report:</b> Create new bug summary reports</li> @ <li value="23"><b>Write-Tkt</b>: Edit tickets</li> @ </ol> @ </p></li> @ @ <li><p> | > | > > > > > > > > > > > > > > > | | | 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 | @ <li value="13"><b>Append-Wiki</b>: Append to wiki pages</li> @ <li value="14"><b>New-Tkt</b>: Create new tickets</li> @ <li value="15"><b>Check-Out</b>: Check out versions</li> @ <li value="16"><b>Password</b>: Change your own password</li> @ <li value="18"><b>Read-Tkt</b>: View tickets</li> @ <li value="19"><b>Setup:</b> Setup and configure this website</li> @ <li value="20"><b>Tkt-Report:</b> Create new bug summary reports</li> @ <li value="22"><b>Developer:</b> Inherit privileges of user "developer"</li> @ <li value="23"><b>Write-Tkt</b>: Edit tickets</li> @ </ol> @ </p></li> @ @ <li><p> @ Every user, logged in or not, inherits the privileges of <b>nobody</b>. @ Any human can login as <b>anonymous</b> since the password is @ clearly displayed on the login page for them to type. The purpose @ of requiring anonymous to log in is to prevent access by spiders. @ Every logged-in user inherits the privileges of <b>anonymous</b>. @ </p></li> @ @ </ol> @ </td></tr></table> style_footer(); } /* ** Return true if zPw is a valid password string. A valid ** password string is: ** ** (1) A zero-length string, or ** (2) a string that contains a character other than '*'. */ static int isValidPwString(const char *zPw){ if( zPw==0 ) return 0; if( zPw[0]==0 ) return 1; while( zPw[0]=='*' ){ zPw++; } return zPw[0]!=0; } /* ** WEBPAGE: /setup_uedit */ void user_edit(void){ const char *zId, *zLogin, *zInfo, *zCap, *zPw; char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap; char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae; char *oat, *oav; int doWrite; int uid; int higherUser = 0; /* True if user being edited is SETUP and the */ /* user doing the editing is ADMIN. Disallow editing */ /* Must have ADMIN privleges to access this page */ |
︙ | ︙ | |||
206 207 208 209 210 211 212 | /* If we have all the necessary information, write the new or ** modified user record. After writing the user record, redirect ** to the page that displays a list of users. */ doWrite = cgi_all("login","info","pw") && !higherUser; if( doWrite ){ | < < > > | | 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 | /* If we have all the necessary information, write the new or ** modified user record. After writing the user record, redirect ** to the page that displays a list of users. */ doWrite = cgi_all("login","info","pw") && !higherUser; if( doWrite ){ char zCap[50]; int i = 0; int aa = P("aa")!=0; int ad = P("ad")!=0; int ae = P("ae")!=0; int ai = P("ai")!=0; int aj = P("aj")!=0; int ak = P("ak")!=0; int an = P("an")!=0; int ao = P("ao")!=0; int ap = P("ap")!=0; int ar = P("ar")!=0; int as = g.okSetup && P("as")!=0; int aw = P("aw")!=0; int ac = P("ac")!=0; int af = P("af")!=0; int am = P("am")!=0; int ah = P("ah")!=0; int ag = P("ag")!=0; int at = P("at")!=0; int av = P("av")!=0; if( aa ){ zCap[i++] = 'a'; } if( ac ){ zCap[i++] = 'c'; } if( ad ){ zCap[i++] = 'd'; } if( ae ){ zCap[i++] = 'e'; } if( af ){ zCap[i++] = 'f'; } if( ah ){ zCap[i++] = 'h'; } if( ag ){ zCap[i++] = 'g'; } if( ai ){ zCap[i++] = 'i'; } if( aj ){ zCap[i++] = 'j'; } if( ak ){ zCap[i++] = 'k'; } if( am ){ zCap[i++] = 'm'; } if( an ){ zCap[i++] = 'n'; } if( ao ){ zCap[i++] = 'o'; } if( ap ){ zCap[i++] = 'p'; } if( ar ){ zCap[i++] = 'r'; } if( as ){ zCap[i++] = 's'; } if( at ){ zCap[i++] = 't'; } if( av ){ zCap[i++] = 'v'; } if( aw ){ zCap[i++] = 'w'; } zCap[i] = 0; zPw = P("pw"); if( !isValidPwString(zPw) ){ zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); } zLogin = P("login"); if( uid>0 && db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid) ){ style_header("User Creation Error"); |
︙ | ︙ | |||
278 279 280 281 282 283 284 285 | } /* Load the existing information about the user, if any */ zLogin = ""; zInfo = ""; zCap = ""; oaa = oac = oad = oae = oaf = oag = oah = oai = oaj = oak = oam = | > | > > | 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 | } /* Load the existing information about the user, if any */ zLogin = ""; zInfo = ""; zCap = ""; zPw = ""; oaa = oac = oad = oae = oaf = oag = oah = oai = oaj = oak = oam = oan = oao = oap = oar = oas = oat = oav = oaw = ""; if( uid ){ zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid); zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid); zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid); zPw = db_text("", "SELECT pw FROM user WHERE uid=%d", uid); if( strchr(zCap, 'a') ) oaa = " checked"; if( strchr(zCap, 'c') ) oac = " checked"; if( strchr(zCap, 'd') ) oad = " checked"; if( strchr(zCap, 'e') ) oae = " checked"; if( strchr(zCap, 'f') ) oaf = " checked"; if( strchr(zCap, 'g') ) oag = " checked"; if( strchr(zCap, 'h') ) oah = " checked"; if( strchr(zCap, 'i') ) oai = " checked"; if( strchr(zCap, 'j') ) oaj = " checked"; if( strchr(zCap, 'k') ) oak = " checked"; if( strchr(zCap, 'm') ) oam = " checked"; if( strchr(zCap, 'n') ) oan = " checked"; if( strchr(zCap, 'o') ) oao = " checked"; if( strchr(zCap, 'p') ) oap = " checked"; if( strchr(zCap, 'r') ) oar = " checked"; if( strchr(zCap, 's') ) oas = " checked"; if( strchr(zCap, 't') ) oat = " checked"; if( strchr(zCap, 'v') ) oav = " checked"; if( strchr(zCap, 'w') ) oaw = " checked"; } /* Begin generating the page */ style_submenu_element("Cancel", "Cancel", "setup_ulist"); if( uid ){ |
︙ | ︙ | |||
344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 | @ <input type="checkbox" name="aa"%s(oaa)>Admin</input><br> @ <input type="checkbox" name="ad"%s(oad)>Delete</input><br> @ <input type="checkbox" name="ae"%s(oad)>Email</input><br> @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> @ <input type="checkbox" name="ah"%s(oah)>History</input><br> @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br> @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> @ <input type="checkbox" name="an"%s(oan)>New Tkt</input><br> @ <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br> @ <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input><br> @ <input type="checkbox" name="at"%s(oat)>Tkt Report</input> @ </td> @ </tr> @ <tr> @ <td align="right">Password:</td> | > > > > > > > > > | > | | | 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 | @ <input type="checkbox" name="aa"%s(oaa)>Admin</input><br> @ <input type="checkbox" name="ad"%s(oad)>Delete</input><br> @ <input type="checkbox" name="ae"%s(oad)>Email</input><br> @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> @ <input type="checkbox" name="ah"%s(oah)>History</input><br> @ <input type="checkbox" name="av"%s(oav)>Developer</input><br> @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br> @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> @ <input type="checkbox" name="an"%s(oan)>New Tkt</input><br> @ <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br> @ <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input><br> @ <input type="checkbox" name="at"%s(oat)>Tkt Report</input> @ </td> @ </tr> @ <tr> @ <td align="right">Password:</td> if( strcmp(zLogin, "anonymous")==0 ){ /* User the password for "anonymous" as cleartext */ @ <td><input type="text" name="pw" value="%h(zPw)"></td> }else if( zPw[0] ){ /* Obscure the password for all other users */ @ <td><input type="password" name="pw" value="**********"></td> }else{ /* Show an empty password as an empty input field */ @ <td><input type="password" name="pw" value=""></td> } @ </tr> if( !higherUser ){ @ <tr> @ <td> </td> @ <td><input type="submit" name="submit" value="Apply Changes"> @ </tr> } @ </table></td></tr></table> @ <h2>Privileges And Capabilities:</h2> @ <ul> if( higherUser ){ @ <li><p><font color="blue"><b> @ User %h(zLogin) has Setup privileges and you only have Admin privileges @ so you are not permitted to make changes to %h(zLogin). @ </b></font></p></li> @ } |
︙ | ︙ | |||
399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 | @ <li><p> @ The <b>History</b> privilege allows a user to see most hyperlinks. @ This is recommended ON for most logged-in users but OFF for @ user "nobody" to avoid problems with spiders trying to walk every @ historical version of every baseline and file. @ </p></li> @ @ <li><p> @ The <b>Check-in</b> privilege allows remote users to "push". @ The <b>Check-out</b> privilege allows remote users to "pull". @ The <b>Clone</b> privilege allows remote users to "clone". @ </li><p> @ @ <li><p> @ The <b>Read Wiki</b>, <b>New Wiki</b>, <b>Append Wiki</b>, and @ <b>Write Wiki</b> privileges control access to wiki pages. The @ <b>Read Tkt</b>, <b>New Tkt</b>, <b>Append Tkt</b>, and @ <b>Write Tkt</b> privileges control access to trouble tickets. @ The <b>Tkt Report</b> privilege allows the user to create or edit @ ticket report formats. @ </p></li> @ @ <li><p> @ Users with the <b>Password</b> privilege are allowed to change their | > > > > > | | > > > > > > > > | | | | > | | > | > > > > > > > > > | 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 | @ <li><p> @ The <b>History</b> privilege allows a user to see most hyperlinks. @ This is recommended ON for most logged-in users but OFF for @ user "nobody" to avoid problems with spiders trying to walk every @ historical version of every baseline and file. @ </p></li> @ @ <li><p> @ The <b>Developer</b> privilege causes all privileges of the user @ named "developer" to be inherited by this user. @ </p></li> @ @ <li><p> @ The <b>Check-in</b> privilege allows remote users to "push". @ The <b>Check-out</b> privilege allows remote users to "pull". @ The <b>Clone</b> privilege allows remote users to "clone". @ </li><p> @ @ <li><p> @ The <b>Read Wiki</b>, <b>New Wiki</b>, <b>Append Wiki</b>, and @ <b>Write Wiki</b> privileges control access to wiki pages. The @ <b>Read Tkt</b>, <b>New Tkt</b>, <b>Append Tkt</b>, and @ <b>Write Tkt</b> privileges control access to trouble tickets. @ The <b>Tkt Report</b> privilege allows the user to create or edit @ ticket report formats. @ </p></li> @ @ <li><p> @ Users with the <b>Password</b> privilege are allowed to change their @ own password. Recommended ON for most users but OFF for special @ users "developer, "anonynmous", and "nobody". @ </p></li> @ @ <li><p> @ The <b>EMail</b> privilege allows the display of sensitive information @ such as the email address of users and contact information on tickets. @ Recommended OFF for "anonymous" and for "nobody". @ </p></li> @ @ <li><p> @ Login is prohibited if the password is an empty string. @ </p></li> @ </ul> @ @ <h2>Special Logins</h2> @ @ <ul> @ <li><p> @ No login is required for user "<b>nobody</b>". The capabilities @ of the <b>nobody</b> user are inherited by all users, regardless of @ whether or not they are logged in. To disable universal access @ to the repository, make sure no user named "<b>nobody</b>" exists or @ that the <b>nobody</b> user has no capabilities enabled. @ The password for <b>nobody</b> is ignore. To avoid problems with @ spiders overloading the server, it is recommended @ that the 'h' (History) capability be turned off for the <b>nobody</b> @ user. @ </p></li> @ @ <li><p> @ Login is required for user "<b>anonymous</b>" but the password @ is displayed on the login screen beside the password entry box @ so anybody who can read should be able to login as anonymous. @ On the other hand, spiders and web-crawlers will typically not @ be able to login. Set the capabilities of the anonymous user @ to things that you want any human to be able to do, but not any @ spider. Every other logged-in user inherits the privileges of @ <b>anonymous</b>. @ </p></li> @ @ <li><p> @ The "<b>developer</b>" user is intended as a template for trusted users @ with check-in privileges. When adding new trusted users, simply @ select the <b>Developer</b> privilege to cause the new user to inherit @ all privileges of the "developer" user. @ </li></p> @ </ul> @ </form> style_footer(); } /* ** Generate a checkbox for an attribute. |
︙ | ︙ |