Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | The /secaudit0 page was checking for both Admin and Setup capabilities, which means it was only accessible to users with Setup users, since that is the only class that can have both capabilities. Since it's documented as being available to Admin users, changed the logic to allow access to Admin *OR* Setup users. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
558952c8d36a20fb712dcdc6ddc89782 |
| User & Date: | wyoung 2018-11-28 18:34:37 |
References
|
2018-11-28
| ||
| 18:42 | Found several more pages protected with "!g.perm.Setup && !g.perm.Admin" guards: changed them all to "!g.perm.Admin" only for the same reason as [558952c8]. check-in: 42c3364f user: wyoung tags: trunk | |
Context
|
2018-11-28
| ||
| 18:42 | Found several more pages protected with "!g.perm.Setup && !g.perm.Admin" guards: changed them all to "!g.perm.Admin" only for the same reason as [558952c8]. check-in: 42c3364f user: wyoung tags: trunk | |
| 18:34 | The /secaudit0 page was checking for both Admin and Setup capabilities, which means it was only accessible to users with Setup users, since that is the only class that can have both capabilities. Since it's documented as being available to Admin users, changed the logic to allow access to Admin *OR* Setup users. check-in: 558952c8 user: wyoung tags: trunk | |
| 13:19 | Update the built-in SQLite to the latest 3.26.0 beta for testing. check-in: c523d0a9 user: drh tags: trunk | |
Changes
Changes to src/security_audit.c.
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
const char *zAnonCap; /* Capabilities of user "anonymous" and "nobody" */
const char *zPubPages; /* GLOB pattern for public pages */
const char *zSelfCap; /* Capabilities of self-registered users */
char *z;
int n;
login_check_credentials();
if( !g.perm.Setup && !g.perm.Admin ){
login_needed(0);
return;
}
style_header("Security Audit");
@ <ol>
/* Step 1: Determine if the repository is public or private. "Public"
|
| |
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
const char *zAnonCap; /* Capabilities of user "anonymous" and "nobody" */
const char *zPubPages; /* GLOB pattern for public pages */
const char *zSelfCap; /* Capabilities of self-registered users */
char *z;
int n;
login_check_credentials();
if( !g.perm.Setup || !g.perm.Admin ){
login_needed(0);
return;
}
style_header("Security Audit");
@ <ol>
/* Step 1: Determine if the repository is public or private. "Public"
|