Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
77bdac3b195d12f7e0f8fdd12cf9313c |
| User & Date: | drh 2008-11-22 18:16:57.000 |
Context
|
2008-11-22
| ||
| 19:09 | Fix the user edit screen to work correctly even if one or more of the "anonymous", "login", or "developer" users is omitted from the user list. ... (check-in: 21cecd20 user: drh tags: trunk) | |
| 18:16 | Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. ... (check-in: 77bdac3b user: drh tags: trunk) | |
| 17:09 | Update the "Notes" to the right of the user setup screen. ... (check-in: 3eac8bc0 user: drh tags: trunk) | |
Changes
Changes to src/setup.c.
| ︙ | ︙ | |||
198 199 200 201 202 203 204 | @ </p></li> @ @ <li><p> @ Users with privilege <b>v</b> inherit the combined privileges of @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>. @ </p></li> @ | < < < < | 198 199 200 201 202 203 204 205 206 207 208 209 210 211 | @ </p></li> @ @ <li><p> @ Users with privilege <b>v</b> inherit the combined privileges of @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>. @ </p></li> @ @ </ol> @ </td></tr></table> style_footer(); } /* ** Return true if zPw is a valid password string. A valid |
| ︙ | ︙ | |||
229 230 231 232 233 234 235 236 237 238 239 240 241 242 |
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap, *zPw;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
char *oat, *oav, *oaz;
int doWrite;
int uid;
int higherUser = 0; /* True if user being edited is SETUP and the */
/* user doing the editing is ADMIN. Disallow editing */
/* Must have ADMIN privleges to access this page
*/
| > | 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 |
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap, *zPw;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
char *oat, *oav, *oaz;
const char *inherit[128];
int doWrite;
int uid;
int higherUser = 0; /* True if user being edited is SETUP and the */
/* user doing the editing is ADMIN. Disallow editing */
/* Must have ADMIN privleges to access this page
*/
|
| ︙ | ︙ | |||
365 366 367 368 369 370 371 372 373 374 375 376 377 378 |
if( strchr(zCap, 'r') ) oar = " checked";
if( strchr(zCap, 's') ) oas = " checked";
if( strchr(zCap, 't') ) oat = " checked";
if( strchr(zCap, 'v') ) oav = " checked";
if( strchr(zCap, 'w') ) oaw = " checked";
if( strchr(zCap, 'z') ) oaz = " checked";
}
/* Begin generating the page
*/
style_submenu_element("Cancel", "Cancel", "setup_ulist");
if( uid ){
style_header(mprintf("Edit User %h", zLogin));
}else{
| > > > > > > > > > > > > > > > > > > > > > > > > > > > | 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 |
if( strchr(zCap, 'r') ) oar = " checked";
if( strchr(zCap, 's') ) oas = " checked";
if( strchr(zCap, 't') ) oat = " checked";
if( strchr(zCap, 'v') ) oav = " checked";
if( strchr(zCap, 'w') ) oaw = " checked";
if( strchr(zCap, 'z') ) oaz = " checked";
}
/* figure out inherited permissions */
memset(inherit, 0, sizeof(inherit));
if( strcmp(zLogin, "developer") ){
char *z1, *z2;
z1 = z2 = db_text("","SELECT cap FROM user WHERE login='developer'");
while( *z1 ){
inherit[0x7f & *(z1++)] = "<font color=\"red\">•</font>";
}
free(z2);
}
if( strcmp(zLogin, "anonymous") ){
char *z1, *z2;
z1 = z2 = db_text("","SELECT cap FROM user WHERE login='anonymous'");
while( *z1 ){
inherit[0x7f & *(z1++)] = "<font color=\"blue\">•</font>";
}
free(z2);
}
if( strcmp(zLogin, "nobody") ){
char *z1, *z2;
z1 = z2 = db_text("","SELECT cap FROM user WHERE login='nobody'");
while( *z1 ){
inherit[0x7f & *(z1++)] = "<font color=\"green\">•</font>";
}
free(z2);
}
/* Begin generating the page
*/
style_submenu_element("Cancel", "Cancel", "setup_ulist");
if( uid ){
style_header(mprintf("Edit User %h", zLogin));
}else{
|
| ︙ | ︙ | |||
397 398 399 400 401 402 403 404 |
@ <tr>
@ <td align="right"><nobr>Contact Info:</nobr></td>
@ <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
@ </tr>
@ <tr>
@ <td align="right" valign="top">Capabilities:</td>
@ <td>
if( g.okSetup ){
| > | | | | | | | | | | | | | | | | | | | | | 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 |
@ <tr>
@ <td align="right"><nobr>Contact Info:</nobr></td>
@ <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
@ </tr>
@ <tr>
@ <td align="right" valign="top">Capabilities:</td>
@ <td>
#define B(x) inherit[x]
if( g.okSetup ){
@ <input type="checkbox" name="as"%s(oas)>%s(B('s'))Setup</input><br>
}
@ <input type="checkbox" name="aa"%s(oaa)>%s(B('a'))Admin</input><br>
@ <input type="checkbox" name="ad"%s(oad)>%s(B('d'))Delete</input><br>
@ <input type="checkbox" name="ae"%s(oae)>%s(B('e'))Email</input><br>
@ <input type="checkbox" name="ap"%s(oap)>%s(B('p'))Password</input><br>
@ <input type="checkbox" name="ai"%s(oai)>%s(B('i'))Check-In</input><br>
@ <input type="checkbox" name="ao"%s(oao)>%s(B('o'))Check-Out</input><br>
@ <input type="checkbox" name="ah"%s(oah)>%s(B('h'))History</input><br>
@ <input type="checkbox" name="av"%s(oav)>%s(B('v'))Developer</input><br>
@ <input type="checkbox" name="ag"%s(oag)>%s(B('g'))Clone</input><br>
@ <input type="checkbox" name="aj"%s(oaj)>%s(B('j'))Read Wiki</input><br>
@ <input type="checkbox" name="af"%s(oaf)>%s(B('f'))New Wiki</input><br>
@ <input type="checkbox" name="am"%s(oam)>%s(B('m'))Append Wiki</input><br>
@ <input type="checkbox" name="ak"%s(oak)>%s(B('k'))Write Wiki</input><br>
@ <input type="checkbox" name="ar"%s(oar)>%s(B('r'))Read Tkt</input><br>
@ <input type="checkbox" name="an"%s(oan)>%s(B('n'))New Tkt</input><br>
@ <input type="checkbox" name="ac"%s(oac)>%s(B('c'))Append Tkt</input><br>
@ <input type="checkbox" name="aw"%s(oaw)>%s(B('w'))Write Tkt</input><br>
@ <input type="checkbox" name="at"%s(oat)>%s(B('t'))Tkt Report</input><br>
@ <input type="checkbox" name="az"%s(oaz)>%s(B('z'))Download Zip</input>
@ </td>
@ </tr>
@ <tr>
@ <td align="right">Password:</td>
if( strcmp(zLogin, "anonymous")==0 ){
/* User the password for "anonymous" as cleartext */
@ <td><input type="text" name="pw" value="%h(zPw)"></td>
|
| ︙ | ︙ | |||
450 451 452 453 454 455 456 |
if( higherUser ){
@ <li><p><font color="blue"><b>
@ User %h(zLogin) has Setup privileges and you only have Admin privileges
@ so you are not permitted to make changes to %h(zLogin).
@ </b></font></p></li>
@
}
| < > > > > > > > > > > > > > > > > > | | | | | | < < < < < | 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 |
if( higherUser ){
@ <li><p><font color="blue"><b>
@ User %h(zLogin) has Setup privileges and you only have Admin privileges
@ so you are not permitted to make changes to %h(zLogin).
@ </b></font></p></li>
@
}
@ <li><p>
@ The <b>Setup</b> user can make arbitrary configuration changes.
@ An <b>Admin</b> user can add other users and change user privileges
@ and reset user passwords. Both automatically get all other privileges
@ listed below. Use these two settings with discretion.
@ </p></li>
@
@ <li><p>
@ The "<font color="green"><big>•</big></font>" mark indicates
@ the privileges of "nobody" that are available to all users
@ regardless of whether or not they are logged in.
@ </p></li>
@
@ <li><p>
@ The "<font color="blue"><big>•</big></font>" mark indicates
@ the privileges of "anonymous" that are inherited by all logged-in users.
@ </p></li>
@
@ <li><p>
@ The "<font color="red"><big>•</big></font>" mark indicates
@ the privileges of "developer" that are inherited by all users with
@ the <b>Developer</b> privilege.
@ </p></li>
@
@ <li><p>
@ The <b>Delete</b> privilege give the user the ability to erase
@ wiki, tickets, and attachments that have been added by anonymous
@ users. This capability is intended for deletion of spam. The
@ delete capability is only in effect for 24 hours after the item
@ is first posted. The Setup user can delete anything at any time.
@ </p></li>
@
@ <li><p>
@ The <b>History</b> privilege allows a user to see most hyperlinks.
@ This is recommended ON for most logged-in users but OFF for
@ user "nobody" to avoid problems with spiders trying to walk every
@ historical version of every baseline and file.
@ </p></li>
@
@ <li><p>
@ The <b>Zip</b> privilege allows a user to see the "download as ZIP"
@ hyperlink and permits access to the <tt>/zip</tt> page. This allows
@ users to download ZIP archives without granting other rights like
@ <b>Read</b> or <b>History</b>. This privilege is recommended for
@ user <b>nobody</b> so that automatic package downloaders can obtain
@ the sources without going through the login procedure.
@ </p></li>
@
@ <li><p>
@ The <b>Check-in</b> privilege allows remote users to "push".
@ The <b>Check-out</b> privilege allows remote users to "pull".
@ The <b>Clone</b> privilege allows remote users to "clone".
@ </li><p>
|
| ︙ | ︙ | |||
511 512 513 514 515 516 517 | @ own password. Recommended ON for most users but OFF for special @ users "developer, "anonynmous", and "nobody". @ </p></li> @ @ <li><p> @ The <b>EMail</b> privilege allows the display of sensitive information @ such as the email address of users and contact information on tickets. | | > | 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 | @ own password. Recommended ON for most users but OFF for special @ users "developer, "anonynmous", and "nobody". @ </p></li> @ @ <li><p> @ The <b>EMail</b> privilege allows the display of sensitive information @ such as the email address of users and contact information on tickets. @ Recommended OFF for "anonymous" and for "nobody" but ON for @ "developer". @ </p></li> @ @ <li><p> @ Login is prohibited if the password is an empty string. @ </p></li> @ </ul> @ |
| ︙ | ︙ |