Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
77bdac3b195d12f7e0f8fdd12cf9313c |
| User & Date: | drh 2008-11-22 18:16:57 |
Context
|
2008-11-22
| ||
| 19:09 | Fix the user edit screen to work correctly even if one or more of the "anonymous", "login", or "developer" users is omitted from the user list. check-in: 21cecd20 user: drh tags: trunk | |
| 18:16 | Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. check-in: 77bdac3b user: drh tags: trunk | |
| 17:09 | Update the "Notes" to the right of the user setup screen. check-in: 3eac8bc0 user: drh tags: trunk | |
Changes
Changes to src/setup.c.
198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 ... 229 230 231 232 233 234 235 236 237 238 239 240 241 242 ... 365 366 367 368 369 370 371 372 373 374 375 376 377 378 ... 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 ... 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 ... 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 ... 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 |
@ </p></li> @ @ <li><p> @ Users with privilege <b>v</b> inherit the combined privileges of @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>. @ </p></li> @ @ <li><p> @ A blank password disables login for a user. @ </p></li> @ @ </ol> @ </td></tr></table> style_footer(); } /* ** Return true if zPw is a valid password string. A valid ................................................................................ ** WEBPAGE: /setup_uedit */ void user_edit(void){ const char *zId, *zLogin, *zInfo, *zCap, *zPw; char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap; char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae; char *oat, *oav, *oaz; int doWrite; int uid; int higherUser = 0; /* True if user being edited is SETUP and the */ /* user doing the editing is ADMIN. Disallow editing */ /* Must have ADMIN privleges to access this page */ ................................................................................ if( strchr(zCap, 'r') ) oar = " checked"; if( strchr(zCap, 's') ) oas = " checked"; if( strchr(zCap, 't') ) oat = " checked"; if( strchr(zCap, 'v') ) oav = " checked"; if( strchr(zCap, 'w') ) oaw = " checked"; if( strchr(zCap, 'z') ) oaz = " checked"; } /* Begin generating the page */ style_submenu_element("Cancel", "Cancel", "setup_ulist"); if( uid ){ style_header(mprintf("Edit User %h", zLogin)); }else{ ................................................................................ @ <tr> @ <td align="right"><nobr>Contact Info:</nobr></td> @ <td><input type="text" name="info" size=40 value="%h(zInfo)"></td> @ </tr> @ <tr> @ <td align="right" valign="top">Capabilities:</td> @ <td> if( g.okSetup ){ @ <input type="checkbox" name="as"%s(oas)>Setup</input><br> } @ <input type="checkbox" name="aa"%s(oaa)>Admin</input><br> @ <input type="checkbox" name="ad"%s(oad)>Delete</input><br> @ <input type="checkbox" name="ae"%s(oad)>Email</input><br> @ <input type="checkbox" name="ap"%s(oap)>Password</input><br> @ <input type="checkbox" name="ai"%s(oai)>Check-In</input><br> @ <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br> @ <input type="checkbox" name="ah"%s(oah)>History</input><br> @ <input type="checkbox" name="av"%s(oav)>Developer</input><br> @ <input type="checkbox" name="ag"%s(oag)>Clone</input><br> @ <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br> @ <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br> @ <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br> @ <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br> @ <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br> @ <input type="checkbox" name="an"%s(oan)>New Tkt</input><br> @ <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br> @ <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input><br> @ <input type="checkbox" name="at"%s(oat)>Tkt Report</input><br> @ <input type="checkbox" name="az"%s(oaz)>Download Zip</input> @ </td> @ </tr> @ <tr> @ <td align="right">Password:</td> if( strcmp(zLogin, "anonymous")==0 ){ /* User the password for "anonymous" as cleartext */ @ <td><input type="text" name="pw" value="%h(zPw)"></td> ................................................................................ if( higherUser ){ @ <li><p><font color="blue"><b> @ User %h(zLogin) has Setup privileges and you only have Admin privileges @ so you are not permitted to make changes to %h(zLogin). @ </b></font></p></li> @ } @ @ <li><p> @ The <b>Setup</b> user can make arbitrary configuration changes. @ An <b>Admin</b> user can add other users and change user privileges @ and reset user passwords. Both automatically get all other privileges @ listed below. Use these two settings with discretion. @ </p></li> @ @ <li><p> @ The <b>Delete</b> privilege give the user the ability to erase @ wiki, tickets, and attachments that have been added by anonymous @ users. This capability is intended for deletion of spam. The @ delete capability is only in effect for 24 hours after the item @ is first posted. The Setup user can delete anything at any time. @ </p></li> ................................................................................ @ The <b>History</b> privilege allows a user to see most hyperlinks. @ This is recommended ON for most logged-in users but OFF for @ user "nobody" to avoid problems with spiders trying to walk every @ historical version of every baseline and file. @ </p></li> @ @ <li><p> @ The <b>Zip</b> privilege allows a user to see the download as zip hyperlink @ as well as permit access to the <tt>/zip</tt> page. It can be allowed for @ user "nobody" to grant him access to download artifacts he know from the @ server without giving him other rights like <b>Read</b> or <b>History</b>. @ So automatic package dowloaders could be able to obtain the sources without @ going thru the login procedure. @ </p></li> @ @ <li><p> @ The <b>Developer</b> privilege causes all privileges of the user @ named "developer" to be inherited by this user. @ </p></li> @ @ <li><p> @ The <b>Check-in</b> privilege allows remote users to "push". @ The <b>Check-out</b> privilege allows remote users to "pull". @ The <b>Clone</b> privilege allows remote users to "clone". @ </li><p> ................................................................................ @ own password. Recommended ON for most users but OFF for special @ users "developer, "anonynmous", and "nobody". @ </p></li> @ @ <li><p> @ The <b>EMail</b> privilege allows the display of sensitive information @ such as the email address of users and contact information on tickets. @ Recommended OFF for "anonymous" and for "nobody". @ </p></li> @ @ <li><p> @ Login is prohibited if the password is an empty string. @ </p></li> @ </ul> @ |
< < < < > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | | | | | | | | | | | | | | | | | | | | < > > > > > > > > > > > > > > > > > | | | | | | < < < < < | > |
198 199 200 201 202 203 204 205 206 207 208 209 210 211 ... 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 ... 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 ... 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 ... 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 ... 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 ... 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 |
@ </p></li> @ @ <li><p> @ Users with privilege <b>v</b> inherit the combined privileges of @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>. @ </p></li> @ @ </ol> @ </td></tr></table> style_footer(); } /* ** Return true if zPw is a valid password string. A valid ................................................................................ ** WEBPAGE: /setup_uedit */ void user_edit(void){ const char *zId, *zLogin, *zInfo, *zCap, *zPw; char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap; char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae; char *oat, *oav, *oaz; const char *inherit[128]; int doWrite; int uid; int higherUser = 0; /* True if user being edited is SETUP and the */ /* user doing the editing is ADMIN. Disallow editing */ /* Must have ADMIN privleges to access this page */ ................................................................................ if( strchr(zCap, 'r') ) oar = " checked"; if( strchr(zCap, 's') ) oas = " checked"; if( strchr(zCap, 't') ) oat = " checked"; if( strchr(zCap, 'v') ) oav = " checked"; if( strchr(zCap, 'w') ) oaw = " checked"; if( strchr(zCap, 'z') ) oaz = " checked"; } /* figure out inherited permissions */ memset(inherit, 0, sizeof(inherit)); if( strcmp(zLogin, "developer") ){ char *z1, *z2; z1 = z2 = db_text("","SELECT cap FROM user WHERE login='developer'"); while( *z1 ){ inherit[0x7f & *(z1++)] = "<font color=\"red\">•</font>"; } free(z2); } if( strcmp(zLogin, "anonymous") ){ char *z1, *z2; z1 = z2 = db_text("","SELECT cap FROM user WHERE login='anonymous'"); while( *z1 ){ inherit[0x7f & *(z1++)] = "<font color=\"blue\">•</font>"; } free(z2); } if( strcmp(zLogin, "nobody") ){ char *z1, *z2; z1 = z2 = db_text("","SELECT cap FROM user WHERE login='nobody'"); while( *z1 ){ inherit[0x7f & *(z1++)] = "<font color=\"green\">•</font>"; } free(z2); } /* Begin generating the page */ style_submenu_element("Cancel", "Cancel", "setup_ulist"); if( uid ){ style_header(mprintf("Edit User %h", zLogin)); }else{ ................................................................................ @ <tr> @ <td align="right"><nobr>Contact Info:</nobr></td> @ <td><input type="text" name="info" size=40 value="%h(zInfo)"></td> @ </tr> @ <tr> @ <td align="right" valign="top">Capabilities:</td> @ <td> #define B(x) inherit[x] if( g.okSetup ){ @ <input type="checkbox" name="as"%s(oas)>%s(B('s'))Setup</input><br> } @ <input type="checkbox" name="aa"%s(oaa)>%s(B('a'))Admin</input><br> @ <input type="checkbox" name="ad"%s(oad)>%s(B('d'))Delete</input><br> @ <input type="checkbox" name="ae"%s(oae)>%s(B('e'))Email</input><br> @ <input type="checkbox" name="ap"%s(oap)>%s(B('p'))Password</input><br> @ <input type="checkbox" name="ai"%s(oai)>%s(B('i'))Check-In</input><br> @ <input type="checkbox" name="ao"%s(oao)>%s(B('o'))Check-Out</input><br> @ <input type="checkbox" name="ah"%s(oah)>%s(B('h'))History</input><br> @ <input type="checkbox" name="av"%s(oav)>%s(B('v'))Developer</input><br> @ <input type="checkbox" name="ag"%s(oag)>%s(B('g'))Clone</input><br> @ <input type="checkbox" name="aj"%s(oaj)>%s(B('j'))Read Wiki</input><br> @ <input type="checkbox" name="af"%s(oaf)>%s(B('f'))New Wiki</input><br> @ <input type="checkbox" name="am"%s(oam)>%s(B('m'))Append Wiki</input><br> @ <input type="checkbox" name="ak"%s(oak)>%s(B('k'))Write Wiki</input><br> @ <input type="checkbox" name="ar"%s(oar)>%s(B('r'))Read Tkt</input><br> @ <input type="checkbox" name="an"%s(oan)>%s(B('n'))New Tkt</input><br> @ <input type="checkbox" name="ac"%s(oac)>%s(B('c'))Append Tkt</input><br> @ <input type="checkbox" name="aw"%s(oaw)>%s(B('w'))Write Tkt</input><br> @ <input type="checkbox" name="at"%s(oat)>%s(B('t'))Tkt Report</input><br> @ <input type="checkbox" name="az"%s(oaz)>%s(B('z'))Download Zip</input> @ </td> @ </tr> @ <tr> @ <td align="right">Password:</td> if( strcmp(zLogin, "anonymous")==0 ){ /* User the password for "anonymous" as cleartext */ @ <td><input type="text" name="pw" value="%h(zPw)"></td> ................................................................................ if( higherUser ){ @ <li><p><font color="blue"><b> @ User %h(zLogin) has Setup privileges and you only have Admin privileges @ so you are not permitted to make changes to %h(zLogin). @ </b></font></p></li> @ } @ <li><p> @ The <b>Setup</b> user can make arbitrary configuration changes. @ An <b>Admin</b> user can add other users and change user privileges @ and reset user passwords. Both automatically get all other privileges @ listed below. Use these two settings with discretion. @ </p></li> @ @ <li><p> @ The "<font color="green"><big>•</big></font>" mark indicates @ the privileges of "nobody" that are available to all users @ regardless of whether or not they are logged in. @ </p></li> @ @ <li><p> @ The "<font color="blue"><big>•</big></font>" mark indicates @ the privileges of "anonymous" that are inherited by all logged-in users. @ </p></li> @ @ <li><p> @ The "<font color="red"><big>•</big></font>" mark indicates @ the privileges of "developer" that are inherited by all users with @ the <b>Developer</b> privilege. @ </p></li> @ @ <li><p> @ The <b>Delete</b> privilege give the user the ability to erase @ wiki, tickets, and attachments that have been added by anonymous @ users. This capability is intended for deletion of spam. The @ delete capability is only in effect for 24 hours after the item @ is first posted. The Setup user can delete anything at any time. @ </p></li> ................................................................................ @ The <b>History</b> privilege allows a user to see most hyperlinks. @ This is recommended ON for most logged-in users but OFF for @ user "nobody" to avoid problems with spiders trying to walk every @ historical version of every baseline and file. @ </p></li> @ @ <li><p> @ The <b>Zip</b> privilege allows a user to see the "download as ZIP" @ hyperlink and permits access to the <tt>/zip</tt> page. This allows @ users to download ZIP archives without granting other rights like @ <b>Read</b> or <b>History</b>. This privilege is recommended for @ user <b>nobody</b> so that automatic package downloaders can obtain @ the sources without going through the login procedure. @ </p></li> @ @ <li><p> @ The <b>Check-in</b> privilege allows remote users to "push". @ The <b>Check-out</b> privilege allows remote users to "pull". @ The <b>Clone</b> privilege allows remote users to "clone". @ </li><p> ................................................................................ @ own password. Recommended ON for most users but OFF for special @ users "developer, "anonynmous", and "nobody". @ </p></li> @ @ <li><p> @ The <b>EMail</b> privilege allows the display of sensitive information @ such as the email address of users and contact information on tickets. @ Recommended OFF for "anonymous" and for "nobody" but ON for @ "developer". @ </p></li> @ @ <li><p> @ Login is prohibited if the password is an empty string. @ </p></li> @ </ul> @ |