Fossil

Check-in [77bdac3b]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 77bdac3b195d12f7e0f8fdd12cf9313cd4008559
User & Date: drh 2008-11-22 18:16:57.000
Context
2008-11-22
19:09
Fix the user edit screen to work correctly even if one or more of the "anonymous", "login", or "developer" users is omitted from the user list. ... (check-in: 21cecd20 user: drh tags: trunk)
18:16
Use colored bullets to indicate the privileges of "nobody", "anonymous", and "developer" on the user edit page. ... (check-in: 77bdac3b user: drh tags: trunk)
17:09
Update the "Notes" to the right of the user setup screen. ... (check-in: 3eac8bc0 user: drh tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/setup.c.
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
  @ </p></li>
  @
  @ <li><p>
  @ Users with privilege <b>v</b> inherit the combined privileges of
  @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>.
  @ </p></li>
  @
  @ <li><p>
  @ A blank password disables login for a user.
  @ </p></li>
  @
  @ </ol>
  @ </td></tr></table>
  style_footer();
}

/*
** Return true if zPw is a valid password string.  A valid







<
<
<
<







198
199
200
201
202
203
204




205
206
207
208
209
210
211
  @ </p></li>
  @
  @ <li><p>
  @ Users with privilege <b>v</b> inherit the combined privileges of
  @ <b>developer</b>, <b>anonymous</b>, and <b>nobody</b>.
  @ </p></li>
  @




  @ </ol>
  @ </td></tr></table>
  style_footer();
}

/*
** Return true if zPw is a valid password string.  A valid
229
230
231
232
233
234
235

236
237
238
239
240
241
242
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
  const char *zId, *zLogin, *zInfo, *zCap, *zPw;
  char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
  char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
  char *oat, *oav, *oaz;

  int doWrite;
  int uid;
  int higherUser = 0;  /* True if user being edited is SETUP and the */
                       /* user doing the editing is ADMIN.  Disallow editing */

  /* Must have ADMIN privleges to access this page
  */







>







225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
  const char *zId, *zLogin, *zInfo, *zCap, *zPw;
  char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
  char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
  char *oat, *oav, *oaz;
  const char *inherit[128];
  int doWrite;
  int uid;
  int higherUser = 0;  /* True if user being edited is SETUP and the */
                       /* user doing the editing is ADMIN.  Disallow editing */

  /* Must have ADMIN privleges to access this page
  */
365
366
367
368
369
370
371



























372
373
374
375
376
377
378
    if( strchr(zCap, 'r') ) oar = " checked";
    if( strchr(zCap, 's') ) oas = " checked";
    if( strchr(zCap, 't') ) oat = " checked";
    if( strchr(zCap, 'v') ) oav = " checked";
    if( strchr(zCap, 'w') ) oaw = " checked";
    if( strchr(zCap, 'z') ) oaz = " checked";
  }




























  /* Begin generating the page
  */
  style_submenu_element("Cancel", "Cancel", "setup_ulist");
  if( uid ){
    style_header(mprintf("Edit User %h", zLogin));
  }else{







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
    if( strchr(zCap, 'r') ) oar = " checked";
    if( strchr(zCap, 's') ) oas = " checked";
    if( strchr(zCap, 't') ) oat = " checked";
    if( strchr(zCap, 'v') ) oav = " checked";
    if( strchr(zCap, 'w') ) oaw = " checked";
    if( strchr(zCap, 'z') ) oaz = " checked";
  }

  /* figure out inherited permissions */
  memset(inherit, 0, sizeof(inherit));
  if( strcmp(zLogin, "developer") ){
    char *z1, *z2;
    z1 = z2 = db_text("","SELECT cap FROM user WHERE login='developer'");
    while( *z1 ){
      inherit[0x7f & *(z1++)] = "<font color=\"red\">&#149;</font>";
    }
    free(z2);
  }
  if( strcmp(zLogin, "anonymous") ){
    char *z1, *z2;
    z1 = z2 = db_text("","SELECT cap FROM user WHERE login='anonymous'");
    while( *z1 ){
      inherit[0x7f & *(z1++)] = "<font color=\"blue\">&#149;</font>";
    }
    free(z2);
  }
  if( strcmp(zLogin, "nobody") ){
    char *z1, *z2;
    z1 = z2 = db_text("","SELECT cap FROM user WHERE login='nobody'");
    while( *z1 ){
      inherit[0x7f & *(z1++)] = "<font color=\"green\">&#149;</font>";
    }
    free(z2);
  }

  /* Begin generating the page
  */
  style_submenu_element("Cancel", "Cancel", "setup_ulist");
  if( uid ){
    style_header(mprintf("Edit User %h", zLogin));
  }else{
397
398
399
400
401
402
403

404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
  @ <tr>
  @   <td align="right"><nobr>Contact&nbsp;Info:</nobr></td>
  @   <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
  @ </tr>
  @ <tr>
  @   <td align="right" valign="top">Capabilities:</td>
  @   <td>

  if( g.okSetup ){
    @     <input type="checkbox" name="as"%s(oas)>Setup</input><br>
  }
  @     <input type="checkbox" name="aa"%s(oaa)>Admin</input><br>
  @     <input type="checkbox" name="ad"%s(oad)>Delete</input><br>
  @     <input type="checkbox" name="ae"%s(oad)>Email</input><br>
  @     <input type="checkbox" name="ap"%s(oap)>Password</input><br>
  @     <input type="checkbox" name="ai"%s(oai)>Check-In</input><br>
  @     <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br>
  @     <input type="checkbox" name="ah"%s(oah)>History</input><br>
  @     <input type="checkbox" name="av"%s(oav)>Developer</input><br>
  @     <input type="checkbox" name="ag"%s(oag)>Clone</input><br>
  @     <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br>
  @     <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br>
  @     <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br>
  @     <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br>
  @     <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br>
  @     <input type="checkbox" name="an"%s(oan)>New Tkt</input><br>
  @     <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br>
  @     <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input><br>
  @     <input type="checkbox" name="at"%s(oat)>Tkt Report</input><br>
  @     <input type="checkbox" name="az"%s(oaz)>Download Zip</input>
  @   </td>
  @ </tr>
  @ <tr>
  @   <td align="right">Password:</td>
  if( strcmp(zLogin, "anonymous")==0 ){
    /* User the password for "anonymous" as cleartext */
    @   <td><input type="text" name="pw" value="%h(zPw)"></td>







>

|

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|







421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
  @ <tr>
  @   <td align="right"><nobr>Contact&nbsp;Info:</nobr></td>
  @   <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
  @ </tr>
  @ <tr>
  @   <td align="right" valign="top">Capabilities:</td>
  @   <td>
#define B(x) inherit[x]
  if( g.okSetup ){
    @    <input type="checkbox" name="as"%s(oas)>%s(B('s'))Setup</input><br>
  }
  @    <input type="checkbox" name="aa"%s(oaa)>%s(B('a'))Admin</input><br>
  @    <input type="checkbox" name="ad"%s(oad)>%s(B('d'))Delete</input><br>
  @    <input type="checkbox" name="ae"%s(oae)>%s(B('e'))Email</input><br>
  @    <input type="checkbox" name="ap"%s(oap)>%s(B('p'))Password</input><br>
  @    <input type="checkbox" name="ai"%s(oai)>%s(B('i'))Check-In</input><br>
  @    <input type="checkbox" name="ao"%s(oao)>%s(B('o'))Check-Out</input><br>
  @    <input type="checkbox" name="ah"%s(oah)>%s(B('h'))History</input><br>
  @    <input type="checkbox" name="av"%s(oav)>%s(B('v'))Developer</input><br>
  @    <input type="checkbox" name="ag"%s(oag)>%s(B('g'))Clone</input><br>
  @    <input type="checkbox" name="aj"%s(oaj)>%s(B('j'))Read Wiki</input><br>
  @    <input type="checkbox" name="af"%s(oaf)>%s(B('f'))New Wiki</input><br>
  @    <input type="checkbox" name="am"%s(oam)>%s(B('m'))Append Wiki</input><br>
  @    <input type="checkbox" name="ak"%s(oak)>%s(B('k'))Write Wiki</input><br>
  @    <input type="checkbox" name="ar"%s(oar)>%s(B('r'))Read Tkt</input><br>
  @    <input type="checkbox" name="an"%s(oan)>%s(B('n'))New Tkt</input><br>
  @    <input type="checkbox" name="ac"%s(oac)>%s(B('c'))Append Tkt</input><br>
  @    <input type="checkbox" name="aw"%s(oaw)>%s(B('w'))Write Tkt</input><br>
  @    <input type="checkbox" name="at"%s(oat)>%s(B('t'))Tkt Report</input><br>
  @    <input type="checkbox" name="az"%s(oaz)>%s(B('z'))Download Zip</input>
  @   </td>
  @ </tr>
  @ <tr>
  @   <td align="right">Password:</td>
  if( strcmp(zLogin, "anonymous")==0 ){
    /* User the password for "anonymous" as cleartext */
    @   <td><input type="text" name="pw" value="%h(zPw)"></td>
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464

















465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
  if( higherUser ){
    @ <li><p><font color="blue"><b>
    @ User %h(zLogin) has Setup privileges and you only have Admin privileges
    @ so you are not permitted to make changes to %h(zLogin).
    @ </b></font></p></li>
    @
  }
  @
  @ <li><p>
  @ The <b>Setup</b> user can make arbitrary configuration changes.
  @ An <b>Admin</b> user can add other users and change user privileges
  @ and reset user passwords.  Both automatically get all other privileges
  @ listed below.  Use these two settings with discretion.
  @ </p></li>
  @

















  @ <li><p>
  @ The <b>Delete</b> privilege give the user the ability to erase
  @ wiki, tickets, and attachments that have been added by anonymous
  @ users.  This capability is intended for deletion of spam.  The
  @ delete capability is only in effect for 24 hours after the item
  @ is first posted.  The Setup user can delete anything at any time.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>History</b> privilege allows a user to see most hyperlinks.
  @ This is recommended ON for most logged-in users but OFF for
  @ user "nobody" to avoid problems with spiders trying to walk every
  @ historical version of every baseline and file.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Zip</b> privilege allows a user to see the download as zip hyperlink
  @ as well as permit access to the <tt>/zip</tt> page. It can be allowed for
  @ user "nobody" to grant him access to download artifacts he know from the
  @ server without giving him other rights like <b>Read</b> or <b>History</b>.
  @ So automatic package dowloaders could be able to obtain the sources without
  @ going thru the login procedure.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Developer</b> privilege causes all privileges of the user
  @ named "developer" to be inherited by this user.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Check-in</b> privilege allows remote users to "push".
  @ The <b>Check-out</b> privilege allows remote users to "pull".
  @ The <b>Clone</b> privilege allows remote users to "clone".
  @ </li><p>







<







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
















|
|
|
|
|
|
<
<
<
<
<







475
476
477
478
479
480
481

482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527





528
529
530
531
532
533
534
  if( higherUser ){
    @ <li><p><font color="blue"><b>
    @ User %h(zLogin) has Setup privileges and you only have Admin privileges
    @ so you are not permitted to make changes to %h(zLogin).
    @ </b></font></p></li>
    @
  }

  @ <li><p>
  @ The <b>Setup</b> user can make arbitrary configuration changes.
  @ An <b>Admin</b> user can add other users and change user privileges
  @ and reset user passwords.  Both automatically get all other privileges
  @ listed below.  Use these two settings with discretion.
  @ </p></li>
  @
  @ <li><p>
  @ The "<font color="green"><big>&#149;</big></font>" mark indicates
  @ the privileges of "nobody" that are available to all users
  @ regardless of whether or not they are logged in.
  @ </p></li>
  @
  @ <li><p>
  @ The "<font color="blue"><big>&#149;</big></font>" mark indicates
  @ the privileges of "anonymous" that are inherited by all logged-in users.
  @ </p></li>
  @
  @ <li><p>
  @ The "<font color="red"><big>&#149;</big></font>" mark indicates
  @ the privileges of "developer" that are inherited by all users with
  @ the <b>Developer</b> privilege.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Delete</b> privilege give the user the ability to erase
  @ wiki, tickets, and attachments that have been added by anonymous
  @ users.  This capability is intended for deletion of spam.  The
  @ delete capability is only in effect for 24 hours after the item
  @ is first posted.  The Setup user can delete anything at any time.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>History</b> privilege allows a user to see most hyperlinks.
  @ This is recommended ON for most logged-in users but OFF for
  @ user "nobody" to avoid problems with spiders trying to walk every
  @ historical version of every baseline and file.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Zip</b> privilege allows a user to see the "download as ZIP"
  @ hyperlink and permits access to the <tt>/zip</tt> page.  This allows
  @ users to download ZIP archives without granting other rights like
  @ <b>Read</b> or <b>History</b>.  This privilege is recommended for
  @ user <b>nobody</b> so that automatic package downloaders can obtain
  @ the sources without going through the login procedure.





  @ </p></li>
  @
  @ <li><p>
  @ The <b>Check-in</b> privilege allows remote users to "push".
  @ The <b>Check-out</b> privilege allows remote users to "pull".
  @ The <b>Clone</b> privilege allows remote users to "clone".
  @ </li><p>
511
512
513
514
515
516
517
518

519
520
521
522
523
524
525
  @ own password.  Recommended ON for most users but OFF for special
  @ users "developer, "anonynmous", and "nobody".
  @ </p></li>
  @
  @ <li><p>
  @ The <b>EMail</b> privilege allows the display of sensitive information
  @ such as the email address of users and contact information on tickets.
  @ Recommended OFF for "anonymous" and for "nobody".

  @ </p></li>
  @
  @ <li><p>
  @ Login is prohibited if the password is an empty string.
  @ </p></li>
  @ </ul>
  @







|
>







547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
  @ own password.  Recommended ON for most users but OFF for special
  @ users "developer, "anonynmous", and "nobody".
  @ </p></li>
  @
  @ <li><p>
  @ The <b>EMail</b> privilege allows the display of sensitive information
  @ such as the email address of users and contact information on tickets.
  @ Recommended OFF for "anonymous" and for "nobody" but ON for
  @ "developer".
  @ </p></li>
  @
  @ <li><p>
  @ Login is prohibited if the password is an empty string.
  @ </p></li>
  @ </ul>
  @