Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | The recent change that allows Admin-only users to edit the skin affected the setup.c side of things only: there were also several bits in skins.c that checked for g.perm.Setup, so an Admin-only user couldn't actually do anthing useful. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
7b58c6fddee37082ed7ed46a6992fd01 |
| User & Date: | wyoung 2018-12-01 05:49:45 |
Context
|
2018-12-01
| ||
| 06:17 | Assorted small improvements to admin-v-setup.md. check-in: eadf2644 user: wyoung tags: trunk | |
| 05:49 | The recent change that allows Admin-only users to edit the skin affected the setup.c side of things only: there were also several bits in skins.c that checked for g.perm.Setup, so an Admin-only user couldn't actually do anthing useful. check-in: 7b58c6fd user: wyoung tags: trunk | |
| 00:27 | Added the "Setup-Only Features" section to admin-v-setup.md. check-in: 8ec908d1 user: wyoung tags: trunk | |
Changes
Changes to src/skins.c.
457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 ... 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 ... 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 .... 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 .... 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 |
const char *zCurrent = 0; /* Current skin */ int i; /* Loop counter */ Stmt q; int seenCurrent = 0; int once; login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } db_begin_transaction(); zCurrent = getSkin(0); for(i=0; i<count(aBuiltinSkin); i++){ aBuiltinSkin[i].zSQL = getSkin(aBuiltinSkin[i].zLabel); ................................................................................ } /* ** WEBPAGE: setup_skinedit ** ** Edit aspects of a skin determined by the w= query parameter. ** Requires Setup privileges. ** ** w=NUM -- 0=CSS, 1=footer, 2=header, 3=details, 4=js ** sk=NUM -- the draft skin number */ void setup_skinedit(void){ static const struct sSkinAddr { const char *zFile; ................................................................................ login_check_credentials(); /* Figure out which skin we are editing */ iSkin = atoi(PD("sk","1")); if( iSkin<1 || iSkin>9 ) iSkin = 1; /* Check that the user is authorized to edit this skin. */ if( !g.perm.Setup ){ char *zAllowedEditors = ""; Glob *pAllowedEditors; int isMatch = 0; if( login_is_individual() ){ zAllowedEditors = db_get_mprintf("", "draft%d-users", iSkin); } if( zAllowedEditors[0] ){ ................................................................................ @ <p>Repeat <a href='#step4'>step 4</a> and @ <a href='#step5'>step 5</a> as many times as necessary to create @ a production-ready skin. @ @ <a name='step7'></a> @ <h1>Step 7: Publish</h1> @ if( !g.perm.Setup ){ @ <p>Only administrators are allowed to publish draft skins. Contact @ an administrator to get this "draft%d(iSkin)" skin published.</p> }else{ @ <p>When the draft%d(iSkin) skin is ready for production use, @ make it the default scan by clicking the acknowledgements and @ pressing the button below:</p> @ ................................................................................ @ <p>You will probably need to press Reload on your browser after @ publishing the new skin.</p> } @ @ <a name='step8'></a> @ <h1>Step 8: Cleanup and Undo Actions</h1> @ if( !g.perm.Setup ){ @ <p>Administrators can optionally save or restore legacy skins, and/or @ undo a prior publish. }else{ @ <p>Visit the <a href='%R/setup_skin_admin'>Skin Admin</a> page @ for cleanup and recovery actions. } style_load_one_js_file("skin.js"); style_footer(); } |
| | | | | |
457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 ... 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 ... 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 .... 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 .... 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 |
const char *zCurrent = 0; /* Current skin */ int i; /* Loop counter */ Stmt q; int seenCurrent = 0; int once; login_check_credentials(); if( !g.perm.Admin ){ login_needed(0); return; } db_begin_transaction(); zCurrent = getSkin(0); for(i=0; i<count(aBuiltinSkin); i++){ aBuiltinSkin[i].zSQL = getSkin(aBuiltinSkin[i].zLabel); ................................................................................ } /* ** WEBPAGE: setup_skinedit ** ** Edit aspects of a skin determined by the w= query parameter. ** Requires Admin or Setup privileges. ** ** w=NUM -- 0=CSS, 1=footer, 2=header, 3=details, 4=js ** sk=NUM -- the draft skin number */ void setup_skinedit(void){ static const struct sSkinAddr { const char *zFile; ................................................................................ login_check_credentials(); /* Figure out which skin we are editing */ iSkin = atoi(PD("sk","1")); if( iSkin<1 || iSkin>9 ) iSkin = 1; /* Check that the user is authorized to edit this skin. */ if( !g.perm.Admin ){ char *zAllowedEditors = ""; Glob *pAllowedEditors; int isMatch = 0; if( login_is_individual() ){ zAllowedEditors = db_get_mprintf("", "draft%d-users", iSkin); } if( zAllowedEditors[0] ){ ................................................................................ @ <p>Repeat <a href='#step4'>step 4</a> and @ <a href='#step5'>step 5</a> as many times as necessary to create @ a production-ready skin. @ @ <a name='step7'></a> @ <h1>Step 7: Publish</h1> @ if( !g.perm.Admin ){ @ <p>Only administrators are allowed to publish draft skins. Contact @ an administrator to get this "draft%d(iSkin)" skin published.</p> }else{ @ <p>When the draft%d(iSkin) skin is ready for production use, @ make it the default scan by clicking the acknowledgements and @ pressing the button below:</p> @ ................................................................................ @ <p>You will probably need to press Reload on your browser after @ publishing the new skin.</p> } @ @ <a name='step8'></a> @ <h1>Step 8: Cleanup and Undo Actions</h1> @ if( !g.perm.Admin ){ @ <p>Administrators can optionally save or restore legacy skins, and/or @ undo a prior publish. }else{ @ <p>Visit the <a href='%R/setup_skin_admin'>Skin Admin</a> page @ for cleanup and recovery actions. } style_load_one_js_file("skin.js"); style_footer(); } |