/*
** Copyright (c) 2007 D. Richard Hipp
**
** This program is free software; you can redistribute it and/or
** modify it under the terms of the Simplified BSD License (also
** known as the "2-Clause License" or "FreeBSD License".)
**
** This program is distributed in the hope that it will be useful,
** but without any warranty; without even the implied warranty of
** merchantability or fitness for a particular purpose.
**
** Author contact information:
** drh@hwaci.com
** http://www.hwaci.com/drh/
**
*******************************************************************************
**
** Implementation of the Setup page
*/
#include "config.h"
#include
}
/*
** WEBPAGE: setup
**
** Main menu for the administrative pages. Requires Admin or Setup
** privileges. Links to sub-pages only usable by Setup users are
** shown only to Setup users.
*/
void setup_page(void){
int setup_user = 0;
login_check_credentials();
if( !g.perm.Admin ){
login_needed(0);
}
setup_user = g.perm.Setup;
style_set_current_feature("setup");
style_header("Server Administration");
/* Make sure the header contains
if( zLink && zLink[0] ){
@ %h(zTitle)
}else{
@ %h(zTitle)
}
@ %h(zDesc)
WARNING: Device "/dev/null" is not available @ for reading and writing.
} if( access("/dev/urandom", R_OK) ){ @WARNING: Device "/dev/urandom" is not available @ for reading. This means that the pseudo-random number generator used @ by SQLite will be poorly seeded.
} #endif @Enable hyperlinks (the equivalent of the "h" permission) for all users, @ including user "nobody", as long as the User-Agent string in the @ HTTP header indicates that the request is coming from an actual human @ being. If this setting is "UserAgent only" (2) then the @ UserAgent string is the only factor considered. If the value of this @ setting is "UserAgent And Javascript" (1) then Javascript is added that @ runs after the page loads and fills in the href= values of <a> @ elements. In either case, <a> tags are only generated if the @ UserAgent string indicates that the request is coming from a human and @ not a robot. @ @
This setting is designed to give easy access to humans while @ keeping out robots. @ You do not normally want a robot to walk your entire repository because @ if it does, your server will end up computing diffs and annotations for @ every historical version of every file and creating ZIPs and tarballs of @ every historical check-in, which can use a lot of CPU and bandwidth @ even for relatively small projects.
@ @The "UserAgent and Javascript" value for this setting provides @ superior protection from robots. However, that setting also prevents @ the visited/unvisited colors on hyperlinks from displaying correctly @ on Safari-derived browsers. (Chrome and Firefox work fine.) Since @ Safari is the underlying rendering engine on all iPhones and iPads, @ this means that hyperlink visited/unvisited colors will not operate @ on those platforms when "UserAgent and Javascript" is selected.
@ @Additional parameters that control the behavior of Javascript:
@entry_attribute("Delay in milliseconds before enabling hyperlinks", 5, "auto-hyperlink-delay", "ah-delay", "50", 0); @@
onoff_attribute("Also require a mouse event before enabling hyperlinks", "auto-hyperlink-mouseover", "ahmo", 0, 0); @
For maximum robot defense, "Delay" should be at least 50 milliseconds @ and "require a mouse event" should be turned on. These values only come @ into play when the main auto-hyperlink settings is 2 ("UserAgent and @ Javascript").
@ @To see if Javascript-base hyperlink enabling mechanism is working, @ visit the /test_env page (from a separate @ web browser that is not logged in, even as "anonymous") and verify @ that the "g.jsHref" value is "1".
@(Properties: "auto-hyperlink", "auto-hyperlink-delay", and @ "auto-hyperlink-mouseover"")
} /* ** WEBPAGE: setup_robot ** ** Settings associated with defense against robots. Requires setup privilege. */ void setup_robots(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } style_set_current_feature("setup"); style_header("Robot Defense Settings"); db_begin_transaction(); @A Fossil website can have billions of pages in its tree, even for a @ modest project. Many of those pages (examples: diffs and tarballs) @ might be expensive to compute. A robot that tries to walk the entire @ website can present a crippling CPU and bandwidth load. @ @
The settings on this page are intended to help site administrators @ defend the site against robots. @ @
db_end_transaction(0); style_finish_page(); } /* ** WEBPAGE: setup_access ** ** The access-control settings page. Requires Setup privileges. */ void setup_access(void){ static const char *const azRedirectOpts[] = { "0", "Off", "1", "Login Page Only", "2", "All Pages" }; login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } style_set_current_feature("setup"); style_header("Access Control Settings"); db_begin_transaction(); @ db_end_transaction(0); style_finish_page(); } /* ** WEBPAGE: setup_login_group ** ** Change how the current repository participates in a login ** group. */ void setup_login_group(void){ const char *zGroup; char *zErrMsg = 0; Blob fullName; char *zSelfRepo; const char *zRepo = PD("repo", ""); const char *zLogin = PD("login", ""); const char *zPw = PD("pw", ""); const char *zNewName = PD("newname", "New Login Group"); login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } file_canonical_name(g.zRepositoryName, &fullName, 0); zSelfRepo = fossil_strdup(blob_str(&fullName)); blob_reset(&fullName); if( P("join")!=0 ){ login_group_join(zRepo, 1, zLogin, zPw, zNewName, &zErrMsg); }else if( P("leave") ){ login_group_leave(&zErrMsg); } style_set_current_feature("setup"); style_header("Login Group Configuration"); if( zErrMsg ){ @%s(zErrMsg)
} zGroup = login_group_name(); if( zGroup==0 ){ @This repository (in the file named "%h(zSelfRepo)") @ is not currently part of any login-group. @ To join a login group, fill out the form below.
@ @ }else{ Stmt q; int n = 0; @This repository (in the file "%h(zSelfRepo)") @ is currently part of the "%h(zGroup)" login group. @ Other repositories in that group are:
@Project Name | @ | Repository File | ||
---|---|---|---|---|
%d(n). | @ | %h(zTitle) | %h(zRepo) |