Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Make sure the subscriber table is not synced unless the client has appropriate permissions. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
7f0c7fcfcee67d07f4351f04986b8089 |
User & Date: | drh 2018-06-25 22:01:39.588 |
Context
2018-06-25
| ||
22:44 | Fix a typo in the processing of Forum record syncs. ... (check-in: b71ab777 user: drh tags: trunk) | |
22:01 | Make sure the subscriber table is not synced unless the client has appropriate permissions. ... (check-in: 7f0c7fcf user: drh tags: trunk) | |
20:59 | On the /stat page, change the name of "Alerts:" to "Pending Alerts:". ... (check-in: 6f34395c user: drh tags: trunk) | |
Changes
Changes to src/configure.c.
︙ | ︙ | |||
34 35 36 37 38 39 40 | #define CONFIGSET_TKT 0x000004 /* Ticket configuration */ #define CONFIGSET_PROJ 0x000008 /* Project name */ #define CONFIGSET_SHUN 0x000010 /* Shun settings */ #define CONFIGSET_USER 0x000020 /* The USER table */ #define CONFIGSET_ADDR 0x000040 /* The CONCEALED table */ #define CONFIGSET_XFER 0x000080 /* Transfer configuration */ #define CONFIGSET_ALIAS 0x000100 /* URL Aliases */ | | | 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 | #define CONFIGSET_TKT 0x000004 /* Ticket configuration */ #define CONFIGSET_PROJ 0x000008 /* Project name */ #define CONFIGSET_SHUN 0x000010 /* Shun settings */ #define CONFIGSET_USER 0x000020 /* The USER table */ #define CONFIGSET_ADDR 0x000040 /* The CONCEALED table */ #define CONFIGSET_XFER 0x000080 /* Transfer configuration */ #define CONFIGSET_ALIAS 0x000100 /* URL Aliases */ #define CONFIGSET_SCRIBER 0x000200 /* Email subscribers */ #define CONFIGSET_FORUM 0x000400 /* Forum posts */ #define CONFIGSET_ALL 0x0007ff /* Everything */ #define CONFIGSET_OVERWRITE 0x100000 /* Causes overwrite instead of merge */ /* |
︙ | ︙ | |||
58 59 60 61 62 63 64 | ** Names of the configuration sets */ static struct { const char *zName; /* Name of the configuration set */ int groupMask; /* Mask for that configuration set */ const char *zHelp; /* What it does */ } aGroupName[] = { | | | | | | | | | | | | | | | 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 | ** Names of the configuration sets */ static struct { const char *zName; /* Name of the configuration set */ int groupMask; /* Mask for that configuration set */ const char *zHelp; /* What it does */ } aGroupName[] = { { "/email", CONFIGSET_ADDR, "Concealed email addresses in tickets" }, { "/project", CONFIGSET_PROJ, "Project name and description" }, { "/skin", CONFIGSET_SKIN | CONFIGSET_CSS, "Web interface appearance settings" }, { "/css", CONFIGSET_CSS, "Style sheet" }, { "/shun", CONFIGSET_SHUN, "List of shunned artifacts" }, { "/ticket", CONFIGSET_TKT, "Ticket setup", }, { "/user", CONFIGSET_USER, "Users and privilege settings" }, { "/xfer", CONFIGSET_XFER, "Transfer setup", }, { "/alias", CONFIGSET_ALIAS, "URL Aliases", }, { "/subscriber", CONFIGSET_SCRIBER,"Email notification subscriber list" }, /*{ "/forum", CONFIGSET_FORUM, "Forum posts", },*/ { "/all", CONFIGSET_ALL, "All of the above" }, }; /* ** The following is a list of settings that we are willing to ** transfer. ** |
︙ | ︙ | |||
159 160 161 162 163 164 165 | { "@concealed", CONFIGSET_ADDR }, { "@shun", CONFIGSET_SHUN }, { "@alias", CONFIGSET_ALIAS }, | | | 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 | { "@concealed", CONFIGSET_ADDR }, { "@shun", CONFIGSET_SHUN }, { "@alias", CONFIGSET_ALIAS }, { "@subscriber", CONFIGSET_SCRIBER }, { "xfer-common-script", CONFIGSET_XFER }, { "xfer-push-script", CONFIGSET_XFER }, { "xfer-commit-script", CONFIGSET_XFER }, { "xfer-ticket-script", CONFIGSET_XFER }, }; |
︙ | ︙ | |||
233 234 235 236 237 238 239 | zName++; n -= 2; } for(i=0; i<count(aConfig); i++){ if( strncmp(zName, aConfig[i].zName, n)==0 && aConfig[i].zName[n]==0 ){ int m = aConfig[i].groupMask; if( !g.perm.Admin ){ | | | 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 | zName++; n -= 2; } for(i=0; i<count(aConfig); i++){ if( strncmp(zName, aConfig[i].zName, n)==0 && aConfig[i].zName[n]==0 ){ int m = aConfig[i].groupMask; if( !g.perm.Admin ){ m &= ~(CONFIGSET_USER|CONFIGSET_SCRIBER); } if( !g.perm.RdForum ){ m &= ~(CONFIGSET_FORUM); } if( !g.perm.RdAddr ){ m &= ~CONFIGSET_ADDR; } |
︙ | ︙ | |||
348 349 350 351 352 353 354 | ** /reportfmt $MTIME $TITLE owner $VALUE cols $VALUE sqlcode $VALUE ** /concealed $MTIME $HASH content $VALUE ** /subscriber $SMTIME $SEMAIL suname $V ... */ void configure_receive(const char *zName, Blob *pContent, int groupMask){ int checkMask; /* Masks for which we must first check existance of tables */ | | | 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 | ** /reportfmt $MTIME $TITLE owner $VALUE cols $VALUE sqlcode $VALUE ** /concealed $MTIME $HASH content $VALUE ** /subscriber $SMTIME $SEMAIL suname $V ... */ void configure_receive(const char *zName, Blob *pContent, int groupMask){ int checkMask; /* Masks for which we must first check existance of tables */ checkMask = CONFIGSET_SCRIBER; if( zName[0]=='/' ){ /* The new format */ char *azToken[24]; int nToken = 0; int ii, jj; int thisMask; Blob name, value, sql; |
︙ | ︙ | |||
401 402 403 404 405 406 407 | if( aType[ii].zName[0]=='/' ){ thisMask = configure_is_exportable(azToken[1]); }else{ thisMask = configure_is_exportable(aType[ii].zName); } if( (thisMask & groupMask)==0 ) return; if( (thisMask & checkMask)!=0 ){ | | | 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 | if( aType[ii].zName[0]=='/' ){ thisMask = configure_is_exportable(azToken[1]); }else{ thisMask = configure_is_exportable(aType[ii].zName); } if( (thisMask & groupMask)==0 ) return; if( (thisMask & checkMask)!=0 ){ if( (thisMask & CONFIGSET_SCRIBER)!=0 ){ email_schema(1); } checkMask &= ~thisMask; } blob_zero(&sql); if( groupMask & CONFIGSET_OVERWRITE ){ |
︙ | ︙ | |||
583 584 585 586 587 588 589 | blob_appendf(pOut, "config /config %d\n%s\n", blob_size(&rec), blob_str(&rec)); nCard++; blob_reset(&rec); } db_finalize(&q); } | | | 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 | blob_appendf(pOut, "config /config %d\n%s\n", blob_size(&rec), blob_str(&rec)); nCard++; blob_reset(&rec); } db_finalize(&q); } if( (groupMask & CONFIGSET_SCRIBER)!=0 && db_table_exists("repository","subscriber") ){ db_prepare(&q, "SELECT mtime, quote(semail)," " quote(suname), quote(sdigest)," " quote(sdonotcall), quote(ssub)," " quote(sctime), quote(smip)" " FROM subscriber WHERE sverified" |
︙ | ︙ |
Changes to src/xfer.c.
︙ | ︙ | |||
1418 1419 1420 1421 1422 1423 1424 | && xfer.nToken==2 ){ if( g.perm.Read ){ char *zName = blob_str(&xfer.aToken[1]); if( zName[0]=='/' ){ /* New style configuration transfer */ int groupMask = configure_name_to_mask(&zName[1], 0); | | > | 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 | && xfer.nToken==2 ){ if( g.perm.Read ){ char *zName = blob_str(&xfer.aToken[1]); if( zName[0]=='/' ){ /* New style configuration transfer */ int groupMask = configure_name_to_mask(&zName[1], 0); if( !g.perm.Admin ) groupMask &= ~(CONFIGSET_USER|CONFIGSET_SCRIBER); if( !g.perm.RdForum ) groupMask & ~CONFIGSET_FORUM; if( !g.perm.RdAddr ) groupMask &= ~CONFIGSET_ADDR; configure_send_group(xfer.pOut, groupMask, 0); } } }else /* config NAME SIZE \n CONTENT |
︙ | ︙ |