Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Do not show the numeric user ids on the /setup_ulist page. The login name is sufficient. On the /setup_uedit page, provide a link to an access log for that particular user. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
e85eff263012ab65409ff766c67bd11b |
| User & Date: | drh 2018-01-12 14:30:33 |
Context
|
2018-01-12
| ||
| 14:36 | Update the built-in SQLite to the latest 3.22.0 beta, with a fix for a compile-time issue reported on the mailing list. check-in: 9d80ad85 user: drh tags: trunk | |
| 14:30 | Do not show the numeric user ids on the /setup_ulist page. The login name is sufficient. On the /setup_uedit page, provide a link to an access log for that particular user. check-in: e85eff26 user: drh tags: trunk | |
| 02:48 | Add missing history of directory link on /dir page when "All" version is selected. check-in: f77a929e user: mgagnon tags: trunk | |
Changes
Changes to src/setup.c.
162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 ... 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 ... 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 ... 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 ... 602 603 604 605 606 607 608 609 610 611 612 613 614 615 |
if( zWith==0 || zWith[0]==0 ){
style_submenu_element("Add", "setup_uedit");
style_submenu_element("Log", "access_log");
style_submenu_element("Help", "setup_ulist_notes");
style_header("User List");
@ <table border=1 cellpadding=2 cellspacing=0 class='userTable'>
@ <thead><tr>
@ <th>UID <th>Category
@ <th>Capabilities (<a href='%R/setup_ucap_list'>key</a>)
@ <th>Info <th>Last Change</tr></thead>
@ <tbody>
db_prepare(&s,
"SELECT uid, login, cap, date(mtime,'unixepoch')"
" FROM user"
" WHERE login IN ('anonymous','nobody','developer','reader')"
................................................................................
);
while( db_step(&s)==SQLITE_ROW ){
int uid = db_column_int(&s, 0);
const char *zLogin = db_column_text(&s, 1);
const char *zCap = db_column_text(&s, 2);
const char *zDate = db_column_text(&s, 4);
@ <tr>
@ <td><a href='setup_uedit?id=%d(uid)'>%d(uid)</a>
@ <td><a href='setup_uedit?id=%d(uid)'>%h(zLogin)</a>
@ <td>%h(zCap)
if( fossil_strcmp(zLogin,"anonymous")==0 ){
@ <td>All logged-in users
}else if( fossil_strcmp(zLogin,"developer")==0 ){
@ <td>Users with '<b>v</b>' capability
................................................................................
db_finalize(&s);
}else{
style_header("Users With Capabilities \"%h\"", zWith);
}
@ </tbody></table>
@ <div class='section'>Users</div>
@ <table border=1 cellpadding=2 cellspacing=0 class='userTable sortable' \
@ data-column-types='nktxTTK' data-init-sort='2'>
@ <thead><tr>
@ <th>ID<th>Login Name<th>Caps<th>Info<th>Date<th>Expire<th>Last Login</tr></thead>
@ <tbody>
db_multi_exec(
"CREATE TEMP TABLE lastAccess(uname TEXT PRIMARY KEY, atime REAL) WITHOUT ROWID;"
);
if( db_table_exists("repository","accesslog") ){
db_multi_exec(
"INSERT INTO lastAccess(uname, atime)"
" SELECT uname, max(mtime) FROM ("
" SELECT uname, mtime FROM accesslog WHERE success"
" UNION ALL"
" SELECT login AS uname, rcvfrom.mtime AS mtime FROM rcvfrom JOIN user USING(uid))"
" GROUP BY 1;"
);
}
if( zWith && zWith[0] ){
zWith = mprintf(" AND cap GLOB '*[%q]*'", zWith);
}else{
zWith = "";
................................................................................
const char *zExp = db_column_text(&s,6);
double rATime = db_column_double(&s,7);
char *zAge = 0;
if( rATime>0.0 ){
zAge = human_readable_age(rNow - rATime);
}
@ <tr>
@ <td><a href='setup_uedit?id=%d(uid)'>%d(uid)</a>
@ <td data-sortkey='%h(zSortKey)'><a href='setup_uedit?id=%d(uid)'>%h(zLogin)</a>
@ <td>%h(zCap)
@ <td>%h(zInfo)
@ <td>%h(zDate?zDate:"")
@ <td>%h(zExp?zExp:"")
@ <td data-sortkey='%f(rATime)' style='white-space:nowrap'>%s(zAge?zAge:"")
@ </tr>
................................................................................
}
/* Begin generating the page
*/
style_submenu_element("Cancel", cgi_referer("setup_ulist"));
if( uid ){
style_header("Edit User %h", zLogin);
}else{
style_header("Add A New User");
}
@ <div class="ueditCapBox">
@ <form action="%s(g.zPath)" method="post"><div>
login_insert_csrf_secret();
if( login_is_special(zLogin) ){
|
| < | | | | > < > |
162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 ... 178 179 180 181 182 183 184 185 186 187 188 189 190 191 ... 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 ... 254 255 256 257 258 259 260 261 262 263 264 265 266 267 ... 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 |
if( zWith==0 || zWith[0]==0 ){
style_submenu_element("Add", "setup_uedit");
style_submenu_element("Log", "access_log");
style_submenu_element("Help", "setup_ulist_notes");
style_header("User List");
@ <table border=1 cellpadding=2 cellspacing=0 class='userTable'>
@ <thead><tr>
@ <th>Category
@ <th>Capabilities (<a href='%R/setup_ucap_list'>key</a>)
@ <th>Info <th>Last Change</tr></thead>
@ <tbody>
db_prepare(&s,
"SELECT uid, login, cap, date(mtime,'unixepoch')"
" FROM user"
" WHERE login IN ('anonymous','nobody','developer','reader')"
................................................................................
);
while( db_step(&s)==SQLITE_ROW ){
int uid = db_column_int(&s, 0);
const char *zLogin = db_column_text(&s, 1);
const char *zCap = db_column_text(&s, 2);
const char *zDate = db_column_text(&s, 4);
@ <tr>
@ <td><a href='setup_uedit?id=%d(uid)'>%h(zLogin)</a>
@ <td>%h(zCap)
if( fossil_strcmp(zLogin,"anonymous")==0 ){
@ <td>All logged-in users
}else if( fossil_strcmp(zLogin,"developer")==0 ){
@ <td>Users with '<b>v</b>' capability
................................................................................
db_finalize(&s);
}else{
style_header("Users With Capabilities \"%h\"", zWith);
}
@ </tbody></table>
@ <div class='section'>Users</div>
@ <table border=1 cellpadding=2 cellspacing=0 class='userTable sortable' \
@ data-column-types='ktxTTK' data-init-sort='2'>
@ <thead><tr>
@ <th>Login Name<th>Caps<th>Info<th>Date<th>Expire<th>Last Login</tr></thead>
@ <tbody>
db_multi_exec(
"CREATE TEMP TABLE lastAccess(uname TEXT PRIMARY KEY, atime REAL) WITHOUT ROWID;"
);
if( db_table_exists("repository","accesslog") ){
db_multi_exec(
"INSERT INTO lastAccess(uname, atime)"
" SELECT uname, max(mtime) FROM ("
" SELECT uname, mtime FROM accesslog WHERE success"
" UNION ALL"
" SELECT login AS uname, rcvfrom.mtime AS mtime"
" FROM rcvfrom JOIN user USING(uid))"
" GROUP BY 1;"
);
}
if( zWith && zWith[0] ){
zWith = mprintf(" AND cap GLOB '*[%q]*'", zWith);
}else{
zWith = "";
................................................................................
const char *zExp = db_column_text(&s,6);
double rATime = db_column_double(&s,7);
char *zAge = 0;
if( rATime>0.0 ){
zAge = human_readable_age(rNow - rATime);
}
@ <tr>
@ <td data-sortkey='%h(zSortKey)'><a href='setup_uedit?id=%d(uid)'>%h(zLogin)</a>
@ <td>%h(zCap)
@ <td>%h(zInfo)
@ <td>%h(zDate?zDate:"")
@ <td>%h(zExp?zExp:"")
@ <td data-sortkey='%f(rATime)' style='white-space:nowrap'>%s(zAge?zAge:"")
@ </tr>
................................................................................
}
/* Begin generating the page
*/
style_submenu_element("Cancel", cgi_referer("setup_ulist"));
if( uid ){
style_header("Edit User %h", zLogin);
style_submenu_element("Access Log", "%R/access_log?u=%t", zLogin);
}else{
style_header("Add A New User");
}
@ <div class="ueditCapBox">
@ <form action="%s(g.zPath)" method="post"><div>
login_insert_csrf_secret();
if( login_is_special(zLogin) ){
|
Changes to src/user.c.
632
633
634
635
636
637
638
639
640
641
642
643
644
645
...
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
|
** n=N Number of entries to show (default: 200)
** o=N Skip this many entries (default: 0)
*/
void access_log_page(void){
int y = atoi(PD("y","3"));
int n = atoi(PD("n","200"));
int skip = atoi(PD("o","0"));
Blob sql;
Stmt q;
int cnt = 0;
int rc;
int fLogEnabled;
login_check_credentials();
................................................................................
}
style_header("Access Log");
blob_zero(&sql);
blob_append_sql(&sql,
"SELECT uname, ipaddr, datetime(mtime,toLocal()), success"
" FROM accesslog"
);
if( y==1 ){
blob_append(&sql, " WHERE success", -1);
}else if( y==2 ){
blob_append(&sql, " WHERE NOT success", -1);
}
blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
if( skip ){
style_submenu_element("Newer", "%s/access_log?o=%d&n=%d&y=%d",
|
>
>
>
>
>
|
|
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
...
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
|
** n=N Number of entries to show (default: 200)
** o=N Skip this many entries (default: 0)
*/
void access_log_page(void){
int y = atoi(PD("y","3"));
int n = atoi(PD("n","200"));
int skip = atoi(PD("o","0"));
const char *zUser = P("u");
Blob sql;
Stmt q;
int cnt = 0;
int rc;
int fLogEnabled;
login_check_credentials();
................................................................................
}
style_header("Access Log");
blob_zero(&sql);
blob_append_sql(&sql,
"SELECT uname, ipaddr, datetime(mtime,toLocal()), success"
" FROM accesslog"
);
if( zUser ){
blob_append_sql(&sql, " WHERE uname=%Q", zUser);
n = 1000000000;
skip = 0;
}else if( y==1 ){
blob_append(&sql, " WHERE success", -1);
}else if( y==2 ){
blob_append(&sql, " WHERE NOT success", -1);
}
blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
if( skip ){
style_submenu_element("Newer", "%s/access_log?o=%d&n=%d&y=%d",
|