Fossil

Check-in [5ebcedc3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Require read permission (permission to read tickets and configuration histories) to view the global timeline.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:5ebcedc33eea137f80f15bfc3e8375f9029ab6a0
User & Date: dan 2007-07-31 16:34:09
Context
2007-08-01
09:04
Populate the ipaddr column of the rcvfrom table when a file is received from a remote source (push/pull/sync). check-in: 36edf3fd user: dan tags: trunk
2007-07-31
23:33
Add the new "history" permission. Merge in changes that require permissions to view the timeline. check-in: fd36718a user: drh tags: trunk
16:34
Require read permission (permission to read tickets and configuration histories) to view the global timeline. check-in: 5ebcedc3 user: dan tags: trunk
10:10
Remove one to-do item. Add another. check-in: 7fe1e734 user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/login.c.

202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219


220
221
222
223
224
225
226
227
228
229
230

231

232
233
234
235
236
237
238
    g.noPswd = 1;
    g.isAnon = 0;
  }

  /* Check the login cookie to see if it matches a known valid user.
  */
  if( uid==0 ){
    if( (zCookie = P(login_cookie_name()))!=0 ){
      uid = db_int(0, 
            "SELECT uid FROM user"
            " WHERE uid=%d"
            "   AND cookie=%Q"
            "   AND ipaddr=%Q"
            "   AND cexpire>julianday('now')",
            atoi(zCookie), zCookie, zRemoteAddr
         );
    }else{
      uid = db_int(0, "SELECT uid FROM user WHERE login='anonymous'");


    }
  }

  if( uid==0 ){
    g.isAnon = 1;
    g.zLogin = "";
    zCap = db_get("nologin-cap","onrj");
  }else if( zCap==0 ){
    Stmt s;
    db_prepare(&s, "SELECT login, cap FROM user WHERE uid=%d", uid);
    db_step(&s);

    g.zLogin = db_column_malloc(&s, 0);

    zCap = db_column_malloc(&s, 1);
    g.isAnon = 0;
    db_finalize(&s);
  }
  g.userUid = uid;

  login_set_capabilities(zCap);







|










>
>




<
<
|




>
|
>







202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225


226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
    g.noPswd = 1;
    g.isAnon = 0;
  }

  /* Check the login cookie to see if it matches a known valid user.
  */
  if( uid==0 ){
    if( (zCookie = P(login_cookie_name()))!=0 && strlen(zCookie)>0 ){
      uid = db_int(0, 
            "SELECT uid FROM user"
            " WHERE uid=%d"
            "   AND cookie=%Q"
            "   AND ipaddr=%Q"
            "   AND cexpire>julianday('now')",
            atoi(zCookie), zCookie, zRemoteAddr
         );
    }else{
      uid = db_int(0, "SELECT uid FROM user WHERE login='anonymous'");
      g.isAnon = 1;
      g.zLogin = "";
    }
  }

  if( uid==0 ){


    zCap = db_get("nologin-cap","");
  }else if( zCap==0 ){
    Stmt s;
    db_prepare(&s, "SELECT login, cap FROM user WHERE uid=%d", uid);
    db_step(&s);
    if( !g.isAnon ){
      g.zLogin = db_column_malloc(&s, 0);
    }
    zCap = db_column_malloc(&s, 1);
    g.isAnon = 0;
    db_finalize(&s);
  }
  g.userUid = uid;

  login_set_capabilities(zCap);

Changes to src/setup.c.

110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
    }
    @ </td>
    @ <td align="center">%s(db_column_text(&s,2))</td>
    @ <td align="left">%s(db_column_text(&s,3))</td>
    @ </tr>
  }
  @ </table></td></tr></table>
  @ <p>
  @ <b>Notes:</b>
  @ <ol>
  @ <li><p>The permission flags are as follows:</p>
  @ <table>
  @ <tr><td>a</td><td width="10"></td>
  @     <td>Admin: Create or delete users and ticket report formats</td></tr>
  @ <tr><td>d</td><td></td>







|







110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
    }
    @ </td>
    @ <td align="center">%s(db_column_text(&s,2))</td>
    @ <td align="left">%s(db_column_text(&s,3))</td>
    @ </tr>
  }
  @ </table></td></tr></table>
  @ <p style="clear:both">
  @ <b>Notes:</b>
  @ <ol>
  @ <li><p>The permission flags are as follows:</p>
  @ <table>
  @ <tr><td>a</td><td width="10"></td>
  @     <td>Admin: Create or delete users and ticket report formats</td></tr>
  @ <tr><td>d</td><td></td>

Changes to src/style.c.

82
83
84
85
86
87
88

89

90
91
92
93
94
95
96
    @ <small>not logged in</small>
    zLogInOut = "Login";
  }else{
    @ <small>logged in as %h(g.zLogin)</small>
  }
  @ </td><td valign="top" align="right">
  @ <a href="%s(g.zBaseURL)/index">Home</a>

  @ | <a href="%s(g.zBaseURL)/timeline">Timeline</a>

  if( g.okRdWiki ){
    @ | <a href="%s(g.zBaseURL)/wiki">Wiki</a>
  }
#if 0
  @ | <font color="#888888">Search</font>
  @ | <font color="#888888">Ticket</font>
  @ | <font color="#888888">Reports</font>







>
|
>







82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
    @ <small>not logged in</small>
    zLogInOut = "Login";
  }else{
    @ <small>logged in as %h(g.zLogin)</small>
  }
  @ </td><td valign="top" align="right">
  @ <a href="%s(g.zBaseURL)/index">Home</a>
  if( g.okRdTkt ){
    @ | <a href="%s(g.zBaseURL)/timeline">Timeline</a>
  }
  if( g.okRdWiki ){
    @ | <a href="%s(g.zBaseURL)/wiki">Wiki</a>
  }
#if 0
  @ | <font color="#888888">Search</font>
  @ | <font color="#888888">Ticket</font>
  @ | <font color="#888888">Reports</font>

Changes to src/timeline.c.

50
51
52
53
54
55
56






57
58
59
60
61
62
63

/*
** WEBPAGE: timeline
*/
void page_timeline(void){
  Stmt q;
  char zPrevDate[20];






  style_header("Timeline");
  zPrevDate[0] = 0;
  db_prepare(&q,
    "SELECT uuid, datetime(event.mtime,'localtime'), comment, user"
    "  FROM event, blob"
    " WHERE event.type='ci' AND blob.rid=event.objid"
    " ORDER BY event.mtime DESC"







>
>
>
>
>
>







50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

/*
** WEBPAGE: timeline
*/
void page_timeline(void){
  Stmt q;
  char zPrevDate[20];

  /* To view the timeline, must have permission to read project data.
  */
  login_check_credentials();
  if( !g.okRdTkt ){ login_needed(); return; }

  style_header("Timeline");
  zPrevDate[0] = 0;
  db_prepare(&q,
    "SELECT uuid, datetime(event.mtime,'localtime'), comment, user"
    "  FROM event, blob"
    " WHERE event.type='ci' AND blob.rid=event.objid"
    " ORDER BY event.mtime DESC"