Fossil

Check-in [71ad9b62]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:
  • Changed security for timeline. To view the timeline, you must now have History access. The timeline will then display only items which you have access to. "o" (Check-out) is required for source history, "j" (Read-Wiki) is required for Wiki history and "r" (Read-Tkt) is required for Ticket history.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | jeremy_c-timeline
Files: files | file ages | folders
SHA1:71ad9b62a762d7a0e9d2e25e2e39f1082d79d086
User & Date: jeremy_c 2009-12-31 14:59:03
References
2010-01-01
18:35 New ticket [1aaadb4f] fossil: SQL error: out of memory. artifact: 75d42640 user: anonymous
2009-12-31
22:47 New ticket [375e5703] fossil: bad object id: 0 on up. artifact: f19d5b91 user: anonymous
Context
2009-12-31
14:59
  • Changed security for timeline. To view the timeline, you must now have History access. The timeline will then display only items which you have access to. "o" (Check-out) is required for source history, "j" (Read-Wiki) is required for Wiki history and "r" (Read-Tkt) is required for Ticket history.
Closed-Leaf check-in: 71ad9b62 user: jeremy_c tags: jeremy_c-timeline
14:49
Fixed minor spelling error check-in: efdad081 user: jeremy_c tags: jeremy_c-timeline
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/skins.c.

186
187
188
189
190
191
192
193
194
195
196



197
198
199
200
201
202
203
...
386
387
388
389
390
391
392
393
394
395
396



397
398
399
400
401
402
403
...
619
620
621
622
623
624
625
626
627
628
629



630
631
632
633
634
635
636
@ <div class="mainmenu"><th1>
@ html "<a href=''$baseurl$index_page''>Home</a> "
@ if {[hascap h]} {
@   html "<a href=''$baseurl/dir''>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href=''$baseurl/leaves''>Leaves</a> "
@   html "<a href=''$baseurl/timeline''>Timeline</a> "
@   html "<a href=''$baseurl/brlist''>Branches</a> "
@   html "<a href=''$baseurl/taglist''>Tags</a> "
@ }



@ if {[hascap r]} {
@   html "<a href=''$baseurl/reportlist''>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href=''$baseurl/wiki''>Wiki</a> "
@ }
@ if {[hascap s]} {
................................................................................
@ <div class="mainmenu"><th1>
@ html "<a href=''$baseurl$index_page''>Home</a> "
@ if {[hascap h]} {
@   html "<a href=''$baseurl/dir''>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href=''$baseurl/leaves''>Leaves</a> "
@   html "<a href=''$baseurl/timeline''>Timeline</a> "
@   html "<a href=''$baseurl/brlist''>Branches</a> "
@   html "<a href=''$baseurl/taglist''>Tags</a> "
@ }



@ if {[hascap r]} {
@   html "<a href=''$baseurl/reportlist''>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href=''$baseurl/wiki''>Wiki</a> "
@ }
@ if {[hascap s]} {
................................................................................
@ <div class="mainmenu"><ul><th1>
@ html "<li><a href=''$baseurl$index_page''>Home</a></li>"
@ if {[hascap h]} {
@   html "<li><a href=''$baseurl/dir''>Files</a></li>"
@ }
@ if {[hascap o]} {
@   html "<li><a href=''$baseurl/leaves''>Leaves</a></li>"
@   html "<li><a href=''$baseurl/timeline''>Timeline</a></li>"
@   html "<li><a href=''$baseurl/brlist''>Branches</a></li>"
@   html "<li><a href=''$baseurl/taglist''>Tags</a></li>"
@ }



@ if {[hascap r]} {
@   html "<li><a href=''$baseurl/reportlist''>Tickets</a></li>"
@ }
@ if {[hascap j]} {
@   html "<li><a href=''$baseurl/wiki''>Wiki</a></li>"
@ }
@ if {[hascap s]} {







<



>
>
>







 







<



>
>
>







 







<



>
>
>







186
187
188
189
190
191
192

193
194
195
196
197
198
199
200
201
202
203
204
205
...
388
389
390
391
392
393
394

395
396
397
398
399
400
401
402
403
404
405
406
407
...
623
624
625
626
627
628
629

630
631
632
633
634
635
636
637
638
639
640
641
642
@ <div class="mainmenu"><th1>
@ html "<a href=''$baseurl$index_page''>Home</a> "
@ if {[hascap h]} {
@   html "<a href=''$baseurl/dir''>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href=''$baseurl/leaves''>Leaves</a> "

@   html "<a href=''$baseurl/brlist''>Branches</a> "
@   html "<a href=''$baseurl/taglist''>Tags</a> "
@ }
@ if {[hascap h]} {
@   html "<a href=''$baseurl/timeline''>Timeline</a> "
@ }
@ if {[hascap r]} {
@   html "<a href=''$baseurl/reportlist''>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href=''$baseurl/wiki''>Wiki</a> "
@ }
@ if {[hascap s]} {
................................................................................
@ <div class="mainmenu"><th1>
@ html "<a href=''$baseurl$index_page''>Home</a> "
@ if {[hascap h]} {
@   html "<a href=''$baseurl/dir''>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href=''$baseurl/leaves''>Leaves</a> "

@   html "<a href=''$baseurl/brlist''>Branches</a> "
@   html "<a href=''$baseurl/taglist''>Tags</a> "
@ }
@ if {[hascap h]} {
@   html "<a href=''$baseurl/timeline''>Timeline</a> "
@ }
@ if {[hascap r]} {
@   html "<a href=''$baseurl/reportlist''>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href=''$baseurl/wiki''>Wiki</a> "
@ }
@ if {[hascap s]} {
................................................................................
@ <div class="mainmenu"><ul><th1>
@ html "<li><a href=''$baseurl$index_page''>Home</a></li>"
@ if {[hascap h]} {
@   html "<li><a href=''$baseurl/dir''>Files</a></li>"
@ }
@ if {[hascap o]} {
@   html "<li><a href=''$baseurl/leaves''>Leaves</a></li>"

@   html "<li><a href=''$baseurl/brlist''>Branches</a></li>"
@   html "<li><a href=''$baseurl/taglist''>Tags</a></li>"
@ }
@ if {[hascap h]} {
@   html "<li><a href=''$baseurl/timeline''>Timeline</a></li>"
@ }
@ if {[hascap r]} {
@   html "<li><a href=''$baseurl/reportlist''>Tickets</a></li>"
@ }
@ if {[hascap j]} {
@   html "<li><a href=''$baseurl/wiki''>Wiki</a></li>"
@ }
@ if {[hascap s]} {

Changes to src/style.c.

208
209
210
211
212
213
214
215
216
217
218



219
220
221
222
223
224
225
@ <div class="mainmenu"><th1>
@ html "<a href='$baseurl$index_page'>Home</a> "
@ if {[hascap h]} {
@   html "<a href='$baseurl/dir'>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href='$baseurl/leaves'>Leaves</a> "
@   html "<a href='$baseurl/timeline'>Timeline</a> "
@   html "<a href='$baseurl/brlist'>Branches</a> "
@   html "<a href='$baseurl/taglist'>Tags</a> "
@ }



@ if {[hascap r]} {
@   html "<a href='$baseurl/reportlist'>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href='$baseurl/wiki'>Wiki</a> "
@ }
@ if {[hascap s]} {







<



>
>
>







208
209
210
211
212
213
214

215
216
217
218
219
220
221
222
223
224
225
226
227
@ <div class="mainmenu"><th1>
@ html "<a href='$baseurl$index_page'>Home</a> "
@ if {[hascap h]} {
@   html "<a href='$baseurl/dir'>Files</a> "
@ }
@ if {[hascap o]} {
@   html "<a href='$baseurl/leaves'>Leaves</a> "

@   html "<a href='$baseurl/brlist'>Branches</a> "
@   html "<a href='$baseurl/taglist'>Tags</a> "
@ }
@ if {[hascap h]} {
@   html "<a href='$baseurl/timeline'>Timeline</a> "
@ }
@ if {[hascap r]} {
@   html "<a href='$baseurl/reportlist'>Tickets</a> "
@ }
@ if {[hascap j]} {
@   html "<a href='$baseurl/wiki'>Wiki</a> "
@ }
@ if {[hascap s]} {

Changes to src/timeline.c.

443
444
445
446
447
448
449
450
451
452



453




454
455
456
457
458
459
460
...
465
466
467
468
469
470
471










472
473
474
475
476
477
478
...
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
  const char *zCirca = P("c");       /* Events near this time */
  const char *zTagName = P("t");     /* Show events with this tag */
  const char *zString = P("s");      /* String text search of comment and brief */
  HQuery url;                        /* URL for various branch links */
  int tagid;                         /* Tag ID */
  int tmFlags;                       /* Timeline flags */

  /* To view the timeline, must have permission to read project data.
  */
  login_check_credentials();



  if( !g.okRead ){ login_needed(); return; }




  if( zTagName ){
    tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname='sym-%q'", zTagName);
  }else{
    tagid = 0;
  }
  if( zType[0]=='a' ){
    tmFlags = TIMELINE_BRIEF;
................................................................................
  style_header("Timeline");
  login_anonymous_available();
  timeline_temp_table();
  blob_zero(&sql);
  blob_zero(&desc);
  blob_append(&sql, "INSERT OR IGNORE INTO timeline ", -1);
  blob_append(&sql, timeline_query_for_www(), -1);










  if( p_rid || d_rid ){
    /* If p= or d= is present, ignore all other parameters other than n= */
    char *zUuid;
    int np, nd;

    if( p_rid && d_rid ){
      if( p_rid!=d_rid ) p_rid = d_rid;
................................................................................
        zDate = db_text(0, "SELECT max(timestamp) FROM timeline");
        timeline_submenu(&url, "Newer", "a", zDate, "b");
        free(zDate);
      }else if( tagid==0 ){
        if( zType[0]!='a' ){
          timeline_submenu(&url, "All Types", "y", "all", 0);
        }
        if( zType[0]!='w' ){
          timeline_submenu(&url, "Wiki Only", "y", "w", 0);
        }
        if( zType[0]!='c' ){
          timeline_submenu(&url, "Checkins Only", "y", "ci", 0);
        }
        if( zType[0]!='t' ){
          timeline_submenu(&url, "Tickets Only", "y", "t", 0);
        }
      }
      if( nEntry>20 ){
        timeline_submenu(&url, "20 Events", "n", "20", 0);
      }
      if( nEntry<200 ){







|
<

>
>
>
|
>
>
>
>







 







>
>
>
>
>
>
>
>
>
>







 







|


|


|







443
444
445
446
447
448
449
450

451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
...
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
...
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
  const char *zCirca = P("c");       /* Events near this time */
  const char *zTagName = P("t");     /* Show events with this tag */
  const char *zString = P("s");      /* String text search of comment and brief */
  HQuery url;                        /* URL for various branch links */
  int tagid;                         /* Tag ID */
  int tmFlags;                       /* Timeline flags */

  /* To view the timeline, must have permission to project history.*/

  login_check_credentials();
  if( !g.okHistory ){ login_needed(); return; }
  
  /* Prevent them from getting an empty list due to security constraints */
  if( (p_rid || d_rid) && !g.okRead ){ login_needed(); return; }
  if( zType[0]=='c' && zType[1]=='i' && !g.okRead){ login_needed(); return; }
  if( zType[0]=='t' && !g.okRdTkt){ login_needed(); return; }
  if( zType[0]=='w' && !g.okRdWiki){ login_needed(); return; }
  
  if( zTagName ){
    tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname='sym-%q'", zTagName);
  }else{
    tagid = 0;
  }
  if( zType[0]=='a' ){
    tmFlags = TIMELINE_BRIEF;
................................................................................
  style_header("Timeline");
  login_anonymous_available();
  timeline_temp_table();
  blob_zero(&sql);
  blob_zero(&desc);
  blob_append(&sql, "INSERT OR IGNORE INTO timeline ", -1);
  blob_append(&sql, timeline_query_for_www(), -1);
  /* limit the types of objects found in history */
  if( !g.okRead ){
    blob_appendf(&sql, " AND event.type<>'ci'");
  }
  if( !g.okRdTkt ){
    blob_appendf(&sql, " AND event.type<>'t'");
  }
  if( !g.okRdWiki ){
    blob_appendf(&sql, " AND event.type<>'w'");
  }
  if( p_rid || d_rid ){
    /* If p= or d= is present, ignore all other parameters other than n= */
    char *zUuid;
    int np, nd;

    if( p_rid && d_rid ){
      if( p_rid!=d_rid ) p_rid = d_rid;
................................................................................
        zDate = db_text(0, "SELECT max(timestamp) FROM timeline");
        timeline_submenu(&url, "Newer", "a", zDate, "b");
        free(zDate);
      }else if( tagid==0 ){
        if( zType[0]!='a' ){
          timeline_submenu(&url, "All Types", "y", "all", 0);
        }
        if( zType[0]!='w' && g.okRdWiki ){
          timeline_submenu(&url, "Wiki Only", "y", "w", 0);
        }
        if( zType[0]!='c' && g.okRead ){
          timeline_submenu(&url, "Checkins Only", "y", "ci", 0);
        }
        if( zType[0]!='t' && g.okRdTkt ){
          timeline_submenu(&url, "Tickets Only", "y", "t", 0);
        }
      }
      if( nEntry>20 ){
        timeline_submenu(&url, "20 Events", "n", "20", 0);
      }
      if( nEntry<200 ){