Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add a new capability that allows signup for email notification. Change the name of the older "EMail" privilege to "View-PII" to avoid confusion. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: | 25eafed11494e801c28babfbc5784f87 |
User & Date: | drh 2018-06-20 19:04:04 |
Context
2018-06-20
| ||
19:56 | Manage the email.c file. Accidentally omitted from the previous three check-ins. Bummer. check-in: fa83e4b3 user: drh tags: trunk | |
19:04 | Add a new capability that allows signup for email notification. Change the name of the older "EMail" privilege to "View-PII" to avoid confusion. check-in: 25eafed1 user: drh tags: trunk | |
18:47 | Merge the speculative Forum changes. This is because I need the enhancements to the user capabilities in order to add a new capability for Email Notifiation. The Forum logic itself is not ready, and is subject to change and removal. But it is well isolated and shouldn't hurt anything if it hangs out on trunk for a while. check-in: 9a2e5f47 user: drh tags: trunk | |
Changes
Changes to src/login.c.
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
....
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
|
p->RdWiki = p->WrWiki = p->NewWiki =
p->ApndWiki = p->Hyperlink = p->Clone =
p->NewTkt = p->Password = p->RdAddr =
p->TktFmt = p->Attach = p->ApndTkt =
p->ModWiki = p->ModTkt = p->Delete =
p->RdForum = p->WrForum = p->ModForum =
p->WrTForum = p->AdminForum =
p->WrUnver = p->Private = 1;
/* Fall thru into Read/Write */
case 'i': p->Read = p->Write = 1; break;
case 'o': p->Read = 1; break;
case 'z': p->Zip = 1; break;
case 'd': p->Delete = 1; break;
................................................................................
case 'y': p->WrUnver = 1; break;
case '6': p->AdminForum = 1;
case '5': p->ModForum = 1;
case '4': p->WrTForum = 1;
case '3': p->WrForum = 1;
case '2': p->RdForum = 1; break;
/* The "u" privileges is a little different. It recursively
** inherits all privileges of the user named "reader" */
case 'u': {
if( (flags & LOGIN_IGNORE_UV)==0 ){
const char *zUser;
zUser = db_text("", "SELECT cap FROM user WHERE login='reader'");
|
>
>
>
|
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
....
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
|
p->RdWiki = p->WrWiki = p->NewWiki = p->ApndWiki = p->Hyperlink = p->Clone = p->NewTkt = p->Password = p->RdAddr = p->TktFmt = p->Attach = p->ApndTkt = p->ModWiki = p->ModTkt = p->Delete = p->RdForum = p->WrForum = p->ModForum = p->WrTForum = p->AdminForum = p->EmailAlert = p->WrUnver = p->Private = 1; /* Fall thru into Read/Write */ case 'i': p->Read = p->Write = 1; break; case 'o': p->Read = 1; break; case 'z': p->Zip = 1; break; case 'd': p->Delete = 1; break; ................................................................................ case 'y': p->WrUnver = 1; break; case '6': p->AdminForum = 1; case '5': p->ModForum = 1; case '4': p->WrTForum = 1; case '3': p->WrForum = 1; case '2': p->RdForum = 1; break; case '7': p->EmailAlert = 1; break; /* The "u" privileges is a little different. It recursively ** inherits all privileges of the user named "reader" */ case 'u': { if( (flags & LOGIN_IGNORE_UV)==0 ){ const char *zUser; zUser = db_text("", "SELECT cap FROM user WHERE login='reader'"); |
Changes to src/main.c.
86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
char Private; /* x: can send and receive private content */ char WrUnver; /* y: can push unversioned content */ char RdForum; /* 2: Read forum posts */ char WrForum; /* 3: Create new forum posts */ char WrTForum; /* 4: Post to forums not subject to moderation */ char ModForum; /* 5: Moderate (approve or reject) forum posts */ char AdminForum; /* 6: Edit forum posts by other users */ }; #ifdef FOSSIL_ENABLE_TCL /* ** All Tcl related context information is in this structure. This structure ** definition has been copied from and should be kept in sync with the one in ** "th_tcl.c". |
> |
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
char Private; /* x: can send and receive private content */
char WrUnver; /* y: can push unversioned content */
char RdForum; /* 2: Read forum posts */
char WrForum; /* 3: Create new forum posts */
char WrTForum; /* 4: Post to forums not subject to moderation */
char ModForum; /* 5: Moderate (approve or reject) forum posts */
char AdminForum; /* 6: Edit forum posts by other users */
char EmailAlert; /* 7: Sign up for email notifications */
};
#ifdef FOSSIL_ENABLE_TCL
/*
** All Tcl related context information is in this structure. This structure
** definition has been copied from and should be kept in sync with the one in
** "th_tcl.c".
|
Changes to src/setup.c.
303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 ... 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 ... 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 ... 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 ... 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 ... 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 ... 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 ... 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 |
@ <tr><th valign="top">b</th> @ <td><i>Attach:</i> Add attachments to wiki or tickets</td></tr> @ <tr><th valign="top">c</th> @ <td><i>Append-Tkt:</i> Append to tickets</td></tr> @ <tr><th valign="top">d</th> @ <td><i>Delete:</i> Delete wiki and tickets</td></tr> @ <tr><th valign="top">e</th> @ <td><i>Email:</i> View sensitive data such as EMail addresses</td></tr> @ <tr><th valign="top">f</th> @ <td><i>New-Wiki:</i> Create new wiki pages</td></tr> @ <tr><th valign="top">g</th> @ <td><i>Clone:</i> Clone the repository</td></tr> @ <tr><th valign="top">h</th> @ <td><i>Hyperlinks:</i> Show hyperlinks to detailed @ repository history</td></tr> ................................................................................ @ <td><i>Forum-Append:</i> Add new forum posts</td></tr> @ <tr><th valign="top">4</th> @ <td><i>Forum-Trusted:</i> Add pre-approved forum posts </td></tr> @ <tr><th valign="top">5</th> @ <td><i>Forum-Moderator:</i> Approve or disapprove forum posts</td></tr> @ <tr><th valign="top">6</th> @ <td><i>Forum-Supervisor:</i> \ @ Edit forum posts submitted by others</td></tr> @ </table> } /* ** WEBPAGE: setup_ulist_notes ** ** A documentation page showing notes about user configuration. This ................................................................................ if( a[c&0x7f] ) zCap[i++] = c; } zCap[i] = 0; zPw = P("pw"); zLogin = P("login"); if( strlen(zLogin)==0 ){ char *zRef = cgi_referer("setup_ulist"); style_header("User Creation Error"); @ <span class="loginError">Empty login not allowed.</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); return; ................................................................................ if( isValidPwString(zPw) ){ zPw = sha1_shared_secret(zPw, zLogin, 0); }else{ zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); } zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid); if( db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d",zLogin,uid) ){ char *zRef = cgi_referer("setup_ulist"); style_header("User Creation Error"); @ <span class="loginError">Login "%h(zLogin)" is already used by @ a different user.</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); ................................................................................ ); login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr); blob_reset(&sql); admin_log( "Updated user [%q] in all login groups " "with capabilities [%q].", zLogin, zCap ); if( zErr ){ char *zRef = cgi_referer("setup_ulist"); style_header("User Change Error"); admin_log( "Error updating user '%q': %s'.", zLogin, zErr ); @ <span class="loginError">%h(zErr)</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); ................................................................................ @ <label><input type="checkbox" name="au"%s(oa['u']) /> @ Reader%s(B('u'))</label><br> @ <label><input type="checkbox" name="av"%s(oa['v']) /> @ Developer%s(B('v'))</label><br /> @ <label><input type="checkbox" name="ad"%s(oa['d']) /> @ Delete%s(B('d'))</label><br /> @ <label><input type="checkbox" name="ae"%s(oa['e']) /> @ Email%s(B('e'))</label><br /> @ <label><input type="checkbox" name="ap"%s(oa['p']) /> @ Password%s(B('p'))</label><br /> @ <label><input type="checkbox" name="ai"%s(oa['i']) /> @ Check-In%s(B('i'))</label><br /> @ <label><input type="checkbox" name="ao"%s(oa['o']) /> @ Check-Out%s(B('o'))</label><br /> @ <label><input type="checkbox" name="ah"%s(oa['h']) /> ................................................................................ @ <label><input type="checkbox" name="a3"%s(oa['3']) /> @ Write Forum%s(B('3'))</label><br /> @ <label><input type="checkbox" name="a4"%s(oa['4']) /> @ WriteTrusted Forum%s(B('4'))</label><br> @ <label><input type="checkbox" name="a5"%s(oa['5']) /> @ Moderate Forum%s(B('5'))</label><br> @ <label><input type="checkbox" name="a6"%s(oa['6']) /> @ Supervise Forum%s(B('6'))</label> @ </td></tr> @ </table> @ </td> @ </tr> @ <tr> @ <td class="usetupEditLabel">Selected Cap.:</td> @ <td> ................................................................................ @ are allowed to change their own password. Recommended ON for most @ users but OFF for special users <span class="usertype">developer</span>, @ <span class="usertype">anonymous</span>, @ and <span class="usertype">nobody</span>. @ </p></li> @ @ <li><p> @ The <span class="capability">EMail</span> privilege allows the display of @ sensitive information such as the email address of users and contact @ information on tickets. Recommended OFF for @ <span class="usertype">anonymous</span> and for @ <span class="usertype">nobody</span> but ON for @ <span class="usertype">developer</span>. @ </p></li> @ @ <li><p> |
> | | > > | | | | | > > | > | |
303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 ... 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 ... 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 ... 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 ... 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 ... 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 ... 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 ... 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 |
@ <tr><th valign="top">b</th> @ <td><i>Attach:</i> Add attachments to wiki or tickets</td></tr> @ <tr><th valign="top">c</th> @ <td><i>Append-Tkt:</i> Append to tickets</td></tr> @ <tr><th valign="top">d</th> @ <td><i>Delete:</i> Delete wiki and tickets</td></tr> @ <tr><th valign="top">e</th> @ <td><i>View-PII:</i> \ @ View sensitive data such as email addresses</td></tr> @ <tr><th valign="top">f</th> @ <td><i>New-Wiki:</i> Create new wiki pages</td></tr> @ <tr><th valign="top">g</th> @ <td><i>Clone:</i> Clone the repository</td></tr> @ <tr><th valign="top">h</th> @ <td><i>Hyperlinks:</i> Show hyperlinks to detailed @ repository history</td></tr> ................................................................................ @ <td><i>Forum-Append:</i> Add new forum posts</td></tr> @ <tr><th valign="top">4</th> @ <td><i>Forum-Trusted:</i> Add pre-approved forum posts </td></tr> @ <tr><th valign="top">5</th> @ <td><i>Forum-Moderator:</i> Approve or disapprove forum posts</td></tr> @ <tr><th valign="top">6</th> @ <td><i>Forum-Supervisor:</i> \ @ <tr><th valign="top">7</th> @ <td><i>Email-Notify:</i> \ @ Sign up for email notifications</td></tr> @ </table> } /* ** WEBPAGE: setup_ulist_notes ** ** A documentation page showing notes about user configuration. This ................................................................................ if( a[c&0x7f] ) zCap[i++] = c; } zCap[i] = 0; zPw = P("pw"); zLogin = P("login"); if( strlen(zLogin)==0 ){ const char *zRef = cgi_referer("setup_ulist"); style_header("User Creation Error"); @ <span class="loginError">Empty login not allowed.</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); return; ................................................................................ if( isValidPwString(zPw) ){ zPw = sha1_shared_secret(zPw, zLogin, 0); }else{ zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); } zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid); if( db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d",zLogin,uid) ){ const char *zRef = cgi_referer("setup_ulist"); style_header("User Creation Error"); @ <span class="loginError">Login "%h(zLogin)" is already used by @ a different user.</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); ................................................................................ ); login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr); blob_reset(&sql); admin_log( "Updated user [%q] in all login groups " "with capabilities [%q].", zLogin, zCap ); if( zErr ){ const char *zRef = cgi_referer("setup_ulist"); style_header("User Change Error"); admin_log( "Error updating user '%q': %s'.", zLogin, zErr ); @ <span class="loginError">%h(zErr)</span> @ @ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)"> @ [Bummer]</a></p> style_footer(); ................................................................................ @ <label><input type="checkbox" name="au"%s(oa['u']) /> @ Reader%s(B('u'))</label><br> @ <label><input type="checkbox" name="av"%s(oa['v']) /> @ Developer%s(B('v'))</label><br /> @ <label><input type="checkbox" name="ad"%s(oa['d']) /> @ Delete%s(B('d'))</label><br /> @ <label><input type="checkbox" name="ae"%s(oa['e']) /> @ View-PII%s(B('e'))</label><br /> @ <label><input type="checkbox" name="ap"%s(oa['p']) /> @ Password%s(B('p'))</label><br /> @ <label><input type="checkbox" name="ai"%s(oa['i']) /> @ Check-In%s(B('i'))</label><br /> @ <label><input type="checkbox" name="ao"%s(oa['o']) /> @ Check-Out%s(B('o'))</label><br /> @ <label><input type="checkbox" name="ah"%s(oa['h']) /> ................................................................................ @ <label><input type="checkbox" name="a3"%s(oa['3']) /> @ Write Forum%s(B('3'))</label><br /> @ <label><input type="checkbox" name="a4"%s(oa['4']) /> @ WriteTrusted Forum%s(B('4'))</label><br> @ <label><input type="checkbox" name="a5"%s(oa['5']) /> @ Moderate Forum%s(B('5'))</label><br> @ <label><input type="checkbox" name="a6"%s(oa['6']) /> @ Supervise Forum%s(B('6'))</label><br> @ <label><input type="checkbox" name="a7"%s(oa['7']) /> @ Email Alerts%s(B('7'))</label> @ </td></tr> @ </table> @ </td> @ </tr> @ <tr> @ <td class="usetupEditLabel">Selected Cap.:</td> @ <td> ................................................................................ @ are allowed to change their own password. Recommended ON for most @ users but OFF for special users <span class="usertype">developer</span>, @ <span class="usertype">anonymous</span>, @ and <span class="usertype">nobody</span>. @ </p></li> @ @ <li><p> @ The <span class="capability">View-PII</span> privilege allows the display @ of personally-identifiable information information such as the @ email address of users and contact @ information on tickets. Recommended OFF for @ <span class="usertype">anonymous</span> and for @ <span class="usertype">nobody</span> but ON for @ <span class="usertype">developer</span>. @ </p></li> @ @ <li><p> |