Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch sub-repos Excluding Merge-Ins
This is equivalent to a diff from 13ceb46e49 to e8b15ad642
|
2011-03-28
| ||
| 22:47 | Merge the sub-repo capability into trunk. check-in: ab4882588e user: drh tags: trunk | |
| 22:29 | A new approach to sub-repos in which a specific user for the subrepo is specified in the CONFIG table entry. Closed-Leaf check-in: e8b15ad642 user: drh tags: sub-repos | |
| 21:46 | Fixes to the capability reduction on subrepositories. check-in: 4b545a8a02 user: drh tags: sub-repos | |
| 18:08 | Allow for the creation of "sub-repositories" that can be accessed through the web interface using the same login credentials as the parent repository. check-in: 97d0118794 user: drh tags: sub-repos | |
| 07:40 | Use "password" instead of "passwd" because it's complete and proper, and plays nicely w/ Emacs "send-invisible" capabilities that keep typed text from echoing on screen. check-in: 13ceb46e49 user: bharder tags: trunk | |
|
2011-03-27
| ||
| 21:55 | Changes to makeheaders so that it does not move static inline procedures into header files. Changed suggested by Yoran Heling. This has zero impact on Fossil which does not use "inline" anywhere. check-in: 99532f33af user: drh tags: trunk | |
Changes to src/login.c.
| ︙ | ︙ | |||
498 499 500 501 502 503 504 505 506 507 508 509 |
}
/* Set the capabilities */
login_set_capabilities(zCap);
login_set_anon_nobody_capabilities();
}
/*
** Add the default privileges of users "nobody" and "anonymous" as appropriate
** for the user g.zLogin.
*/
void login_set_anon_nobody_capabilities(void){
| > > > > > < | | | 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 |
}
/* Set the capabilities */
login_set_capabilities(zCap);
login_set_anon_nobody_capabilities();
}
/*
** Memory of settings
*/
static int login_anon_once = 1;
/*
** Add the default privileges of users "nobody" and "anonymous" as appropriate
** for the user g.zLogin.
*/
void login_set_anon_nobody_capabilities(void){
if( g.zLogin && login_anon_once ){
const char *zCap;
/* All logged-in users inherit privileges from "nobody" */
zCap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'");
login_set_capabilities(zCap);
if( fossil_strcmp(g.zLogin, "nobody")!=0 ){
/* All logged-in users inherit privileges from "anonymous" */
zCap = db_text("", "SELECT cap FROM user WHERE login = 'anonymous'");
login_set_capabilities(zCap);
}
login_anon_once = 0;
}
}
/*
** Set the global capability flags based on a capability string.
*/
void login_set_capabilities(const char *zCap){
|
| ︙ | ︙ | |||
615 616 617 618 619 620 621 |
/* case 'q': */
case 'r': rc = g.okRdTkt; break;
case 's': rc = g.okSetup; break;
case 't': rc = g.okTktFmt; break;
/* case 'u': READER */
/* case 'v': DEVELOPER */
case 'w': rc = g.okWrTkt; break;
| | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 |
/* case 'q': */
case 'r': rc = g.okRdTkt; break;
case 's': rc = g.okSetup; break;
case 't': rc = g.okTktFmt; break;
/* case 'u': READER */
/* case 'v': DEVELOPER */
case 'w': rc = g.okWrTkt; break;
case 'x': rc = g.okPrivate; break;
/* case 'y': */
case 'z': rc = g.okZip; break;
default: rc = 0; break;
}
}
return rc;
}
/*
** Change the login to zUser.
*/
void login_as_user(const char *zUser){
char *zCap = ""; /* New capabilities */
/* Turn off all capabilities from prior logins */
g.okSetup = 0;
g.okAdmin = 0;
g.okDelete = 0;
g.okPassword = 0;
g.okQuery = 0;
g.okWrite = 0;
g.okRead = 0;
g.okHistory = 0;
g.okClone = 0;
g.okRdWiki = 0;
g.okNewWiki = 0;
g.okApndWiki = 0;
g.okWrWiki = 0;
g.okRdTkt = 0;
g.okNewTkt = 0;
g.okApndTkt = 0;
g.okWrTkt = 0;
g.okAttach = 0;
g.okTktFmt = 0;
g.okRdAddr = 0;
g.okZip = 0;
g.okPrivate = 0;
/* Set the global variables recording the userid and login. The
** "nobody" user is a special case in that g.zLogin==0.
*/
g.userUid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUser);
if( g.userUid==0 ){
zUser = 0;
g.userUid = db_int(0, "SELECT uid FROM user WHERE login='nobody'");
}
if( g.userUid ){
zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", g.userUid);
}
if( fossil_strcmp(zUser,"nobody")==0 ) zUser = 0;
g.zLogin = fossil_strdup(zUser);
/* Set the capabilities */
login_set_capabilities(zCap);
login_anon_once = 1;
login_set_anon_nobody_capabilities();
}
/*
** Call this routine when the credential check fails. It causes
** a redirect to the "login" page.
*/
void login_needed(void){
const char *zUrl = PD("REQUEST_URI", "index");
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
966 967 968 969 970 971 972 |
if( zPathInfo==0 || zPathInfo[0]==0
|| (zPathInfo[0]=='/' && zPathInfo[1]==0) ){
fossil_redirect_home();
}else{
zPath = mprintf("%s", zPathInfo);
}
| | > > > | | | | | > > > > > > > > > > > > > > > > > > > > | > > > > > > > > > > > > > > > > > | > > | 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 |
if( zPathInfo==0 || zPathInfo[0]==0
|| (zPathInfo[0]=='/' && zPathInfo[1]==0) ){
fossil_redirect_home();
}else{
zPath = mprintf("%s", zPathInfo);
}
/* Make g.zPath point to the first element of the path. Make
** g.zExtra point to everything past that point.
*/
while(1){
char *zAltRepo = 0;
g.zPath = &zPath[1];
for(i=1; zPath[i] && zPath[i]!='/'; i++){}
if( zPath[i]=='/' ){
zPath[i] = 0;
g.zExtra = &zPath[i+1];
/* Look for sub-repositories. A sub-repository is another repository
** that accepts the login credentials of the current repository. A
** subrepository is identified by a CONFIG table entry "subrepo:NAME"
** where NAME is the first component of the path. The value of the
** the CONFIG entries is the string "USER:FILENAME" where USER is the
** USER name to log in as in the subrepository and FILENAME is the
** repository filename.
*/
zAltRepo = db_text(0, "SELECT value FROM config WHERE name='subrepo:%q'",
g.zPath);
if( zAltRepo ){
int nHost;
int jj;
char *zUser = zAltRepo;
login_check_credentials();
for(jj=0; zAltRepo[jj] && zAltRepo[jj]!=':'; jj++){}
if( zAltRepo[jj]==':' ){
zAltRepo[jj] = 0;
zAltRepo += jj+1;
}else{
zUser = "nobody";
}
if( zAltRepo[0]!='/' ){
zAltRepo = mprintf("%s/../%s", g.zRepositoryName, zAltRepo);
file_simplify_name(zAltRepo, -1);
}
db_close(1);
db_open_repository(zAltRepo);
login_as_user(zUser);
g.okPassword = 0;
zPath += i;
nHost = g.zTop - g.zBaseURL;
g.zBaseURL = mprintf("%z/%s", g.zBaseURL, g.zPath);
g.zTop = g.zBaseURL + nHost;
continue;
}
}else{
g.zExtra = 0;
}
break;
}
if( g.zExtra ){
/* CGI parameters get this treatment elsewhere, but places like getfile
** will use g.zExtra directly.
*/
dehttpize(g.zExtra);
cgi_set_parameter_nocopy("name", g.zExtra);
|
| ︙ | ︙ |