Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix enforcement of access restrictions on reports. Do not allow reports to show the content of fields whose names begin with "private_" unless the "e" permission is enabled. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
21326fb6f7d3e2d175a80c3a603095c1 |
| User & Date: | drh 2008-07-19 15:12:34.000 |
Context
|
2008-07-19
| ||
| 15:40 | Improved explanation of privileges on the User Edit screen. ... (check-in: 92f6d3d786 user: drh tags: trunk) | |
| 15:12 | Fix enforcement of access restrictions on reports. Do not allow reports to show the content of fields whose names begin with "private_" unless the "e" permission is enabled. ... (check-in: 21326fb6f7 user: drh tags: trunk) | |
| 14:15 | Fix the "Key Template" setup box under ticket configuration. ... (check-in: b7588eb2f7 user: drh tags: trunk) | |
Changes
Changes to src/main.c.
| ︙ | ︙ | |||
114 115 116 117 118 119 120 | int okApndWiki; /* m: append to wiki via web */ int okWrWiki; /* k: edit wiki via web */ int okRdTkt; /* r: view tickets via web */ int okNewTkt; /* n: create new tickets */ int okApndTkt; /* c: append to tickets via the web */ int okWrTkt; /* w: make changes to tickets via web */ int okTktFmt; /* t: create new ticket report formats */ | | | 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 | int okApndWiki; /* m: append to wiki via web */ int okWrWiki; /* k: edit wiki via web */ int okRdTkt; /* r: view tickets via web */ int okNewTkt; /* n: create new tickets */ int okApndTkt; /* c: append to tickets via the web */ int okWrTkt; /* w: make changes to tickets via web */ int okTktFmt; /* t: create new ticket report formats */ int okRdAddr; /* e: read email addresses or other private data */ FILE *fDebug; /* Write debug information here, if the file exists */ /* Storage for the aux() and/or option() SQL function arguments */ int nAux; /* Number of distinct aux() or option() values */ const char *azAuxName[MX_AUX]; /* Name of each aux() or option() value */ char *azAuxParam[MX_AUX]; /* Param of each aux() or option() value */ |
| ︙ | ︙ |
Changes to src/report.c.
| ︙ | ︙ | |||
152 153 154 155 156 157 158 |
void *pError,
int code,
const char *zArg1,
const char *zArg2,
const char *zArg3,
const char *zArg4
){
| > | < | 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 |
void *pError,
int code,
const char *zArg1,
const char *zArg2,
const char *zArg3,
const char *zArg4
){
int rc = SQLITE_OK;
if( *(char**)pError ){
/* We've already seen an error. No need to continue. */
return SQLITE_OK;
}
switch( code ){
case SQLITE_SELECT:
case SQLITE_FUNCTION: {
break;
|
| ︙ | ︙ | |||
178 179 180 181 182 183 184 |
"tagxref",
};
int i;
for(i=0; i<sizeof(azAllowed)/sizeof(azAllowed[0]); i++){
if( strcasecmp(zArg1, azAllowed[i])==0 ) break;
}
if( i>=sizeof(azAllowed)/sizeof(azAllowed[0]) ){
| | > > > | > | | 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 |
"tagxref",
};
int i;
for(i=0; i<sizeof(azAllowed)/sizeof(azAllowed[0]); i++){
if( strcasecmp(zArg1, azAllowed[i])==0 ) break;
}
if( i>=sizeof(azAllowed)/sizeof(azAllowed[0]) ){
*(char**)pError = mprintf("access to table \"%s\" is restricted",zArg1);
rc = SQLITE_DENY;
}else if( !g.okRdAddr && strncmp(zArg2, "private_", 8)==0 ){
rc = SQLITE_IGNORE;
}
break;
}
default: {
*(char**)pError = mprintf("only SELECT statements are allowed");
rc = SQLITE_DENY;
break;
}
}
return rc;
}
/*
** Check the given SQL to see if is a valid query that does not
** attempt to do anything dangerous. Return 0 on success and a
** pointer to an error message string (obtained from malloc) if
|
| ︙ | ︙ | |||
873 874 875 876 877 878 879 880 881 882 883 884 885 886 |
int rn;
char *zSql;
char *zTitle;
char *zOwner;
char *zClrKey;
int tabs;
Stmt q;
login_check_credentials();
if( !g.okRead ){ login_needed(); return; }
rn = atoi(PD("rn","0"));
if( rn==0 ){
cgi_redirect("reportlist");
return;
| > > | 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 |
int rn;
char *zSql;
char *zTitle;
char *zOwner;
char *zClrKey;
int tabs;
Stmt q;
char *zErr1 = 0;
char *zErr2 = 0;
login_check_credentials();
if( !g.okRead ){ login_needed(); return; }
rn = atoi(PD("rn","0"));
if( rn==0 ){
cgi_redirect("reportlist");
return;
|
| ︙ | ︙ | |||
930 931 932 933 934 935 936 |
}
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=0 cellpadding=3 cellspacing=0 class=\"report\"");
@ <table border=1 cellpadding=2 cellspacing=0 class="report">
sState.rn = rn;
sState.nCount = 0;
| > | > > > > > > > | > | 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 |
}
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=0 cellpadding=3 cellspacing=0 class=\"report\"");
@ <table border=1 cellpadding=2 cellspacing=0 class="report">
sState.rn = rn;
sState.nCount = 0;
sqlite3_set_authorizer(g.db, report_query_authorizer, (void*)&zErr1);
sqlite3_exec(g.db, zSql, generate_html, &sState, &zErr2);
sqlite3_set_authorizer(g.db, 0, 0);
@ </table>
if( zErr1 ){
@ <p><font color="red"><b>Error: %h(zErr1)</b></font></p>
}else if( zErr2 ){
@ <p><font color="red"><b>Error: %h(zErr2)</b></font></p>
}
style_footer();
}else{
sqlite3_set_authorizer(g.db, report_query_authorizer, (void*)&zErr1);
sqlite3_exec(g.db, zSql, output_tab_separated, &count, &zErr2);
sqlite3_set_authorizer(g.db, 0, 0);
cgi_set_content_type("text/plain");
}
}
|
Changes to src/setup.c.
| ︙ | ︙ | |||
134 135 136 137 138 139 140 | @ <b>Notes:</b> @ <ol> @ <li><p>The permission flags are as follows:</p> @ <ol type="a"> @ <li value="1"><b>Admin</b>: Create and delete users</li> @ <li value="3"><b>Append-Tkt</b>: Append to tickets</li> @ <li value="4"><b>Delete</b>: Delete wiki and tickets</li> | | | 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 | @ <b>Notes:</b> @ <ol> @ <li><p>The permission flags are as follows:</p> @ <ol type="a"> @ <li value="1"><b>Admin</b>: Create and delete users</li> @ <li value="3"><b>Append-Tkt</b>: Append to tickets</li> @ <li value="4"><b>Delete</b>: Delete wiki and tickets</li> @ <li value="5"><b>Email</b>: View sensitive data such as EMail addresses</li> @ <li value="6"><b>New-Wiki</b>: Create new wiki pages</li> @ <li value="7"><b>Clone</b>: Clone the repository</li> @ <li value="8"><b>History</b>: View detail repository history</li> @ <li value="9"><b>Check-In</b>: Commit new versions in the repository</li> @ <li value="10"><b>Read-Wiki</b>: View wiki pages</li> @ <li value="11"><b>Write-Wiki</b>: Edit wiki pages</li> @ <li value="13"><b>Append-Wiki</b>: Append to wiki pages</li> |
| ︙ | ︙ |
Changes to src/tktsetup.c.
| ︙ | ︙ | |||
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
"The default ticket report format.");
setup_menu_entry("Key Template", "tktsetup_keytplt",
"The default color key for reports.");
@ </table>
style_footer();
}
/* @-comment: ** */
static const char zDefaultTicketTable[] =
@ CREATE TABLE ticket(
@ -- Do not change any column that begins with tkt_
@ tkt_id INTEGER PRIMARY KEY,
@ tkt_uuid TEXT,
@ tkt_mtime DATE,
@ -- Add as many field as required below this line
@ type TEXT,
@ status TEXT,
@ subsystem TEXT,
@ priority TEXT,
@ severity TEXT,
@ foundin TEXT,
| > > > > | | 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
"The default ticket report format.");
setup_menu_entry("Key Template", "tktsetup_keytplt",
"The default color key for reports.");
@ </table>
style_footer();
}
/*
** NOTE: When changing the table definition below, also change the
** equivalent definition found in schema.c.
*/
/* @-comment: ** */
static const char zDefaultTicketTable[] =
@ CREATE TABLE ticket(
@ -- Do not change any column that begins with tkt_
@ tkt_id INTEGER PRIMARY KEY,
@ tkt_uuid TEXT,
@ tkt_mtime DATE,
@ -- Add as many field as required below this line
@ type TEXT,
@ status TEXT,
@ subsystem TEXT,
@ priority TEXT,
@ severity TEXT,
@ foundin TEXT,
@ private_contact TEXT,
@ resolution TEXT,
@ title TEXT,
@ comment TEXT,
@ -- Do not alter this UNIQUE clause:
@ UNIQUE(tkt_uuid, tkt_mtime)
@ );
;
|
| ︙ | ︙ | |||
123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
}else if( isSubmit ){
char *zErr = 0;
if( xText && (zErr = xText(z))!=0 ){
@ <p><font color="red"><b>ERROR: %h(zErr)</b></font></p>
}else{
db_set(zDbField, z, 0);
if( xRebuild ) xRebuild();
}
}
@ <form action="%s(g.zBaseURL)/%s(g.zPath)" method="POST">
@ <p>%s(zDesc)</p>
@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
@ <blockquote>
@ <input type="submit" name="submit" value="Apply Changes">
| > | 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 |
}else if( isSubmit ){
char *zErr = 0;
if( xText && (zErr = xText(z))!=0 ){
@ <p><font color="red"><b>ERROR: %h(zErr)</b></font></p>
}else{
db_set(zDbField, z, 0);
if( xRebuild ) xRebuild();
cgi_redirect("tktsetup");
}
}
@ <form action="%s(g.zBaseURL)/%s(g.zPath)" method="POST">
@ <p>%s(zDesc)</p>
@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
@ <blockquote>
@ <input type="submit" name="submit" value="Apply Changes">
|
| ︙ | ︙ | |||
274 275 276 277 278 279 280 | @ </td> @ <td>How debilitating is the problem? How badly does the problem @ effect the operation of the product?</td> @ </tr> @ @ <tr> @ <td align="right">EMail: | | | 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 | @ </td> @ <td>How debilitating is the problem? How badly does the problem @ effect the operation of the product?</td> @ </tr> @ @ <tr> @ <td align="right">EMail: @ <input type="text" name="private_contact" value="$<private_contact>" size="30"> @ </td> @ <td><u>Not publicly visible</u>. Used by developers to contact you with @ questions.</td> @ </tr> @ @ <tr> @ <td colspan="2"> |
| ︙ | ︙ | |||
375 376 377 378 379 380 381 | @ $<resolution> @ </td></tr> @ <tr><td align="right">Last Modified:</td><td bgcolor="#d0d0d0"> @ $<tkt_datetime> @ </td> @ <th1>enable_output [hascap e]</th1> @ <td align="right">Contact:</td><td bgcolor="#d0d0d0"> | | | 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 | @ $<resolution> @ </td></tr> @ <tr><td align="right">Last Modified:</td><td bgcolor="#d0d0d0"> @ $<tkt_datetime> @ </td> @ <th1>enable_output [hascap e]</th1> @ <td align="right">Contact:</td><td bgcolor="#d0d0d0"> @ $<private_contact> @ </td> @ <th1>enable_output 1</th1> @ </tr> @ <tr><td align="right">Version Found In:</td> @ <td colspan="3" valign="top" bgcolor="#d0d0d0"> @ $<foundin> @ </td></tr> |
| ︙ | ︙ | |||
459 460 461 462 463 464 465 | @ <th1>combobox resolution $resolution_choices 1</th1> @ </td></tr> @ <tr><td align="right">Subsystem:</td><td> @ <th1>combobox subsystem $subsystem_choices 1</th1> @ </td></tr> @ <th1>enable_output [hascap e]</th1> @ <tr><td align="right">Contact:</td><td> | | > | 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 | @ <th1>combobox resolution $resolution_choices 1</th1> @ </td></tr> @ <tr><td align="right">Subsystem:</td><td> @ <th1>combobox subsystem $subsystem_choices 1</th1> @ </td></tr> @ <th1>enable_output [hascap e]</th1> @ <tr><td align="right">Contact:</td><td> @ <input type="text" name="private_contact" size="40" @ value="$<private_contact>"> @ </td></tr> @ <th1>enable_output 1</th1> @ <tr><td align="right">Version Found In:</td><td> @ <input type="text" name="foundin" size="50" value="$<foundin>"> @ </td></tr> @ <tr><td colspan="2"> @ <th1> |
| ︙ | ︙ |