Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | The admin can see private artifacts in /bloblist even if they do not have the Private ('x') permission. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
648bc30531a76ff8fc85c4a8775ad4bd |
| User & Date: | drh 2020-04-12 23:29:07.167 |
Context
|
2020-04-13
| ||
| 12:51 | Enhancements to the sync protocol designed to reduce bandwidth in cases where there are a lot of private artifacts on either side of the sync. check-in: 1f7b409e87 user: drh tags: trunk | |
| 11:02 | Do not allow unprivileged users to see private or phantom artifacts on the /bloblist page. check-in: 7dc7df46d5 user: drh tags: sync-improvements | |
|
2020-04-12
| ||
| 23:29 | The admin can see private artifacts in /bloblist even if they do not have the Private ('x') permission. check-in: 648bc30531 user: drh tags: trunk | |
| 23:25 | Only allow users with appropriate privileges to see private and phantom artifacts in the /bloblist report. check-in: 7b6b567155 user: drh tags: trunk | |
Changes
Changes to src/name.c.
| ︙ | ︙ | |||
1199 1200 1201 1202 1203 1204 1205 |
if( !phantomOnly ){
style_submenu_element("Phantoms", "bloblist?phan");
}
}else{
privOnly = 0;
phantomOnly = 0;
}
| | | 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 |
if( !phantomOnly ){
style_submenu_element("Phantoms", "bloblist?phan");
}
}else{
privOnly = 0;
phantomOnly = 0;
}
if( g.perm.Private || g.perm.Admin ){
if( !privOnly ){
style_submenu_element("Private", "bloblist?priv");
}
}else{
privOnly = 0;
}
if( g.perm.Write ){
|
| ︙ | ︙ | |||
1255 1256 1257 1258 1259 1260 1261 |
const char *zDesc = db_column_text(&q, 2);
int isPriv = db_column_int(&q,3);
int isPhantom = db_column_int(&q,4);
if( isPhantom && !g.perm.Admin ){
/* Do not show phantom artifacts to non-admin users */
continue;
}
| | | 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 |
const char *zDesc = db_column_text(&q, 2);
int isPriv = db_column_int(&q,3);
int isPhantom = db_column_int(&q,4);
if( isPhantom && !g.perm.Admin ){
/* Do not show phantom artifacts to non-admin users */
continue;
}
if( isPriv && !g.perm.Private && !g.perm.Admin ){
/* Don't show private artifacts to users without Private (x) permission */
continue;
}
if( hashClr ){
const char *zClr = db_column_bytes(&q,1)>40 ? zSha3Bg : zSha1Bg;
@ <tr style='background-color:%s(zClr);'><td align="right">%d(rid)</td>
}else{
|
| ︙ | ︙ |