Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch sub-repos Excluding Merge-Ins
This is equivalent to a diff from 13ceb46e49 to e8b15ad642
2011-03-28
| ||
22:47 | Merge the sub-repo capability into trunk. check-in: ab4882588e user: drh tags: trunk | |
22:29 | A new approach to sub-repos in which a specific user for the subrepo is specified in the CONFIG table entry. Closed-Leaf check-in: e8b15ad642 user: drh tags: sub-repos | |
21:46 | Fixes to the capability reduction on subrepositories. check-in: 4b545a8a02 user: drh tags: sub-repos | |
18:08 | Allow for the creation of "sub-repositories" that can be accessed through the web interface using the same login credentials as the parent repository. check-in: 97d0118794 user: drh tags: sub-repos | |
07:40 | Use "password" instead of "passwd" because it's complete and proper, and plays nicely w/ Emacs "send-invisible" capabilities that keep typed text from echoing on screen. check-in: 13ceb46e49 user: bharder tags: trunk | |
2011-03-27
| ||
21:55 | Changes to makeheaders so that it does not move static inline procedures into header files. Changed suggested by Yoran Heling. This has zero impact on Fossil which does not use "inline" anywhere. check-in: 99532f33af user: drh tags: trunk | |
Changes to src/login.c.
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
...
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
|
} /* Set the capabilities */ login_set_capabilities(zCap); login_set_anon_nobody_capabilities(); } /* ** Add the default privileges of users "nobody" and "anonymous" as appropriate ** for the user g.zLogin. */ void login_set_anon_nobody_capabilities(void){ static int once = 1; if( g.zLogin && once ){ const char *zCap; /* All logged-in users inherit privileges from "nobody" */ zCap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'"); login_set_capabilities(zCap); if( fossil_strcmp(g.zLogin, "nobody")!=0 ){ /* All logged-in users inherit privileges from "anonymous" */ zCap = db_text("", "SELECT cap FROM user WHERE login = 'anonymous'"); login_set_capabilities(zCap); } once = 0; } } /* ** Set the global capability flags based on a capability string. */ void login_set_capabilities(const char *zCap){ ................................................................................ /* case 'q': */ case 'r': rc = g.okRdTkt; break; case 's': rc = g.okSetup; break; case 't': rc = g.okTktFmt; break; /* case 'u': READER */ /* case 'v': DEVELOPER */ case 'w': rc = g.okWrTkt; break; /* case 'x': */ /* case 'y': */ case 'z': rc = g.okZip; break; default: rc = 0; break; } } return rc; } /* ** Call this routine when the credential check fails. It causes ** a redirect to the "login" page. */ void login_needed(void){ const char *zUrl = PD("REQUEST_URI", "index"); |
>
>
>
>
>
<
|
|
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
...
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
|
} /* Set the capabilities */ login_set_capabilities(zCap); login_set_anon_nobody_capabilities(); } /* ** Memory of settings */ static int login_anon_once = 1; /* ** Add the default privileges of users "nobody" and "anonymous" as appropriate ** for the user g.zLogin. */ void login_set_anon_nobody_capabilities(void){ if( g.zLogin && login_anon_once ){ const char *zCap; /* All logged-in users inherit privileges from "nobody" */ zCap = db_text("", "SELECT cap FROM user WHERE login = 'nobody'"); login_set_capabilities(zCap); if( fossil_strcmp(g.zLogin, "nobody")!=0 ){ /* All logged-in users inherit privileges from "anonymous" */ zCap = db_text("", "SELECT cap FROM user WHERE login = 'anonymous'"); login_set_capabilities(zCap); } login_anon_once = 0; } } /* ** Set the global capability flags based on a capability string. */ void login_set_capabilities(const char *zCap){ ................................................................................ /* case 'q': */ case 'r': rc = g.okRdTkt; break; case 's': rc = g.okSetup; break; case 't': rc = g.okTktFmt; break; /* case 'u': READER */ /* case 'v': DEVELOPER */ case 'w': rc = g.okWrTkt; break; case 'x': rc = g.okPrivate; break; /* case 'y': */ case 'z': rc = g.okZip; break; default: rc = 0; break; } } return rc; } /* ** Change the login to zUser. */ void login_as_user(const char *zUser){ char *zCap = ""; /* New capabilities */ /* Turn off all capabilities from prior logins */ g.okSetup = 0; g.okAdmin = 0; g.okDelete = 0; g.okPassword = 0; g.okQuery = 0; g.okWrite = 0; g.okRead = 0; g.okHistory = 0; g.okClone = 0; g.okRdWiki = 0; g.okNewWiki = 0; g.okApndWiki = 0; g.okWrWiki = 0; g.okRdTkt = 0; g.okNewTkt = 0; g.okApndTkt = 0; g.okWrTkt = 0; g.okAttach = 0; g.okTktFmt = 0; g.okRdAddr = 0; g.okZip = 0; g.okPrivate = 0; /* Set the global variables recording the userid and login. The ** "nobody" user is a special case in that g.zLogin==0. */ g.userUid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUser); if( g.userUid==0 ){ zUser = 0; g.userUid = db_int(0, "SELECT uid FROM user WHERE login='nobody'"); } if( g.userUid ){ zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", g.userUid); } if( fossil_strcmp(zUser,"nobody")==0 ) zUser = 0; g.zLogin = fossil_strdup(zUser); /* Set the capabilities */ login_set_capabilities(zCap); login_anon_once = 1; login_set_anon_nobody_capabilities(); } /* ** Call this routine when the credential check fails. It causes ** a redirect to the "login" page. */ void login_needed(void){ const char *zUrl = PD("REQUEST_URI", "index"); |
Changes to src/main.c.
966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 |
if( zPathInfo==0 || zPathInfo[0]==0
|| (zPathInfo[0]=='/' && zPathInfo[1]==0) ){
fossil_redirect_home();
}else{
zPath = mprintf("%s", zPathInfo);
}
/* Remove the leading "/" at the beginning of the path.
*/
g.zPath = &zPath[1];
for(i=1; zPath[i] && zPath[i]!='/'; i++){}
if( zPath[i]=='/' ){
zPath[i] = 0;
g.zExtra = &zPath[i+1];
}else{
g.zExtra = 0;
}
if( g.zExtra ){
/* CGI parameters get this treatment elsewhere, but places like getfile
** will use g.zExtra directly.
*/
dehttpize(g.zExtra);
cgi_set_parameter_nocopy("name", g.zExtra);
|
| > > > | | | | | > > > > > > > > > > > > > > > > > > > > | > > > > > > > > > > > > > > > > > | > > |
966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 |
if( zPathInfo==0 || zPathInfo[0]==0 || (zPathInfo[0]=='/' && zPathInfo[1]==0) ){ fossil_redirect_home(); }else{ zPath = mprintf("%s", zPathInfo); } /* Make g.zPath point to the first element of the path. Make ** g.zExtra point to everything past that point. */ while(1){ char *zAltRepo = 0; g.zPath = &zPath[1]; for(i=1; zPath[i] && zPath[i]!='/'; i++){} if( zPath[i]=='/' ){ zPath[i] = 0; g.zExtra = &zPath[i+1]; /* Look for sub-repositories. A sub-repository is another repository ** that accepts the login credentials of the current repository. A ** subrepository is identified by a CONFIG table entry "subrepo:NAME" ** where NAME is the first component of the path. The value of the ** the CONFIG entries is the string "USER:FILENAME" where USER is the ** USER name to log in as in the subrepository and FILENAME is the ** repository filename. */ zAltRepo = db_text(0, "SELECT value FROM config WHERE name='subrepo:%q'", g.zPath); if( zAltRepo ){ int nHost; int jj; char *zUser = zAltRepo; login_check_credentials(); for(jj=0; zAltRepo[jj] && zAltRepo[jj]!=':'; jj++){} if( zAltRepo[jj]==':' ){ zAltRepo[jj] = 0; zAltRepo += jj+1; }else{ zUser = "nobody"; } if( zAltRepo[0]!='/' ){ zAltRepo = mprintf("%s/../%s", g.zRepositoryName, zAltRepo); file_simplify_name(zAltRepo, -1); } db_close(1); db_open_repository(zAltRepo); login_as_user(zUser); g.okPassword = 0; zPath += i; nHost = g.zTop - g.zBaseURL; g.zBaseURL = mprintf("%z/%s", g.zBaseURL, g.zPath); g.zTop = g.zBaseURL + nHost; continue; } }else{ g.zExtra = 0; } break; } if( g.zExtra ){ /* CGI parameters get this treatment elsewhere, but places like getfile ** will use g.zExtra directly. */ dehttpize(g.zExtra); cgi_set_parameter_nocopy("name", g.zExtra); |