| ︙ | | | ︙ | |
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
|
@ <tr><th valign="top">b</th>
@ <td><i>Attach:</i> Add attachments to wiki or tickets</td></tr>
@ <tr><th valign="top">c</th>
@ <td><i>Append-Tkt:</i> Append to tickets</td></tr>
@ <tr><th valign="top">d</th>
@ <td><i>Delete:</i> Delete wiki and tickets</td></tr>
@ <tr><th valign="top">e</th>
@ <td><i>Email:</i> View sensitive data such as EMail addresses</td></tr>
@ <tr><th valign="top">f</th>
@ <td><i>New-Wiki:</i> Create new wiki pages</td></tr>
@ <tr><th valign="top">g</th>
@ <td><i>Clone:</i> Clone the repository</td></tr>
@ <tr><th valign="top">h</th>
@ <td><i>Hyperlinks:</i> Show hyperlinks to detailed
@ repository history</td></tr>
|
>
|
|
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
@ <tr><th valign="top">b</th>
@ <td><i>Attach:</i> Add attachments to wiki or tickets</td></tr>
@ <tr><th valign="top">c</th>
@ <td><i>Append-Tkt:</i> Append to tickets</td></tr>
@ <tr><th valign="top">d</th>
@ <td><i>Delete:</i> Delete wiki and tickets</td></tr>
@ <tr><th valign="top">e</th>
@ <td><i>View-PII:</i> \
@ View sensitive data such as email addresses</td></tr>
@ <tr><th valign="top">f</th>
@ <td><i>New-Wiki:</i> Create new wiki pages</td></tr>
@ <tr><th valign="top">g</th>
@ <td><i>Clone:</i> Clone the repository</td></tr>
@ <tr><th valign="top">h</th>
@ <td><i>Hyperlinks:</i> Show hyperlinks to detailed
@ repository history</td></tr>
|
| ︙ | | | ︙ | |
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
|
@ <td><i>Forum-Append:</i> Add new forum posts</td></tr>
@ <tr><th valign="top">4</th>
@ <td><i>Forum-Trusted:</i> Add pre-approved forum posts </td></tr>
@ <tr><th valign="top">5</th>
@ <td><i>Forum-Moderator:</i> Approve or disapprove forum posts</td></tr>
@ <tr><th valign="top">6</th>
@ <td><i>Forum-Supervisor:</i> \
@ Edit forum posts submitted by others</td></tr>
@ </table>
}
/*
** WEBPAGE: setup_ulist_notes
**
** A documentation page showing notes about user configuration. This
|
>
>
|
|
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
|
@ <td><i>Forum-Append:</i> Add new forum posts</td></tr>
@ <tr><th valign="top">4</th>
@ <td><i>Forum-Trusted:</i> Add pre-approved forum posts </td></tr>
@ <tr><th valign="top">5</th>
@ <td><i>Forum-Moderator:</i> Approve or disapprove forum posts</td></tr>
@ <tr><th valign="top">6</th>
@ <td><i>Forum-Supervisor:</i> \
@ <tr><th valign="top">7</th>
@ <td><i>Email-Notify:</i> \
@ Sign up for email notifications</td></tr>
@ </table>
}
/*
** WEBPAGE: setup_ulist_notes
**
** A documentation page showing notes about user configuration. This
|
| ︙ | | | ︙ | |
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
|
if( a[c&0x7f] ) zCap[i++] = c;
}
zCap[i] = 0;
zPw = P("pw");
zLogin = P("login");
if( strlen(zLogin)==0 ){
char *zRef = cgi_referer("setup_ulist");
style_header("User Creation Error");
@ <span class="loginError">Empty login not allowed.</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
return;
}
if( isValidPwString(zPw) ){
zPw = sha1_shared_secret(zPw, zLogin, 0);
}else{
zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
}
zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
if( db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d",zLogin,uid) ){
char *zRef = cgi_referer("setup_ulist");
style_header("User Creation Error");
@ <span class="loginError">Login "%h(zLogin)" is already used by
@ a different user.</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
|
|
|
|
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
|
if( a[c&0x7f] ) zCap[i++] = c;
}
zCap[i] = 0;
zPw = P("pw");
zLogin = P("login");
if( strlen(zLogin)==0 ){
const char *zRef = cgi_referer("setup_ulist");
style_header("User Creation Error");
@ <span class="loginError">Empty login not allowed.</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
return;
}
if( isValidPwString(zPw) ){
zPw = sha1_shared_secret(zPw, zLogin, 0);
}else{
zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
}
zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
if( db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d",zLogin,uid) ){
const char *zRef = cgi_referer("setup_ulist");
style_header("User Creation Error");
@ <span class="loginError">Login "%h(zLogin)" is already used by
@ a different user.</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
|
| ︙ | | | ︙ | |
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
|
);
login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr);
blob_reset(&sql);
admin_log( "Updated user [%q] in all login groups "
"with capabilities [%q].",
zLogin, zCap );
if( zErr ){
char *zRef = cgi_referer("setup_ulist");
style_header("User Change Error");
admin_log( "Error updating user '%q': %s'.", zLogin, zErr );
@ <span class="loginError">%h(zErr)</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
|
|
|
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
|
);
login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr);
blob_reset(&sql);
admin_log( "Updated user [%q] in all login groups "
"with capabilities [%q].",
zLogin, zCap );
if( zErr ){
const char *zRef = cgi_referer("setup_ulist");
style_header("User Change Error");
admin_log( "Error updating user '%q': %s'.", zLogin, zErr );
@ <span class="loginError">%h(zErr)</span>
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
|
| ︙ | | | ︙ | |
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
|
@ <label><input type="checkbox" name="au"%s(oa['u']) />
@ Reader%s(B('u'))</label><br>
@ <label><input type="checkbox" name="av"%s(oa['v']) />
@ Developer%s(B('v'))</label><br />
@ <label><input type="checkbox" name="ad"%s(oa['d']) />
@ Delete%s(B('d'))</label><br />
@ <label><input type="checkbox" name="ae"%s(oa['e']) />
@ Email%s(B('e'))</label><br />
@ <label><input type="checkbox" name="ap"%s(oa['p']) />
@ Password%s(B('p'))</label><br />
@ <label><input type="checkbox" name="ai"%s(oa['i']) />
@ Check-In%s(B('i'))</label><br />
@ <label><input type="checkbox" name="ao"%s(oa['o']) />
@ Check-Out%s(B('o'))</label><br />
@ <label><input type="checkbox" name="ah"%s(oa['h']) />
|
|
|
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
|
@ <label><input type="checkbox" name="au"%s(oa['u']) />
@ Reader%s(B('u'))</label><br>
@ <label><input type="checkbox" name="av"%s(oa['v']) />
@ Developer%s(B('v'))</label><br />
@ <label><input type="checkbox" name="ad"%s(oa['d']) />
@ Delete%s(B('d'))</label><br />
@ <label><input type="checkbox" name="ae"%s(oa['e']) />
@ View-PII%s(B('e'))</label><br />
@ <label><input type="checkbox" name="ap"%s(oa['p']) />
@ Password%s(B('p'))</label><br />
@ <label><input type="checkbox" name="ai"%s(oa['i']) />
@ Check-In%s(B('i'))</label><br />
@ <label><input type="checkbox" name="ao"%s(oa['o']) />
@ Check-Out%s(B('o'))</label><br />
@ <label><input type="checkbox" name="ah"%s(oa['h']) />
|
| ︙ | | | ︙ | |
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
|
@ <label><input type="checkbox" name="a3"%s(oa['3']) />
@ Write Forum%s(B('3'))</label><br />
@ <label><input type="checkbox" name="a4"%s(oa['4']) />
@ WriteTrusted Forum%s(B('4'))</label><br>
@ <label><input type="checkbox" name="a5"%s(oa['5']) />
@ Moderate Forum%s(B('5'))</label><br>
@ <label><input type="checkbox" name="a6"%s(oa['6']) />
@ Supervise Forum%s(B('6'))</label>
@ </td></tr>
@ </table>
@ </td>
@ </tr>
@ <tr>
@ <td class="usetupEditLabel">Selected Cap.:</td>
@ <td>
|
|
>
>
|
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
|
@ <label><input type="checkbox" name="a3"%s(oa['3']) />
@ Write Forum%s(B('3'))</label><br />
@ <label><input type="checkbox" name="a4"%s(oa['4']) />
@ WriteTrusted Forum%s(B('4'))</label><br>
@ <label><input type="checkbox" name="a5"%s(oa['5']) />
@ Moderate Forum%s(B('5'))</label><br>
@ <label><input type="checkbox" name="a6"%s(oa['6']) />
@ Supervise Forum%s(B('6'))</label><br>
@ <label><input type="checkbox" name="a7"%s(oa['7']) />
@ Email Alerts%s(B('7'))</label>
@ </td></tr>
@ </table>
@ </td>
@ </tr>
@ <tr>
@ <td class="usetupEditLabel">Selected Cap.:</td>
@ <td>
|
| ︙ | | | ︙ | |
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
|
@ are allowed to change their own password. Recommended ON for most
@ users but OFF for special users <span class="usertype">developer</span>,
@ <span class="usertype">anonymous</span>,
@ and <span class="usertype">nobody</span>.
@ </p></li>
@
@ <li><p>
@ The <span class="capability">EMail</span> privilege allows the display of
@ sensitive information such as the email address of users and contact
@ information on tickets. Recommended OFF for
@ <span class="usertype">anonymous</span> and for
@ <span class="usertype">nobody</span> but ON for
@ <span class="usertype">developer</span>.
@ </p></li>
@
@ <li><p>
|
|
>
|
|
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
|
@ are allowed to change their own password. Recommended ON for most
@ users but OFF for special users <span class="usertype">developer</span>,
@ <span class="usertype">anonymous</span>,
@ and <span class="usertype">nobody</span>.
@ </p></li>
@
@ <li><p>
@ The <span class="capability">View-PII</span> privilege allows the display
@ of personally-identifiable information information such as the
@ email address of users and contact
@ information on tickets. Recommended OFF for
@ <span class="usertype">anonymous</span> and for
@ <span class="usertype">nobody</span> but ON for
@ <span class="usertype">developer</span>.
@ </p></li>
@
@ <li><p>
|
| ︙ | | | ︙ | |