subject:"Re\: \[fossil\-users\] diff of wiki\-page"

Re: [fossil-users] diff of wiki-page

2016-07-20 Thread jungle Boogie

On 20 July 2016 at 11:50, Andy Bradford  wrote:
> Thus said Warren Young on Fri, 15 Jul 2016 12:16:53 -0600:
>
>>   https://www.fossil-scm.org/xfer/doc/trunk/www/embeddeddoc.wiki
>>
>> In order  to view  such content  in the wiki,  the viewing  user needs
>> checkout  rights on  the  whole  repository. If  you  can't give  your
>> viewer-only users that ability, you can't use embedded doc links.
>
> I once wrote a patch that  would allow read-only access to certain pages
> that did not require the ability to clone/checkout:
>
> http://marc.info/?l=fossil-users=144565838441517=2
>
> Does this sound at all relevant?
>
> Here's the full thread:
>
> http://marc.info/?t=144565838700013=1=2
>

Wow, that sounds very interesting! Hopefully this can be revived and
it's implemented.

> Thanks,
>
> Andy
> --
> TAI64 timestamp: 4000578fc827
>
>




-- 
---
inum: 883510009027723
sip: jungleboo...@sip2sip.info
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

2016-07-20 Thread Andy Bradford

Thus said Warren Young on Fri, 15 Jul 2016 12:16:53 -0600:

>   https://www.fossil-scm.org/xfer/doc/trunk/www/embeddeddoc.wiki
> 
> In order  to view  such content  in the wiki,  the viewing  user needs
> checkout  rights on  the  whole  repository. If  you  can't give  your
> viewer-only users that ability, you can't use embedded doc links.

I once wrote a patch that  would allow read-only access to certain pages
that did not require the ability to clone/checkout:

http://marc.info/?l=fossil-users=144565838441517=2

Does this sound at all relevant?

Here's the full thread:

http://marc.info/?t=144565838700013=1=2

Thanks,

Andy
-- 
TAI64 timestamp: 4000578fc827


___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

2016-07-20 Thread Warren Young

On Jul 17, 2016, at 11:29 AM, Richard Hipp  wrote:
> 
> On 7/15/16, Warren Young  wrote:
>> 
>> In order to view [embedded documentation] content in the wiki, the viewing 
>> user
>> needs checkout rights on the whole repository.
> 
> In general, this is true.  But there is one obscure exception.
> 
> On the Setup/Access page there is a "Public Pages” setting

As it happens, I know about the restriction because we have a use case here 
where the ability to see the occasional embedded doc reference via the wiki 
would be useful.  We have a user that currently has cnouw perms, with the ‘o’ 
purely so they can see such wiki references.

To test this feature, I created a new user with cnuw perms and set the Public 
Pages pref to “*.svg, *.md”, then restarted “fossil server” and tried viewing 
the wiki pages that refer to these SVG and Markdown files.  No joy.

The URLs look like this:

  /reponame/doc/trunk/doc/path/to/image.svg
  /reponame/doc/trunk/path/to/document.md

If the wiki page references the target inline, as with the SVGs, you get the 
alt-text inline instead of the image.  If the link is supposed to show you the 
other file as a separate page, as with the Markdown links, the Fossil server 
sends you to the Login/Logout page when you click the link, telling you the 
user doesn’t have sufficient privilege to access the URL.

I then tried using absolute glob patterns, with * in place of the branch and 
other variable parts of the path, also with no luck.

Then I started swinging the heavy hammer, setting the Public Pages pref to a 
single absolute glob pattern, each more specific than the last:

  /reponame/doc/trunk/doc/*
  /reponame/doc/trunk/doc/path/to/*.svg
  /reponame/exact/path/to/specific/file.svg

Still no luck.

I also tried dropping the /reponame prefix, also with no useful effect.

This is with “fossil server” pointing to a directory full of fossils, so the 
/reponame part is required, at least in the wiki source.  (We use Markdown wiki 
syntax here.)

The last path above was actually copy-pasted from the Login/Logout page into 
the Public Pages box, to see if I could grant access to just that one image.

Did this feature get broken somewhere along the line?

> 'A comma-separated list of glob patterns for pages that are accessible
> without needing a login and using the privileges given by the "Default
> privileges" setting below.

My “Default privileges” is set to ‘u’.
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

2016-07-17 Thread Richard Hipp

On 7/15/16, Warren Young  wrote:
>
> In order to view [embedded documentation] content in the wiki, the viewing 
> user
> needs checkout rights on the whole repository.

In general, this is true.  But there is one obscure exception.

On the Setup/Access page there is a "Public Pages" setting, documented
as follows:

'A comma-separated list of glob patterns for pages that are accessible
without needing a login and using the privileges given by the "Default
privileges" setting below. Example use case: Set this field to
"/doc/trunk/www/*" to give anonymous users read-only permission to the
latest version of the embedded documentation in the www/ folder
without allowing them to see the rest of the source code.'

-- 
D. Richard Hipp
d...@sqlite.org
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

2016-07-17 Thread Michai Ramakers

On 15 July 2016 at 20:16, Warren Young  wrote:
> On Jul 15, 2016, at 12:09 PM, Michai Ramakers  wrote:
>>
>> 1) does there happen to be a "howto" anywhere describing quick setup
>> w.r.t. security, perhaps from a wiki-only standpoint?
>
> I posted my philosophy on that here:
>
>   
> http://lists.fossil-scm.org:8080/pipermail/fossil-users/2016-January/023184.html

Ok, thanks. As a matter of fact... I decided a couple of static
Markdown-/HTML-pages would suffice, in this case. (I'll probably be
the only contributer anyway.)

Michai
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

2016-07-15 Thread Warren Young

On Jul 15, 2016, at 12:09 PM, Michai Ramakers  wrote:
> 
> 1) does there happen to be a "howto" anywhere describing quick setup
> w.r.t. security, perhaps from a wiki-only standpoint?

I posted my philosophy on that here:

http://lists.fossil-scm.org:8080/pipermail/fossil-users/2016-January/023184.html

I isn’t wiki-only, but the permission changes do implicitly include use of the 
wiki by semi-privileged users.  The main tricky bit is if you’re using the 
embedded documentation feature:

  https://www.fossil-scm.org/xfer/doc/trunk/www/embeddeddoc.wiki

In order to view such content in the wiki, the viewing user needs checkout 
rights on the whole repository.  If you can’t give your viewer-only users that 
ability, you can’t use embedded doc links.

> 2) is there a way to view changes to the wiki (as diffs) through the
> web-interface?

Nope.  The ability exists at the low-level, but no one has written a web UI for 
it yet.

___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] diff of wiki-page

Re: [fossil-users] diff of wiki-page

Re: [fossil-users] diff of wiki-page

Re: [fossil-users] diff of wiki-page

Re: [fossil-users] diff of wiki-page

Re: [fossil-users] diff of wiki-page

6 matches

Site Navigation

Mail list logo

Footer information