Menu
▾
▴
Re: [Sandweb-devel] debian package broken
|
From: Robert H. <ro...@ro...> - 2003-08-05 18:44:45
|
On Tue, Aug 05, 2003 at 12:40:59PM -0400, Micah Anderson wrote: > On Tue, 05 Aug 2003, Micah Anderson wrote: > > On Mon, 04 Aug 2003, Robert Helmer wrote: > > What I mean is... in local mode all commits are done as user www-data, > which is annoying because then you can't tell who made what change. So > doing things via SSH makes a lot of sense. However, because I am > putting together a website CVS repository, I changed > /etc/sandweb/sandweb.cfg to have users_dir="/var/www/sandweb" that way > a user can check out modules, make changes and then view them via the > website (since our apache document root is in /var/www). This is > perfect, this is great, but if I were to check "remember my password" > in the repository configuration, then the password file will be > written with my password and be available on the internet for all to > see because it would be in /var/www/sandweb/micah/password. I notice > however, that user passwords for the sandweb authentication are in > /usr/share/sandweb/data which is not web-accessable... how hard would > it be to put both passwords in there? Or is there a better way to do > this? Yeah this is problematic. I think we'd have to patch it. I'll take a look at the code, I think it'd be pretty easy. > Thanks, this software is the best that I've found out there (and I've > looked at a LOT of them), it would be awesome if it were integrated > with a in-line editor of some sort :) Glad you like it :) There is an inline editor, it's disabled because browsers always insert carriage returns and no empty line at the end of files, so it's really hard to work with in my opinion. If you look in sandweb.cgi you'll see a line like : -- # XXX FIXME # the inline editor is disabled $edit = 0; -- Change 0 to 1 and I think it'll be enabled (there'll be an edit link next to the download link when you view a file). It was disabled before the beta release, so it hasn't been tested for a while :) If you want to try it and let us know if it works for your purposes, that'd be cool. Maybe we'll reenable it by default. Thanks, Rob |
