X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=geekigeeki.py;h=41345e65340c2b711581a1d9ce097a69968395a6;hb=98ce48c0043fa3fc11a5407b98c9fd0aa2ab53d3;hp=84f1db5f3a0305e5f9ef8a39ca101335b75356f6;hpb=cb4160fc9e77f9fe29bca28ed504ca38dac94089;p=geekigeeki.git diff --git a/geekigeeki.py b/geekigeeki.py index 84f1db5..41345e6 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -23,13 +23,14 @@ __version__ = '$Id$'[4:12] from time import clock start_time = clock() -import cgi, sys, string, os, re, errno, stat +import cgi, sys, os, re, errno, stat from os import path, environ # Regular expression defining a WikiWord # (but this definition is also assumed in other places) -file_re = re.compile(r"^\b([A-Za-z0-9_\.\-/]+)\b$") word_re = re.compile(r"^\b((([A-Z][a-z]+){2,}/)*([A-Z][a-z]+){2,})\b$") +# FIXME: we accept stuff like foo/../bar and we shouldn't +file_re = re.compile(r"^\b([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)\b$") img_re = re.compile(r"^.*\.(png|gif|jpg|jpeg)$", re.IGNORECASE) url_re = re.compile(r"^[a-z]{3,8}://[^\s'\"]+\S$") @@ -57,34 +58,35 @@ def get_hostname(addr): try: from socket import gethostbyaddr return gethostbyaddr(addr)[0] + ' (' + addr + ')' - except: + except Exception, er: return addr -def relative_url(path, privileged=False): - if not (url_re.match(path) or path.startswith('/')): +def relative_url(pathname, privileged=False): + if not (url_re.match(pathname) or pathname.startswith('/')): if privileged: url = privileged_path() else: url = script_name() - path = url + '/' + path - return path + pathname = url + '/' + pathname + return pathname -# Formatting stuff -------------------------------------------------- +def permalink(s): + return re.sub(' ', '-', re.sub('[^a-z0-9_ ]', '', s.lower()).strip()) -def emit_header(type="text/html"): - print "Content-type: " + type + "; charset=utf-8" - print +# Formatting stuff -------------------------------------------------- +def emit_header(mime_type="text/html"): + print "Content-type: " + mime_type + "; charset=utf-8\n" -def send_guru(msg, msg_type): - if msg is None or msg == '': return +def send_guru(msg_text, msg_type): + if not msg_text: return print '
'
     if msg_type == 'error':
         print '    Software Failure.  Press left mouse button to continue.\n'
-    print msg
+    print msg_text
     if msg_type == 'error':
         print '      Guru Meditation #DEADBEEF.ABADC0DE'
     print '
' - # FIXME: This simple JS snippet is harder to pass than ACID 3.0 + # FIXME: This little JS snippet is harder to pass than ACID 3.0 print """ """ -def send_title(name, text="Limbo", msg=None, msg_type='error'): +def send_title(name, text="Limbo", msg_text=None, msg_type='error'): global title_done if title_done: return @@ -133,18 +135,17 @@ def send_title(name, text="Limbo", msg=None, msg_type='error'): print '' title_done = True - send_guru(msg, msg_type) + send_guru(msg_text, msg_type) # Navbar print '
' - print ' ' + site_name + ': ', if name: - print link_tag('?fullsearch=' + name, text, 'navlink') + ' ' + print ' ' + link_tag('?fullsearch=' + name, text, 'navlink') + ' ' else: - print text + ' ' + print ' ' + text + ' ' print ' | ' + link_tag('FrontPage', 'Front Page', 'navlink') print ' | ' + link_tag('FindPage', 'Find Page', 'navlink') - if globals().has_key('history_url'): + if 'history_url' in globals(): print ' | Recent Changes' if name: print ' | Page History' @@ -177,7 +178,7 @@ def link_tag(params, text=None, ss_class=None, privileged=False): # Search --------------------------------------------------- -def do_fullsearch(needle): +def handle_fullsearch(needle): send_title(None, 'Full text search for "%s"' % (needle)) needle_re = re.compile(needle, re.IGNORECASE) @@ -204,7 +205,7 @@ def do_fullsearch(needle): print_search_stats(len(hits), len(all_pages)) -def do_titlesearch(needle): +def handle_titlesearch(needle): # TODO: check needle is legal -- but probably we can just accept any RE send_title(None, "Title search for \"" + needle + '"') @@ -222,35 +223,30 @@ def do_titlesearch(needle): def print_search_stats(hits, searched): print "

%d hits out of %d pages searched.

" % (hits, searched) -#TODO: merge into do_savepage() -def do_edit(pagename): - Page(pagename).send_editor() - -def do_raw(pagename): +def handle_raw(pagename): Page(pagename).send_raw() -def do_savepage(pagename): - global form +def handle_edit(pagename): pg = Page(pagename) - if 'preview' in form: - pg.send_editor(form['savetext'].value) - elif 'save' in form: - pg.save_text(form['savetext'].value) + if 'save' in form: + if form['file'].value: + pg.save(form['file'].file.read()) + else: + pg.save(form['savetext'].value.replace('\r\n', '\n')) pg.send_page() elif 'cancel' in form: - pg.msg = 'Editing canceled' + pg.msg_text = 'Editing canceled' pg.msg_type = 'notice' pg.send_page() - else: - raise 'What did you press?' + else: # preview or edit + text = None + if 'preview' in form: + text = form['savetext'].value + pg.send_editor(text) def make_index_key(): - s = '

' - links = map(lambda ch: '%s' % (ch, ch), - string.lowercase) - s = s + string.join(links, ' | ') - s = s + '

' - return s + links = map(lambda ch: '%s' % (ch, ch), 'abcdefghijklmnopqrstuvwxyz') + return '

'+ ' | '.join(links) + '

' def page_list(): return filter(word_re.match, os.listdir(data_dir)) @@ -258,9 +254,8 @@ def page_list(): def send_footer(name, mod_string=None): if globals().get('debug_cgi', False): cgi.print_arguments() - cgi.print_form(cgi.FieldStorage()) + cgi.print_form(form) cgi.print_environ() - global __version__ print '' -# ---------------------------------------------------------- -# Macros +# Macros ------------------------------------------------------------ def _macro_TitleSearch(*vargs): return _macro_search("titlesearch") @@ -278,10 +272,9 @@ def _macro_FullSearch(*vargs): return _macro_search("fullsearch") def _macro_search(type): - if form.has_key('value'): - default = form["value"].value - else: - default = '' + default = '' + if 'value' in form: + default = form['value'].value return """
""" % (type, default) def _macro_WordIndex(*vargs): @@ -301,7 +294,7 @@ def _macro_WordIndex(*vargs): last_letter = None # set title for word in all_words: - letter = string.lower(word[0]) + letter = word[0].lower() if letter != last_letter: s = s + ';

%s

' % (letter, letter) last_letter = letter @@ -323,17 +316,15 @@ def _macro_TitleIndex(*vargs): pages.sort() current_letter = None for name in pages: - letter = string.lower(name[0]) + letter = name[0].lower() if letter != current_letter: - s = s + '

%s

' % (letter, letter) + s += '

%s

' % (letter, letter) current_letter = letter else: - s = s + '
' - s = s + Page(name).link_to() + s += '
' + s += Page(name).link_to() return s - -# ---------------------------------------------------------- class PageFormatter: """Object that turns Wiki markup into HTML. @@ -343,10 +334,10 @@ class PageFormatter: def __init__(self, raw): self.raw = raw self.h_level = 0 - self.in_pre = self.in_table = False + self.in_pre = self.in_table = self.in_li = False self.in_header = True self.list_indents = [] - self.tr_cnt = self.h_cnt = 0 + self.tr_cnt = 0 self.styles = { #wiki html enabled? "//": ["em", False], @@ -363,17 +354,16 @@ class PageFormatter: def _b_repl(self, word): style = self.styles[word] style[1] = not style[1] - return ['' + return ['' def _tit_repl(self, word): if self.h_level: - result = '' % self.h_level + result = '

\n' % self.h_level self.h_level = 0 else: self.h_level = len(word) - 1 - self.h_cnt += 1 - #abridged = re.sub('[^a-z_]', '', word.lower().replace(' ', '_')) - result = '¶ ' % (self.h_level, self.h_cnt, self.h_cnt) + link = permalink(self.line) + result = '\n

¶ ' % (self.h_level, link, link) return result def _br_repl(self, word): @@ -402,7 +392,7 @@ class PageFormatter: macro = globals().get('_macro_' + name) if macro: - return apply(macro, (name, descr)) + return macro(name, descr) elif img_re.match(name): name = relative_url(name) # The "extthumb" nonsense works around a limitation of the HTML block model @@ -425,7 +415,11 @@ class PageFormatter: '>': '>'}[s] def _li_repl(self, match): - return '
  • ' + if self.in_li: + return '
  • ' + else: + self.in_li = True + return '
  • ' def _pre_repl(self, word): if word == '{{{' and not self.in_pre: @@ -437,13 +431,7 @@ class PageFormatter: return '' def _hi_repl(self, word): - if word == 'FIXME': - cl = 'error' - elif word == 'DONE': - cl = 'success' - elif word == 'TODO': - cl = 'notice' - return '' + word + '' + return '' + word + '' def _tr_repl(self, word): out = '' @@ -474,6 +462,9 @@ class PageFormatter: s = '

    ' while self._indent_level() > new_level: del(self.list_indents[-1]) + if self.in_li: + s += '
    • ' + self.in_li = False # FIXME s += '\n' while self._indent_level() < new_level: self.list_indents.append(new_level) @@ -491,7 +482,7 @@ class PageFormatter: def replace(self, match): for type, hit in match.groupdict().items(): if hit: - return apply(getattr(self, '_' + type + '_repl'), (hit,)) + return getattr(self, '_' + type + '_repl')(hit) else: raise "Can't handle match " + `match` @@ -500,7 +491,7 @@ class PageFormatter: # For each line, we scan through looking for magic # strings, outputting verbatim any intervening text - # TODO: highlight search words (look at referer) + # TODO: highlight search words (look at referrer) scan_re = re.compile( r"(?:" # Formatting @@ -515,13 +506,14 @@ class PageFormatter: # Links + r"|(?P\b[a-zA-Z0-9_-]+\.(png|gif|jpg|jpeg|bmp))" + r"|(?P\b(?:[A-Z][a-z]+){2,}\b)" - + r"|(?P\[\[([^ \t\n\r\f\v\|]+)(?:\s*\|\s*([^\]]+)|)\]\])" + + r"|(?P\[\[([^ \s\|]+)(?:\s*\|\s*([^\]]+)|)\]\])" + r"|(?P(http|https|ftp|mailto)\:[^\s'\"]+\S)" + r"|(?P[-\w._+]+\@[\w.-]+)" # Lists, divs, spans + r"|(?P
  • ^\s+[\*#] +)" + r"|(?P
    \{\{\{|\s*\}\}\})"
+            + r"|(?P\{\{([^\s\|]+)(?:\s*\|\s*([^\]]+)|)\}\})"
 
             # Tables
             + r"|(?P^\s*\|\|(=|)\s*)"
@@ -531,55 +523,53 @@ class PageFormatter:
         pre_re = re.compile(
             r"(?:"
             + r"(?P
    \s*\}\}\})"
+            + r"|(?P[<>&])"
             + r")")
         blank_re = re.compile(r"^\s*$")
         indent_re = re.compile(r"^\s*")
         tr_re = re.compile(r"^\s*\|\|")
         eol_re = re.compile(r"\r?\n")
-        raw = string.expandtabs(self.raw)
-        for line in eol_re.split(raw):
+        for self.line in eol_re.split(self.raw.expandtabs()):
             # Skip ACLs
             if self.in_header:
-                if line.startswith('#'):
-                   continue
+                if self.line.startswith('#'):
+                    continue
                 self.in_header = False
 
             if self.in_pre:
-                print re.sub(pre_re, self.replace, line)
+                print re.sub(pre_re, self.replace, self.line)
             else:
-                if self.in_table and not tr_re.match(line):
+                if self.in_table and not tr_re.match(self.line):
                     self.in_table = False
                     print '
    '
 
-                if blank_re.match(line):
+                if blank_re.match(self.line):
                     print '
    '
                 else:
-                    indent = indent_re.match(line)
+                    indent = indent_re.match(self.line)
                     print self._indent_to(len(indent.group(0)))
-                    print re.sub(scan_re, self.replace, line)
+                    print re.sub(scan_re, self.replace, self.line)
 
         if self.in_pre: print '
    '
         if self.in_table: print '
    '
         print self._undent()
         print '
    • ' -# ---------------------------------------------------------- class Page: def __init__(self, page_name): self.page_name = page_name - self.msg = '' + self.msg_text = '' self.msg_type = 'error' def split_title(self): - # look for the end of words and the start of a new word, - # and insert a space there + # look for the end of words and the start of a new word and insert a space there return re.sub('([a-z])([A-Z])', r'\1 \2', self.page_name) def _text_filename(self): return path.join(data_dir, self.page_name) def _tmp_filename(self): - return path.join(data_dir, ('#' + self.page_name + '.' + `os.getpid()` + '#')) + return path.join(data_dir, ('#' + self.page_name.replace('/','_') + '.' + `os.getpid()` + '#')) def exists(self): try: @@ -588,8 +578,7 @@ class Page: except OSError, er: if er.errno == errno.ENOENT: return False - else: - raise er + raise er def link_to(self): word = self.page_name @@ -600,14 +589,16 @@ class Page: def get_raw_body(self): try: - return open(self._text_filename(), 'rt').read() + return open(self._text_filename(), 'rb').read() except IOError, er: if er.errno == errno.ENOENT: return '' # just doesn't exist, use default + if er.errno == errno.EISDIR: + return 'DIR' raise er def get_attrs(self): - if self.__dict__.has_key('attrs'): + if 'attrs' in self.__dict__: return self.attrs self.attrs = {} try: @@ -625,25 +616,21 @@ class Page: return self.attrs def get_attr(self, name, default): - if self.get_attrs().has_key(name): - return self.get_attrs()[name] - else: - return default + return self.get_attrs().get(name, default) def can(self, action, default=True): + acl = None try: #acl SomeUser:read,write All:read acl = self.get_attr("acl", None) for rule in acl.split(): - (user,perms) = rule.split(':') + (user, perms) = rule.split(':') if user == remote_user() or user == "All": - if action in perms.split(','): - return True - else: - return False + return action in perms.split(',') return False except Exception, er: - pass + if acl: + self.msg_text = 'Illegal acl line: ' + acl return default def can_write(self): @@ -657,12 +644,11 @@ class Page: if self.can_write(): page_name = self.page_name - #FIXME: are there security implications? #css foo.css bar.css global css_url - css_url = css_url + self.get_attr("css", "").split() + css_url = self.get_attr("css", "").split() + css_url - send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type) + send_title(page_name, self.split_title(), msg_text=self.msg_text, msg_type=self.msg_type) if self.can_read(): PageFormatter(self.get_raw_body()).print_html() else: @@ -680,18 +666,23 @@ class Page: return strftime(datetime_fmt, modtime) def send_editor(self, preview=None): - send_title(None, 'Edit ' + self.split_title(), msg=self.msg, msg_type=self.msg_type) + send_title(None, 'Edit ' + self.split_title(), msg_text=self.msg_text, msg_type=self.msg_type) if not self.can_write(): send_guru("Write access denied by ACLs", "error") return + file = '' + if 'file' in form: + file = form['file'].value + print ('

    Editing ' + self.page_name + ' for ' + cgi.escape(remote_user()) + ' from ' + cgi.escape(get_hostname(remote_host())) + '

    ') - print '
    ' % relative_url(self.page_name) - print '' % (self.page_name) - print """""" % (preview or self.get_raw_body()) + print '
    ' % relative_url(self.page_name) + print '' % (self.page_name) + print '' % (preview or self.get_raw_body()) + print 'Or upload a file: ' % file print """
    @@ -707,32 +698,33 @@ class Page: print "
    " send_footer(self.page_name) - def send_raw(self): - if not self.can_read(): - send_title(None, msg='Read access denied by ACLs', msg_type='notice') - return - emit_header("text/plain") - print self.get_raw_body() + def send_raw(self, mimetype='text/plain'): + if self.can_read(): + body = self.get_raw_body() + emit_header(mimetype) + print body + else: + send_title(None, msg_text='Read access denied by ACLs', msg_type='notice') - def _write_file(self, text): + def _write_file(self, data): tmp_filename = self._tmp_filename() - open(tmp_filename, 'wt').write(text.replace('\r\n', '\n')) - text = self._text_filename() + open(tmp_filename, 'wb').write(data) + name = self._text_filename() if os.name == 'nt': # Bad Bill! POSIX rename ought to replace. :-( try: - os.remove(text) + os.remove(name) except OSError, er: if er.errno != errno.ENOENT: raise er - os.rename(tmp_filename, text) + os.rename(tmp_filename, name) - def save_text(self, newtext): + def save(self, newdata): if not self.can_write(): - self.msg = 'Write access denied by ACLs' + self.msg_text = 'Write access denied by ACLs' self.msg_type = 'error' return - self._write_file(newtext) + self._write_file(newdata) rc = 0 if post_edit_hook: # FIXME: what's the std way to perform shell quoting in python? @@ -742,39 +734,26 @@ class Page: + "' '" + remote_host() + "'" ) out = os.popen(cmd) - msg = out.read() + output = out.read() rc = out.close() if rc: - self.msg += "Post-editing hook returned %d.\n" % rc - self.msg += 'Command was: ' + cmd + '\n' - if msg: - self.msg += 'Output follows:\n' + msg + self.msg_text += "Post-editing hook returned %d.\n" % rc + self.msg_text += 'Command was: ' + cmd + '\n' + if output: + self.msg_text += 'Output follows:\n' + output else: - self.msg = 'Thank you for your contribution. Your attention to detail is appreciated.' + self.msg_text = 'Thank you for your contribution. Your attention to detail is appreciated.' self.msg_type = 'success' -#TODO: merge into send_raw() -def send_verbatim(filename, mime_type='application/octet-stream'): - pathname = path.join(data_dir, filename) - data = open(pathname, 'rb').read() - emit_header(mime_type) - sys.stdout.write(data) - # Main --------------------------------------------------------------- try: execfile("geekigeeki.conf.py") - form = cgi.FieldStorage() - handlers = { 'fullsearch': do_fullsearch, - 'titlesearch': do_titlesearch, - 'edit': do_edit, - 'raw': do_raw, - 'savepage': do_savepage } - - for cmd in handlers.keys(): - if form.has_key(cmd): - apply(handlers[cmd], (form[cmd].value,)) + for cmd in form: + handler = globals().get('handle_' + cmd) + if handler: + handler(form[cmd].value) break else: path_info = environ.get('PATH_INFO', '') @@ -786,21 +765,22 @@ try: if file_re.match(query): if word_re.match(query): Page(query).send_page() - elif img_re.match(query): - #FIXME: use correct mime type - send_verbatim(query, 'image/jpeg') else: - send_verbatim(query) + from mimetypes import MimeTypes + type, encoding = MimeTypes().guess_type(query) + type = type or 'text/plain' + Page(query).send_raw(mimetype=type) else: print "Status: 404 Not Found" - send_title(None, msg='Can\'t work out query: ' + query) -except: + send_title(None, msg_text='Can\'t work out query: ' + query) + send_footer(None) +except Exception: import traceback - msg=traceback.format_exc() + msg_text = traceback.format_exc() if title_done: - send_guru(msg, "error") + send_guru(msg_text, "error") else: - send_title(None, msg=msg) + send_title(None, msg_text=msg_text) send_footer(None) sys.stdout.flush()