X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=geekigeeki.py;h=e6cfeca70ef5501177e27af3711418b1636cb81c;hb=05e3e729c0e20765f418c5efd35ab4426afb2fb7;hp=190964478d979134e3c699776a5656923f0ed183;hpb=01057766514a73e0df07470e71c94b0508b2e5bf;p=geekigeeki.git diff --git a/geekigeeki.py b/geekigeeki.py index 1909644..e6cfeca 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -19,7 +19,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -__version__ = '$Revision: 1.63+gerry+bernie $'[11:-2]; +__version__ = '$Id$'[3:-2] import cgi, sys, string, os, re, errno, time, stat from os import path, environ @@ -36,11 +36,17 @@ title_done = False # CGI stuff --------------------------------------------------------- -def get_scriptname(): +def script_name(): return environ.get('SCRIPT_NAME', '') +def privileged_path(): + return privileged_url or script_name() + def remote_user(): - return environ.get('REMOTE_USER', 'AnonymousCoward') + user = environ.get('REMOTE_USER', '') + if user is None or user == '' or user == 'anonymous': + user = 'AnonymousCoward' + return user def remote_host(): return environ.get('REMOTE_ADDR', '') @@ -50,7 +56,7 @@ def get_hostname(addr): from socket import gethostbyaddr return gethostbyaddr(addr)[0] + ' (' + addr + ')' except: - return addr; + return addr # Formatting stuff -------------------------------------------------- @@ -59,7 +65,7 @@ def emit_header(type="text/html"): print def send_guru(msg, msg_type): - if msg is None or len(msg) == 0: return + if msg is None or msg == '': return print '
'
     if msg_type == 'error':
         print '    Software Failure.  Press left mouse button to continue.\n'
@@ -67,7 +73,7 @@ def send_guru(msg, msg_type):
     if msg_type == 'error':
         print '      Guru Meditation #DEADBEEF.ABADC0DE'
     print '
' - # FIXME: This simple JS code is harder to pass than ACID 3.0 + # FIXME: This simple JS snippet is harder to pass than ACID 3.0 print """ """ -def send_title(name, text="Limbo", msg=None, msg_type = 'error'): +def send_title(name, text="Limbo", msg=None, msg_type='error'): global title_done if title_done: return @@ -101,60 +107,61 @@ def send_title(name, text="Limbo", msg=None, msg_type = 'error'): """ print "%s: %s" % (site_name, text) - print ' ' + print ' ' if not name: - print ' ' + print ' ' if css_url: print ' ' % css_url print '' # Body - if name and allow_edit: - print '' + if name and privileged_url is not None: + print '' else: print '' + title_done = True send_guru(msg, msg_type) # Navbar - print '
' - print ' ' + site_name + ': ' + print '
' + print ' ' + site_name + ': ', if name: print link_tag('?fullsearch=' + name, text) + ' ' else: print text + ' ' print ' | ' + link_tag('FrontPage', 'Front Page', 'navlink') print ' | ' + link_tag('FindPage', 'Find Page', 'navlink') - print ' | Recent Changes' + print ' | Recent Changes' if name: - print ' | Page History' + print ' | Page History' print ' | ' + link_tag('?raw=' + name, 'Raw Text', 'navlink') - if allow_edit: - print ' | ' + link_tag('?edit=' + name, 'Edit Page', 'navlink') + if privileged_url is not None: + print ' | ' + link_tag('?edit=' + name, 'Edit Page', 'navlink', authentication=True) else: print ' | Immutable Page' user = remote_user() if user != 'AnonymousCoward': - print ' | logged in as ' + cgi.escape(user) + '' + print ' | ' - print '
' - title_done = True + print '
' - -def link_tag(params, text=None, ss_class=None): +def link_tag(params, text=None, ss_class=None, authentication=False): if text is None: text = params # default classattr = '' - # Prevent crawlers from following links to generated pages - # and links added by potential spammers - if ss_class == 'external' or ss_class == 'navlink': - classattr += 'rel="nofollow" ' if ss_class: classattr += 'class="%s" ' % ss_class - return '%s' % (classattr, get_scriptname(), - params, text) + # Prevent crawlers from following links potentially added by spammers or to generated pages + if ss_class == 'external' or ss_class == 'navlink': + classattr += 'rel="nofollow" ' + if authentication: + path = privileged_path() + else: + path = script_name() + return '%s' % (classattr, path, params, text) # Search --------------------------------------------------- @@ -212,9 +219,6 @@ def do_raw(pagename): Page(pagename).send_raw() def do_savepage(pagename): - if not allow_edit: - raise 'editing disallowed for ' + pagename - global form pg = Page(pagename) if 'preview' in form: @@ -223,7 +227,7 @@ def do_savepage(pagename): pg.save_text(form['savetext'].value) pg.send_page() elif 'cancel' in form: - pg.msg = 'Editing cancelled' + pg.msg = 'Editing canceled' pg.msg_type = 'notice' pg.send_page() else: @@ -243,18 +247,26 @@ def page_list(): def send_footer(name, mod_string=None): - print '
' + if debug_cgi: + cgi.print_arguments() + cgi.print_form(cgi.FieldStorage()) + cgi.print_environ() + global __version__ + print '' # ---------------------------------------------------------- # Macros -def _macro_TitleSearch(): +def _macro_TitleSearch(*vargs): return _macro_search("titlesearch") -def _macro_FullSearch(): +def _macro_FullSearch(*vargs): return _macro_search("fullsearch") def _macro_search(type): @@ -262,9 +274,9 @@ def _macro_search(type): default = form["value"].value else: default = '' - return """
""" % (type, default) + return """
""" % (type, default) -def _macro_WordIndex(): +def _macro_WordIndex(*vargs): s = make_index_key() pages = list(page_list()) map = {} @@ -297,7 +309,7 @@ def _macro_WordIndex(): return s -def _macro_TitleIndex(): +def _macro_TitleIndex(*vargs): s = make_index_key() pages = list(page_list()) pages.sort() @@ -324,98 +336,124 @@ class PageFormatter: self.raw = raw self.is_em = self.is_b = 0 self.h_level = 0 + self.h_count = 0 self.list_indents = [] - self.in_pre = 0 - self.in_var = 0 + self.in_pre = False + self.in_table = False + self.tr_cnt = 0 + self.in_var = False self.in_header = True def _emph_repl(self, word): if len(word) == 3: self.is_b = not self.is_b - return ['', ''][self.is_b] + return ['', ''][self.is_b] else: self.is_em = not self.is_em return ['', ''][self.is_em] def _tit_repl(self, word): if self.h_level: - result = "" % self.h_level + result = '' % self.h_level self.h_level = 0 else: self.h_level = len(word) - 1 - result = "" % self.h_level - return result; + self.h_count += 1 + result = '* ' % (self.h_level, self.h_count, self.h_count) + return result def _rule_repl(self, word): - s = self._undent() - if len(word) <= 3: - s = s + "\n
\n" - else: - s = s + "\n
\n" % (len(word) - 2 ) - return s + return self._undent() + '\n
\n' % (len(word) - 2) def _word_repl(self, word): return Page(word).link_to() def _img_repl(self, word): - return '' % (get_scriptname(), word) + path = script_name() + '/' + word; + return '' % (path, path) def _url_repl(self, word): if img_re.match(word): - return '' % word + return '' % (word, word) else: return '%s' % (word, word) def _hurl_repl(self, word): - m = re.compile("\[\[(\S+)\ (.+)\]\]").match(word) - anchor = m.group(1) - descr = m.group(2) - if img_re.match(anchor): - return '%s' % (anchor, descr) - elif url_re.match(anchor): - return '%s' % (anchor, descr) - elif anchor.startswith('/'): - return '%s' % (anchor, descr) + m = re.compile("\[\[(\S+)([^\]]*)\]\]").match(word) + name = m.group(1) + descr = m.group(2).strip() or name + + macro = globals().get('_macro_' + name) + if macro: + return apply(macro, (name, descr)) + elif img_re.match(name): + return '%s' % (name, name, descr) + elif url_re.match(name): + return '%s' % (name, descr) + elif name.startswith('/'): + return '%s' % (name, descr) else: - return link_tag(anchor, descr) + return link_tag(name, descr) def _email_repl(self, word): return '%s' % (word, word) + def _html_repl(self, word): + return word; # Pass through def _ent_repl(self, s): return {'&': '&', '<': '<', '>': '>'}[s] - def _li_repl(self, match): return '
  • ' - def _pre_repl(self, word): if word == '{{{' and not self.in_pre: - self.in_pre = 1 + self.in_pre = True return '
    '
         elif self.in_pre:
-            self.in_pre = 0
+            self.in_pre = False
             return '
    ' - else: - return '' + return '' + + def _hi_repl(self, word): + if word == 'FIXME': + cl = 'error' + elif word == 'DONE': + cl = 'success' + elif word == 'TODO': + cl = 'notice' + return '' + word + '' def _var_repl(self, word): if word == '{{' and not self.in_var: - self.in_var = 1 + self.in_var = True return '' elif self.in_var: - self.in_var = 0 + self.in_var = False return '' - else: - return '' - def _macro_repl(self, word): - macro_name = word[2:-2] - # TODO: Somehow get the default value into the search field - return apply(globals()['_macro_' + macro_name], ()) + return '' + + def _tr_repl(self, word): + out = '' + if not self.in_table: + self.in_table = True + self.tr_cnt = 0 + out = '

    \n' + self.tr_cnt += 1 + return out + '' + return '' + + def _td_repl(self, word): + if self.in_table: + return '^\s*\|\|\s*)" + + r"|(?P\s*\|\|\s*$)" + + r"|(?P
    ' + + def _tre_repl(self, word): + if self.in_table: + return '
    ' + return '' def _indent_level(self): return len(self.list_indents) and self.list_indents[-1] @@ -448,33 +486,46 @@ class PageFormatter: raise "Can't handle match " + `match` def print_html(self): - print "

    " + print '

    ' # For each line, we scan through looking for magic # strings, outputting verbatim any intervening text + # TODO: highlight search words (look at referer) scan_re = re.compile( r"(?:" + # Formatting + r"(?P'{2,3})" + r"|(?P\={2,6})" + + r"|(?P^-{3,})" + + r"|(?P<(/|)(div|span|iframe)[^<>]*>)" + r"|(?P[<>&])" + + r"|(?P\b(FIXME|TODO|DONE)\b)" + + # Links + r"|(?P\b[a-zA-Z0-9_-]+\.(png|gif|jpg|jpeg|bmp))" + r"|(?P\b(?:[A-Z][a-z]+){2,}\b)" - + r"|(?P^-{3,})" - + r"|(?P\[\[\S+\s+.+\]\])" - + r"|(?P(http|ftp|nntp|news|mailto)\:[^\s'\"]+\S)" + + r"|(?P\[\[\S+[^\]]*\]\])" + + r"|(?P(http|https|ftp|mailto)\:[^\s'\"]+\S)" + r"|(?P[-\w._+]+\@[\w.-]+)" + + # Lists, divs, spans + r"|(?P

  • ^\s+\*)" + r"|(?P
    (\{\{\{|\s*\}\}\}))"
             + r"|(?P(\{\{|\}\}))"
-            + r"|(?P\[\[(TitleSearch|FullSearch|WordIndex|TitleIndex)\]\])"
+
+            # Tables
+            + r"|(?P
    • \s*\|\|\s*)" + r")") pre_re = re.compile( r"(?:" + r"(?P
    \s*\}\}\})"
             + r")")
-        blank_re = re.compile("^\s*$")
-        indent_re = re.compile("^\s*")
-        eol_re = re.compile(r'\r?\n')
+        blank_re = re.compile(r"^\s*$")
+        indent_re = re.compile(r"^\s*")
+        tr_re = re.compile(r"^\s*\|\|")
+        eol_re = re.compile(r"\r?\n")
         raw = string.expandtabs(self.raw)
         for line in eol_re.split(raw):
             # Skip ACLs
@@ -482,19 +533,25 @@ class PageFormatter:
                 if line.startswith('#'):
                    continue
                 self.in_header = False
+
             if self.in_pre:
                 print re.sub(pre_re, self.replace, line)
             else:
-                # XXX: Should we check these conditions in this order?
+                if self.in_table and not tr_re.match(line):
+                    self.in_table = False
+                    print '

    ' + if blank_re.match(line): print '

    ' - continue - indent = indent_re.match(line) - print self._indent_to(len(indent.group(0))) - print re.sub(scan_re, self.replace, line) + else: + indent = indent_re.match(line) + print self._indent_to(len(indent.group(0))) + print re.sub(scan_re, self.replace, line) + if self.in_pre: print '' + if self.in_table: print '

    ' print self._undent() - print "

    • " + print '

    ' # ---------------------------------------------------------- class Page: @@ -530,11 +587,7 @@ class Page: if self.exists(): return link_tag(word, word, 'wikilink') else: - if nonexist_qm: - return link_tag(word, '?', 'nonexistent') + word - else: - return link_tag(word, word, 'nonexistent') - + return link_tag(word, nonexist_pfx + word, 'nonexistent') def get_raw_body(self): try: @@ -563,27 +616,38 @@ class Page: raise er return self.attrs - def can_edit(self): + def can(self, action, default=True): attrs = self.get_attrs() try: # SomeUser:read,write All:read acl = attrs["acl"] for rule in acl.split(): - (user,perms) = acl.split(':') + (user,perms) = rule.split(':') if user == remote_user() or user == "All": - if 'write' in perms.split(','): + if action in perms.split(','): return True + else: + return False return False - except: + except Exception, er: pass - return True + return default + + def can_write(self): + return self.can("write", True) + + def can_read(self): + return self.can("read", True) def send_page(self): page_name = None - if self.can_edit(): + if self.can_write(): page_name = self.page_name send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type) - PageFormatter(self.get_raw_body()).print_html() + if self.can_read(): + PageFormatter(self.get_raw_body()).print_html() + else: + send_guru("Read access denied by ACLs", "notice") send_footer(page_name, self._last_modified()) def _last_modified(self): @@ -595,12 +659,15 @@ class Page: def send_editor(self, preview=None): send_title(None, 'Edit ' + self.split_title(), msg=self.msg, msg_type=self.msg_type) + if not self.can_write(): + send_guru("Write access denied by ACLs", "error") + return print ('

    Editing ' + self.page_name + ' for ' + cgi.escape(remote_user()) + ' from ' + cgi.escape(get_hostname(remote_host())) + '

    ') - print '
    ' % (get_scriptname(), self.page_name) + print '
    ' % (script_name(), self.page_name) print '' % (self.page_name) print """""" % (preview or self.get_raw_body()) print """ @@ -616,8 +683,12 @@ class Page: print "
    " PageFormatter(preview).print_html() print "
    " + send_footer(self.page_name) def send_raw(self): + if not self.can_read(): + send_title(None, msg='Read access denied by ACLs', msg_type='notice') + return emit_header("text/plain") print self.get_raw_body() @@ -634,6 +705,11 @@ class Page: os.rename(tmp_filename, text) def save_text(self, newtext): + if not self.can_write(): + self.msg = 'Write access denied by ACLs' + self.msg_type = 'error' + return + self._write_file(newtext) rc = 0 if post_edit_hook: @@ -652,7 +728,7 @@ class Page: if msg: self.msg += 'Output follows:\n' + msg else: - self.msg = 'Thankyou for your contribution. Your attention to detail is appreciated.' + self.msg = 'Thank you for your contribution. Your attention to detail is appreciated.' self.msg_type = 'success' def send_verbatim(filename, mime_type='application/octet-stream'): @@ -661,20 +737,25 @@ def send_verbatim(filename, mime_type='application/octet-stream'): emit_header(mime_type) sys.stdout.write(data) -# --------------------------------------------------------------- +# Main --------------------------------------------------------------- try: # Configuration values + site_name = 'Codewiz' + + # set to None for read-only sites, leave empty ('') to allow anonymous edits + # otherwise, set to a URL that requires authentication + privileged_url = 'https://www.codewiz.org/~bernie/wiki' + data_dir = '/home/bernie/public_html/wiki' text_dir = path.join(data_dir, 'text') - allow_edit = True # Is it possible to edit pages? - site_name = 'codewiz.org' - changed_time_fmt = '[%I:%M %p] ' - date_fmt = '%a %d %b %Y' - datetime_fmt = '%a %d %b %Y %I:%M %p' - show_hosts = True # show hostnames? css_url = '../wikidata/geekigeeki.css' # optional stylesheet link - nonexist_qm = False # show '?' for nonexistent? + history_url = '../wikigit/wiki.git' post_edit_hook = './post_edit_hook.sh' + datetime_fmt = '%a %d %b %Y %I:%M %p' + allow_edit = True # Is it possible to edit pages? + show_hosts = True # show hostnames? + nonexist_pfx = '' # prefix before nonexistent link (usually '?') + debug_cgi = False # Set to True for CGI var dump form = cgi.FieldStorage() @@ -699,6 +780,7 @@ try: if word_re.match(query): Page(query).send_page() elif img_re.match(query): + #FIXME: use correct mime type send_verbatim(query, 'image/jpeg') else: send_verbatim(query)