From: Bernardo Innocenti Date: Sun, 23 Sep 2007 06:02:34 +0000 (+0200) Subject: Fix ACLs X-Git-Tag: v2.0~2 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=ae1e8f42c88472e0797b36583e0fa7c6cf1b5f5b;p=geekigeeki.git Fix ACLs --- diff --git a/geekigeeki.css b/geekigeeki.css index d56bb96..8c4b9eb 100755 --- a/geekigeeki.css +++ b/geekigeeki.css @@ -14,24 +14,12 @@ body { margin-right: 0px; } -a { - color: #1010FF; -} -a:visited { - color: #501080; -} - -a.nonexistent { - color: #D04040; -} - -a.navlink { - font-size: smaller; -} - -a.external { - font-style: italic; -} +a { color: #1010FF; } +a:visited { color: #501080; } +a.nonexistent { color: #D04040; } +a.navlink { font-size: smaller; } +a.external { font-style: italic; } +a.heading { text-decoration: none; color: #aaaaaa; font-size: smaller; } h1 { font-size: x-large; @@ -150,6 +138,10 @@ div.preview { border: 2px dashed #FF0000; } +div.index { + border: 1px solid #EEEEEE; +} + div.nav { border-color: #cc9933; background-color: #ffcc66; diff --git a/geekigeeki.py b/geekigeeki.py index 46c61c5..9fd1adf 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -154,8 +154,7 @@ def link_tag(params, text=None, ss_class=None, authentication=False): classattr = '' if ss_class: classattr += 'class="%s" ' % ss_class - # Prevent crawlers from following links to generated pages - # and links added by potential spammers + # Prevent crawlers from following links potentially added by spammers or to generated pages if ss_class == 'external' or ss_class == 'navlink': classattr += 'rel="nofollow" ' if authentication: @@ -355,12 +354,12 @@ class PageFormatter: def _tit_repl(self, word): if self.h_level: - result = "" % self.h_level + result = '' % self.h_level self.h_level = 0 else: self.h_level = len(word) - 1 self.h_count += 1 - result = '' % (self.h_count, self.h_level, self.h_count) + result = '* ' % (self.h_level, self.h_count, self.h_count) return result def _rule_repl(self, word): @@ -487,7 +486,7 @@ class PageFormatter: raise "Can't handle match " + `match` def print_html(self): - print "

" + print '

' # For each line, we scan through looking for magic # strings, outputting verbatim any intervening text @@ -552,7 +551,7 @@ class PageFormatter: if self.in_pre: print '' if self.in_table: print '

' print self._undent() - print "

" + print '

' # ---------------------------------------------------------- class Page: @@ -621,27 +620,38 @@ class Page: raise er return self.attrs - def can_edit(self): + def can(self, action, default=True): attrs = self.get_attrs() try: # SomeUser:read,write All:read acl = attrs["acl"] for rule in acl.split(): - (user,perms) = acl.split(':') + (user,perms) = rule.split(':') if user == remote_user() or user == "All": - if 'write' in perms.split(','): + if action in perms.split(','): return True + else: + return False return False - except: + except Exception, er: pass - return True + return default + + def can_write(self): + return self.can("write", True) + + def can_read(self): + return self.can("read", True) def send_page(self): page_name = None - if self.can_edit(): + if self.can_write(): page_name = self.page_name send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type) - PageFormatter(self.get_raw_body()).print_html() + if self.can_read(): + PageFormatter(self.get_raw_body()).print_html() + else: + print "

This page is not visible to you

" send_footer(page_name, self._last_modified()) def _last_modified(self): @@ -725,8 +735,7 @@ try: # Configuration values site_name = 'Codewiz' - # set to None for read-only sites - # leave empty ('') to allow anonymous edits + # set to None for read-only sites, leave empty ('') to allow anonymous edits # otherwise, set to a URL that requires authentication privileged_url = 'https://www.codewiz.org/~bernie/wiki'