classattr = ''
if ss_class:
classattr += 'class="%s" ' % ss_class
- # Prevent crawlers from following links to generated pages
- # and links added by potential spammers
+ # Prevent crawlers from following links potentially added by spammers or to generated pages
if ss_class == 'external' or ss_class == 'navlink':
classattr += 'rel="nofollow" '
if authentication:
Page(pagename).send_raw()
def do_savepage(pagename):
- if privileged_url is None:
- raise 'editing disallowed for ' + pagename
-
global form
pg = Page(pagename)
if 'preview' in form:
pg.save_text(form['savetext'].value)
pg.send_page()
elif 'cancel' in form:
- pg.msg = 'Editing cancelled'
+ pg.msg = 'Editing canceled'
pg.msg_type = 'notice'
pg.send_page()
else:
self.raw = raw
self.is_em = self.is_b = 0
self.h_level = 0
+ self.h_count = 0
self.list_indents = []
self.in_pre = False
self.in_table = False
def _tit_repl(self, word):
if self.h_level:
- result = "</h%d>" % self.h_level
+ result = '</h%d>' % self.h_level
self.h_level = 0
else:
self.h_level = len(word) - 1
- result = "<h%d>" % self.h_level
+ self.h_count += 1
+ result = '<h%d id="%d"><a class="heading" href="#%d">*</a> ' % (self.h_level, self.h_count, self.h_count)
return result
def _rule_repl(self, word):
- s = self._undent()
- if len(word) <= 3:
- s = s + "\n<hr size='1' noshade=\"noshade\" />\n"
- else:
- s = s + "\n<hr size='%d' noshade=\"noshade\" />\n" % (len(word) - 2 )
- return s
+ return self._undent() + '\n<hr size="%d" noshade="noshade" />\n' % (len(word) - 2)
def _word_repl(self, word):
return Page(word).link_to()
def _email_repl(self, word):
return '<a href="mailto:%s">%s</a>' % (word, word)
+ def _html_repl(self, word):
+ return word; # Pass through
def _ent_repl(self, s):
return {'&': '&',
'<': '<',
'>': '>'}[s]
-
def _li_repl(self, match):
return '<li>'
-
def _pre_repl(self, word):
if word == '{{{' and not self.in_pre:
self.in_pre = True
raise "Can't handle match " + `match`
def print_html(self):
- print "<div class='wiki'><p>"
+ print '<div class="wiki"><p>'
# For each line, we scan through looking for magic
# strings, outputting verbatim any intervening text
+ r"(?P<emph>'{2,3})"
+ r"|(?P<tit>\={2,6})"
+ r"|(?P<rule>^-{3,})"
+ + r"|(?P<html><(/|)(div|span|iframe)[^<>]*>)"
+ r"|(?P<ent>[<>&])"
+ r"|(?P<hi>\b(FIXME|TODO|DONE)\b)"
if self.in_pre: print '</pre>'
if self.in_table: print '</tbody></table><p>'
print self._undent()
- print "</p></div>"
+ print '</p></div>'
# ----------------------------------------------------------
class Page:
else:
return link_tag(word, word, 'nonexistent')
-
def get_raw_body(self):
try:
return open(self._text_filename(), 'rt').read()
raise er
return self.attrs
- def can_edit(self):
+ def can(self, action, default=True):
attrs = self.get_attrs()
try:
# SomeUser:read,write All:read
acl = attrs["acl"]
for rule in acl.split():
- (user,perms) = acl.split(':')
+ (user,perms) = rule.split(':')
if user == remote_user() or user == "All":
- if 'write' in perms.split(','):
+ if action in perms.split(','):
return True
+ else:
+ return False
return False
- except:
+ except Exception, er:
pass
- return True
+ return default
+
+ def can_write(self):
+ return self.can("write", True)
+
+ def can_read(self):
+ return self.can("read", True)
def send_page(self):
page_name = None
- if self.can_edit():
+ if self.can_write():
page_name = self.page_name
send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type)
- PageFormatter(self.get_raw_body()).print_html()
+ if self.can_read():
+ PageFormatter(self.get_raw_body()).print_html()
+ else:
+ send_guru("Read access denied by ACLs", "notice")
send_footer(page_name, self._last_modified())
def _last_modified(self):
def send_editor(self, preview=None):
send_title(None, 'Edit ' + self.split_title(), msg=self.msg, msg_type=self.msg_type)
+ if not self.can_write():
+ send_guru("Write access denied by ACLs", "error")
+ return
print ('<p><b>Editing ' + self.page_name
+ ' for ' + cgi.escape(remote_user())
send_footer(self.page_name)
def send_raw(self):
+ if not self.can_read():
+ send_title(None, msg='Read access denied by ACLs', msg_type='notice')
+ return
emit_header("text/plain")
print self.get_raw_body()
os.rename(tmp_filename, text)
def save_text(self, newtext):
+ if not self.can_write():
+ self.msg = 'Write access denied by ACLs'
+ self.msg_type = 'error'
+ return
+
self._write_file(newtext)
rc = 0
if post_edit_hook:
if msg:
self.msg += 'Output follows:\n' + msg
else:
- self.msg = 'Thankyou for your contribution. Your attention to detail is appreciated.'
+ self.msg = 'Thank you for your contribution. Your attention to detail is appreciated.'
self.msg_type = 'success'
def send_verbatim(filename, mime_type='application/octet-stream'):
# Configuration values
site_name = 'Codewiz'
- # set to None for read-only sites
- # leave empty ('') to allow anonymous edits
+ # set to None for read-only sites, leave empty ('') to allow anonymous edits
# otherwise, set to a URL that requires authentication
privileged_url = 'https://www.codewiz.org/~bernie/wiki'
projects / geekigeeki.git / blobdiff