%s: %s

X-Git-Url: https://codewiz.org/gitweb?p=geekigeeki.git;a=blobdiff_plain;f=geekigeeki.py;h=44b5131bb1435a0e2781f56a8583e108b52b0b75;hp=94439abf47df16a3ef21efb7baf2ba7632d35f02;hb=bc824021236f6cec7008d4f4493f0a2b95ad1632;hpb=d248569ef8cbae2c13106dc1b52aa9c80ab355e9 diff --git a/geekigeeki.py b/geekigeeki.py index 94439ab..44b5131 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -1,16 +1,16 @@ #!/usr/bin/python # -*- coding: utf-8 -*- # -# Copyright 1999, 2000 Martin Pool -# Copyright 2002 Gerardo Poggiali -# Copyright 2007, 2008, 2009 Bernie Innocenti +# Copyright (C) 1999, 2000 Martin Pool +# Copyright (C) 2002 Gerardo Poggiali +# Copyright (C) 2007, 2008, 2009 Bernie Innocenti # # This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. You should have received a copy -# of the GNU General Public License along with this program. -# If not, see . +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . __version__ = '4.0-' + '$Id$'[4:11] @@ -22,11 +22,11 @@ import cgi, sys, os, re, errno, stat, glob image_ext = 'png|gif|jpg|jpeg|bmp|ico' video_ext = "ogg|ogv|oga" # Not supported by Firefox 3.5: mkv|mpg|mpeg|mp4|avi|asf|flv|wmv|qt -image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")", re.IGNORECASE) -video_re = re.compile(r".*\.(" + video_ext + ")", re.IGNORECASE) +image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")$", re.IGNORECASE) +video_re = re.compile(r".*\.(" + video_ext + ")$", re.IGNORECASE) # FIXME: we accept stuff like foo/../bar and we shouldn't -file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)") -url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S") +file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)$") +url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S$") ext_re = re.compile(r"\.([^\./]+)$") # CGI stuff --------------------------------------------------------- @@ -36,6 +36,10 @@ def config_get(key, default=None): def script_name(): return os.environ.get('SCRIPT_NAME', '') +#TODO: move post-edit hook into wiki, then kill this +def script_path(): + return os.path.split(os.environ.get('SCRIPT_FILENAME', ''))[0] + def query_string(): path_info = os.environ.get('PATH_INFO', '') if len(path_info) and path_info[0] == '/': @@ -43,8 +47,9 @@ def query_string(): else: return os.environ.get('QUERY_STRING', '') or 'FrontPage' -def privileged_path(): - return config_get('privileged_url') or script_name() +def is_privileged(): + purl = config_get('privileged_url') + return (purl is not None) and os.environ.get('SCRIPT_URI', '').startswith(purl) def remote_user(): user = os.environ.get('REMOTE_USER', '') @@ -68,7 +73,7 @@ def is_external_url(pathname): def relative_url(pathname, privileged=False): if not is_external_url(pathname): if privileged: - url = privileged_path() + url = config_get('privileged_url') or script_name() else: url = script_name() pathname = url + '/' + pathname @@ -122,14 +127,11 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal global title_done if title_done: return - # Head + # HEAD emit_header(mtime) - print('') - print('') - + print('\n') print("%s: %s" % (config_get('site_name', "Unconfigured Wiki"), text)) - print(' ') + print(' ') if not name: print(' ') @@ -140,10 +142,10 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal rel, href = link print(' ' % (rel, relative_url(href))) - editable = name and writable and config_get('privileged_url') is not None + editable = name and writable and is_privileged() if editable: print(' ' \ - % (privileged_path() + '?a=edit&q=' + name)) + % relative_url('?a=edit&q=' + name, privileged=True)) history = config_get('history_url') if history is not None: @@ -152,17 +154,17 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal print('') - # Body + # BODY if editable: - print('') + print('') else: print('') title_done = True send_guru(msg_text, msg_type) - # Navbar - print('

') + # NAVBAR + print('

') def send_httperror(status="403 Not Found", query=""): print("Status: %s" % status) @@ -200,7 +202,7 @@ def link_tag(dest, text=None, privileged=False, **kvargs): if text is None: text = humanlink(dest) elif image_re.match(text): - text = ' ' + text + '

' + text = ' ' + text + '

' link_class = kvargs.get('class', kvargs.get('cssclass', None)) if not link_class: @@ -234,10 +236,13 @@ def link_inline(name, descr=None, kvargs={}): % (url, url, name) def link_inline_glob(pattern, descr=None, kvargs={}): - s = '' - for name in glob.glob(pattern): - s += link_inline(name, descr, kvargs) - return s + if not url_re.match(pattern) and bool(set(pattern) & set('?*[')): + s = '' + for name in glob.glob(pattern): + s += link_inline(name, descr, kvargs) + return s + else: + return link_inline(pattern, descr, kvargs) # Search --------------------------------------------------- @@ -367,7 +372,7 @@ class WikiFormatter: self.h_level = 0 self.in_pre = self.in_html = self.in_table = self.in_li = False self.in_header = True - self.list_indents = [] + self.list_indents = [] # a list of pairs (indent_level, list_type) to track nested lists self.tr_cnt = 0 self.styles = { #wiki html enabled? @@ -380,7 +385,6 @@ class WikiFormatter: ",,": ["sub", False], "''": ["em", False], # LEGACY "'''": ["b", False], # LEGACY - "``": ["tt", False], # LEGACY } def _b_repl(self, word): @@ -405,7 +409,7 @@ class WikiFormatter: return '
' def _rule_repl(self, word): - return self._undent() + '\n

\n' % (len(word) - 2) + return '\n

\n' % (len(word) - 2) def _macro_repl(self, word): try: @@ -512,31 +516,26 @@ class WikiFormatter: return '' def _indent_level(self): - return len(self.list_indents) and self.list_indents[-1] + return len(self.list_indents) and self.list_indents[-1][0] - def _indent_to(self, new_level): + def _indent_to(self, new_level, list_type=''): if self._indent_level() == new_level: return '' s = '

' while self._indent_level() > new_level: - del(self.list_indents[-1]) if self.in_li: s += '' self.in_li = False # FIXME - s += '\n' + s += '\n' + del(self.list_indents[-1]) + + list_type = ('ul', 'ol')[list_type == '#'] while self._indent_level() < new_level: - self.list_indents.append(new_level) - s += '

' return s - def _undent(self): - res = '

' * len(self.list_indents) - res += '

' - self.list_indents = [] - return res - def replace(self, match): for rule, hit in list(match.groupdict().items()): if hit: @@ -549,7 +548,7 @@ class WikiFormatter: scan_re = re.compile(r"""(?: # Styles and formatting ("--" must cling to a word to disambiguate it from the dash) - (?P \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' | `` ) + (?P \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' ) | (?P \={2,6}) | (?P
\\\\) | (?P ^-{3,}) @@ -588,7 +587,7 @@ class WikiFormatter: | (?P[<>&])" )""", re.VERBOSE) blank_re = re.compile(r"^\s*$") - indent_re = re.compile(r"^\s*") + indent_re = re.compile(r"^(\s*)(\*|\#|)") tr_re = re.compile(r"^\s*\|\|") eol_re = re.compile(r"\r?\n") # For each line, we scan through looking for magic strings, outputting verbatim any intervening text @@ -611,13 +610,13 @@ class WikiFormatter: print('

') else: indent = indent_re.match(self.line) - #3.0: print(self._indent_to(len(indent.group(0))), end=' ') - print(self._indent_to(len(indent.group(0)))) + print(self._indent_to(len(indent.group(1)), indent.group(2))) + # Stand back! Here we apply the monster regex that does all the parsing print(re.sub(scan_re, self.replace, self.line)) if self.in_pre: print('') if self.in_table: print('

') - print(self._undent()) + print(self._indent_to(0)) print('

') class Page: @@ -665,7 +664,7 @@ class Page: out = '== ' pathname = '' for dirname in self.page_name.strip('/').split('/'): - pathname = (pathname + '/' + dirname) if pathname else dirname + pathname = (pathname and pathname + '/' ) + dirname out += '[[' + pathname + '|' + dirname + ']]/' out += ' ==\n' @@ -693,7 +692,7 @@ class Page: #print "bernie: pragmas[" + m.group(1) + "] = " + m.group(2) + "
\n" except IOError, err: if err.errno != errno.ENOENT and err.errno != errno.EISDIR: - raise er + raise err return self._pragmas def pragma(self, name, default): @@ -790,8 +789,10 @@ class Page: def save(self, newdata, changelog): if not self.can_write(): - self.msg_text = 'Write access denied by ACLs' - self.msg_type = 'error' + self.msg_text = 'Write access denied by Access Control List' + return + if not is_privileged(): + self.msg_text = 'Unauthenticated access denied' return self._write_file(newdata)