X-Git-Url: https://codewiz.org/gitweb?p=geekigeeki.git;a=blobdiff_plain;f=geekigeeki.py;h=651d98db20e984506af833ebf7c810e20a8ae635;hp=9fd1adf5a139c1ba32152a9eb6270b2847f8227b;hb=aaa8d1b0c0c584f64ab3f1f08a7b8480c05161d4;hpb=ae1e8f42c88472e0797b36583e0fa7c6cf1b5f5b diff --git a/geekigeeki.py b/geekigeeki.py index 9fd1adf..651d98d 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -1,10 +1,9 @@ -#! /usr/bin/env python -"""Quick-quick implementation of WikiWikiWeb in Python -""" +#!/usr/bin/python +# -*- coding: utf-8 -*- # -# Copyright (C) 1999, 2000 Martin Pool -# This version includes additional changes by Gerardo Poggiali (2002) -# This version includes additional changes by Bernardo Innocenti (2007) +# Copyright 1999, 2000 Martin Pool +# Copyright 2002 Gerardo Poggiali +# Copyright 2007, 2008 Bernie Innocenti # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -19,17 +18,22 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -__version__ = '$Revision: 1.63+gerry+bernie $'[11:-2] +__version__ = '$Id$'[4:12] -import cgi, sys, string, os, re, errno, time, stat -from os import path, environ +from time import clock +start_time = clock() + +import cgi, sys, os, re, errno, stat # Regular expression defining a WikiWord # (but this definition is also assumed in other places) -file_re = re.compile(r"^\b([A-Za-z0-9_\.\-]+)\b$") -word_re = re.compile(r"^\b([A-Z][a-z]+){2,}\b$") -img_re = re.compile(r"^.*\.(png|gif|jpg|jpeg)$", re.IGNORECASE) +word_re = re.compile(r"^\b((([A-Z][a-z0-9]+){2,}/)*([A-Z][a-z0-9]+){2,})\b$") +# FIXME: we accept stuff like foo/../bar and we shouldn't +file_re = re.compile(r"^\b([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)\b$") +img_re = re.compile(r"^.*\.(png|gif|jpg|jpeg|bmp|ico|ogm|ogg|mkv|mpg|mpeg|mp4|avi|asf|flv|wmv|qt)$", re.IGNORECASE) +video_re = re.compile(r"^.*\.(ogm|ogg|mkv|mpg|mpeg|mp4|avi|asf|flv|wmv|qt)$", re.IGNORECASE) url_re = re.compile(r"^[a-z]{3,8}://[^\s'\"]+\S$") +link_re = re.compile("(?:\[\[|{{)([^\s\|]+)(?:\s*\|\s*([^\]]+)|)(?:\]\]|}})") title_done = False @@ -37,108 +41,130 @@ title_done = False # CGI stuff --------------------------------------------------------- def script_name(): - return environ.get('SCRIPT_NAME', '') + return os.environ.get('SCRIPT_NAME', '') def privileged_path(): return privileged_url or script_name() def remote_user(): - user = environ.get('REMOTE_USER', '') + user = os.environ.get('REMOTE_USER', '') if user is None or user == '' or user == 'anonymous': user = 'AnonymousCoward' return user def remote_host(): - return environ.get('REMOTE_ADDR', '') + return os.environ.get('REMOTE_ADDR', '') def get_hostname(addr): try: from socket import gethostbyaddr return gethostbyaddr(addr)[0] + ' (' + addr + ')' - except: + except Exception: return addr -# Formatting stuff -------------------------------------------------- +def is_external_url(pathname): + return (url_re.match(pathname) or pathname.startswith('/')) + +def relative_url(pathname, privileged=False): + if not is_external_url(pathname): + if privileged: + url = privileged_path() + else: + url = script_name() + pathname = url + '/' + pathname + return pathname -def emit_header(type="text/html"): - print "Content-type: " + type + "; charset=utf-8" - print +def permalink(s): + return re.sub(' ', '-', re.sub('[^a-z0-9_ ]', '', s.lower()).strip()) -def send_guru(msg, msg_type): - if msg is None or msg == '': return +# Formatting stuff -------------------------------------------------- +def emit_header(mime_type="text/html"): + print "Content-type: " + mime_type + "; charset=utf-8\n" + +def sendfile(dest_file, src_file): + """Efficiently copy file data between file descriptors""" + while 1: + data = src_file.read(65536) + if not data: break + dest_file.write(data) + +def send_guru(msg_text, msg_type): + if not msg_text: return print '
'
     if msg_type == 'error':
         print '    Software Failure.  Press left mouse button to continue.\n'
-    print msg
+    print msg_text
     if msg_type == 'error':
-        print '      Guru Meditation #DEADBEEF.ABADC0DE'
+        print '\n      Guru Meditation #DEADBEEF.ABADC0DE'
     print '
' - # FIXME: This simple JS snippet is harder to pass than ACID 3.0 - print """ - """ + try: + sendfile(sys.stdout, open('gurumeditation.js', 'rb')) + except IOError, err: + pass -def send_title(name, text="Limbo", msg=None, msg_type='error'): +def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=False): global title_done if title_done: return # Head emit_header() - print """ - -""" + print '' + print '' + print "%s: %s" % (site_name, text) print ' ' if not name: print ' ' - if css_url: - print ' ' % css_url + + for meta in meta_urls: + http_equiv, content = meta + print ' ' % (http_equiv, relative_url(content)) + + for link in link_urls: + rel, href = link + print ' ' % (rel, relative_url(href)) + + if name and writable and privileged_url is not None: + print ' ' \ + % (privileged_path() + '?edit=' + name) + + if history_url is not None: + print ' ' \ + % relative_url(history_url + '?a=rss') + print '' # Body - if name and privileged_url is not None: + if name and writable and privileged_url is not None: print '' else: print '' title_done = True - send_guru(msg, msg_type) + send_guru(msg_text, msg_type) # Navbar print '
' - print ' ' + site_name + ': ', if name: - print link_tag('?fullsearch=' + name, text) + ' ' + print ' ' + link_tag('?fullsearch=' + name, text, 'navlink') + ' ' else: - print text + ' ' - print ' | ' + link_tag('FrontPage', 'Front Page', 'navlink') + print ' ' + text + ' ' + print ' | ' + link_tag('FrontPage', 'Home', 'navlink') print ' | ' + link_tag('FindPage', 'Find Page', 'navlink') - print ' | Recent Changes' + if 'history_url' in globals(): + print ' | Recent Changes' + if name: + print ' | Page History' if name: - print ' | Page History' print ' | ' + link_tag('?raw=' + name, 'Raw Text', 'navlink') if privileged_url is not None: - print ' | ' + link_tag('?edit=' + name, 'Edit Page', 'navlink', authentication=True) + if writable: + print ' | ' + link_tag('?edit=' + name, 'Edit', 'navlink', privileged=True) + else: + print ' | ' + link_tag(name, 'Login', 'navlink', privileged=True) + else: print ' | Immutable Page' @@ -148,24 +174,36 @@ def send_title(name, text="Limbo", msg=None, msg_type='error'): print '
' -def link_tag(params, text=None, ss_class=None, authentication=False): +def send_httperror(status="403 Not Found", query=""): + print "Status: %s" % status + send_title(None, msg_text=("%s: on query '%s'" % (status, query))) + send_footer() + +def link_tag(params, text=None, link_class=None, privileged=False): if text is None: text = params # default - classattr = '' - if ss_class: - classattr += 'class="%s" ' % ss_class - # Prevent crawlers from following links potentially added by spammers or to generated pages - if ss_class == 'external' or ss_class == 'navlink': - classattr += 'rel="nofollow" ' - if authentication: - path = privileged_path() - else: - path = script_name() - return '%s' % (classattr, path, params, text) + elif img_re.match(text): + text = '' + + if not link_class: + if is_external_url(params): + link_class = 'external' + elif file_re.match(params) and Page(params).exists(): + link_class = 'wikilink' + else: + params = nonexist_pfx + params + link_class = 'nonexistent' + + classattr = 'class="%s" ' % link_class + # Prevent crawlers from following links potentially added by spammers or to generated pages + if link_class == 'external' or link_class == 'navlink': + classattr += 'rel="nofollow"' + + return '%s' % (classattr, relative_url(params, privileged=privileged), text) # Search --------------------------------------------------- -def do_fullsearch(needle): +def handle_fullsearch(needle): send_title(None, 'Full text search for "%s"' % (needle)) needle_re = re.compile(needle, re.IGNORECASE) @@ -184,16 +222,15 @@ def do_fullsearch(needle): print "
    " for (count, page_name) in hits: - print '

  • ' + Page(page_name).link_to() + print '

  • ' + link_tag(page_name) print ' . . . . ' + `count` - print ['match', 'matches'][count <> 1] + print ['match', 'matches'][count != 1] print '

    • ' print "
" print_search_stats(len(hits), len(all_pages)) - -def do_titlesearch(needle): +def handle_titlesearch(needle): # TODO: check needle is legal -- but probably we can just accept any RE send_title(None, "Title search for \"" + needle + '"') @@ -203,130 +240,67 @@ def do_titlesearch(needle): print "
    " for filename in hits: - print '

  • ' + Page(filename).link_to() + "

    • " + print '

  • ' + link_tag(filename) + "

    • " print "
" print_search_stats(len(hits), len(all_pages)) - def print_search_stats(hits, searched): print "

%d hits out of %d pages searched.

" % (hits, searched) -def do_edit(pagename): - Page(pagename).send_editor() +def handle_raw(pagename): + if not file_re.match(pagename): + send_httperror("403 Forbidden", pagename) + return -def do_raw(pagename): Page(pagename).send_raw() -def do_savepage(pagename): - if privileged_url is None: - raise 'editing disallowed for ' + pagename +def handle_edit(pagename): + if not file_re.match(pagename): + send_httperror("403 Forbidden", pagename) + return - global form pg = Page(pagename) - if 'preview' in form: - pg.send_editor(form['savetext'].value) - elif 'save' in form: - pg.save_text(form['savetext'].value) - pg.send_page() + if 'save' in form: + if form['file'].value: + pg.save(form['file'].file.read(), form['changelog'].value) + else: + pg.save(form['savetext'].value.replace('\r\n', '\n'), form['changelog'].value) + pg.format() elif 'cancel' in form: - pg.msg = 'Editing cancelled' + pg.msg_text = 'Editing canceled' pg.msg_type = 'notice' - pg.send_page() - else: - raise 'What did you press?' + pg.format() + else: # preview or edit + text = None + if 'preview' in form: + text = form['savetext'].value + pg.send_editor(text) def make_index_key(): - s = '

' - links = map(lambda ch: '%s' % (ch, ch), - string.lowercase) - s = s + string.join(links, ' | ') - s = s + '

' - return s - + links = map(lambda ch: '%s' % (ch, ch), 'abcdefghijklmnopqrstuvwxyz') + return '

'+ ' | '.join(links) + '

' -def page_list(): - return filter(word_re.match, os.listdir(text_dir)) +def page_list(dirname = None, re = word_re): + return sorted(filter(re.match, os.listdir(dirname or data_dir))) - -def send_footer(name, mod_string=None): - if debug_cgi: +def send_footer(mod_string=None): + if globals().get('debug_cgi', False): cgi.print_arguments() - cgi.print_form(cgi.FieldStorage()) + cgi.print_form(form) cgi.print_environ() - print '' -# ---------------------------------------------------------- class Page: def __init__(self, page_name): self.page_name = page_name - self.msg = '' + self.msg_text = '' self.msg_type = 'error' - self.attrs = {} def split_title(self): - # look for the end of words and the start of a new word, - # and insert a space there + # look for the end of words and the start of a new word and insert a space there return re.sub('([a-z])([A-Z])', r'\1 \2', self.page_name) - def _text_filename(self): - return path.join(text_dir, self.page_name) + def _filename(self): + return os.path.join(data_dir, self.page_name) def _tmp_filename(self): - return path.join(text_dir, ('#' + self.page_name + '.' + `os.getpid()` + '#')) + return os.path.join(data_dir, ('#' + self.page_name.replace('/','_') + '.' + `os.getpid()` + '#')) def exists(self): try: - os.stat(self._text_filename()) - return 1 - except OSError, er: - if er.errno == errno.ENOENT: - return 0 - else: - raise er - - def link_to(self): - word = self.page_name - if self.exists(): - return link_tag(word, word, 'wikilink') - else: - if nonexist_qm: - return link_tag(word, '?', 'nonexistent') + word - else: - return link_tag(word, word, 'nonexistent') - + os.stat(self._filename()) + return True + except OSError, err: + if err.errno == errno.ENOENT: + return False + raise err def get_raw_body(self): try: - return open(self._text_filename(), 'rt').read() - except IOError, er: - if er.errno == errno.ENOENT: - # just doesn't exist, use default - return 'Describe %s here.' % self.page_name + return open(self._filename(), 'rb').read() + except IOError, err: + if err.errno == errno.ENOENT: + return '' # just doesn't exist, use default + if err.errno == errno.EISDIR: + return self.format_dir() + raise err + + def format_dir(self): + out = '== ' + pathname = '' + for dirname in self.page_name.split('/'): + pathname = (pathname + '/' + dirname) if pathname else dirname + out += '[[' + pathname + '|' + dirname + ']]/' + out += ' ==\n' + + for filename in page_list(self._filename(), file_re): + if img_re.match(filename): + if image_maxwidth: + maxwidth_arg = '|maxwidth=' + str(image_maxwidth) + out += '{{' + self.page_name + '/' + filename + '|' + filename + maxwidth_arg + '}}\n' else: - raise er + out += ' * [[' + self.page_name + '/' + filename + ']]\n' + return out - def get_attrs(self): - if self.attrs: - return self.attrs - try: - file = open(self._text_filename(), 'rt') - attr_re = re.compile(r"^#(\S*)(.*)$") - for line in file: - m = attr_re.match(line) - if not m: - break - self.attrs[m.group(1)] = m.group(2).strip() - #print "bernie: attrs[" + m.group(1) + "] = " + m.group(2) + "
\n" - except IOError, er: - if er.errno != errno.ENOENT: - raise er - return self.attrs + def pragmas(self): + if not '_pragmas' in self.__dict__: + self._pragmas = {} + try: + f = open(self._filename(), 'rt') + attr_re = re.compile(r"^#(\S*)(.*)$") + for line in f: + m = attr_re.match(line) + if not m: + break + self._pragmas[m.group(1)] = m.group(2).strip() + #print "bernie: _pragmas[" + m.group(1) + "] = " + m.group(2) + "
\n" + except IOError, err: + if err.errno != errno.ENOENT and err.errno != errno.EISDIR: + raise err + return self._pragmas + + def pragma(self, name, default): + return self.pragmas().get(name, default) def can(self, action, default=True): - attrs = self.get_attrs() + acl = None try: - # SomeUser:read,write All:read - acl = attrs["acl"] + #acl SomeUser:read,write All:read + acl = self.pragma("acl", None) for rule in acl.split(): - (user,perms) = rule.split(':') + (user, perms) = rule.split(':') if user == remote_user() or user == "All": - if action in perms.split(','): - return True - else: - return False + return action in perms.split(',') return False - except Exception, er: - pass + except Exception: + if acl: + self.msg_text = 'Illegal acl line: ' + acl return default def can_write(self): @@ -643,150 +654,172 @@ class Page: def can_read(self): return self.can("read", True) - def send_page(self): - page_name = None - if self.can_write(): - page_name = self.page_name - send_title(page_name, self.split_title(), msg=self.msg, msg_type=self.msg_type) + def send_naked(self): if self.can_read(): - PageFormatter(self.get_raw_body()).print_html() + WikiFormatter(self.get_raw_body()).print_html() else: - print "

This page is not visible to you

" - send_footer(page_name, self._last_modified()) + send_guru("Read access denied by ACLs", "notice") + + def format(self): + #css foo.css + value = self.pragma("css", None) + if value: + global link_urls + link_urls += [ [ "stylesheet", value ] ] + + send_title(self.page_name, self.split_title(), + msg_text=self.msg_text, msg_type=self.msg_type, writable=self.can_write()) + self.send_naked() + send_footer(self._last_modified()) def _last_modified(self): - if not self.exists(): + try: + from time import localtime, strftime + modtime = localtime(os.stat(self._filename())[stat.ST_MTIME]) + except OSError, err: + if err.errno != errno.ENOENT: + raise err return None - from time import localtime, strftime - modtime = localtime(os.stat(self._text_filename())[stat.ST_MTIME]) return strftime(datetime_fmt, modtime) def send_editor(self, preview=None): - send_title(None, 'Edit ' + self.split_title(), msg=self.msg, msg_type=self.msg_type) + send_title(None, 'Edit ' + self.split_title(), msg_text=self.msg_text, msg_type=self.msg_type) + if not self.can_write(): + send_guru("Write access denied by ACLs", "error") + return + + filename = '' + if 'file' in form: + filename = form['file'].value print ('

Editing ' + self.page_name + ' for ' + cgi.escape(remote_user()) + ' from ' + cgi.escape(get_hostname(remote_host())) + '

') - print '
' % (script_name(), self.page_name) - print '' % (self.page_name) - print """""" % (preview or self.get_raw_body()) + print '
' % relative_url(self.page_name) + print '' % (self.page_name) + print '
' % (self.page_name) + print '' % cgi.escape(preview or self.get_raw_body()) + print ' ' % filename print """
- - + +
-
""" - print "

" + Page('EditingTips').link_to() + "

" +
+ + """ + print "

" + link_tag('EditingTips') + "

" if preview: print "
" - PageFormatter(preview).print_html() + WikiFormatter(preview).print_html() print "
" - send_footer(self.page_name) + send_footer() - def send_raw(self): - emit_header("text/plain") - print self.get_raw_body() + def send_raw(self, mimetype='text/plain'): + if self.can_read(): + body = self.get_raw_body() + emit_header(mimetype) + print body + else: + send_title(None, msg_text='Read access denied by ACLs', msg_type='notice') + + def send_image(self, mimetype, args=[]): + if 'maxwidth' in args: + import subprocess + emit_header(mimetype) + sys.stdout.flush() + subprocess.check_call(['gm', 'convert', self._filename(), + '-scale', args['maxwidth'].value + ' >', '-']) + else: + self.send_raw(mimetype) - def _write_file(self, text): + def _write_file(self, data): tmp_filename = self._tmp_filename() - open(tmp_filename, 'wt').write(text.replace('\r\n', '\n')) - text = self._text_filename() + open(tmp_filename, 'wb').write(data) + name = self._filename() if os.name == 'nt': # Bad Bill! POSIX rename ought to replace. :-( try: - os.remove(text) - except OSError, er: - if er.errno <> errno.ENOENT: raise er - os.rename(tmp_filename, text) - - def save_text(self, newtext): - self._write_file(newtext) + os.remove(name) + except OSError, err: + if err.errno != errno.ENOENT: raise err + os.rename(tmp_filename, name) + + def save(self, newdata, changelog): + if not self.can_write(): + self.msg_text = 'Write access denied by ACLs' + self.msg_type = 'error' + return + + self._write_file(newdata) rc = 0 if post_edit_hook: # FIXME: what's the std way to perform shell quoting in python? cmd = ( post_edit_hook - + " '" + text_dir + '/' + self.page_name + + " '" + data_dir + '/' + self.page_name + "' '" + remote_user() - + "' '" + remote_host() + "'" + + "' '" + remote_host() + + "' '" + changelog + "'" ) out = os.popen(cmd) - msg = out.read() + output = out.read() rc = out.close() if rc: - self.msg += "Post-editing hook returned %d.\n" % rc - self.msg += 'Command was: ' + cmd + '\n' - if msg: - self.msg += 'Output follows:\n' + msg + self.msg_text += "Post-editing hook returned %d.\n" % rc + self.msg_text += 'Command was: ' + cmd + '\n' + if output: + self.msg_text += 'Output follows:\n' + output else: - self.msg = 'Thankyou for your contribution. Your attention to detail is appreciated.' + self.msg_text = 'Thank you for your contribution. Your attention to detail is appreciated.' self.msg_type = 'success' -def send_verbatim(filename, mime_type='application/octet-stream'): - pathname = path.join(text_dir, filename) - data = open(pathname, 'rb').read() - emit_header(mime_type) - sys.stdout.write(data) - -# Main --------------------------------------------------------------- -try: - # Configuration values - site_name = 'Codewiz' - - # set to None for read-only sites, leave empty ('') to allow anonymous edits - # otherwise, set to a URL that requires authentication - privileged_url = 'https://www.codewiz.org/~bernie/wiki' - - data_dir = '/home/bernie/public_html/wiki' - text_dir = path.join(data_dir, 'text') - css_url = '../wikidata/geekigeeki.css' # optional stylesheet link - history_url = '../wikigit/wiki.git' - post_edit_hook = './post_edit_hook.sh' - datetime_fmt = '%a %d %b %Y %I:%M %p' - allow_edit = True # Is it possible to edit pages? - show_hosts = True # show hostnames? - nonexist_qm = False # show '?' for nonexistent? - debug_cgi = False # Set to True for CGI var dump - - form = cgi.FieldStorage() - - handlers = { 'fullsearch': do_fullsearch, - 'titlesearch': do_titlesearch, - 'edit': do_edit, - 'raw': do_raw, - 'savepage': do_savepage } - - for cmd in handlers.keys(): - if form.has_key(cmd): - apply(handlers[cmd], (form[cmd].value,)) +def main(): + for cmd in form: + handler = globals().get('handle_' + cmd) + if handler: + handler(form[cmd].value) break else: - path_info = environ.get('PATH_INFO', '') + path_info = os.environ.get('PATH_INFO', '') if len(path_info) and path_info[0] == '/': query = path_info[1:] or 'FrontPage' else: - query = environ.get('QUERY_STRING', '') or 'FrontPage' + query = os.environ.get('QUERY_STRING', '') or 'FrontPage' if file_re.match(query): if word_re.match(query): - Page(query).send_page() - elif img_re.match(query): - #FIXME: use correct mime type - send_verbatim(query, 'image/jpeg') + Page(query).format() else: - send_verbatim(query) + from mimetypes import MimeTypes + mimetype, encoding = MimeTypes().guess_type(query) + if mimetype: + if mimetype.startswith('image/'): + Page(query).send_image(mimetype=mimetype, args=form) + else: + Page(query).send_raw(mimetype=mimetype) + else: + Page(query).format() else: - # TODO: return 404? - send_title(None, msg='Can\'t work out query: ' + query) -except: + send_httperror("403 Forbidden", query) + +try: + execfile("geekigeeki.conf.py") + form = cgi.FieldStorage() + main() +except Exception: import traceback - msg=traceback.format_exc() + msg_text = traceback.format_exc() if title_done: - send_guru(msg, "error") + send_guru(msg_text, "error") else: - send_title(None, msg=msg) - send_footer(None) + send_title(None, msg_text=msg_text) + send_footer() sys.stdout.flush()