X-Git-Url: https://codewiz.org/gitweb?p=geekigeeki.git;a=blobdiff_plain;f=geekigeeki.py;h=9d2bf9e12e8dea0617622960871baa95a990d753;hp=79dda63e2c463df56b6e9790985b4005d727f2b4;hb=bfa2f63dc09c936f10b7cc3c1ee0c1c136af3591;hpb=46efe19f353d79e0be12da32980ef1457a97d749
diff --git a/geekigeeki.py b/geekigeeki.py
index 79dda63..9d2bf9e 100755
--- a/geekigeeki.py
+++ b/geekigeeki.py
@@ -36,6 +36,7 @@ def config_get(key, default=None):
def script_name():
return os.environ.get('SCRIPT_NAME', '')
+#TODO: move post-edit hook into wiki, then kill this
def script_path():
return os.path.split(os.environ.get('SCRIPT_FILENAME', ''))[0]
@@ -46,8 +47,9 @@ def query_string():
else:
return os.environ.get('QUERY_STRING', '') or 'FrontPage'
-def privileged_path():
- return config_get('privileged_url') or script_name()
+def is_privileged():
+ purl = config_get('privileged_url')
+ return (purl is not None) and os.environ.get('SCRIPT_URI', '').startswith(purl)
def remote_user():
user = os.environ.get('REMOTE_USER', '')
@@ -71,7 +73,7 @@ def is_external_url(pathname):
def relative_url(pathname, privileged=False):
if not is_external_url(pathname):
if privileged:
- url = privileged_path()
+ url = config_get('privileged_url') or script_name()
else:
url = script_name()
pathname = url + '/' + pathname
@@ -143,7 +145,7 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal
rel, href = link
print(' ' % (rel, relative_url(href)))
- editable = name and writable and config_get('privileged_url') is not None
+ editable = name and writable and is_privileged()
if editable:
print(' ' \
% relative_url('?a=edit&q=' + name, privileged=True))
@@ -694,7 +696,7 @@ class Page:
#print "bernie: pragmas[" + m.group(1) + "] = " + m.group(2) + "
\n"
except IOError, err:
if err.errno != errno.ENOENT and err.errno != errno.EISDIR:
- raise er
+ raise err
return self._pragmas
def pragma(self, name, default):
@@ -791,8 +793,10 @@ class Page:
def save(self, newdata, changelog):
if not self.can_write():
- self.msg_text = 'Write access denied by ACLs'
- self.msg_type = 'error'
+ self.msg_text = 'Write access denied by Access Control List'
+ return
+ if not is_privileged():
+ self.msg_text = 'Unauthenticated access denied'
return
self._write_file(newdata)