X-Git-Url: https://codewiz.org/gitweb?p=geekigeeki.git;a=blobdiff_plain;f=geekigeeki.py;h=a5ba6a2d388565ae9ac3f5dff29ca48f8126fb50;hp=73c45ce41d3f36a82c5adedacb370a930b1c9e14;hb=49c44a83e5e434114dd90c1672579cf66ee46e86;hpb=b9db2bd04b6007004057410623024c880660bd72 diff --git a/geekigeeki.py b/geekigeeki.py index 73c45ce..a5ba6a2 100755 --- a/geekigeeki.py +++ b/geekigeeki.py @@ -1,38 +1,32 @@ #!/usr/bin/python # -*- coding: utf-8 -*- # -# Copyright 1999, 2000 Martin Pool -# Copyright 2002 Gerardo Poggiali -# Copyright 2007, 2008, 2009 Bernie Innocenti +# Copyright (C) 1999, 2000 Martin Pool +# Copyright (C) 2002 Gerardo Poggiali +# Copyright (C) 2007, 2008, 2009 Bernie Innocenti # # This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . __version__ = '4.0-' + '$Id$'[4:11] -from time import clock +from time import clock, localtime, gmtime, strftime start_time = clock() title_done = False -import cgi, sys, os, re, errno, stat +import cgi, sys, os, re, errno, stat, glob image_ext = 'png|gif|jpg|jpeg|bmp|ico' video_ext = "ogg|ogv|oga" # Not supported by Firefox 3.5: mkv|mpg|mpeg|mp4|avi|asf|flv|wmv|qt -image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")", re.IGNORECASE) -video_re = re.compile(r".*\.(" + video_ext + ")", re.IGNORECASE) +image_re = re.compile(r".*\.(" + image_ext + "|" + video_ext + ")$", re.IGNORECASE) +video_re = re.compile(r".*\.(" + video_ext + ")$", re.IGNORECASE) # FIXME: we accept stuff like foo/../bar and we shouldn't -file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)") -url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S") +file_re = re.compile(r"([A-Za-z0-9_\-][A-Za-z0-9_\.\-/]*)$") +url_re = re.compile(r"[a-z]{3,8}://[^\s'\"]+\S$") ext_re = re.compile(r"\.([^\./]+)$") # CGI stuff --------------------------------------------------------- @@ -42,6 +36,10 @@ def config_get(key, default=None): def script_name(): return os.environ.get('SCRIPT_NAME', '') +#TODO: move post-edit hook into wiki, then kill this +def script_path(): + return os.path.split(os.environ.get('SCRIPT_FILENAME', ''))[0] + def query_string(): path_info = os.environ.get('PATH_INFO', '') if len(path_info) and path_info[0] == '/': @@ -49,8 +47,9 @@ def query_string(): else: return os.environ.get('QUERY_STRING', '') or 'FrontPage' -def privileged_path(): - return privileged_url or script_name() +def is_privileged(): + purl = config_get('privileged_url') + return (purl is not None) and os.environ.get('SCRIPT_URI', '').startswith(purl) def remote_user(): user = os.environ.get('REMOTE_USER', '') @@ -74,7 +73,7 @@ def is_external_url(pathname): def relative_url(pathname, privileged=False): if not is_external_url(pathname): if privileged: - url = privileged_path() + url = config_get('privileged_url') or script_name() else: url = script_name() pathname = url + '/' + pathname @@ -108,7 +107,9 @@ def url_args(kvargs): return '' # Formatting stuff -------------------------------------------------- -def emit_header(mime_type="text/html"): +def emit_header(mtime=None, mime_type="text/html"): + if mtime: + print("Last-Modified: " + strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(mtime))) print("Content-type: " + mime_type + "; charset=utf-8\n") def send_guru(msg_text, msg_type): @@ -116,24 +117,21 @@ def send_guru(msg_text, msg_type): print('
')
     if msg_type == 'error':
         print('    Software Failure.  Press left mouse button to continue.\n')
-    print(msg_text)
+    print(cgi.escape(msg_text))
     if msg_type == 'error':
         print '\n           Guru Meditation #DEADBEEF.ABADC0DE'
-    print('
' \ + print('' \ % relative_url('sys/GuruMeditation.js')) -def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=False): +def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=False, mtime=None): global title_done if title_done: return - # Head - emit_header() - print('') - print('') - + # HEAD + emit_header(mtime) + print('\n') print("%s: %s" % (config_get('site_name', "Unconfigured Wiki"), text)) - print(' ') + print(' ') if not name: print(' ') @@ -144,9 +142,10 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal rel, href = link print(' ' % (rel, relative_url(href))) - if name and writable and privileged_url is not None: + editable = name and writable and is_privileged() + if editable: print(' ' \ - % (privileged_path() + '?a=edit&q=' + name)) + % relative_url('?a=edit&q=' + name, privileged=True)) history = config_get('history_url') if history is not None: @@ -155,17 +154,17 @@ def send_title(name, text="Limbo", msg_text=None, msg_type='error', writable=Fal print('') - # Body - if name and writable and privileged_url is not None: - print('') + # BODY + if editable: + print('') else: print('') title_done = True send_guru(msg_text, msg_type) - # Navbar - print('
') + # NAVBAR + print('
') def send_httperror(status="403 Not Found", query=""): print("Status: %s" % status) @@ -203,7 +202,7 @@ def link_tag(dest, text=None, privileged=False, **kvargs): if text is None: text = humanlink(dest) elif image_re.match(text): - text = '' + text + '' + text = '' + text + '' link_class = kvargs.get('class', kvargs.get('cssclass', None)) if not link_class: @@ -226,15 +225,25 @@ def link_inline(name, descr=None, kvargs={}): if not descr: descr = humanlink(name) url = relative_url(name) if video_re.match(name): - return '' % url + return '' % url elif image_re.match(name): return '%s' % (url, url + url_args(kvargs), descr) elif file_re.match(name) and not ext_re.search(name): # FIXME: this guesses a wiki page - return Page(name).send_naked(kvargs) + Page(name).send_naked(kvargs) # FIXME: we should return the page as a string rather than print it + return '' else: return '' \ % (url, url, name) +def link_inline_glob(pattern, descr=None, kvargs={}): + if not url_re.match(pattern) and bool(set(pattern) & set('?*[')): + s = '' + for name in glob.glob(pattern): + s += link_inline(name, descr, kvargs) + return s + else: + return link_inline(pattern, descr, kvargs) + # Search --------------------------------------------------- def print_search_stats(hits, searched): @@ -324,23 +333,25 @@ def handle_get(pagename, form): else: send_httperror("403 Forbidden", pagename) -# Used by macros/WordIndex and macros/TitleIndex +# Used by sys/macros/WordIndex and sys/macros/TitleIndex def make_index_key(): links = ['%s' % (ch, ch) for ch in 'abcdefghijklmnopqrstuvwxyz'] return '

' + ' | '.join(links) + '

' -def page_list(dirname=None, re=None): - if re is None: +def page_list(dirname=None, search_re=None): + if search_re is None: # FIXME: WikiWord is too restrictive now! - re = re.compile(r"^\b((([A-Z][a-z0-9]+){2,}/)*([A-Z][a-z0-9]+){2,})\b$") - return sorted(filter(re.match, os.listdir(dirname or config_get(data_dir, '')))) + search_re = re.compile(r"^\b((([A-Z][a-z0-9]+){2,}/)*([A-Z][a-z0-9]+){2,})\b$") + return sorted(filter(search_re.match, os.listdir(dirname or '.'))) -def send_footer(mod_string=None): +def send_footer(mtime=None): if config_get('debug_cgi', False): cgi.print_arguments() cgi.print_form(form) cgi.print_environ() - link_inline("sys/footer", kvargs= { 'LAST_MODIFIED': mod_string }) + link_inline("sys/footer", kvargs = { + 'LAST_MODIFIED': strftime(config_get('datetime_fmt', '%a %d %b %Y %I:%M %p'), localtime(mtime)) + }) print("") def _macro_ELAPSED_TIME(*args, **kvargs): @@ -361,7 +372,7 @@ class WikiFormatter: self.h_level = 0 self.in_pre = self.in_html = self.in_table = self.in_li = False self.in_header = True - self.list_indents = [] + self.list_indents = [] # a list of pairs (indent_level, list_type) to track nested lists self.tr_cnt = 0 self.styles = { #wiki html enabled? @@ -374,7 +385,6 @@ class WikiFormatter: ",,": ["sub", False], "''": ["em", False], # LEGACY "'''": ["b", False], # LEGACY - "``": ["tt", False], # LEGACY } def _b_repl(self, word): @@ -399,7 +409,7 @@ class WikiFormatter: return '
' def _rule_repl(self, word): - return self._undent() + '\n
\n' % (len(word) - 2) + return '\n
\n' % (len(word) - 2) def _macro_repl(self, word): try: @@ -408,11 +418,11 @@ class WikiFormatter: return self.kvargs[args[0]] macro = globals().get('_macro_' + args[0]) if not macro: - exec(open("macros/" + args[0] + ".py").read(), globals()) + exec(open("sys/macros/" + args[0] + ".py").read(), globals()) macro = globals().get('_macro_' + args[0]) return macro(*args, **kvargs) except Exception, e: - msg = cgi.escape(word) + ": " + cgi.escape(e.message) + msg = cgi.escape(word) + ": " + cgi.escape(str(e)) if not self.in_html: msg = '' + msg + '' return msg @@ -429,10 +439,10 @@ class WikiFormatter: # This double div nonsense works around a limitation of the HTML block model return '
' \ + '
' \ - + link_inline(name, descr, kvargs) \ + + link_inline_glob(name, descr, kvargs) \ + '
' + descr + '
' else: - return link_inline(name, None, kvargs) + return link_inline_glob(name, None, kvargs) def _html_repl(self, word): if not self.in_html and word.startswith(' new_level: - del(self.list_indents[-1]) if self.in_li: s += '' self.in_li = False # FIXME - s += '\n' + s += '\n' + del(self.list_indents[-1]) + + list_type = ('ul', 'ol')[list_type == '#'] while self._indent_level() < new_level: - self.list_indents.append(new_level) - s += '
    \n' + self.list_indents.append((new_level, list_type)) + s += '<' + list_type + '>\n' s += '

    ' return s - def _undent(self): - res = '

    ' - res += '
' * len(self.list_indents) - res += '

' - self.list_indents = [] - return res - def replace(self, match): for rule, hit in list(match.groupdict().items()): if hit: @@ -543,7 +548,7 @@ class WikiFormatter: scan_re = re.compile(r"""(?: # Styles and formatting ("--" must cling to a word to disambiguate it from the dash) - (?P \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' | `` ) + (?P \*\* | // | \#\# | __ | --\b | \b-- | \^\^ | ,, | ''' | '' ) | (?P \={2,6}) | (?P
\\\\) | (?P ^-{3,}) @@ -582,7 +587,7 @@ class WikiFormatter: | (?P[<>&])" )""", re.VERBOSE) blank_re = re.compile(r"^\s*$") - indent_re = re.compile(r"^\s*") + indent_re = re.compile(r"^(\s*)(\*|\#|)") tr_re = re.compile(r"^\s*\|\|") eol_re = re.compile(r"\r?\n") # For each line, we scan through looking for magic strings, outputting verbatim any intervening text @@ -605,18 +610,18 @@ class WikiFormatter: print('

') else: indent = indent_re.match(self.line) - #3.0: print(self._indent_to(len(indent.group(0))), end=' ') - print(self._indent_to(len(indent.group(0)))) + print(self._indent_to(len(indent.group(1)), indent.group(2))) + # Stand back! Here we apply the monster regex that does all the parsing print(re.sub(scan_re, self.replace, self.line)) if self.in_pre: print('') if self.in_table: print('

') - print(self._undent()) + print(self._indent_to(0)) print('

') class Page: def __init__(self, page_name): - self.page_name = page_name + self.page_name = page_name.rstrip('/'); self.msg_text = '' self.msg_type = 'error' @@ -625,20 +630,24 @@ class Page: return re.sub('([a-z])([A-Z])', r'\1 \2', self.page_name) def _filename(self): - return os.path.join(config_get('data_dir', ''), self.page_name) + return self.page_name def _tmp_filename(self): - return os.path.join(config_get('data_dir', ''), ('#' + self.page_name.replace('/','_') + '.' + str(os.getpid()) + '#')) + return self.page_name + '.tmp' + str(os.getpid()) + '#' - def exists(self): + def _mtime(self): try: - os.stat(self._filename()) - return True + return os.stat(self._filename()).st_mtime except OSError, err: if err.errno == errno.ENOENT: - return False + return None raise err + def exists(self): + if self._mtime(): + return True + return False + def get_raw_body(self, default=None): try: return open(self._filename(), 'rb').read() @@ -655,19 +664,20 @@ class Page: out = '== ' pathname = '' for dirname in self.page_name.strip('/').split('/'): - pathname = (pathname + '/' + dirname) if pathname else dirname + pathname = (pathname and pathname + '/' ) + dirname out += '[[' + pathname + '|' + dirname + ']]/' out += ' ==\n' + images_out = '\n' for filename in page_list(self._filename(), file_re): if image_re.match(filename): - maxwidth = config_get(image_maxwidth) + maxwidth = config_get('image_maxwidth', '400') if maxwidth: - maxwidth_arg = ' | maxwidth=' + str(maxwidth) - out += '{{' + self.page_name + '/' + filename + ' | ' + humanlink(filename) + maxwidth_arg + ' | class=thumbleft}}\n' + maxwidth = ' | maxwidth=' + str(maxwidth) + images_out += '{{' + self.page_name + '/' + filename + ' | ' + humanlink(filename) + maxwidth + ' | class=thumbleft}}\n' else: out += ' * [[' + self.page_name + '/' + filename + ']]\n' - return out + return out + images_out def pragmas(self): if not '_pragmas' in self.__dict__: @@ -683,7 +693,7 @@ class Page: #print "bernie: pragmas[" + m.group(1) + "] = " + m.group(2) + "
\n" except IOError, err: if err.errno != errno.ENOENT and err.errno != errno.EISDIR: - raise er + raise err return self._pragmas def pragma(self, name, default): @@ -724,19 +734,9 @@ class Page: link_urls += [ [ "stylesheet", value ] ] send_title(self.page_name, self.split_title(), - msg_text=self.msg_text, msg_type=self.msg_type, writable=self.can_write()) + msg_text=self.msg_text, msg_type=self.msg_type, writable=self.can_write(), mtime=self._mtime()) self.send_naked() - send_footer(self._last_modified()) - - def _last_modified(self): - try: - from time import localtime, strftime - modtime = localtime(os.stat(self._filename())[stat.ST_MTIME]) - except OSError, err: - if err.errno != errno.ENOENT: - raise err - return None - return strftime(config_get(datetime_fmt, '%a %d %b %Y %I:%M %p'), modtime) + send_footer(mtime=self._mtime()) def send_editor(self, preview=None): send_title(None, 'Edit ' + self.split_title(), msg_text=self.msg_text, msg_type=self.msg_type) @@ -744,35 +744,14 @@ class Page: send_guru("Write access denied by ACLs", "error") return - filename = '' - if 'file' in form: - filename = form['file'].value - - print(('

Editing ' + self.page_name - + ' for ' + cgi.escape(remote_user()) - + ' from ' + cgi.escape(get_hostname(remote_host())) - + '

')) - print('
' % relative_url(self.page_name)) - print('') - print('
' % (self.page_name)) - print('' \ - % cgi.escape(preview or self.get_raw_body(default=''))) - print(' ' % filename) - print(""" -
- - - - -
-
- - """) - print("

" + link_tag('EditingTips') + "

") + if preview is None: + preview = self.get_raw_body(default='') + + link_inline("sys/EditPage", kvargs = { + 'EDIT_BODY': cgi.escape(preview), + #'EDIT_PREVIEW': WikiFormatter(preview).print_html(), + }) + if preview: print("
") WikiFormatter(preview).print_html() @@ -781,18 +760,17 @@ class Page: def send_raw(self, mimetype='text/plain', args=[]): if not self.can_read(): - send_title(None, msg_text='Read access denied by ACLs', msg_type='notice') + send_title(None, msg_text='Read access denied by ACLs', msg_type='notice', mtime=self._mtime()) return + emit_header(self._mtime(), mimetype) if 'maxwidth' in args: import subprocess - emit_header(mimetype) sys.stdout.flush() subprocess.check_call(['gm', 'convert', self._filename(), '-scale', args['maxwidth'].value + ' >', '-']) else: body = self.get_raw_body() - emit_header(mimetype) print(body) def _write_file(self, data): @@ -806,14 +784,16 @@ class Page: except OSError, err: if err.errno != errno.ENOENT: raise err path = os.path.split(name)[0] - if not os.path.exists(path): + if path and not os.path.exists(path): os.makedirs(path) os.rename(tmp_filename, name) def save(self, newdata, changelog): if not self.can_write(): - self.msg_text = 'Write access denied by ACLs' - self.msg_type = 'error' + self.msg_text = 'Write access denied by Access Control List' + return + if not is_privileged(): + self.msg_text = 'Unauthenticated access denied' return self._write_file(newdata) @@ -821,8 +801,8 @@ class Page: if config_get('post_edit_hook'): import subprocess cmd = [ - config_get(post_edit_hook), - config_get(data_dir, '') + '/' + self.page_name, remote_user(), + config_get('post_edit_hook'), + self.page_name, remote_user(), remote_host(), changelog ] child = subprocess.Popen(cmd, stdout=subprocess.PIPE, close_fds=True) output = child.stdout.read() @@ -837,6 +817,7 @@ class Page: try: exec(open("geekigeeki.conf.py").read()) + os.chdir(config_get('data_dir', 'data')) form = cgi.FieldStorage() action = form.getvalue('a', 'get') handler = globals().get('handle_' + action)