[ipfire.org.git] / src / web / docs.py

#!/usr/bin/python3

import difflib
import tornado.web

from . import base
from . import ui_modules

class PageHandler(base.BaseHandler):
	@property
	def action(self):
		return self.get_argument("action", None)

	def write_error(self, status_code, **kwargs):
		# Render a custom page for 404
		if status_code == 404:
			self.render("docs/404.html", **kwargs)
			return

		# Otherwise raise this to one layer above
		super().write_error(status_code, **kwargs)

	@tornado.web.removeslash
	def get(self, path):
		if path is None:
			path = "/"

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Check if we are asked to render a certain revision
		revision = self.get_argument("revision", None)

		# Fetch the wiki page
		page = self.backend.wiki.get_page(path, revision=revision)

		# Diff
		if self.action == "diff":
			# Get both revisions
			a = self.get_argument("a")
			b = self.get_argument("b")

			# Fetch both versions of the page
			a = self.backend.wiki.get_page(path, revision=a)
			b = self.backend.wiki.get_page(path, revision=b)
			if not a or not b:
				raise tornado.web.HTTPError(404)

			# Cannot render a diff for the identical page
			if a == b:
				raise tornado.web.HTTPError(400)

			# Make sure that b is newer than a
			if a > b:
				a, b = b, a

			self.render("docs/diff.html", page=page, a=a, b=b)
			return

		# Restore
		elif self.action == "restore":
			self.render("docs/confirm-restore.html", page=page)
			return

		# Revisions
		elif self.action == "revisions":
			self.render("docs/revisions.html", page=page)
			return

		# If the page does not exist, we send 404
		if not page or page.was_deleted():
			# Handle /start links which were in the format of DokuWiki
			if path.endswith("/start"):
				# Strip /start from path
				path = path[:-6] or "/"

				# Redirect user to page if it exists
				page = self.backend.wiki.page_exists(path)
				if page:
					self.redirect(path)

			raise tornado.web.HTTPError(404)

		# Fetch the latest revision
		latest_revision = page.get_latest_revision()

		# Render page
		self.render("docs/page.html", page=page, latest_revision=latest_revision)


class FileHandler(base.BaseHandler):
	@property
	def action(self):
		return self.get_argument("action", None)

	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Check if we are asked to render a certain revision
		revision = self.get_argument("revision", None)

		# Fetch the file
		file = self.backend.wiki.get_file_by_path(path, revision=revision)
		if not file:
			raise tornado.web.HTTPError(404, "Could not find %s" % path)

		# Render detail page
		if self.action == "detail":
			page = None

			for breadcrumb, title in self.backend.wiki.make_breadcrumbs(path):
				page = self.backend.wiki.get_page(breadcrumb)
				if page:
					break

			self.render("docs/files/detail.html", page=page, file=file)
			return

		size = self.get_argument_int("s", None)

		# Check if image should be resized
		if size and file.is_bitmap_image():
			blob = file.get_thumbnail(size)
		else:
			blob = file.blob

		# Set headers
		self.set_header("Content-Type", file.mimetype or "application/octet-stream")
		self.set_header("Content-Length", len(blob))

		# Set expires
		self.set_expires(3600)

		# Deliver content
		self.finish(blob)


class EditHandler(base.BaseHandler):
	@tornado.web.authenticated
	def get(self, path):
		if path is None:
			path = "/"

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Fetch the wiki page
		page = self.backend.wiki.get_page(path)

		# Empty page if it was deleted
		if page and page.was_deleted():
			page = None

		# Render page
		self.render("docs/edit.html", page=page, path=path)

	@tornado.web.authenticated
	def post(self, path):
		if path is None:
			path = "/"

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		content = self.get_argument("content", None)
		changes = self.get_argument("changes")

		# Create a new page in the database
		with self.db.transaction():
			page = self.backend.wiki.create_page(path,
				self.current_user, content, changes=changes, address=self.get_remote_ip())

			# Add user as a watcher if wanted
			watch = self.get_argument("watch", False)
			if watch:
				page.add_watcher(self.current_user)

		# Redirect back
		if page.was_deleted():
			self.redirect("/")
		else:
			self.redirect(page.url)

	def on_finish(self):
		"""
			Updates the search index after the page has been edited
		"""
		# This is being executed in the background and after
		# the response has been set to the client
		with self.db.transaction():
			self.backend.wiki.refresh()


class RenderHandler(base.BaseHandler):
	def check_xsrf_cookie(self):
		pass # disabled

	@tornado.web.authenticated
	@base.ratelimit(minutes=5, requests=180)
	def post(self, path):
		if path is None:
			path = "/"

		content = self.get_argument("content")

		# Render the content
		html = self.backend.wiki.render(path, content)

		self.finish(html)


class WatchHandler(base.BaseHandler):
	@tornado.web.authenticated
	@base.ratelimit(minutes=60, requests=180)
	def get(self, path, action):
		if path is None:
			path = "/"

		page = self.backend.wiki.get_page(path)
		if not page:
			raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		with self.db.transaction():
			if action == "watch":
				page.add_watcher(self.current_user)
			elif action == "unwatch":
				page.remove_watcher(self.current_user)

		# Redirect back to page
		self.redirect(page.url)


class DeleteFileHandler(base.BaseHandler):
	@tornado.web.authenticated
	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Fetch the file
		file = self.backend.wiki.get_file_by_path(path)
		if not file:
			raise tornado.web.HTTPError(404, "Could not find %s" % path)

		self.render("docs/confirm-delete.html", file=file)

	@tornado.web.authenticated
	@base.ratelimit(minutes=60, requests=24)
	def post(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Fetch the file
		file = self.backend.wiki.get_file_by_path(path)
		if not file:
			raise tornado.web.HTTPError(404, "Could not find %s" % path)

		with self.db.transaction():
			file.delete(self.current_user)

		self.redirect("%s/_files" % file.path)


class SearchHandler(base.BaseHandler):
	@base.ratelimit(minutes=5, requests=25)
	def get(self):
		q = self.get_argument("q")

		# Perform search
		with self.db.transaction():
			pages = self.backend.wiki.search(q, account=self.current_user, limit=50)

		self.render("docs/search-results.html", q=q, pages=pages)


class RecentChangesHandler(base.BaseHandler):
	def get(self):
		recent_changes = self.backend.wiki.get_recent_changes(self.current_user, limit=50)

		self.render("docs/recent-changes.html", recent_changes=recent_changes)


class TreeHandler(base.BaseHandler):
	def get(self):
		self.render("docs/tree.html", pages=self.backend.wiki)


class WatchlistHandler(base.BaseHandler):
	@tornado.web.authenticated
	def get(self):
		pages = self.backend.wiki.get_watchlist(self.current_user)

		self.render("docs/watchlist.html", pages=pages)


class HeaderModule(ui_modules.UIModule):
	@property
	def page(self):
		"""
			Returns the path of the page (without any actions)
		"""
		path = self.request.path.removeprefix("/docs")

		return "/".join((p for p in path.split("/") if not p.startswith("_")))

	def render(self, suffix=None):
		_ = self.locale.translate

		breadcrumbs = self.backend.wiki.make_breadcrumbs(self.page)
		title = self.backend.wiki.get_page_title(self.page)

		if self.request.path.endswith("/_edit"):
			suffix = _("Edit")
		elif self.request.path.endswith("/_files"):
			suffix = _("Files")

		return self.render_string("docs/modules/header.html",
			breadcrumbs=breadcrumbs, page=self.page, page_title=title, suffix=suffix)


class DiffModule(ui_modules.UIModule):
	differ = difflib.Differ()

	def render(self, a, b):
		diff = self.differ.compare(
			a.markdown.splitlines(),
			b.markdown.splitlines(),
		)

		return self.render_string("docs/modules/diff.html", diff=diff)
Commit	Line	Data
1958a22b MT	1	#!/usr/bin/python3
	2
	3	import difflib
	4	import tornado.web
	5
	6	from . import base
cf59466c	7	from . import ui_modules
1958a22b MT	8
	9	class PageHandler(base.BaseHandler):
	10	@property
	11	def action(self):
	12	return self.get_argument("action", None)
	13
	14	def write_error(self, status_code, **kwargs):
	15	# Render a custom page for 404
	16	if status_code == 404:
f6afd9c3	17	self.render("docs/404.html", **kwargs)
1958a22b MT	18	return
	19
	20	# Otherwise raise this to one layer above
	21	super().write_error(status_code, **kwargs)
	22
	23	@tornado.web.removeslash
	24	def get(self, path):
	25	if path is None:
	26	path = "/"
	27
	28	# Check permissions
	29	if not self.backend.wiki.check_acl(path, self.current_user):
	30	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	31
	32	# Check if we are asked to render a certain revision
	33	revision = self.get_argument("revision", None)
	34
	35	# Fetch the wiki page
	36	page = self.backend.wiki.get_page(path, revision=revision)
	37
	38	# Diff
	39	if self.action == "diff":
	40	# Get both revisions
	41	a = self.get_argument("a")
	42	b = self.get_argument("b")
	43
	44	# Fetch both versions of the page
	45	a = self.backend.wiki.get_page(path, revision=a)
	46	b = self.backend.wiki.get_page(path, revision=b)
	47	if not a or not b:
	48	raise tornado.web.HTTPError(404)
	49
	50	# Cannot render a diff for the identical page
	51	if a == b:
	52	raise tornado.web.HTTPError(400)
	53
	54	# Make sure that b is newer than a
	55	if a > b:
	56	a, b = b, a
	57
bd448717	58	self.render("docs/diff.html", page=page, a=a, b=b)
1958a22b MT	59	return
	60
	61	# Restore
	62	elif self.action == "restore":
a0a9be06	63	self.render("docs/confirm-restore.html", page=page)
1958a22b MT	64	return
	65
	66	# Revisions
	67	elif self.action == "revisions":
e9ee938d	68	self.render("docs/revisions.html", page=page)
1958a22b MT	69	return
	70
	71	# If the page does not exist, we send 404
	72	if not page or page.was_deleted():
	73	# Handle /start links which were in the format of DokuWiki
	74	if path.endswith("/start"):
	75	# Strip /start from path
	76	path = path[:-6] or "/"
	77
	78	# Redirect user to page if it exists
	79	page = self.backend.wiki.page_exists(path)
	80	if page:
	81	self.redirect(path)
	82
	83	raise tornado.web.HTTPError(404)
	84
	85	# Fetch the latest revision
	86	latest_revision = page.get_latest_revision()
	87
	88	# Render page
cf59466c MT	89	self.render("docs/page.html", page=page, latest_revision=latest_revision)
	90
	91
4a1bfdd5 MT	92	class FileHandler(base.BaseHandler):
	93	@property
	94	def action(self):
	95	return self.get_argument("action", None)
	96
	97	def get(self, path):
	98	# Check permissions
	99	if not self.backend.wiki.check_acl(path, self.current_user):
	100	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	101
	102	# Check if we are asked to render a certain revision
	103	revision = self.get_argument("revision", None)
	104
	105	# Fetch the file
	106	file = self.backend.wiki.get_file_by_path(path, revision=revision)
	107	if not file:
	108	raise tornado.web.HTTPError(404, "Could not find %s" % path)
	109
	110	# Render detail page
	111	if self.action == "detail":
	112	page = None
	113
	114	for breadcrumb, title in self.backend.wiki.make_breadcrumbs(path):
	115	page = self.backend.wiki.get_page(breadcrumb)
	116	if page:
	117	break
	118
b441d503	119	self.render("docs/files/detail.html", page=page, file=file)
4a1bfdd5 MT	120	return
	121
	122	size = self.get_argument_int("s", None)
	123
	124	# Check if image should be resized
	125	if size and file.is_bitmap_image():
	126	blob = file.get_thumbnail(size)
	127	else:
	128	blob = file.blob
	129
	130	# Set headers
	131	self.set_header("Content-Type", file.mimetype or "application/octet-stream")
	132	self.set_header("Content-Length", len(blob))
	133
	134	# Set expires
	135	self.set_expires(3600)
	136
	137	# Deliver content
	138	self.finish(blob)
	139
	140
ec17fa2b	141	class EditHandler(base.BaseHandler):
d7580469 MT	142	@tornado.web.authenticated
	143	def get(self, path):
	144	if path is None:
	145	path = "/"
	146
	147	# Check permissions
	148	if not self.backend.wiki.check_acl(path, self.current_user):
	149	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	150
	151	# Fetch the wiki page
	152	page = self.backend.wiki.get_page(path)
	153
	154	# Empty page if it was deleted
	155	if page and page.was_deleted():
	156	page = None
	157
	158	# Render page
	159	self.render("docs/edit.html", page=page, path=path)
	160
	161	@tornado.web.authenticated
	162	def post(self, path):
	163	if path is None:
	164	path = "/"
	165
	166	# Check permissions
	167	if not self.backend.wiki.check_acl(path, self.current_user):
	168	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	169
	170	content = self.get_argument("content", None)
	171	changes = self.get_argument("changes")
	172
	173	# Create a new page in the database
	174	with self.db.transaction():
	175	page = self.backend.wiki.create_page(path,
	176	self.current_user, content, changes=changes, address=self.get_remote_ip())
	177
	178	# Add user as a watcher if wanted
	179	watch = self.get_argument("watch", False)
	180	if watch:
	181	page.add_watcher(self.current_user)
	182
	183	# Redirect back
	184	if page.was_deleted():
	185	self.redirect("/")
	186	else:
	187	self.redirect(page.url)
	188
	189	def on_finish(self):
	190	"""
	191	Updates the search index after the page has been edited
	192	"""
	193	# This is being executed in the background and after
	194	# the response has been set to the client
	195	with self.db.transaction():
	196	self.backend.wiki.refresh()
	197
	198
ec17fa2b	199	class RenderHandler(base.BaseHandler):
d7580469 MT	200	def check_xsrf_cookie(self):
	201	pass # disabled
	202
	203	@tornado.web.authenticated
	204	@base.ratelimit(minutes=5, requests=180)
	205	def post(self, path):
	206	if path is None:
	207	path = "/"
	208
	209	content = self.get_argument("content")
	210
	211	# Render the content
	212	html = self.backend.wiki.render(path, content)
	213
	214	self.finish(html)
	215
	216
ec17fa2b	217	class WatchHandler(base.BaseHandler):
01ddad9b MT	218	@tornado.web.authenticated
	219	@base.ratelimit(minutes=60, requests=180)
	220	def get(self, path, action):
	221	if path is None:
	222	path = "/"
	223
	224	page = self.backend.wiki.get_page(path)
	225	if not page:
	226	raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)
	227
	228	# Check permissions
	229	if not self.backend.wiki.check_acl(path, self.current_user):
	230	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	231
	232	with self.db.transaction():
	233	if action == "watch":
	234	page.add_watcher(self.current_user)
	235	elif action == "unwatch":
	236	page.remove_watcher(self.current_user)
	237
	238	# Redirect back to page
	239	self.redirect(page.url)
	240
	241
16510618 MT	242	class DeleteFileHandler(base.BaseHandler):
	243	@tornado.web.authenticated
	244	def get(self, path):
	245	# Check permissions
	246	if not self.backend.wiki.check_acl(path, self.current_user):
	247	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	248
	249	# Fetch the file
	250	file = self.backend.wiki.get_file_by_path(path)
	251	if not file:
	252	raise tornado.web.HTTPError(404, "Could not find %s" % path)
	253
	254	self.render("docs/confirm-delete.html", file=file)
	255
	256	@tornado.web.authenticated
	257	@base.ratelimit(minutes=60, requests=24)
	258	def post(self, path):
	259	# Check permissions
	260	if not self.backend.wiki.check_acl(path, self.current_user):
	261	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	262
	263	# Fetch the file
	264	file = self.backend.wiki.get_file_by_path(path)
	265	if not file:
	266	raise tornado.web.HTTPError(404, "Could not find %s" % path)
	267
	268	with self.db.transaction():
	269	file.delete(self.current_user)
	270
	271	self.redirect("%s/_files" % file.path)
	272
	273
0ce8cc32 MT	274	class SearchHandler(base.BaseHandler):
	275	@base.ratelimit(minutes=5, requests=25)
	276	def get(self):
	277	q = self.get_argument("q")
	278
	279	# Perform search
	280	with self.db.transaction():
	281	pages = self.backend.wiki.search(q, account=self.current_user, limit=50)
	282
	283	self.render("docs/search-results.html", q=q, pages=pages)
	284
	285
5f0d294e MT	286	class RecentChangesHandler(base.BaseHandler):
	287	def get(self):
	288	recent_changes = self.backend.wiki.get_recent_changes(self.current_user, limit=50)
	289
	290	self.render("docs/recent-changes.html", recent_changes=recent_changes)
	291
	292
350f391e MT	293	class TreeHandler(base.BaseHandler):
	294	def get(self):
	295	self.render("docs/tree.html", pages=self.backend.wiki)
	296
	297
16619e57 MT	298	class WatchlistHandler(base.BaseHandler):
	299	@tornado.web.authenticated
	300	def get(self):
	301	pages = self.backend.wiki.get_watchlist(self.current_user)
	302
	303	self.render("docs/watchlist.html", pages=pages)
	304
	305
cf59466c MT	306	class HeaderModule(ui_modules.UIModule):
	307	@property
	308	def page(self):
	309	"""
	310	Returns the path of the page (without any actions)
	311	"""
	312	path = self.request.path.removeprefix("/docs")
	313
	314	return "/".join((p for p in path.split("/") if not p.startswith("_")))
	315
	316	def render(self, suffix=None):
	317	_ = self.locale.translate
	318
	319	breadcrumbs = self.backend.wiki.make_breadcrumbs(self.page)
	320	title = self.backend.wiki.get_page_title(self.page)
	321
	322	if self.request.path.endswith("/_edit"):
	323	suffix = _("Edit")
	324	elif self.request.path.endswith("/_files"):
	325	suffix = _("Files")
	326
	327	return self.render_string("docs/modules/header.html",
	328	breadcrumbs=breadcrumbs, page=self.page, page_title=title, suffix=suffix)
739fff76 MT	329
	330
	331	class DiffModule(ui_modules.UIModule):
	332	differ = difflib.Differ()
	333
	334	def render(self, a, b):
	335	diff = self.differ.compare(
	336	a.markdown.splitlines(),
	337	b.markdown.splitlines(),
	338	)
	339
	340	return self.render_string("docs/modules/diff.html", diff=diff)