]> git.ipfire.org Git - ipfire.org.git/blob - src/web/wiki.py
projects / ipfire.org.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
docs: Move recent changes
[ipfire.org.git] / src / web / wiki.py
1 #!/usr/bin/python3
2
3 import tornado.web
4
5 from . import base
6 from . import ui_modules
7
8 class ActionEditHandler(base.BaseHandler):
9 @tornado.web.authenticated
10 def get(self, path):
11 if path is None:
12 path = "/"
13
14 # Check permissions
15 if not self.backend.wiki.check_acl(path, self.current_user):
16 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
17
18 # Fetch the wiki page
19 page = self.backend.wiki.get_page(path)
20
21 # Empty page if it was deleted
22 if page and page.was_deleted():
23 page = None
24
25 # Render page
26 self.render("wiki/edit.html", page=page, path=path)
27
28 @tornado.web.authenticated
29 def post(self, path):
30 if path is None:
31 path = "/"
32
33 # Check permissions
34 if not self.backend.wiki.check_acl(path, self.current_user):
35 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
36
37 content = self.get_argument("content", None)
38 changes = self.get_argument("changes")
39
40 # Create a new page in the database
41 with self.db.transaction():
42 page = self.backend.wiki.create_page(path,
43 self.current_user, content, changes=changes, address=self.get_remote_ip())
44
45 # Add user as a watcher if wanted
46 watch = self.get_argument("watch", False)
47 if watch:
48 page.add_watcher(self.current_user)
49
50 # Redirect back
51 if page.was_deleted():
52 self.redirect("/")
53 else:
54 self.redirect(page.url)
55
56 def on_finish(self):
57 """
58 Updates the search index after the page has been edited
59 """
60 # This is being executed in the background and after
61 # the response has been set to the client
62 with self.db.transaction():
63 self.backend.wiki.refresh()
64
65
66 class ActionUploadHandler(base.BaseHandler):
67 @tornado.web.authenticated
68 @base.ratelimit(minutes=60, requests=24)
69 def post(self):
70 path = self.get_argument("path")
71
72 # Check permissions
73 if not self.backend.wiki.check_acl(path, self.current_user):
74 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
75
76 try:
77 filename, data, mimetype = self.get_file("file")
78
79 # Use filename from request if any
80 filename = self.get_argument("filename", filename)
81
82 # XXX check valid mimetypes
83
84 with self.db.transaction():
85 file = self.backend.wiki.upload(path, filename, data,
86 mimetype=mimetype, author=self.current_user,
87 address=self.get_remote_ip())
88
89 except TypeError as e:
90 raise e
91
92 self.redirect("%s/_files" % path)
93
94
95 class ActionDeleteHandler(base.BaseHandler):
96 @tornado.web.authenticated
97 def get(self, path):
98 # Check permissions
99 if not self.backend.wiki.check_acl(path, self.current_user):
100 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
101
102 # Fetch the file
103 file = self.backend.wiki.get_file_by_path(path)
104 if not file:
105 raise tornado.web.HTTPError(404, "Could not find %s" % path)
106
107 self.render("wiki/confirm-delete.html", file=file)
108
109 @tornado.web.authenticated
110 @base.ratelimit(minutes=60, requests=24)
111 def post(self, path):
112 # Check permissions
113 if not self.backend.wiki.check_acl(path, self.current_user):
114 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
115
116 # Fetch the file
117 file = self.backend.wiki.get_file_by_path(path)
118 if not file:
119 raise tornado.web.HTTPError(404, "Could not find %s" % path)
120
121 with self.db.transaction():
122 file.delete(self.current_user)
123
124 self.redirect("%s/_files" % file.path)
125
126
127 class ActionRestoreHandler(base.BaseHandler):
128 @tornado.web.authenticated
129 @base.ratelimit(minutes=60, requests=24)
130 def post(self):
131 path = self.get_argument("path")
132
133 # Check permissions
134 if not self.backend.wiki.check_acl(path, self.current_user):
135 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
136
137 # Check if we are asked to render a certain revision
138 revision = self.get_argument("revision", None)
139 comment = self.get_argument("comment", None)
140
141 # Fetch the wiki page
142 page = self.backend.wiki.get_page(path, revision=revision)
143
144 with self.db.transaction():
145 page = page.restore(
146 author=self.current_user,
147 address=self.get_remote_ip(),
148 comment=comment,
149 )
150
151 # Redirect back to page
152 self.redirect(page.page)
153
154
155 class ActionWatchHandler(base.BaseHandler):
156 @tornado.web.authenticated
157 @base.ratelimit(minutes=60, requests=180)
158 def get(self, path, action):
159 if path is None:
160 path = "/"
161
162 page = self.backend.wiki.get_page(path)
163 if not page:
164 raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)
165
166 # Check permissions
167 if not self.backend.wiki.check_acl(path, self.current_user):
168 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
169
170 with self.db.transaction():
171 if action == "watch":
172 page.add_watcher(self.current_user)
173 elif action == "unwatch":
174 page.remove_watcher(self.current_user)
175
176 # Redirect back to page
177 self.redirect(page.url)
178
179
180 class ActionRenderHandler(base.BaseHandler):
181 def check_xsrf_cookie(self):
182 pass # disabled
183
184 @tornado.web.authenticated
185 @base.ratelimit(minutes=5, requests=180)
186 def post(self, path):
187 if path is None:
188 path = "/"
189
190 content = self.get_argument("content")
191
192 # Render the content
193 html = self.backend.wiki.render(path, content)
194
195 self.finish(html)
196
197
198 class FilesHandler(base.BaseHandler):
199 @tornado.web.authenticated
200 def get(self, path):
201 if path is None:
202 path = "/"
203
204 # Check permissions
205 if not self.backend.wiki.check_acl(path, self.current_user):
206 raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
207
208 files = self.backend.wiki.get_files(path)
209
210 self.render("wiki/files/index.html", path=path, files=files)
211
212
213 class TreeHandler(base.BaseHandler):
214 def get(self):
215 self.render("wiki/tree.html", pages=self.backend.wiki)
216
217
218 class WatchlistHandler(base.BaseHandler):
219 @tornado.web.authenticated
220 def get(self):
221 pages = self.backend.wiki.get_watchlist(self.current_user)
222
223 self.render("wiki/watchlist.html", pages=pages)
224
225
226 class WikiListModule(ui_modules.UIModule):
227 def render(self, pages, link_revision=False, show_breadcrumbs=True,
228 show_author=True, show_changes=False):
229 return self.render_string("wiki/modules/list.html", link_revision=link_revision,
230 pages=pages, show_breadcrumbs=show_breadcrumbs,
231 show_author=show_author, show_changes=show_changes)
The website of ipfire.org.