wiki: Move edit action into own handler

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/templates/wiki/edit.html b/src/templates/wiki/edit.html
index 416ef648bc59296c1898ef9ebd21fef142455684..1336ea50d414496266ec363a4d9d32ad49dc0f57 100644 (file)
--- a/src/templates/wiki/edit.html
+++ b/src/templates/wiki/edit.html
@@ -17,10 +17,10 @@
                                {% if page %}{{ _("Edit %s") % page.title }}{% else %}{{ _("Create A New Page") }}{% end %}
                        </h4>
 
-                       <form action="" method="POST">
+                       <form action="/actions/edit" method="POST">
                                {% raw xsrf_form_html() %}
 
-                               <input type="hidden" name="page" value="{{ request.path }}">
+                               <input type="hidden" name="path" value="{{ request.path }}">
 
                                <div class="form-group">
                                        <textarea class="form-control" rows="16" name="content" placeholder="{{ _("Text") }}"

diff --git a/src/web/__init__.py b/src/web/__init__.py
index 926a46f9210247fd5ef3ee6e84bac222a5783c32..7db22f576e71dd645968263364973653a5bcbdb6 100644 (file)
--- a/src/web/__init__.py
+++ b/src/web/__init__.py
@@ -288,6 +288,7 @@ class Application(tornado.web.Application):
                        authentication_handlers + [
 
                        # Actions
+                       (r"/actions/edit", wiki.ActionEditHandler),
                        (r"/actions/upload", wiki.ActionUploadHandler),
 
                        # Handlers

diff --git a/src/web/wiki.py b/src/web/wiki.py
index 4f92be24f46ceda84d6d72e0427f3c2e6f5baf51..799536142b4bd17fb453d5021e45742e96b44aaf 100644 (file)
--- a/src/web/wiki.py
+++ b/src/web/wiki.py
@@ -6,6 +6,39 @@ from . import auth
 from . import base
 from . import ui_modules
 
+class ActionEditHandler(auth.CacheMixin, base.BaseHandler):
+       @tornado.web.authenticated
+       def post(self):
+               path = self.get_argument("path")
+
+               # Check permissions
+               if not self.backend.wiki.check_acl(path, self.current_user):
+                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
+
+               content = self.get_argument("content", None)
+               changes = self.get_argument("changes")
+
+               # Create a new page in the database
+               with self.db.transaction():
+                       page = self.backend.wiki.create_page(path,
+                               self.current_user, content, changes=changes, address=self.get_remote_ip())
+
+               # Redirect back
+               if page.was_deleted():
+                       self.redirect("/")
+               else:
+                       self.redirect(page.url)
+
+       def on_finish(self):
+               """
+                       Updates the search index after the page has been edited
+               """
+               # This is being executed in the background and after
+               # the response has been set to the client
+               with self.db.transaction():
+                       self.backend.wiki.refresh()
+
+
 class ActionUploadHandler(auth.CacheMixin, base.BaseHandler):
        @tornado.web.authenticated
        def post(self):
@@ -136,30 +169,6 @@ class PageHandler(auth.CacheMixin, base.BaseHandler):
                # Render page
                self.render("wiki/page.html", page=page, latest_revision=latest_revision)
 
-       @tornado.web.authenticated
-       def post(self, page):
-               # Check permissions
-               if not self.backend.wiki.check_acl(page, self.current_user):
-                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (page, self.current_user))
-
-               content = self.get_argument("content", None)
-               changes = self.get_argument("changes")
-
-               # Create a new page in the database
-               with self.db.transaction():
-                       page = self.backend.wiki.create_page(page,
-                               self.current_user, content, changes=changes, address=self.get_remote_ip())
-
-               # Redirect back
-               if page.was_deleted():
-                       self.redirect("/")
-               else:
-                       self.redirect(page.url)
-
-               # Update the search index
-               with self.db.transaction():
-                       self.backend.wiki.refresh()
-
 
 class SearchHandler(auth.CacheMixin, base.BaseHandler):
        @base.blacklisted