]>
Commit | Line | Data |
---|---|---|
181d08f3 MT |
1 | #!/usr/bin/python3 |
2 | ||
3 | import tornado.web | |
4 | ||
181d08f3 | 5 | from . import base |
6ac7e934 | 6 | from . import ui_modules |
181d08f3 | 7 | |
da24ac0a | 8 | class ActionEditHandler(base.BaseHandler): |
b6e8b28f | 9 | @tornado.web.authenticated |
3587f73a | 10 | def get(self, path): |
76433782 MT |
11 | if path is None: |
12 | path = "/" | |
13 | ||
3587f73a MT |
14 | # Check permissions |
15 | if not self.backend.wiki.check_acl(path, self.current_user): | |
16 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
17 | ||
18 | # Fetch the wiki page | |
19 | page = self.backend.wiki.get_page(path) | |
20 | ||
21 | # Empty page if it was deleted | |
22 | if page and page.was_deleted(): | |
23 | page = None | |
b6e8b28f | 24 | |
3587f73a | 25 | # Render page |
ec606db5 | 26 | self.render("wiki/edit.html", page=page, path=path) |
3587f73a MT |
27 | |
28 | @tornado.web.authenticated | |
29 | def post(self, path): | |
76433782 MT |
30 | if path is None: |
31 | path = "/" | |
32 | ||
b6e8b28f MT |
33 | # Check permissions |
34 | if not self.backend.wiki.check_acl(path, self.current_user): | |
35 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
36 | ||
37 | content = self.get_argument("content", None) | |
38 | changes = self.get_argument("changes") | |
39 | ||
40 | # Create a new page in the database | |
41 | with self.db.transaction(): | |
42 | page = self.backend.wiki.create_page(path, | |
43 | self.current_user, content, changes=changes, address=self.get_remote_ip()) | |
44 | ||
d64a1e35 MT |
45 | # Add user as a watcher if wanted |
46 | watch = self.get_argument("watch", False) | |
47 | if watch: | |
48 | page.add_watcher(self.current_user) | |
49 | ||
b6e8b28f MT |
50 | # Redirect back |
51 | if page.was_deleted(): | |
52 | self.redirect("/") | |
53 | else: | |
54 | self.redirect(page.url) | |
55 | ||
56 | def on_finish(self): | |
57 | """ | |
58 | Updates the search index after the page has been edited | |
59 | """ | |
60 | # This is being executed in the background and after | |
61 | # the response has been set to the client | |
62 | with self.db.transaction(): | |
63 | self.backend.wiki.refresh() | |
64 | ||
65 | ||
da24ac0a | 66 | class ActionUploadHandler(base.BaseHandler): |
f2cfd873 | 67 | @tornado.web.authenticated |
372ef119 | 68 | @base.ratelimit(minutes=60, requests=24) |
f2cfd873 MT |
69 | def post(self): |
70 | path = self.get_argument("path") | |
71 | ||
11afe905 MT |
72 | # Check permissions |
73 | if not self.backend.wiki.check_acl(path, self.current_user): | |
74 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
75 | ||
f2cfd873 MT |
76 | try: |
77 | filename, data, mimetype = self.get_file("file") | |
78 | ||
ff14dea3 MT |
79 | # Use filename from request if any |
80 | filename = self.get_argument("filename", filename) | |
81 | ||
f2cfd873 MT |
82 | # XXX check valid mimetypes |
83 | ||
84 | with self.db.transaction(): | |
85 | file = self.backend.wiki.upload(path, filename, data, | |
86 | mimetype=mimetype, author=self.current_user, | |
87 | address=self.get_remote_ip()) | |
88 | ||
89 | except TypeError as e: | |
90 | raise e | |
91 | ||
3b33319e | 92 | self.redirect("%s/_files" % path) |
f2cfd873 MT |
93 | |
94 | ||
da24ac0a | 95 | class ActionDeleteHandler(base.BaseHandler): |
b26c705a MT |
96 | @tornado.web.authenticated |
97 | def get(self, path): | |
98 | # Check permissions | |
99 | if not self.backend.wiki.check_acl(path, self.current_user): | |
100 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
101 | ||
102 | # Fetch the file | |
103 | file = self.backend.wiki.get_file_by_path(path) | |
104 | if not file: | |
105 | raise tornado.web.HTTPError(404, "Could not find %s" % path) | |
106 | ||
107 | self.render("wiki/confirm-delete.html", file=file) | |
108 | ||
109 | @tornado.web.authenticated | |
110 | @base.ratelimit(minutes=60, requests=24) | |
111 | def post(self, path): | |
112 | # Check permissions | |
113 | if not self.backend.wiki.check_acl(path, self.current_user): | |
114 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
115 | ||
116 | # Fetch the file | |
117 | file = self.backend.wiki.get_file_by_path(path) | |
118 | if not file: | |
119 | raise tornado.web.HTTPError(404, "Could not find %s" % path) | |
120 | ||
121 | with self.db.transaction(): | |
122 | file.delete(self.current_user) | |
123 | ||
124 | self.redirect("%s/_files" % file.path) | |
125 | ||
126 | ||
da24ac0a | 127 | class ActionRestoreHandler(base.BaseHandler): |
d4c68c5c MT |
128 | @tornado.web.authenticated |
129 | @base.ratelimit(minutes=60, requests=24) | |
130 | def post(self): | |
131 | path = self.get_argument("path") | |
132 | ||
133 | # Check permissions | |
134 | if not self.backend.wiki.check_acl(path, self.current_user): | |
135 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
136 | ||
137 | # Check if we are asked to render a certain revision | |
138 | revision = self.get_argument("revision", None) | |
9f1cfab7 | 139 | comment = self.get_argument("comment", None) |
d4c68c5c MT |
140 | |
141 | # Fetch the wiki page | |
142 | page = self.backend.wiki.get_page(path, revision=revision) | |
143 | ||
144 | with self.db.transaction(): | |
145 | page = page.restore( | |
9f1cfab7 MT |
146 | author=self.current_user, |
147 | address=self.get_remote_ip(), | |
148 | comment=comment, | |
d4c68c5c MT |
149 | ) |
150 | ||
151 | # Redirect back to page | |
152 | self.redirect(page.page) | |
153 | ||
b26c705a | 154 | |
da24ac0a | 155 | class ActionWatchHandler(base.BaseHandler): |
d64a1e35 | 156 | @tornado.web.authenticated |
372ef119 | 157 | @base.ratelimit(minutes=60, requests=180) |
9db2e89f | 158 | def get(self, path, action): |
76433782 MT |
159 | if path is None: |
160 | path = "/" | |
161 | ||
d64a1e35 MT |
162 | page = self.backend.wiki.get_page(path) |
163 | if not page: | |
164 | raise tornado.web.HTTPError(404, "Page does not exist: %s" % path) | |
165 | ||
516da0a9 MT |
166 | # Check permissions |
167 | if not self.backend.wiki.check_acl(path, self.current_user): | |
168 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
169 | ||
d64a1e35 MT |
170 | with self.db.transaction(): |
171 | if action == "watch": | |
172 | page.add_watcher(self.current_user) | |
173 | elif action == "unwatch": | |
174 | page.remove_watcher(self.current_user) | |
175 | ||
176 | # Redirect back to page | |
177 | self.redirect(page.url) | |
178 | ||
179 | ||
da24ac0a | 180 | class ActionRenderHandler(base.BaseHandler): |
2901b734 MT |
181 | def check_xsrf_cookie(self): |
182 | pass # disabled | |
183 | ||
184 | @tornado.web.authenticated | |
372ef119 | 185 | @base.ratelimit(minutes=5, requests=180) |
2901b734 | 186 | def post(self, path): |
76433782 MT |
187 | if path is None: |
188 | path = "/" | |
189 | ||
2901b734 MT |
190 | content = self.get_argument("content") |
191 | ||
192 | # Render the content | |
193 | html = self.backend.wiki.render(path, content) | |
194 | ||
195 | self.finish(html) | |
196 | ||
197 | ||
da24ac0a | 198 | class FilesHandler(base.BaseHandler): |
f2cfd873 MT |
199 | @tornado.web.authenticated |
200 | def get(self, path): | |
76433782 MT |
201 | if path is None: |
202 | path = "/" | |
203 | ||
11afe905 MT |
204 | # Check permissions |
205 | if not self.backend.wiki.check_acl(path, self.current_user): | |
206 | raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user)) | |
207 | ||
f2cfd873 MT |
208 | files = self.backend.wiki.get_files(path) |
209 | ||
210 | self.render("wiki/files/index.html", path=path, files=files) | |
211 | ||
212 | ||
f9db574a | 213 | class WikiListModule(ui_modules.UIModule): |
27ac1524 MT |
214 | def render(self, pages, link_revision=False, show_breadcrumbs=True, |
215 | show_author=True, show_changes=False): | |
7d699684 | 216 | return self.render_string("wiki/modules/list.html", link_revision=link_revision, |
27ac1524 MT |
217 | pages=pages, show_breadcrumbs=show_breadcrumbs, |
218 | show_author=show_author, show_changes=show_changes) |