wiki: Implement restoring pages

[ipfire.org.git] / src / web / wiki.py

diff --git a/src/web/wiki.py b/src/web/wiki.py
index 30077c075688c36eef9037172082b103eba5bb8a..ca0f1b35f949394e0fb0804234c7ed74003391e0 100644 (file)
--- a/src/web/wiki.py
+++ b/src/web/wiki.py
@@ -78,6 +78,9 @@ class ActionUploadHandler(auth.CacheMixin, base.BaseHandler):
                try:
                        filename, data, mimetype = self.get_file("file")
 
+                       # Use filename from request if any
+                       filename = self.get_argument("filename", filename)
+
                        # XXX check valid mimetypes
 
                        with self.db.transaction():
@@ -91,6 +94,63 @@ class ActionUploadHandler(auth.CacheMixin, base.BaseHandler):
                self.redirect("%s/_files" % path)
 
 
+class ActionDeleteHandler(auth.CacheMixin, base.BaseHandler):
+       @tornado.web.authenticated
+       def get(self, path):
+               # Check permissions
+               if not self.backend.wiki.check_acl(path, self.current_user):
+                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
+
+               # Fetch the file
+               file = self.backend.wiki.get_file_by_path(path)
+               if not file:
+                       raise tornado.web.HTTPError(404, "Could not find %s" % path)
+
+               self.render("wiki/confirm-delete.html", file=file)
+
+       @tornado.web.authenticated
+       @base.ratelimit(minutes=60, requests=24)
+       def post(self, path):
+               # Check permissions
+               if not self.backend.wiki.check_acl(path, self.current_user):
+                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
+
+               # Fetch the file
+               file = self.backend.wiki.get_file_by_path(path)
+               if not file:
+                       raise tornado.web.HTTPError(404, "Could not find %s" % path)
+
+               with self.db.transaction():
+                       file.delete(self.current_user)
+
+               self.redirect("%s/_files" % file.path)
+
+
+class ActionRestoreHandler(auth.CacheMixin, base.BaseHandler):
+       @tornado.web.authenticated
+       @base.ratelimit(minutes=60, requests=24)
+       def post(self):
+               path = self.get_argument("path")
+
+               # Check permissions
+               if not self.backend.wiki.check_acl(path, self.current_user):
+                       raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
+
+               # Check if we are asked to render a certain revision
+               revision = self.get_argument("revision", None)
+
+               # Fetch the wiki page
+               page = self.backend.wiki.get_page(path, revision=revision)
+
+               with self.db.transaction():
+                       page = page.restore(
+                               author=self.current_user, address=self.get_remote_ip(),
+                       )
+
+               # Redirect back to page
+               self.redirect(page.page)
+
+
 class ActionWatchHandler(auth.CacheMixin, base.BaseHandler):
        @tornado.web.authenticated
        @base.ratelimit(minutes=60, requests=180)
@@ -159,8 +219,11 @@ class FileHandler(base.BaseHandler):
                if not self.backend.wiki.check_acl(path, self.current_user):
                        raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
 
+               # Check if we are asked to render a certain revision
+               revision = self.get_argument("revision", None)
+
                # Fetch the file
-               file = self.backend.wiki.get_file_by_path(path)
+               file = self.backend.wiki.get_file_by_path(path, revision=revision)
                if not file:
                        raise tornado.web.HTTPError(404, "Could not find %s" % path)
 
@@ -247,6 +310,11 @@ class PageHandler(auth.CacheMixin, base.BaseHandler):
                        self.render("wiki/diff.html", page=page, a=a, b=b)
                        return
 
+               # Restore
+               elif self.action == "restore":
+                       self.render("wiki/confirm-restore.html", page=page)
+                       return
+
                # Revisions
                elif self.action == "revisions":
                        self.render("wiki/revisions.html", page=page)
@@ -254,6 +322,16 @@ class PageHandler(auth.CacheMixin, base.BaseHandler):
 
                # If the page does not exist, we send 404
                if not page or page.was_deleted():
+                       # Handle /start links which were in the format of DokuWiki
+                       if path.endswith("/start"):
+                               # Strip /start from path
+                               path = path[:-6] or "/"
+
+                               # Redirect user to page if it exists
+                               page = self.backend.wiki.page_exists(path)
+                               if page:
+                                       self.redirect(path)
+
                        raise tornado.web.HTTPError(404)
 
                # Fetch the latest revision
@@ -264,8 +342,7 @@ class PageHandler(auth.CacheMixin, base.BaseHandler):
 
 
 class SearchHandler(auth.CacheMixin, base.BaseHandler):
-       @base.blacklisted
-       @base.ratelimit(minutes=15, requests=10)
+       @base.ratelimit(minutes=5, requests=25)
        def get(self):
                q = self.get_argument("q")