[ipfire.org.git] / src / web / wiki.py

#!/usr/bin/python3

import difflib
import tornado.web

from . import auth
from . import base
from . import ui_modules

class ActionEditHandler(auth.CacheMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Fetch the wiki page
		page = self.backend.wiki.get_page(path)

		# Empty page if it was deleted
		if page and page.was_deleted():
			page = None

		# Render page
		self.render("wiki/edit.html", page=page)

	@tornado.web.authenticated
	def post(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		content = self.get_argument("content", None)
		changes = self.get_argument("changes")

		# Create a new page in the database
		with self.db.transaction():
			page = self.backend.wiki.create_page(path,
				self.current_user, content, changes=changes, address=self.get_remote_ip())

			# Add user as a watcher if wanted
			watch = self.get_argument("watch", False)
			if watch:
				page.add_watcher(self.current_user)

		# Redirect back
		if page.was_deleted():
			self.redirect("/")
		else:
			self.redirect(page.url)

	def on_finish(self):
		"""
			Updates the search index after the page has been edited
		"""
		# This is being executed in the background and after
		# the response has been set to the client
		with self.db.transaction():
			self.backend.wiki.refresh()


class ActionUploadHandler(auth.CacheMixin, base.BaseHandler):
	@tornado.web.authenticated
	def post(self):
		path = self.get_argument("path")

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		try:
			filename, data, mimetype = self.get_file("file")

			# XXX check valid mimetypes

			with self.db.transaction():
				file = self.backend.wiki.upload(path, filename, data,
					mimetype=mimetype, author=self.current_user,
					address=self.get_remote_ip())

		except TypeError as e:
			raise e

		self.redirect("%s/_files" % path)


class ActionWatchHandler(auth.CacheMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self, path, action):
		page = self.backend.wiki.get_page(path)
		if not page:
			raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)

		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		with self.db.transaction():
			if action == "watch":
				page.add_watcher(self.current_user)
			elif action == "unwatch":
				page.remove_watcher(self.current_user)

		# Redirect back to page
		self.redirect(page.url)


class ActionRenderHandler(auth.CacheMixin, base.BaseHandler):
	def check_xsrf_cookie(self):
		pass # disabled

	@tornado.web.authenticated
	def post(self, path):
		content = self.get_argument("content")

		# Render the content
		html = self.backend.wiki.render(path, content)

		self.finish(html)


class FilesHandler(auth.CacheMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		files = self.backend.wiki.get_files(path)

		self.render("wiki/files/index.html", path=path, files=files)


class FileHandler(base.BaseHandler):
	@property
	def action(self):
		return self.get_argument("action", None)

	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Fetch the file
		file = self.backend.wiki.get_file_by_path(path)
		if not file:
			raise tornado.web.HTTPError(404, "Could not find %s" % path)

		# Render detail page
		if self.action == "detail":
			page = None

			for breadcrumb, title in self.backend.wiki.make_breadcrumbs(path):
				page = self.backend.wiki.get_page(breadcrumb)
				if page:
					break

			self.render("wiki/files/detail.html", page=page, file=file)
			return

		size = self.get_argument_int("s", None)

		# Check if image should be resized
		if file.is_image() and size:
			blob = file.get_thumbnail(size)
		else:
			blob = file.blob

		# Set headers
		self.set_header("Content-Type", file.mimetype or "application/octet-stream")
		self.set_header("Content-Length", len(blob))

		# Set expires
		self.set_expires(3600)

		# Deliver content
		self.finish(blob)


class PageHandler(auth.CacheMixin, base.BaseHandler):
	@property
	def action(self):
		return self.get_argument("action", None)

	def write_error(self, status_code, **kwargs):
		# Render a custom page for 404
		if status_code == 404:
			self.render("wiki/404.html", **kwargs)
			return

		# Otherwise raise this to one layer above
		super().write_error(status_code, **kwargs)

	@tornado.web.removeslash
	def get(self, path):
		# Check permissions
		if not self.backend.wiki.check_acl(path, self.current_user):
			raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))

		# Check if we are asked to render a certain revision
		revision = self.get_argument("revision", None)

		# Fetch the wiki page
		page = self.backend.wiki.get_page(path, revision=revision)

		# Diff
		if self.action == "diff":
			# Get both revisions
			a = self.get_argument("a")
			b = self.get_argument("b")

			# Fetch both versions of the page
			a = self.backend.wiki.get_page(path, revision=a)
			b = self.backend.wiki.get_page(path, revision=b)
			if not a or not b:
				raise tornado.web.HTTPError(404)

			# Cannot render a diff for the identical page
			if a == b:
				raise tornado.web.HTTPError(400)

			# Make sure that b is newer than a
			if a > b:
				a, b = b, a

			self.render("wiki/diff.html", page=page, a=a, b=b)
			return

		# Revisions
		elif self.action == "revisions":
			self.render("wiki/revisions.html", page=page)
			return

		# If the page does not exist, we send 404
		if not page or page.was_deleted():
			raise tornado.web.HTTPError(404)

		# Fetch the latest revision
		latest_revision = page.get_latest_revision()

		# Render page
		self.render("wiki/page.html", page=page, latest_revision=latest_revision)


class SearchHandler(auth.CacheMixin, base.BaseHandler):
	@base.blacklisted
	def get(self):
		q = self.get_argument("q")

		pages = self.backend.wiki.search(q, account=self.current_user, limit=50)

		self.render("wiki/search-results.html", q=q, pages=pages)


class RecentChangesHandler(auth.CacheMixin, base.BaseHandler):
	def get(self):
		recent_changes = self.backend.wiki.get_recent_changes(self.current_user, limit=50)

		self.render("wiki/recent-changes.html", recent_changes=recent_changes)


class WatchlistHandler(auth.CacheMixin, base.BaseHandler):
	@tornado.web.authenticated
	def get(self):
		pages = self.backend.wiki.get_watchlist(self.current_user)

		self.render("wiki/watchlist.html", pages=pages)


class WikiDiffModule(ui_modules.UIModule):
	differ = difflib.Differ()

	def render(self, a, b):
		diff = self.differ.compare(
			a.markdown.splitlines(),
			b.markdown.splitlines(),
		)

		return self.render_string("wiki/modules/diff.html", diff=diff)


class WikiListModule(ui_modules.UIModule):
	def render(self, pages, link_revision=False, show_breadcrumbs=True,
			show_author=True, show_changes=False):
		return self.render_string("wiki/modules/list.html", link_revision=link_revision,
			pages=pages, show_breadcrumbs=show_breadcrumbs,
			show_author=show_author, show_changes=show_changes)


class WikiNavbarModule(ui_modules.UIModule):
	@property
	def path(self):
		"""
			Returns the path of the page (without any actions)
		"""
		path = self.request.path.split("/")

		if path and path[-1].startswith("_"):
			path.pop()

		return "/".join(path)

	def render(self, suffix=None):
		_ = self.locale.translate

		# Make the path
		page = self.request.path.split("/")

		# Drop the action bit
		if page and page[-1].startswith("_"):
			page.pop()

		page = "/".join(page)

		breadcrumbs = self.backend.wiki.make_breadcrumbs(page)
		title = self.backend.wiki.get_page_title(page)

		if self.request.path.endswith("/_edit"):
			suffix = _("Edit")
		elif self.request.path.endswith("/_files"):
			suffix = _("Files")

		return self.render_string("wiki/modules/navbar.html",
			breadcrumbs=breadcrumbs, page=page, page_title=title, suffix=suffix)
Commit	Line	Data
181d08f3 MT	1	#!/usr/bin/python3
181d08f3 MT	2
c21ffadb	3	import difflib
181d08f3 MT	4	import tornado.web
	5
	6	from . import auth
	7	from . import base
6ac7e934	8	from . import ui_modules
181d08f3	9
b6e8b28f MT	10	class ActionEditHandler(auth.CacheMixin, base.BaseHandler):
b6e8b28f MT	11	@tornado.web.authenticated
3587f73a MT	12	def get(self, path):
	13	# Check permissions
	14	if not self.backend.wiki.check_acl(path, self.current_user):
	15	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	16
	17	# Fetch the wiki page
	18	page = self.backend.wiki.get_page(path)
	19
	20	# Empty page if it was deleted
	21	if page and page.was_deleted():
	22	page = None
b6e8b28f	23
3587f73a MT	24	# Render page
	25	self.render("wiki/edit.html", page=page)
	26
	27	@tornado.web.authenticated
	28	def post(self, path):
b6e8b28f MT	29	# Check permissions
	30	if not self.backend.wiki.check_acl(path, self.current_user):
	31	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	32
	33	content = self.get_argument("content", None)
	34	changes = self.get_argument("changes")
	35
	36	# Create a new page in the database
	37	with self.db.transaction():
	38	page = self.backend.wiki.create_page(path,
	39	self.current_user, content, changes=changes, address=self.get_remote_ip())
	40
d64a1e35 MT	41	# Add user as a watcher if wanted
	42	watch = self.get_argument("watch", False)
	43	if watch:
	44	page.add_watcher(self.current_user)
	45
b6e8b28f MT	46	# Redirect back
	47	if page.was_deleted():
	48	self.redirect("/")
	49	else:
	50	self.redirect(page.url)
	51
	52	def on_finish(self):
	53	"""
	54	Updates the search index after the page has been edited
	55	"""
	56	# This is being executed in the background and after
	57	# the response has been set to the client
	58	with self.db.transaction():
	59	self.backend.wiki.refresh()
	60
	61
f2cfd873 MT	62	class ActionUploadHandler(auth.CacheMixin, base.BaseHandler):
	63	@tornado.web.authenticated
	64	def post(self):
	65	path = self.get_argument("path")
	66
11afe905 MT	67	# Check permissions
	68	if not self.backend.wiki.check_acl(path, self.current_user):
	69	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	70
f2cfd873 MT	71	try:
	72	filename, data, mimetype = self.get_file("file")
	73
	74	# XXX check valid mimetypes
	75
	76	with self.db.transaction():
	77	file = self.backend.wiki.upload(path, filename, data,
	78	mimetype=mimetype, author=self.current_user,
	79	address=self.get_remote_ip())
	80
	81	except TypeError as e:
	82	raise e
	83
3b33319e	84	self.redirect("%s/_files" % path)
f2cfd873 MT	85
f2cfd873 MT	86
d64a1e35 MT	87	class ActionWatchHandler(auth.CacheMixin, base.BaseHandler):
d64a1e35 MT	88	@tornado.web.authenticated
9db2e89f	89	def get(self, path, action):
d64a1e35 MT	90	page = self.backend.wiki.get_page(path)
	91	if not page:
	92	raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)
	93
516da0a9 MT	94	# Check permissions
	95	if not self.backend.wiki.check_acl(path, self.current_user):
	96	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	97
d64a1e35 MT	98	with self.db.transaction():
	99	if action == "watch":
	100	page.add_watcher(self.current_user)
	101	elif action == "unwatch":
	102	page.remove_watcher(self.current_user)
	103
	104	# Redirect back to page
	105	self.redirect(page.url)
	106
	107
2901b734 MT	108	class ActionRenderHandler(auth.CacheMixin, base.BaseHandler):
	109	def check_xsrf_cookie(self):
	110	pass # disabled
	111
	112	@tornado.web.authenticated
	113	def post(self, path):
	114	content = self.get_argument("content")
	115
	116	# Render the content
	117	html = self.backend.wiki.render(path, content)
	118
	119	self.finish(html)
	120
	121
f2cfd873 MT	122	class FilesHandler(auth.CacheMixin, base.BaseHandler):
	123	@tornado.web.authenticated
	124	def get(self, path):
11afe905 MT	125	# Check permissions
	126	if not self.backend.wiki.check_acl(path, self.current_user):
	127	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	128
f2cfd873 MT	129	files = self.backend.wiki.get_files(path)
	130
	131	self.render("wiki/files/index.html", path=path, files=files)
	132
	133
568b265b	134	class FileHandler(base.BaseHandler):
8cb0bea4 MT	135	@property
	136	def action(self):
	137	return self.get_argument("action", None)
	138
f2cfd873	139	def get(self, path):
11afe905 MT	140	# Check permissions
	141	if not self.backend.wiki.check_acl(path, self.current_user):
	142	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
	143
	144	# Fetch the file
f2cfd873 MT	145	file = self.backend.wiki.get_file_by_path(path)
	146	if not file:
	147	raise tornado.web.HTTPError(404, "Could not find %s" % path)
	148
8cb0bea4 MT	149	# Render detail page
8cb0bea4 MT	150	if self.action == "detail":
1fbe97b0 MT	151	page = None
1fbe97b0 MT	152
531846f7 MT	153	for breadcrumb, title in self.backend.wiki.make_breadcrumbs(path):
	154	page = self.backend.wiki.get_page(breadcrumb)
	155	if page:
	156	break
	157
	158	self.render("wiki/files/detail.html", page=page, file=file)
8cb0bea4 MT	159	return
8cb0bea4 MT	160
79dd9a0f MT	161	size = self.get_argument_int("s", None)
	162
	163	# Check if image should be resized
	164	if file.is_image() and size:
	165	blob = file.get_thumbnail(size)
	166	else:
	167	blob = file.blob
	168
f2cfd873 MT	169	# Set headers
f2cfd873 MT	170	self.set_header("Content-Type", file.mimetype or "application/octet-stream")
79dd9a0f	171	self.set_header("Content-Length", len(blob))
f2cfd873	172
568b265b MT	173	# Set expires
	174	self.set_expires(3600)
	175
79dd9a0f MT	176	# Deliver content
79dd9a0f MT	177	self.finish(blob)
f2cfd873 MT	178
f2cfd873 MT	179
181d08f3	180	class PageHandler(auth.CacheMixin, base.BaseHandler):
d398ca08 MT	181	@property
	182	def action(self):
	183	return self.get_argument("action", None)
	184
a446dcb9 MT	185	def write_error(self, status_code, **kwargs):
	186	# Render a custom page for 404
	187	if status_code == 404:
	188	self.render("wiki/404.html", **kwargs)
	189	return
	190
	191	# Otherwise raise this to one layer above
	192	super().write_error(status_code, **kwargs)
	193
181d08f3	194	@tornado.web.removeslash
5bc8e262	195	def get(self, path):
11afe905	196	# Check permissions
5bc8e262 MT	197	if not self.backend.wiki.check_acl(path, self.current_user):
5bc8e262 MT	198	raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
11afe905	199
7d699684 MT	200	# Check if we are asked to render a certain revision
	201	revision = self.get_argument("revision", None)
	202
	203	# Fetch the wiki page
5bc8e262	204	page = self.backend.wiki.get_page(path, revision=revision)
181d08f3	205
c21ffadb MT	206	# Diff
	207	if self.action == "diff":
	208	# Get both revisions
	209	a = self.get_argument("a")
	210	b = self.get_argument("b")
	211
	212	# Fetch both versions of the page
5bc8e262 MT	213	a = self.backend.wiki.get_page(path, revision=a)
5bc8e262 MT	214	b = self.backend.wiki.get_page(path, revision=b)
c21ffadb MT	215	if not a or not b:
	216	raise tornado.web.HTTPError(404)
	217
	218	# Cannot render a diff for the identical page
	219	if a == b:
	220	raise tornado.web.HTTPError(400)
	221
	222	# Make sure that b is newer than a
	223	if a > b:
	224	a, b = b, a
	225
	226	self.render("wiki/diff.html", page=page, a=a, b=b)
	227	return
	228
7d699684 MT	229	# Revisions
	230	elif self.action == "revisions":
	231	self.render("wiki/revisions.html", page=page)
	232	return
d398ca08	233
181d08f3 MT	234	# If the page does not exist, we send 404
	235	if not page or page.was_deleted():
	236	raise tornado.web.HTTPError(404)
	237
	238	# Fetch the latest revision
	239	latest_revision = page.get_latest_revision()
	240
	241	# Render page
	242	self.render("wiki/page.html", page=page, latest_revision=latest_revision)
	243
181d08f3 MT	244
	245	class SearchHandler(auth.CacheMixin, base.BaseHandler):
	246	@base.blacklisted
	247	def get(self):
	248	q = self.get_argument("q")
	249
11afe905	250	pages = self.backend.wiki.search(q, account=self.current_user, limit=50)
181d08f3	251
df80be2c	252	self.render("wiki/search-results.html", q=q, pages=pages)
6ac7e934 MT	253
6ac7e934 MT	254
f9db574a MT	255	class RecentChangesHandler(auth.CacheMixin, base.BaseHandler):
f9db574a MT	256	def get(self):
11afe905	257	recent_changes = self.backend.wiki.get_recent_changes(self.current_user, limit=50)
f9db574a MT	258
	259	self.render("wiki/recent-changes.html", recent_changes=recent_changes)
	260
	261
2f23c558 MT	262	class WatchlistHandler(auth.CacheMixin, base.BaseHandler):
	263	@tornado.web.authenticated
	264	def get(self):
	265	pages = self.backend.wiki.get_watchlist(self.current_user)
	266
	267	self.render("wiki/watchlist.html", pages=pages)
	268
	269
c21ffadb MT	270	class WikiDiffModule(ui_modules.UIModule):
	271	differ = difflib.Differ()
	272
	273	def render(self, a, b):
	274	diff = self.differ.compare(
	275	a.markdown.splitlines(),
	276	b.markdown.splitlines(),
	277	)
	278
	279	return self.render_string("wiki/modules/diff.html", diff=diff)
	280
	281
f9db574a	282	class WikiListModule(ui_modules.UIModule):
27ac1524 MT	283	def render(self, pages, link_revision=False, show_breadcrumbs=True,
27ac1524 MT	284	show_author=True, show_changes=False):
7d699684	285	return self.render_string("wiki/modules/list.html", link_revision=link_revision,
27ac1524 MT	286	pages=pages, show_breadcrumbs=show_breadcrumbs,
27ac1524 MT	287	show_author=show_author, show_changes=show_changes)
f9db574a MT	288
f9db574a MT	289
6ac7e934	290	class WikiNavbarModule(ui_modules.UIModule):
40e481b9 MT	291	@property
	292	def path(self):
	293	"""
	294	Returns the path of the page (without any actions)
	295	"""
	296	path = self.request.path.split("/")
	297
	298	if path and path[-1].startswith("_"):
	299	path.pop()
	300
	301	return "/".join(path)
	302
67573803	303	def render(self, suffix=None):
f2cfd873 MT	304	_ = self.locale.translate
f2cfd873 MT	305
40e481b9 MT	306	# Make the path
40e481b9 MT	307	page = self.request.path.split("/")
67573803	308
40e481b9 MT	309	# Drop the action bit
	310	if page and page[-1].startswith("_"):
	311	page.pop()
	312
	313	page = "/".join(page)
	314
	315	breadcrumbs = self.backend.wiki.make_breadcrumbs(page)
	316	title = self.backend.wiki.get_page_title(page)
	317
	318	if self.request.path.endswith("/_edit"):
	319	suffix = _("Edit")
	320	elif self.request.path.endswith("/_files"):
	321	suffix = _("Files")
6ac7e934 MT	322
6ac7e934 MT	323	return self.render_string("wiki/modules/navbar.html",
40e481b9	324	breadcrumbs=breadcrumbs, page=page, page_title=title, suffix=suffix)