+++ /dev/null
-#!/usr/bin/python3
-
-import tornado.web
-
-from . import base
-from . import ui_modules
-
-class ActionUploadHandler(base.BaseHandler):
- @tornado.web.authenticated
- @base.ratelimit(minutes=60, requests=24)
- def post(self):
- path = self.get_argument("path")
-
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- try:
- filename, data, mimetype = self.get_file("file")
-
- # Use filename from request if any
- filename = self.get_argument("filename", filename)
-
- # XXX check valid mimetypes
-
- with self.db.transaction():
- file = self.backend.wiki.upload(path, filename, data,
- mimetype=mimetype, author=self.current_user,
- address=self.get_remote_ip())
-
- except TypeError as e:
- raise e
-
- self.redirect("%s/_files" % path)
-
-
-class ActionDeleteHandler(base.BaseHandler):
- @tornado.web.authenticated
- def get(self, path):
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- # Fetch the file
- file = self.backend.wiki.get_file_by_path(path)
- if not file:
- raise tornado.web.HTTPError(404, "Could not find %s" % path)
-
- self.render("wiki/confirm-delete.html", file=file)
-
- @tornado.web.authenticated
- @base.ratelimit(minutes=60, requests=24)
- def post(self, path):
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- # Fetch the file
- file = self.backend.wiki.get_file_by_path(path)
- if not file:
- raise tornado.web.HTTPError(404, "Could not find %s" % path)
-
- with self.db.transaction():
- file.delete(self.current_user)
-
- self.redirect("%s/_files" % file.path)
-
-
-class ActionRestoreHandler(base.BaseHandler):
- @tornado.web.authenticated
- @base.ratelimit(minutes=60, requests=24)
- def post(self):
- path = self.get_argument("path")
-
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- # Check if we are asked to render a certain revision
- revision = self.get_argument("revision", None)
- comment = self.get_argument("comment", None)
-
- # Fetch the wiki page
- page = self.backend.wiki.get_page(path, revision=revision)
-
- with self.db.transaction():
- page = page.restore(
- author=self.current_user,
- address=self.get_remote_ip(),
- comment=comment,
- )
-
- # Redirect back to page
- self.redirect(page.page)
-
-
-class ActionWatchHandler(base.BaseHandler):
- @tornado.web.authenticated
- @base.ratelimit(minutes=60, requests=180)
- def get(self, path, action):
- if path is None:
- path = "/"
-
- page = self.backend.wiki.get_page(path)
- if not page:
- raise tornado.web.HTTPError(404, "Page does not exist: %s" % path)
-
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- with self.db.transaction():
- if action == "watch":
- page.add_watcher(self.current_user)
- elif action == "unwatch":
- page.remove_watcher(self.current_user)
-
- # Redirect back to page
- self.redirect(page.url)
-
-
-class FilesHandler(base.BaseHandler):
- @tornado.web.authenticated
- def get(self, path):
- if path is None:
- path = "/"
-
- # Check permissions
- if not self.backend.wiki.check_acl(path, self.current_user):
- raise tornado.web.HTTPError(403, "Access to %s not allowed for %s" % (path, self.current_user))
-
- files = self.backend.wiki.get_files(path)
-
- self.render("wiki/files/index.html", path=path, files=files)
-
-
-class WikiListModule(ui_modules.UIModule):
- def render(self, pages, link_revision=False, show_breadcrumbs=True,
- show_author=True, show_changes=False):
- return self.render_string("wiki/modules/list.html", link_revision=link_revision,
- pages=pages, show_breadcrumbs=show_breadcrumbs,
- show_author=show_author, show_changes=show_changes)