summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kodama.kitenet.net>2008-07-21 22:41:31 -0400
committerJoey Hess <joey@kodama.kitenet.net>2008-07-21 22:41:31 -0400
commitf9cbe871adce4555690d5b934d67c1420f49c34e (patch)
tree156b7b1889f0ef794e2b52f831c96b53bd324a40
parent96c529826d3104bee299b4d3ea09c95229b9b64d (diff)
factor out check_canattach
Other plugins will need to use this.
-rw-r--r--IkiWiki/Plugin/attachment.pm49
1 files changed, 30 insertions, 19 deletions
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm
index 01d0d2478..8f9d7f5a4 100644
--- a/IkiWiki/Plugin/attachment.pm
+++ b/IkiWiki/Plugin/attachment.pm
@@ -11,6 +11,34 @@ sub import { #{{{
hook(type => "formbuilder", id => "attachment", call => \&formbuilder);
} # }}}
+sub check_canattach ($$;$) {
+ my $session=shift;
+ my $dest=shift; # where it's going to be put, under the srcdir
+ my $file=shift; # the path to the attachment currently
+
+ # Use a special pagespec to test that the attachment is valid.
+ my $allowed=1;
+ foreach my $admin (@{$config{adminuser}}) {
+ my $allowed_attachments=IkiWiki::userinfo_get($admin, "allowed_attachments");
+ if (defined $allowed_attachments &&
+ length $allowed_attachments) {
+ $allowed=pagespec_match($dest,
+ $allowed_attachments,
+ file => $file,
+ user => $session->param("name"),
+ ip => $ENV{REMOTE_ADDR},
+ );
+ last if $allowed;
+ }
+ }
+ if (! $allowed) {
+ error(gettext("attachment rejected")." ($allowed)");
+ }
+ else {
+ return 1;
+ }
+}
+
sub checkconfig () { #{{{
$config{cgi_disable_uploads}=0;
} #}}}
@@ -113,25 +141,8 @@ sub formbuilder (@) { #{{{
# Check that the user is allowed to edit a page with the
# name of the attachment.
IkiWiki::check_canedit($filename, $q, $session, 1);
-
- # Use a special pagespec to test that the attachment is valid.
- my $allowed=1;
- foreach my $admin (@{$config{adminuser}}) {
- my $allowed_attachments=IkiWiki::userinfo_get($admin, "allowed_attachments");
- if (defined $allowed_attachments &&
- length $allowed_attachments) {
- $allowed=pagespec_match($filename,
- $allowed_attachments,
- file => $tempfile,
- user => $session->param("name"),
- ip => $ENV{REMOTE_ADDR},
- );
- last if $allowed;
- }
- }
- if (! $allowed) {
- error(gettext("attachment rejected")." ($allowed)");
- }
+ # And that the attachment itself is acceptable.
+ check_canattach($session, $filename, $tempfile);
# Needed for fast_file_copy and for rendering below.
require IkiWiki::Render;