Merge branch 'master'

Conflicts:
	doc/ikiwiki-makerepo.mdwn

4 files changed, 45 insertions, 10 deletions

diff --git a/doc/rcs/details.mdwn b/doc/rcs/details.mdwn
index e62f3ef49..089221cab 100644
--- a/doc/rcs/details.mdwn
+++ b/doc/rcs/details.mdwn
@@ -280,6 +280,9 @@ Here is a how a commit from a remote repository works:
 
 * git-commit in the remote repository
 * git-push, pushes the commit to the master repo on the server
+* (Optionally, the master repo's pre-receive hook runs, and checks that the
+  update only modifies files that the pushing user is allowed to update. 
+  If not, it aborts the receive.)
 * the master repo's post-update hook notices this update, and runs ikiwiki
 * ikiwiki notices the modifies page source, and compiles it
 
diff --git a/doc/rcs/git.mdwn b/doc/rcs/git.mdwn
index b210af825..000eb0b3c 100644
--- a/doc/rcs/git.mdwn
+++ b/doc/rcs/git.mdwn
@@ -20,9 +20,9 @@ working clones (with working directories) as leaf nodes.  The root
 working clones.
 
 One of the leaf node clone repositories is special; it has working
-directory which is used to compile the wiki from, and is also used by the
+directory which is used to compile the wiki, and is also used by the
 [[cgi]] to commit changes made via the web interface. It is special
-since the `post-commit` hook for the bare root repository is used to
+since the `post-update` hook for the bare root repository is used to
 trigger an update of this repository, and then an ikiwiki refresh
 updates the published  wiki itself.
 
@@ -43,9 +43,9 @@ repositories:
   repositories will push to/pull from.  It is a bare repository, since
   there are problems pushing to a repository that has a working
   directory. This is called _repository_ in [[ikiwiki-makerepo]]'s
-  manual page. Nominally, this bare repository has a `post-commit` hook
+  manual page. Nominally, this bare repository has a `post-update` hook
   that either is or calls ikiwiki's git wrapper, which changes to the
-  working directory for ikiwiki, does a _git pull_, and refreshes ikiwiki
+  working directory for ikiwiki, does a `git pull`, and refreshes ikiwiki
   to regenerate the wiki with any new content. The [[setup]] page describes
   how to do this.
 
@@ -64,7 +64,7 @@ repositories:
   hack on your wiki. you can commit local changes to the version on
   the laptop, perhaps while offline. Any new content should be pushed to the
   bare master repository when you are ready to publish it, and then
-  the post-commit hook of the bare repository will ensure that the
+  the post-update hook of the bare repository will ensure that the
   ikiwiki's source directory is updated, and the ikiwiki refreshed
   with the new content.
 
@@ -79,7 +79,7 @@ It is **paramount** that you **never** push to the non-bare repository
 Instead, clone the bare repository as mentioned above, and push
 **only** to the bare repository.
 
-The ikiwiki `post-commit` hook should be put in the bare repository.
+The ikiwiki `post-update` hook should be put in the bare repository.
 
 ## git repository with multiple committers
 
@@ -100,6 +100,33 @@ repository, should only be writable by the wiki's admin, and *not* by the
 group. Take care that ikiwiki uses a umask that does not cause files in
 the srcdir to become group writable. (umask 022 will work.)
 
+## git repository with untrusted committers
+
+By default, anyone who can commit to the git repository can modify any file
+on the wiki however they like. A `pre-receive` hook can be set up to limit
+incoming commits from untrusted users. Then the same limits that are placed
+on edits via the web will be in effect for commits to git for the users.
+They will not be allowed to edit locked pages, they will only be able to
+delete pages that the [[plugins/remove]] configuration allows them to
+remove, and they will only be allowed to add non-page attachments that the
+[[plugins/attachment]] configuration allows.
+
+To enable this, you need to set up the git repository to have multiple
+committers. Trusted committers, including the user that ikiwiki runs as, 
+will not have their commits checked by the `pre-receive` hook. Untrusted
+committers will have their commits checked. The configuration settings to
+enable are `git_test_receive_wrapper`, which enables generation of a
+`pre-receive` hook, and `untrusted_committers`, which is a list of
+usernames of the untrusted committers.
+
+Note that when the `pre-receive` hook is checking incoming changes, it
+ignores the git authorship information, and uses the username of the unix
+user who made the commit. Then tests including the `locked_pages` [[PageSpec]]
+are checked to see if that user can edit the pages in the commit.
+
+You can even set up an [[anonymous_user|tips/untrusted_git_push]], to allow
+anyone to push changes in via git rather than using the web interface.
+
 ## Optionally using a local wiki to preview changes
 
 When working on the "working clones" to add content to your wiki,
@@ -120,7 +147,7 @@ is the normal behaviour of ikiwiki, set the configuration of the local wiki:
 
       gitorigin_branch => "",
       ## git post-commit wrapper
-      wrapper => "/working/dir/.git/hooks/post-commit",
+      git_wrapper => "/working/dir/.git/hooks/post-commit",
 
 Then just committing should refresh the private ikiwiki on the local
 host.  Now just run `ikiwiki -setup localwiki.setup -getctime` and
diff --git a/doc/rcs/mercurial.mdwn b/doc/rcs/mercurial.mdwn
index b4baf07f4..ebfc35202 100644
--- a/doc/rcs/mercurial.mdwn
+++ b/doc/rcs/mercurial.mdwn
@@ -10,9 +10,9 @@ commits edited pages, and uses the Mercurial history to generate the
 Example for a `.hg/hgrc` file in `$SRCDIR`:
 
     [hooks]
-    post-commit = /home/abe/bin/rebuildwiki
-    incoming = /home/abe/bin/rebuildwiki
+    post-commit = ikiwiki --setup /path/to/ikiwiki.setup --post-commit
+    incoming = ikiwiki --setup /path/to/ikiwiki.setup --post-commit
 
-Do not use `commit` or `precommit` hooks or ikiwiki will run into a dead lock when committing in `$SRCDIR`
+Do not use `commit` or `precommit` hooks or ikiwiki will run into a dead lock when committing in `$SRCDIR`. Also note that `--post-commit` and not `--refresh` must be used to avoid dead locking when editing the pages via CGI interface.
 
 See also [[todo/mercurial|todo/mercurial]]
diff --git a/doc/rcs/monotone.mdwn b/doc/rcs/monotone.mdwn
index babd5cf01..2cfcdfbf5 100644
--- a/doc/rcs/monotone.mdwn
+++ b/doc/rcs/monotone.mdwn
@@ -17,3 +17,8 @@ There is also a mismatch between the way Ikiwiki handles conflicts and the
 way Monotone handles conflicts.  At present, if there is a conflict, then
 Ikiwiki will commit a revision with conflict markers before presenting it
 to the user.  This is ugly, but there is no clean way to fix it at present.
+
+Also note that not all recent ikiwiki features have been implemented in the
+monotone plugin.  At the moment we're missing:
+
+  * [[todo/Untrusted_push_in_Monotone]]