diff options
| -rw-r--r-- | IkiWiki.pm | 15 | ||||
| -rw-r--r-- | IkiWiki/Plugin/attachment.pm | 37 | ||||
| -rw-r--r-- | IkiWiki/Plugin/meta.pm | 4 | ||||
| -rw-r--r-- | doc/ikiwiki/pagespec/attachment.mdwn | 52 | ||||
| -rw-r--r-- | doc/plugins/attachment.mdwn | 46 | ||||
| -rw-r--r-- | po/ikiwiki.pot | 54 | ||||
| l--------- | underlays/basewiki/ikiwiki/pagespec/attachment.mdwn | 1 |
7 files changed, 135 insertions, 74 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm index d9b3dcdb4..03b4b666e 100644 --- a/IkiWiki.pm +++ b/IkiWiki.pm @@ -1290,6 +1290,13 @@ sub pagespec_valid ($) { #{{{ my $sub=pagespec_translate($spec); return ! $@; } #}}} + +sub glob2re ($) { #{{{ + my $re=quotemeta(shift); + $re=~s/\\\*/.*/g; + $re=~s/\\\?/./g; + return $re; +} #}}} package IkiWiki::FailReason; @@ -1337,12 +1344,8 @@ sub match_glob ($$;@) { #{{{ $glob="$from/$glob" if length $from; } - # turn glob into safe regexp - $glob=quotemeta($glob); - $glob=~s/\\\*/.*/g; - $glob=~s/\\\?/./g; - - if ($page=~/^$glob$/i) { + my $regexp=IkiWiki::glob2re($glob); + if ($page=~/^$regexp$/i) { if (! IkiWiki::isinternal($page) || $params{internal}) { return IkiWiki::SuccessReason->new("$glob matches $page"); } diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index a5c42d638..3bbe27b1a 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -47,7 +47,13 @@ sub formbuilder_setup (@) { #{{{ $form->field(name => "allowed_attachments", size => 50, fieldset => "admin", - comment => "(".htmllink("", "", "ikiwiki/PageSpec", noimageinline => 1).")"); + comment => "(". + htmllink("", "", + "ikiwiki/PageSpec/attachment", + noimageinline => 1, + linktext => "Enhanced PageSpec", + ).")" + ); if (! IkiWiki::is_admin($user_name)) { $form->field(name => "allowed_attachments", type => "hidden"); } @@ -298,6 +304,35 @@ sub match_minsize ($$;@) { #{{{ } } #}}} +sub match_mimetype ($$;@) { #{{{ + shift; + my $wanted=shift; + + my %params=@_; + if (! exists $params{file}) { + return IkiWiki::FailReason->new("no file specified"); + } + + # Use ::magic to get the mime type, the idea is to only trust + # data obtained by examining the actual file contents. + eval q{use File::MimeInfo::Magic}; + if ($@) { + return IkiWiki::FailReason->new("failed to load File::MimeInfo::Magic ($@); cannot check MIME type"); + } + my $mimetype=File::MimeInfo::Magic::magic($params{file}); + if (! defined $mimetype) { + $mimetype="unknown"; + } + + my $regexp=IkiWiki::glob2re($wanted); + if ($mimetype!~/^$regexp$/i) { + return IkiWiki::FailReason->new("file MIME type is $mimetype, not $wanted"); + } + else { + return IkiWiki::SuccessReason->new("file MIME type is $mimetype"); + } +} #}}} + sub match_ispage ($$;@) { #{{{ my $filename=shift; diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm index 8e1b11859..671060fbf 100644 --- a/IkiWiki/Plugin/meta.pm +++ b/IkiWiki/Plugin/meta.pm @@ -253,9 +253,7 @@ sub match { #{{{ my $page=shift; # turn glob into a safe regexp - my $re=quotemeta(shift); - $re=~s/\\\*/.*/g; - $re=~s/\\\?/./g; + my $re=IkiWiki::glob2re(shift); my $val; if (exists $pagestate{$page}{meta}{$field}) { diff --git a/doc/ikiwiki/pagespec/attachment.mdwn b/doc/ikiwiki/pagespec/attachment.mdwn new file mode 100644 index 000000000..40de91765 --- /dev/null +++ b/doc/ikiwiki/pagespec/attachment.mdwn @@ -0,0 +1,52 @@ +[[!meta robots="noindex, follow"]] +[[!if test="enabled(attachment)" + then="This wiki has attachments **enabled**." + else="This wiki has attachments **disabled**."]] + +If attachments are enabled, the wiki admin can control what types of +attachments will be accepted, by entering a [[ikiwiki/PageSpec]] in the +"Allowed Attachments" field of their preferences page. + +For example, to limit arbitrary files to 50 kilobytes, but allow +larger mp3 files to be uploaded by joey, a something like this could be +used: + + (user(joey) and *.mp3 and mimetype(audio/mpeg) and maxsize(15mb)) or (!ispage() and maxsize(50kb)) + +The regular [[ikiwiki/PageSpec]] syntax is expanded with thw following +additional tests: + +* maxsize(size) + + Tests whether the attachment is no larger than the specified size. + The size defaults to being in bytes, but "kb", "mb", "gb" etc can be + used to specify the units. + +* minsize(size) + + Tests whether the attachment is no smaller than the specified size. + +* ispage() + + Tests whether the attachment will be treated by ikiwiki as a wiki page. + (Ie, if it has an extension of ".mdwn", or of any other enabled page + format). + + So, if you don't want to allow wiki pages to be uploaded as attachments, + use `!ispage()` ; if you only want to allow wiki pages to be uploaded + as attachments, use `ispage()`. + +* user(username) + + Tests whether the attachment is being uploaded by a user with the + specified username. If openid is enabled, an openid can also be put here. + +* ip(address) + + Tests whether the attacment is being uploaded from the specified IP + address. + +* mimetype(foo/bar) + + This checks the MIME type of the attachment. You can include a glob + in the type, for example `mimetype(image/*)`. diff --git a/doc/plugins/attachment.mdwn b/doc/plugins/attachment.mdwn index 184f5b5df..2b8343042 100644 --- a/doc/plugins/attachment.mdwn +++ b/doc/plugins/attachment.mdwn @@ -20,45 +20,9 @@ Bear in mind that if you let anyone upload a particular kind of file contains html as a web page; including running any malicious javascript embedded in that page. -To provide a way to combat these abuses, the wiki admin can specify a -[[ikiwiki/PageSpec]] on their preferences page, to control what types of -attachments can be uploaded, and by whom. The regular [[ikiwiki/PageSpec]] -syntax is expanded with additional tests. +If you enable this plugin, be sure to lock that down, by entering an +[[enhanced_PageSpec|ikiwiki/pagespec/attachment]] in the "Allowed +Attachments" field of the wiki admin's preferences page. -For example, to limit arbitrary files to 50 kilobytes, but allow -larger mp3 files to be uploaded by joey, a test like this could be -used: - - (user(joey) and *.mp3 and maxsize(15mb)) or (!ispage() and maxsize(50kb)) - -The following additional tests are available: - -* maxsize(size) - - Tests whether the attachment is no larger than the specified size. - The size defaults to being in bytes, but "kb", "mb", "gb" etc can be - used to specify the units. - -* minsize(size) - - Tests whether the attachment is no smaller than the specified size. - -* ispage() - - Tests whether the attachment will be treated by ikiwiki as a wiki page. - (Ie, if it has an extension of ".mdwn", or of any other enabled page - format). - - So, if you don't want to allow wiki pages to be uploaded as attachments, - use `!ispage()` ; if you only want to allow wiki pages to be uploaded - as attachments, use `ispage()`. - -* user(username) - - Tests whether the attachment is being uploaded by a user with the - specified username. If openid is enabled, an openid can also be put here. - -* ip(address) - - Tests whether the attacment is being uploaded from the specified IP - address. +This plugin will use the [[cpan File::MimeInfo::Magic]] perl module, if +available, for mimetype checking. diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot index fec552220..8f64da8f7 100644 --- a/po/ikiwiki.pot +++ b/po/ikiwiki.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2008-06-28 23:05-0400\n" +"POT-Creation-Date: 2008-07-02 18:08-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -24,7 +24,7 @@ msgstr "" msgid "login failed, perhaps you need to turn on cookies?" msgstr "" -#: ../IkiWiki/CGI.pm:190 ../IkiWiki/CGI.pm:527 +#: ../IkiWiki/CGI.pm:190 ../IkiWiki/CGI.pm:526 msgid "Your login session has expired." msgstr "" @@ -44,25 +44,25 @@ msgstr "" msgid "Preferences saved." msgstr "" -#: ../IkiWiki/CGI.pm:327 +#: ../IkiWiki/CGI.pm:326 #, perl-format msgid "%s is not an editable page" msgstr "" -#: ../IkiWiki/CGI.pm:438 ../IkiWiki/Plugin/brokenlinks.pm:24 +#: ../IkiWiki/CGI.pm:437 ../IkiWiki/Plugin/brokenlinks.pm:24 #: ../IkiWiki/Plugin/inline.pm:266 ../IkiWiki/Plugin/opendiscussion.pm:17 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:95 #: ../IkiWiki/Render.pm:162 msgid "discussion" msgstr "" -#: ../IkiWiki/CGI.pm:494 +#: ../IkiWiki/CGI.pm:493 #, perl-format msgid "creating %s" msgstr "" -#: ../IkiWiki/CGI.pm:512 ../IkiWiki/CGI.pm:540 ../IkiWiki/CGI.pm:550 -#: ../IkiWiki/CGI.pm:584 ../IkiWiki/CGI.pm:629 +#: ../IkiWiki/CGI.pm:511 ../IkiWiki/CGI.pm:539 ../IkiWiki/CGI.pm:549 +#: ../IkiWiki/CGI.pm:583 ../IkiWiki/CGI.pm:628 #, perl-format msgid "editing %s" msgstr "" @@ -169,6 +169,18 @@ msgstr "" msgid "Failed to delete file from S3: " msgstr "" +#: ../IkiWiki/Plugin/attachment.pm:95 +msgid "bad attachment filename" +msgstr "" + +#: ../IkiWiki/Plugin/attachment.pm:118 +msgid "attachment rejected" +msgstr "" + +#: ../IkiWiki/Plugin/attachment.pm:147 +msgid "attachment upload" +msgstr "" + #: ../IkiWiki/Plugin/brokenlinks.pm:40 #, perl-format msgid "%s from %s" @@ -588,55 +600,51 @@ msgstr "" msgid "failed to generate image from code" msgstr "" -#: ../IkiWiki/Plugin/toggle.pm:88 -msgid "(not toggleable in preview mode)" -msgstr "" - #: ../IkiWiki/Rcs/Stub.pm:69 msgid "getctime not implemented" msgstr "" -#: ../IkiWiki/Render.pm:279 ../IkiWiki/Render.pm:300 +#: ../IkiWiki/Render.pm:286 ../IkiWiki/Render.pm:307 #, perl-format msgid "skipping bad filename %s" msgstr "" -#: ../IkiWiki/Render.pm:354 +#: ../IkiWiki/Render.pm:361 #, perl-format msgid "removing old page %s" msgstr "" -#: ../IkiWiki/Render.pm:394 +#: ../IkiWiki/Render.pm:401 #, perl-format msgid "scanning %s" msgstr "" -#: ../IkiWiki/Render.pm:399 +#: ../IkiWiki/Render.pm:406 #, perl-format msgid "rendering %s" msgstr "" -#: ../IkiWiki/Render.pm:420 +#: ../IkiWiki/Render.pm:427 #, perl-format msgid "rendering %s, which links to %s" msgstr "" -#: ../IkiWiki/Render.pm:441 +#: ../IkiWiki/Render.pm:448 #, perl-format msgid "rendering %s, which depends on %s" msgstr "" -#: ../IkiWiki/Render.pm:480 +#: ../IkiWiki/Render.pm:487 #, perl-format msgid "rendering %s, to update its backlinks" msgstr "" -#: ../IkiWiki/Render.pm:492 +#: ../IkiWiki/Render.pm:499 #, perl-format msgid "removing %s, no longer rendered by %s" msgstr "" -#: ../IkiWiki/Render.pm:516 +#: ../IkiWiki/Render.pm:523 #, perl-format msgid "ikiwiki: cannot render %s" msgstr "" @@ -700,11 +708,11 @@ msgstr "" msgid "usage: --set var=value" msgstr "" -#: ../IkiWiki.pm:123 +#: ../IkiWiki.pm:124 msgid "Must specify url to wiki with --url when using --cgi" msgstr "" -#: ../IkiWiki.pm:192 ../IkiWiki.pm:193 +#: ../IkiWiki.pm:193 ../IkiWiki.pm:194 msgid "Error" msgstr "" @@ -712,7 +720,7 @@ msgstr "" #. translators: preprocessor directive name, #. translators: the second a page name, the #. translators: third a number. -#: ../IkiWiki.pm:763 +#: ../IkiWiki.pm:764 #, perl-format msgid "%s preprocessing loop detected on %s at depth %i" msgstr "" diff --git a/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn b/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn new file mode 120000 index 000000000..ea6c45a78 --- /dev/null +++ b/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn @@ -0,0 +1 @@ +../../../../doc/ikiwiki/pagespec/attachment.mdwn
\ No newline at end of file |