summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--IkiWiki.pm15
-rw-r--r--IkiWiki/Plugin/attachment.pm37
-rw-r--r--IkiWiki/Plugin/meta.pm4
-rw-r--r--doc/ikiwiki/pagespec/attachment.mdwn52
-rw-r--r--doc/plugins/attachment.mdwn46
-rw-r--r--po/ikiwiki.pot54
l---------underlays/basewiki/ikiwiki/pagespec/attachment.mdwn1
7 files changed, 135 insertions, 74 deletions
diff --git a/IkiWiki.pm b/IkiWiki.pm
index d9b3dcdb4..03b4b666e 100644
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -1290,6 +1290,13 @@ sub pagespec_valid ($) { #{{{
my $sub=pagespec_translate($spec);
return ! $@;
} #}}}
+
+sub glob2re ($) { #{{{
+ my $re=quotemeta(shift);
+ $re=~s/\\\*/.*/g;
+ $re=~s/\\\?/./g;
+ return $re;
+} #}}}
package IkiWiki::FailReason;
@@ -1337,12 +1344,8 @@ sub match_glob ($$;@) { #{{{
$glob="$from/$glob" if length $from;
}
- # turn glob into safe regexp
- $glob=quotemeta($glob);
- $glob=~s/\\\*/.*/g;
- $glob=~s/\\\?/./g;
-
- if ($page=~/^$glob$/i) {
+ my $regexp=IkiWiki::glob2re($glob);
+ if ($page=~/^$regexp$/i) {
if (! IkiWiki::isinternal($page) || $params{internal}) {
return IkiWiki::SuccessReason->new("$glob matches $page");
}
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm
index a5c42d638..3bbe27b1a 100644
--- a/IkiWiki/Plugin/attachment.pm
+++ b/IkiWiki/Plugin/attachment.pm
@@ -47,7 +47,13 @@ sub formbuilder_setup (@) { #{{{
$form->field(name => "allowed_attachments", size => 50,
fieldset => "admin",
- comment => "(".htmllink("", "", "ikiwiki/PageSpec", noimageinline => 1).")");
+ comment => "(".
+ htmllink("", "",
+ "ikiwiki/PageSpec/attachment",
+ noimageinline => 1,
+ linktext => "Enhanced PageSpec",
+ ).")"
+ );
if (! IkiWiki::is_admin($user_name)) {
$form->field(name => "allowed_attachments", type => "hidden");
}
@@ -298,6 +304,35 @@ sub match_minsize ($$;@) { #{{{
}
} #}}}
+sub match_mimetype ($$;@) { #{{{
+ shift;
+ my $wanted=shift;
+
+ my %params=@_;
+ if (! exists $params{file}) {
+ return IkiWiki::FailReason->new("no file specified");
+ }
+
+ # Use ::magic to get the mime type, the idea is to only trust
+ # data obtained by examining the actual file contents.
+ eval q{use File::MimeInfo::Magic};
+ if ($@) {
+ return IkiWiki::FailReason->new("failed to load File::MimeInfo::Magic ($@); cannot check MIME type");
+ }
+ my $mimetype=File::MimeInfo::Magic::magic($params{file});
+ if (! defined $mimetype) {
+ $mimetype="unknown";
+ }
+
+ my $regexp=IkiWiki::glob2re($wanted);
+ if ($mimetype!~/^$regexp$/i) {
+ return IkiWiki::FailReason->new("file MIME type is $mimetype, not $wanted");
+ }
+ else {
+ return IkiWiki::SuccessReason->new("file MIME type is $mimetype");
+ }
+} #}}}
+
sub match_ispage ($$;@) { #{{{
my $filename=shift;
diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm
index 8e1b11859..671060fbf 100644
--- a/IkiWiki/Plugin/meta.pm
+++ b/IkiWiki/Plugin/meta.pm
@@ -253,9 +253,7 @@ sub match { #{{{
my $page=shift;
# turn glob into a safe regexp
- my $re=quotemeta(shift);
- $re=~s/\\\*/.*/g;
- $re=~s/\\\?/./g;
+ my $re=IkiWiki::glob2re(shift);
my $val;
if (exists $pagestate{$page}{meta}{$field}) {
diff --git a/doc/ikiwiki/pagespec/attachment.mdwn b/doc/ikiwiki/pagespec/attachment.mdwn
new file mode 100644
index 000000000..40de91765
--- /dev/null
+++ b/doc/ikiwiki/pagespec/attachment.mdwn
@@ -0,0 +1,52 @@
+[[!meta robots="noindex, follow"]]
+[[!if test="enabled(attachment)"
+ then="This wiki has attachments **enabled**."
+ else="This wiki has attachments **disabled**."]]
+
+If attachments are enabled, the wiki admin can control what types of
+attachments will be accepted, by entering a [[ikiwiki/PageSpec]] in the
+"Allowed Attachments" field of their preferences page.
+
+For example, to limit arbitrary files to 50 kilobytes, but allow
+larger mp3 files to be uploaded by joey, a something like this could be
+used:
+
+ (user(joey) and *.mp3 and mimetype(audio/mpeg) and maxsize(15mb)) or (!ispage() and maxsize(50kb))
+
+The regular [[ikiwiki/PageSpec]] syntax is expanded with thw following
+additional tests:
+
+* maxsize(size)
+
+ Tests whether the attachment is no larger than the specified size.
+ The size defaults to being in bytes, but "kb", "mb", "gb" etc can be
+ used to specify the units.
+
+* minsize(size)
+
+ Tests whether the attachment is no smaller than the specified size.
+
+* ispage()
+
+ Tests whether the attachment will be treated by ikiwiki as a wiki page.
+ (Ie, if it has an extension of ".mdwn", or of any other enabled page
+ format).
+
+ So, if you don't want to allow wiki pages to be uploaded as attachments,
+ use `!ispage()` ; if you only want to allow wiki pages to be uploaded
+ as attachments, use `ispage()`.
+
+* user(username)
+
+ Tests whether the attachment is being uploaded by a user with the
+ specified username. If openid is enabled, an openid can also be put here.
+
+* ip(address)
+
+ Tests whether the attacment is being uploaded from the specified IP
+ address.
+
+* mimetype(foo/bar)
+
+ This checks the MIME type of the attachment. You can include a glob
+ in the type, for example `mimetype(image/*)`.
diff --git a/doc/plugins/attachment.mdwn b/doc/plugins/attachment.mdwn
index 184f5b5df..2b8343042 100644
--- a/doc/plugins/attachment.mdwn
+++ b/doc/plugins/attachment.mdwn
@@ -20,45 +20,9 @@ Bear in mind that if you let anyone upload a particular kind of file
contains html as a web page; including running any malicious javascript
embedded in that page.
-To provide a way to combat these abuses, the wiki admin can specify a
-[[ikiwiki/PageSpec]] on their preferences page, to control what types of
-attachments can be uploaded, and by whom. The regular [[ikiwiki/PageSpec]]
-syntax is expanded with additional tests.
+If you enable this plugin, be sure to lock that down, by entering an
+[[enhanced_PageSpec|ikiwiki/pagespec/attachment]] in the "Allowed
+Attachments" field of the wiki admin's preferences page.
-For example, to limit arbitrary files to 50 kilobytes, but allow
-larger mp3 files to be uploaded by joey, a test like this could be
-used:
-
- (user(joey) and *.mp3 and maxsize(15mb)) or (!ispage() and maxsize(50kb))
-
-The following additional tests are available:
-
-* maxsize(size)
-
- Tests whether the attachment is no larger than the specified size.
- The size defaults to being in bytes, but "kb", "mb", "gb" etc can be
- used to specify the units.
-
-* minsize(size)
-
- Tests whether the attachment is no smaller than the specified size.
-
-* ispage()
-
- Tests whether the attachment will be treated by ikiwiki as a wiki page.
- (Ie, if it has an extension of ".mdwn", or of any other enabled page
- format).
-
- So, if you don't want to allow wiki pages to be uploaded as attachments,
- use `!ispage()` ; if you only want to allow wiki pages to be uploaded
- as attachments, use `ispage()`.
-
-* user(username)
-
- Tests whether the attachment is being uploaded by a user with the
- specified username. If openid is enabled, an openid can also be put here.
-
-* ip(address)
-
- Tests whether the attacment is being uploaded from the specified IP
- address.
+This plugin will use the [[cpan File::MimeInfo::Magic]] perl module, if
+available, for mimetype checking.
diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot
index fec552220..8f64da8f7 100644
--- a/po/ikiwiki.pot
+++ b/po/ikiwiki.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2008-06-28 23:05-0400\n"
+"POT-Creation-Date: 2008-07-02 18:08-0400\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -24,7 +24,7 @@ msgstr ""
msgid "login failed, perhaps you need to turn on cookies?"
msgstr ""
-#: ../IkiWiki/CGI.pm:190 ../IkiWiki/CGI.pm:527
+#: ../IkiWiki/CGI.pm:190 ../IkiWiki/CGI.pm:526
msgid "Your login session has expired."
msgstr ""
@@ -44,25 +44,25 @@ msgstr ""
msgid "Preferences saved."
msgstr ""
-#: ../IkiWiki/CGI.pm:327
+#: ../IkiWiki/CGI.pm:326
#, perl-format
msgid "%s is not an editable page"
msgstr ""
-#: ../IkiWiki/CGI.pm:438 ../IkiWiki/Plugin/brokenlinks.pm:24
+#: ../IkiWiki/CGI.pm:437 ../IkiWiki/Plugin/brokenlinks.pm:24
#: ../IkiWiki/Plugin/inline.pm:266 ../IkiWiki/Plugin/opendiscussion.pm:17
#: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:95
#: ../IkiWiki/Render.pm:162
msgid "discussion"
msgstr ""
-#: ../IkiWiki/CGI.pm:494
+#: ../IkiWiki/CGI.pm:493
#, perl-format
msgid "creating %s"
msgstr ""
-#: ../IkiWiki/CGI.pm:512 ../IkiWiki/CGI.pm:540 ../IkiWiki/CGI.pm:550
-#: ../IkiWiki/CGI.pm:584 ../IkiWiki/CGI.pm:629
+#: ../IkiWiki/CGI.pm:511 ../IkiWiki/CGI.pm:539 ../IkiWiki/CGI.pm:549
+#: ../IkiWiki/CGI.pm:583 ../IkiWiki/CGI.pm:628
#, perl-format
msgid "editing %s"
msgstr ""
@@ -169,6 +169,18 @@ msgstr ""
msgid "Failed to delete file from S3: "
msgstr ""
+#: ../IkiWiki/Plugin/attachment.pm:95
+msgid "bad attachment filename"
+msgstr ""
+
+#: ../IkiWiki/Plugin/attachment.pm:118
+msgid "attachment rejected"
+msgstr ""
+
+#: ../IkiWiki/Plugin/attachment.pm:147
+msgid "attachment upload"
+msgstr ""
+
#: ../IkiWiki/Plugin/brokenlinks.pm:40
#, perl-format
msgid "%s from %s"
@@ -588,55 +600,51 @@ msgstr ""
msgid "failed to generate image from code"
msgstr ""
-#: ../IkiWiki/Plugin/toggle.pm:88
-msgid "(not toggleable in preview mode)"
-msgstr ""
-
#: ../IkiWiki/Rcs/Stub.pm:69
msgid "getctime not implemented"
msgstr ""
-#: ../IkiWiki/Render.pm:279 ../IkiWiki/Render.pm:300
+#: ../IkiWiki/Render.pm:286 ../IkiWiki/Render.pm:307
#, perl-format
msgid "skipping bad filename %s"
msgstr ""
-#: ../IkiWiki/Render.pm:354
+#: ../IkiWiki/Render.pm:361
#, perl-format
msgid "removing old page %s"
msgstr ""
-#: ../IkiWiki/Render.pm:394
+#: ../IkiWiki/Render.pm:401
#, perl-format
msgid "scanning %s"
msgstr ""
-#: ../IkiWiki/Render.pm:399
+#: ../IkiWiki/Render.pm:406
#, perl-format
msgid "rendering %s"
msgstr ""
-#: ../IkiWiki/Render.pm:420
+#: ../IkiWiki/Render.pm:427
#, perl-format
msgid "rendering %s, which links to %s"
msgstr ""
-#: ../IkiWiki/Render.pm:441
+#: ../IkiWiki/Render.pm:448
#, perl-format
msgid "rendering %s, which depends on %s"
msgstr ""
-#: ../IkiWiki/Render.pm:480
+#: ../IkiWiki/Render.pm:487
#, perl-format
msgid "rendering %s, to update its backlinks"
msgstr ""
-#: ../IkiWiki/Render.pm:492
+#: ../IkiWiki/Render.pm:499
#, perl-format
msgid "removing %s, no longer rendered by %s"
msgstr ""
-#: ../IkiWiki/Render.pm:516
+#: ../IkiWiki/Render.pm:523
#, perl-format
msgid "ikiwiki: cannot render %s"
msgstr ""
@@ -700,11 +708,11 @@ msgstr ""
msgid "usage: --set var=value"
msgstr ""
-#: ../IkiWiki.pm:123
+#: ../IkiWiki.pm:124
msgid "Must specify url to wiki with --url when using --cgi"
msgstr ""
-#: ../IkiWiki.pm:192 ../IkiWiki.pm:193
+#: ../IkiWiki.pm:193 ../IkiWiki.pm:194
msgid "Error"
msgstr ""
@@ -712,7 +720,7 @@ msgstr ""
#. translators: preprocessor directive name,
#. translators: the second a page name, the
#. translators: third a number.
-#: ../IkiWiki.pm:763
+#: ../IkiWiki.pm:764
#, perl-format
msgid "%s preprocessing loop detected on %s at depth %i"
msgstr ""
diff --git a/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn b/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn
new file mode 120000
index 000000000..ea6c45a78
--- /dev/null
+++ b/underlays/basewiki/ikiwiki/pagespec/attachment.mdwn
@@ -0,0 +1 @@
+../../../../doc/ikiwiki/pagespec/attachment.mdwn \ No newline at end of file