diff options
-rw-r--r-- | IkiWiki/Plugin/attachment.pm | 39 | ||||
-rw-r--r-- | doc/plugins/attachment.mdwn | 21 |
2 files changed, 54 insertions, 6 deletions
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index c1d1d1c60..a5c42d638 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -101,7 +101,10 @@ sub formbuilder (@) { #{{{ length $allowed_attachments) { $allowed=pagespec_match($filename, $allowed_attachments, - file => $tempfile); + file => $tempfile, + user => $session->param("name"), + ip => $ENV{REMOTE_ADDR}, + ); last if $allowed; } } @@ -306,4 +309,38 @@ sub match_ispage ($$;@) { #{{{ } } #}}} +sub match_user ($$;@) { #{{{ + shift; + my $user=shift; + my %params=@_; + + if (! exists $params{user}) { + return IkiWiki::FailReason->new("no user specified"); + } + + if (defined $params{user} && lc $params{user} eq lc $user) { + return IkiWiki::SuccessReason->new("user is $user"); + } + else { + return IkiWiki::FailReason->new("user is $params{user}, not $user"); + } +} #}}} + +sub match_ip ($$;@) { #{{{ + shift; + my $ip=shift; + my %params=@_; + + if (! exists $params{ip}) { + return IkiWiki::FailReason->new("no IP specified"); + } + + if (defined $params{ip} && lc $params{ip} eq lc $ip) { + return IkiWiki::SuccessReason->new("IP is $ip"); + } + else { + return IkiWiki::FailReason->new("IP is $params{ip}, not $ip"); + } +} #}}} + 1 diff --git a/doc/plugins/attachment.mdwn b/doc/plugins/attachment.mdwn index 019d1c9e4..184f5b5df 100644 --- a/doc/plugins/attachment.mdwn +++ b/doc/plugins/attachment.mdwn @@ -22,13 +22,14 @@ Bear in mind that if you let anyone upload a particular kind of file To provide a way to combat these abuses, the wiki admin can specify a [[ikiwiki/PageSpec]] on their preferences page, to control what types of -attachments can be uploaded. The regular [[ikiwiki/PageSpec]] syntax is -expanded with additional tests. +attachments can be uploaded, and by whom. The regular [[ikiwiki/PageSpec]] +syntax is expanded with additional tests. -For example, to limit arbitrary files to 50 kilobtes, but allow -larger mp3 files to be uploaded, a test like this could be used: +For example, to limit arbitrary files to 50 kilobytes, but allow +larger mp3 files to be uploaded by joey, a test like this could be +used: - (*.mp3 and maxsize(15mb)) or (!ispage() and maxsize(50kb)) + (user(joey) and *.mp3 and maxsize(15mb)) or (!ispage() and maxsize(50kb)) The following additional tests are available: @@ -51,3 +52,13 @@ The following additional tests are available: So, if you don't want to allow wiki pages to be uploaded as attachments, use `!ispage()` ; if you only want to allow wiki pages to be uploaded as attachments, use `ispage()`. + +* user(username) + + Tests whether the attachment is being uploaded by a user with the + specified username. If openid is enabled, an openid can also be put here. + +* ip(address) + + Tests whether the attacment is being uploaded from the specified IP + address. |