summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/editpage.pm
blob: 480e82804a3beb599df3969d788508dd550bccb6 (plain)
  1. #!/usr/bin/perl
  2. package IkiWiki::Plugin::editpage;
  3. use warnings;
  4. use strict;
  5. use IkiWiki;
  6. use open qw{:utf8 :std};
  7. sub import {
  8. hook(type => "getsetup", id => "editpage", call => \&getsetup);
  9. hook(type => "refresh", id => "editpage", call => \&refresh);
  10. hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
  11. }
  12. sub getsetup () {
  13. return
  14. plugin => {
  15. safe => 1,
  16. rebuild => 1,
  17. },
  18. }
  19. sub refresh () {
  20. if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
  21. # Expire old preview files after one hour.
  22. my $expire=time - (60 * 60);
  23. my @previews;
  24. foreach my $file (@{$wikistate{editpage}{previews}}) {
  25. my $mtime=(stat("$config{destdir}/$file"))[9];
  26. if (defined $mtime && $mtime <= $expire) {
  27. # Avoid deleting a preview that was later saved.
  28. my $delete=1;
  29. foreach my $page (keys %renderedfiles) {
  30. if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
  31. $delete=0;
  32. }
  33. }
  34. if ($delete) {
  35. debug(sprintf(gettext("removing old preview %s"), $file));
  36. IkiWiki::prune("$config{destdir}/$file");
  37. }
  38. }
  39. elsif (defined $mtime) {
  40. push @previews, $file;
  41. }
  42. }
  43. $wikistate{editpage}{previews}=\@previews;
  44. }
  45. }
  46. # Back to ikiwiki namespace for the rest, this code is very much
  47. # internal to ikiwiki even though it's separated into a plugin,
  48. # and other plugins use the functions below.
  49. package IkiWiki;
  50. sub check_canedit ($$$;$) {
  51. my $page=shift;
  52. my $q=shift;
  53. my $session=shift;
  54. my $nonfatal=shift;
  55. my $canedit;
  56. run_hooks(canedit => sub {
  57. return if defined $canedit;
  58. my $ret=shift->($page, $q, $session);
  59. if (defined $ret) {
  60. if ($ret eq "") {
  61. $canedit=1;
  62. }
  63. elsif (ref $ret eq 'CODE') {
  64. $ret->() unless $nonfatal;
  65. $canedit=0;
  66. }
  67. elsif (defined $ret) {
  68. error($ret) unless $nonfatal;
  69. $canedit=0;
  70. }
  71. }
  72. });
  73. return defined $canedit ? $canedit : 1;
  74. }
  75. sub check_content (@) {
  76. my %params=@_;
  77. return 1 if ! exists $hooks{checkcontent}; # optimisation
  78. if (exists $pagesources{$params{page}}) {
  79. my @diff;
  80. my %old=map { $_ => 1 }
  81. split("\n", readfile(srcfile($pagesources{$params{page}})));
  82. foreach my $line (split("\n", $params{content})) {
  83. push @diff, $line if ! exists $old{$_};
  84. }
  85. $params{diff}=join("\n", @diff);
  86. }
  87. my $ok;
  88. run_hooks(checkcontent => sub {
  89. return if defined $ok;
  90. my $ret=shift->(%params);
  91. if (defined $ret) {
  92. if ($ret eq "") {
  93. $ok=1;
  94. }
  95. elsif (ref $ret eq 'CODE') {
  96. $ret->() unless $params{nonfatal};
  97. $ok=0;
  98. }
  99. elsif (defined $ret) {
  100. error($ret) unless $params{nonfatal};
  101. $ok=0;
  102. }
  103. }
  104. });
  105. return defined $ok ? $ok : 1;
  106. }
  107. sub cgi_editpage ($$) {
  108. my $q=shift;
  109. my $session=shift;
  110. my $do=$q->param('do');
  111. return unless $do eq 'create' || $do eq 'edit';
  112. decode_cgi_utf8($q);
  113. my @fields=qw(do rcsinfo subpage from page type editcontent comments);
  114. my @buttons=("Save Page", "Preview", "Cancel");
  115. eval q{use CGI::FormBuilder};
  116. error($@) if $@;
  117. my $form = CGI::FormBuilder->new(
  118. fields => \@fields,
  119. charset => "utf-8",
  120. method => 'POST',
  121. required => [qw{editcontent}],
  122. javascript => 0,
  123. params => $q,
  124. action => $config{cgiurl},
  125. header => 0,
  126. table => 0,
  127. template => scalar template_params("editpage.tmpl"),
  128. );
  129. decode_form_utf8($form);
  130. run_hooks(formbuilder_setup => sub {
  131. shift->(form => $form, cgi => $q, session => $session,
  132. buttons => \@buttons);
  133. });
  134. decode_form_utf8($form);
  135. # This untaint is safe because we check file_pruned and
  136. # wiki_file_regexp.
  137. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
  138. $page=possibly_foolish_untaint($page);
  139. my $absolute=($page =~ s#^/+##);
  140. if (! defined $page || ! length $page ||
  141. file_pruned($page, $config{srcdir})) {
  142. error(gettext("bad page name"));
  143. }
  144. my $baseurl = urlto($page, undef, 1);
  145. my $from;
  146. if (defined $form->field('from')) {
  147. ($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
  148. }
  149. my $file;
  150. my $type;
  151. if (exists $pagesources{$page} && $form->field("do") ne "create") {
  152. $file=$pagesources{$page};
  153. $type=pagetype($file);
  154. if (! defined $type || $type=~/^_/) {
  155. error(sprintf(gettext("%s is not an editable page"), $page));
  156. }
  157. if (! $form->submitted) {
  158. $form->field(name => "rcsinfo",
  159. value => rcs_prepedit($file), force => 1);
  160. }
  161. $form->field(name => "editcontent", validate => '/.*/');
  162. }
  163. else {
  164. $type=$form->param('type');
  165. if (defined $type && length $type && $hooks{htmlize}{$type}) {
  166. $type=possibly_foolish_untaint($type);
  167. }
  168. elsif (defined $from && exists $pagesources{$from}) {
  169. # favor the type of linking page
  170. $type=pagetype($pagesources{$from});
  171. }
  172. $type=$config{default_pageext} unless defined $type;
  173. $file=newpagefile($page, $type);
  174. if (! $form->submitted) {
  175. $form->field(name => "rcsinfo", value => "", force => 1);
  176. }
  177. $form->field(name => "editcontent", validate => '/.+/');
  178. }
  179. $form->field(name => "do", type => 'hidden');
  180. $form->field(name => "sid", type => "hidden", value => $session->id,
  181. force => 1);
  182. $form->field(name => "from", type => 'hidden');
  183. $form->field(name => "rcsinfo", type => 'hidden');
  184. $form->field(name => "subpage", type => 'hidden');
  185. $form->field(name => "page", value => $page, force => 1);
  186. $form->field(name => "type", value => $type, force => 1);
  187. $form->field(name => "comments", type => "text", size => 80);
  188. $form->field(name => "editcontent", type => "textarea", rows => 20,
  189. cols => 80);
  190. $form->tmpl_param("can_commit", $config{rcs});
  191. $form->tmpl_param("indexlink", indexlink());
  192. $form->tmpl_param("helponformattinglink",
  193. htmllink($page, $page, "ikiwiki/formatting",
  194. noimageinline => 1,
  195. linktext => "FormattingHelp"));
  196. if ($form->submitted eq "Cancel") {
  197. if ($form->field("do") eq "create" && defined $from) {
  198. redirect($q, urlto($from, undef, 1));
  199. }
  200. elsif ($form->field("do") eq "create") {
  201. redirect($q, $config{url});
  202. }
  203. else {
  204. redirect($q, urlto($page, undef, 1));
  205. }
  206. exit;
  207. }
  208. elsif ($form->submitted eq "Preview") {
  209. my $new=not exists $pagesources{$page};
  210. if ($new) {
  211. # temporarily record its type
  212. $pagesources{$page}=$page.".".$type;
  213. }
  214. my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
  215. my $content=$form->field('editcontent');
  216. run_hooks(editcontent => sub {
  217. $content=shift->(
  218. content => $content,
  219. page => $page,
  220. cgi => $q,
  221. session => $session,
  222. );
  223. });
  224. my $preview=htmlize($page, $page, $type,
  225. linkify($page, $page,
  226. preprocess($page, $page,
  227. filter($page, $page, $content), 0, 1)));
  228. run_hooks(format => sub {
  229. $preview=shift->(
  230. page => $page,
  231. content => $preview,
  232. );
  233. });
  234. $form->tmpl_param("page_preview", $preview);
  235. if ($new) {
  236. delete $pagesources{$page};
  237. }
  238. # Previewing may have created files on disk.
  239. # Keep a list of these to be deleted later.
  240. my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
  241. foreach my $f (@{$renderedfiles{$page}}) {
  242. $previews{$f}=1 unless $wasrendered{$f};
  243. }
  244. @{$wikistate{editpage}{previews}} = keys %previews;
  245. $renderedfiles{$page}=[keys %wasrendered];
  246. saveindex();
  247. }
  248. elsif ($form->submitted eq "Save Page") {
  249. $form->tmpl_param("page_preview", "");
  250. }
  251. if ($form->submitted ne "Save Page" || ! $form->validate) {
  252. if ($form->field("do") eq "create") {
  253. my @page_locs;
  254. my $best_loc;
  255. if (! defined $from || ! length $from ||
  256. $from ne $form->field('from') ||
  257. file_pruned($from, $config{srcdir}) ||
  258. $from=~/^\// ||
  259. $absolute ||
  260. $form->submitted) {
  261. @page_locs=$best_loc=$page;
  262. }
  263. else {
  264. my $dir=$from."/";
  265. $dir=~s![^/]+/+$!!;
  266. if ((defined $form->field('subpage') && length $form->field('subpage')) ||
  267. $page eq gettext('discussion')) {
  268. $best_loc="$from/$page";
  269. }
  270. else {
  271. $best_loc=$dir.$page;
  272. }
  273. push @page_locs, $dir.$page;
  274. push @page_locs, "$from/$page";
  275. while (length $dir) {
  276. $dir=~s![^/]+/+$!!;
  277. push @page_locs, $dir.$page;
  278. }
  279. push @page_locs, "$config{userdir}/$page"
  280. if length $config{userdir};
  281. }
  282. @page_locs = grep {
  283. ! exists $pagecase{lc $_}
  284. } @page_locs;
  285. if (! @page_locs) {
  286. # hmm, someone else made the page in the
  287. # meantime?
  288. if ($form->submitted eq "Preview") {
  289. # let them go ahead with the edit
  290. # and resolve the conflict at save
  291. # time
  292. @page_locs=$page;
  293. }
  294. else {
  295. redirect($q, urlto($page, undef, 1));
  296. exit;
  297. }
  298. }
  299. my @editable_locs = grep {
  300. check_canedit($_, $q, $session, 1)
  301. } @page_locs;
  302. if (! @editable_locs) {
  303. # let it throw an error this time
  304. map { check_canedit($_, $q, $session) } @page_locs;
  305. }
  306. my @page_types;
  307. if (exists $hooks{htmlize}) {
  308. @page_types=grep { !/^_/ }
  309. keys %{$hooks{htmlize}};
  310. }
  311. $form->tmpl_param("page_select", 1);
  312. $form->field(name => "page", type => 'select',
  313. options => [ map { [ $_, pagetitle($_, 1) ] } @editable_locs ],
  314. value => $best_loc);
  315. $form->field(name => "type", type => 'select',
  316. options => \@page_types);
  317. $form->title(sprintf(gettext("creating %s"), pagetitle($page)));
  318. }
  319. elsif ($form->field("do") eq "edit") {
  320. check_canedit($page, $q, $session);
  321. if (! defined $form->field('editcontent') ||
  322. ! length $form->field('editcontent')) {
  323. my $content="";
  324. if (exists $pagesources{$page}) {
  325. $content=readfile(srcfile($pagesources{$page}));
  326. $content=~s/\n/\r\n/g;
  327. }
  328. $form->field(name => "editcontent", value => $content,
  329. force => 1);
  330. }
  331. $form->tmpl_param("page_select", 0);
  332. $form->field(name => "page", type => 'hidden');
  333. $form->field(name => "type", type => 'hidden');
  334. $form->title(sprintf(gettext("editing %s"), pagetitle($page)));
  335. }
  336. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  337. }
  338. else {
  339. # save page
  340. check_canedit($page, $q, $session);
  341. checksessionexpiry($q, $session, $q->param('sid'));
  342. my $exists=-e "$config{srcdir}/$file";
  343. if ($form->field("do") ne "create" && ! $exists &&
  344. ! defined srcfile($file, 1)) {
  345. $form->tmpl_param("message", template("editpagegone.tmpl")->output);
  346. $form->field(name => "do", value => "create", force => 1);
  347. $form->tmpl_param("page_select", 0);
  348. $form->field(name => "page", type => 'hidden');
  349. $form->field(name => "type", type => 'hidden');
  350. $form->title(sprintf(gettext("editing %s"), $page));
  351. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  352. exit;
  353. }
  354. elsif ($form->field("do") eq "create" && $exists) {
  355. $form->tmpl_param("message", template("editcreationconflict.tmpl")->output);
  356. $form->field(name => "do", value => "edit", force => 1);
  357. $form->tmpl_param("page_select", 0);
  358. $form->field(name => "page", type => 'hidden');
  359. $form->field(name => "type", type => 'hidden');
  360. $form->title(sprintf(gettext("editing %s"), $page));
  361. $form->field("editcontent",
  362. value => readfile("$config{srcdir}/$file").
  363. "\n\n\n".$form->field("editcontent"),
  364. force => 1);
  365. showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
  366. exit;
  367. }
  368. my $message="";
  369. if (defined $form->field('comments') &&
  370. length $form->field('comments')) {
  371. $message=$form->field('comments');
  372. }
  373. my $content=$form->field('editcontent');
  374. check_content(content => $content, page => $page,
  375. cgi => $q, session => $session,
  376. subject => $message);
  377. run_hooks(editcontent => sub {
  378. $content=shift->(
  379. content => $content,
  380. page => $page,
  381. cgi => $q,
  382. session => $session,
  383. );
  384. });
  385. $content=~s/\r\n/\n/g;
  386. $content=~s/\r/\n/g;
  387. $content.="\n" if $content !~ /\n$/;
  388. $config{cgi}=0; # avoid cgi error message
  389. eval { writefile($file, $config{srcdir}, $content) };
  390. $config{cgi}=1;
  391. if ($@) {
  392. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  393. force => 1);
  394. my $mtemplate=template("editfailedsave.tmpl");
  395. $mtemplate->param(error_message => $@);
  396. $form->tmpl_param("message", $mtemplate->output);
  397. $form->field("editcontent", value => $content, force => 1);
  398. $form->tmpl_param("page_select", 0);
  399. $form->field(name => "page", type => 'hidden');
  400. $form->field(name => "type", type => 'hidden');
  401. $form->title(sprintf(gettext("editing %s"), $page));
  402. showform($form, \@buttons, $session, $q,
  403. forcebaseurl => $baseurl);
  404. exit;
  405. }
  406. my $conflict;
  407. if ($config{rcs}) {
  408. if (! $exists) {
  409. rcs_add($file);
  410. }
  411. # Prevent deadlock with post-commit hook by
  412. # signaling to it that it should not try to
  413. # do anything.
  414. disable_commit_hook();
  415. $conflict=rcs_commit($file, $message,
  416. $form->field("rcsinfo"),
  417. $session->param("name"), $ENV{REMOTE_ADDR});
  418. enable_commit_hook();
  419. rcs_update();
  420. }
  421. # Refresh even if there was a conflict, since other changes
  422. # may have been committed while the post-commit hook was
  423. # disabled.
  424. require IkiWiki::Render;
  425. refresh();
  426. saveindex();
  427. if (defined $conflict) {
  428. $form->field(name => "rcsinfo", value => rcs_prepedit($file),
  429. force => 1);
  430. $form->tmpl_param("message", template("editconflict.tmpl")->output);
  431. $form->field("editcontent", value => $conflict, force => 1);
  432. $form->field("do", "edit", force => 1);
  433. $form->tmpl_param("page_select", 0);
  434. $form->field(name => "page", type => 'hidden');
  435. $form->field(name => "type", type => 'hidden');
  436. $form->title(sprintf(gettext("editing %s"), $page));
  437. showform($form, \@buttons, $session, $q,
  438. forcebaseurl => $baseurl);
  439. }
  440. else {
  441. # The trailing question mark tries to avoid broken
  442. # caches and get the most recent version of the page.
  443. redirect($q, urlto($page, undef, 1)."?updated");
  444. }
  445. }
  446. exit;
  447. }
  448. 1