summaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/remove.pm
blob: 3c1e0c713c85b0b679b1d00c0ed19e56ea685006 (plain)
  1. #!/usr/bin/perl
  2. package IkiWiki::Plugin::remove;
  3. use warnings;
  4. use strict;
  5. use IkiWiki 3.00;
  6. sub import {
  7. hook(type => "getsetup", id => "remove", call => \&getsetup);
  8. hook(type => "formbuilder_setup", id => "remove", call => \&formbuilder_setup);
  9. hook(type => "formbuilder", id => "remove", call => \&formbuilder);
  10. hook(type => "sessioncgi", id => "remove", call => \&sessioncgi);
  11. }
  12. sub getsetup () {
  13. return
  14. plugin => {
  15. safe => 1,
  16. rebuild => 0,
  17. },
  18. }
  19. sub check_canremove ($$$) {
  20. my $page=shift;
  21. my $q=shift;
  22. my $session=shift;
  23. # Must be a known source file.
  24. if (! exists $pagesources{$page}) {
  25. error(sprintf(gettext("%s does not exist"),
  26. htmllink("", "", $page, noimageinline => 1)));
  27. }
  28. # Must exist on disk, and be a regular file.
  29. my $file=$pagesources{$page};
  30. if (! -e "$config{srcdir}/$file") {
  31. error(sprintf(gettext("%s is not in the srcdir, so it cannot be deleted"), $file));
  32. }
  33. elsif (-l "$config{srcdir}/$file" && ! -f _) {
  34. error(sprintf(gettext("%s is not a file"), $file));
  35. }
  36. # Must be editable.
  37. IkiWiki::check_canedit($page, $q, $session);
  38. # If a user can't upload an attachment, don't let them delete it.
  39. # This is sorta overkill, but better safe than sorry.
  40. if (! defined pagetype($pagesources{$page})) {
  41. if (IkiWiki::Plugin::attachment->can("check_canattach")) {
  42. IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
  43. }
  44. else {
  45. error("removal of attachments is not allowed");
  46. }
  47. }
  48. my $canremove;
  49. IkiWiki::run_hooks(canremove => sub {
  50. return if defined $canremove;
  51. my $ret=shift->(page => $page, cgi => $q, session => $session);
  52. if (defined $ret) {
  53. if ($ret eq "") {
  54. $canremove=1;
  55. }
  56. elsif (ref $ret eq 'CODE') {
  57. $ret->();
  58. $canremove=0;
  59. }
  60. elsif (defined $ret) {
  61. error($ret);
  62. $canremove=0;
  63. }
  64. }
  65. });
  66. }
  67. sub formbuilder_setup (@) {
  68. my %params=@_;
  69. my $form=$params{form};
  70. my $q=$params{cgi};
  71. if (defined $form->field("do") && ($form->field("do") eq "edit" ||
  72. $form->field("do") eq "create")) {
  73. # Removal button for the page, and also for attachments.
  74. push @{$params{buttons}}, "Remove" if $form->field("do") eq "edit";
  75. $form->tmpl_param("field-remove" => '<input name="_submit" type="submit" value="Remove Attachments" />');
  76. }
  77. }
  78. sub confirmation_form ($$) {
  79. my $q=shift;
  80. my $session=shift;
  81. eval q{use CGI::FormBuilder};
  82. error($@) if $@;
  83. my $f = CGI::FormBuilder->new(
  84. name => "remove",
  85. header => 0,
  86. charset => "utf-8",
  87. method => 'POST',
  88. javascript => 0,
  89. params => $q,
  90. action => $config{cgiurl},
  91. stylesheet => IkiWiki::baseurl()."style.css",
  92. fields => [qw{do page}],
  93. );
  94. $f->field(name => "do", type => "hidden", value => "remove", force => 1);
  95. return $f, ["Remove", "Cancel"];
  96. }
  97. sub removal_confirm ($$@) {
  98. my $q=shift;
  99. my $session=shift;
  100. my $attachment=shift;
  101. my @pages=@_;
  102. foreach my $page (@pages) {
  103. check_canremove($page, $q, $session);
  104. }
  105. # Save current form state to allow returning to it later
  106. # without losing any edits.
  107. # (But don't save what button was submitted, to avoid
  108. # looping back to here.)
  109. # Note: "_submit" is CGI::FormBuilder internals.
  110. $q->param(-name => "_submit", -value => "");
  111. $session->param(postremove => scalar $q->Vars);
  112. IkiWiki::cgi_savesession($session);
  113. my ($f, $buttons)=confirmation_form($q, $session);
  114. $f->title(sprintf(gettext("confirm removal of %s"),
  115. join(", ", map { pagetitle($_) } @pages)));
  116. $f->field(name => "page", type => "hidden", value => \@pages, force => 1);
  117. if (defined $attachment) {
  118. $f->field(name => "attachment", type => "hidden",
  119. value => $attachment, force => 1);
  120. }
  121. IkiWiki::showform($f, $buttons, $session, $q);
  122. exit 0;
  123. }
  124. sub postremove ($) {
  125. my $session=shift;
  126. # Load saved form state and return to edit form.
  127. my $postremove=CGI->new($session->param("postremove"));
  128. $session->clear("postremove");
  129. IkiWiki::cgi_savesession($session);
  130. IkiWiki::cgi($postremove, $session);
  131. }
  132. sub formbuilder (@) {
  133. my %params=@_;
  134. my $form=$params{form};
  135. if (defined $form->field("do") && ($form->field("do") eq "edit" ||
  136. $form->field("do") eq "create")) {
  137. my $q=$params{cgi};
  138. my $session=$params{session};
  139. if ($form->submitted eq "Remove" && $form->field("do") eq "edit") {
  140. removal_confirm($q, $session, 0, $form->field("page"));
  141. }
  142. elsif ($form->submitted eq "Remove Attachments") {
  143. my @selected=map { Encode::decode_utf8($_) } $q->param("attachment_select");
  144. if (! @selected) {
  145. error(gettext("Please select the attachments to remove."));
  146. }
  147. removal_confirm($q, $session, 1, @selected);
  148. }
  149. }
  150. }
  151. sub sessioncgi ($$) {
  152. my $q=shift;
  153. if ($q->param("do") eq 'remove') {
  154. my $session=shift;
  155. my ($form, $buttons)=confirmation_form($q, $session);
  156. IkiWiki::decode_form_utf8($form);
  157. if ($form->submitted eq 'Cancel') {
  158. postremove($session);
  159. }
  160. elsif ($form->submitted eq 'Remove' && $form->validate) {
  161. my @pages=$form->field("page");
  162. # Validate removal by checking that the page exists,
  163. # and that the user is allowed to edit(/remove) it.
  164. my @files;
  165. foreach my $page (@pages) {
  166. check_canremove($page, $q, $session);
  167. # This untaint is safe because of the
  168. # checks performed above, which verify the
  169. # page is a normal file, etc.
  170. push @files, IkiWiki::possibly_foolish_untaint($pagesources{$page});
  171. }
  172. # Do removal, and update the wiki.
  173. require IkiWiki::Render;
  174. if ($config{rcs}) {
  175. IkiWiki::disable_commit_hook();
  176. foreach my $file (@files) {
  177. IkiWiki::rcs_remove($file);
  178. }
  179. IkiWiki::rcs_commit_staged(gettext("removed"),
  180. $session->param("name"), $ENV{REMOTE_ADDR});
  181. IkiWiki::enable_commit_hook();
  182. IkiWiki::rcs_update();
  183. }
  184. else {
  185. foreach my $file (@files) {
  186. IkiWiki::prune("$config{srcdir}/$file");
  187. }
  188. }
  189. IkiWiki::refresh();
  190. IkiWiki::saveindex();
  191. if ($q->param("attachment")) {
  192. # Attachments were deleted, so redirect
  193. # back to the edit form.
  194. postremove($session);
  195. }
  196. else {
  197. # The page is gone, so redirect to parent
  198. # of the page.
  199. my $parent=IkiWiki::dirname($pages[0]);
  200. if (! exists $pagesources{$parent}) {
  201. $parent="index";
  202. }
  203. IkiWiki::redirect($q, urlto($parent, '/', 1));
  204. }
  205. }
  206. else {
  207. removal_confirm($q, $session, 0, $form->field("page"));
  208. }
  209. exit 0;
  210. }
  211. }
  212. 1