summaryrefslogtreecommitdiff
path: root/doc/patchqueue/move_page.mdwn
blob: 5329a7a3b75c91bd176b1e7af8fd732d3cbf1440 (plain)

This is my first cut at a feature like that requested in [[todo/Moving_Pages]]. In case it gets mangled you can find it on my site.

A bunch of obvious shortcomings exist:

  • I'm not sure all the untaints are safe.

    I've looked them over.

    • one is safe because it only allows existing page names through.
    • one is safe because it follows the example of editpage in calling titlepage to sanitize.
    • the last one follows the example of rcs_commit in svn.pm, so I hope it's safe..

    --Ethan

  • No precautions whatsoever are made to protect against race conditions or failures in the rcs_move function.

  • movepage.tmpl doesn't exist yet.

  • Some code is duplicated between cgi_movepage and cgi_editpage, as well as rcs_commit and rcs_move.

  • The user interface is pretty lame -- there's no handy select list full of possible places to move it or anything.

  • I don't think I implemented cancelling.

  • from is redundant with page.

  • I don't think I called the right hook functions.

  • No redirect pages like those mentioned on [[todo/Moving_Pages]] exist yet, so none are created.

  • It's not possible to get there through the actions listed on the wiki page. Instead you can select "Edit" and then change "edit" to "move" in the location bar.

Anyhow, here's the patch, for whatever good it does.

Looks like a good start, although I agree about many of the points above, and also feel that something needs to be done about rcses that don't implement a move operation -- falling back to an add and delete. --[[Joey]]

Hmm. Shouldn't that be done on a by-RCS basis, though? (i.e. implemented by backends in the rcs_move function)

Probably, yes, but maybe there's a way to avoid duplicating code for that in several of them.

Also, how should ikiwiki react if a page is edited (say, by another user) before it is moved? Bail, or shrug and proceed?

The important thing is to keep in mind that the page could be edited, moved, deleted, etc in between the user starting the move and the move happening. So, the code really needs to deal with all of these cases in some way. It seems fine to me to go ahead with the move even if the page was edited. If the page was deleted or moved, it seems reasonable to exit with an error.

Another set of issues exists if a separate web user is trying to edit the page at the same time. We'll have to make sure that something sane happens there; will ikiwiki re-add the moved page under the old name if the user saves their edit after the move? Could be confusing.. I think it probably errors out instead, but I'm not sure. Of course, this is an issue that occurs if the page is moved using a regular svn commit too, so it's not really your concern in a way. :-)

I wrote a patch to address this -- it's in [[disappearing_pages]]. --Ethan

Could you elaborate on [[commit-internals]]? Can I assume that ikiwiki's working copy W will always reflect a revision of the master copy M? (That is, nobody changes W and leaves it uncommitted.) I would guess probably not; a user probably expects that if he starts editing W it won't get randomly committed by web user actions. But then looking at the svn backend, it looks like if I edit foo.mdwn, don't commit, and then a web user makes different changes, my changes get wiped out. So does W "belong" to ikiwiki? --Ethan

The working copy used by ikiwiki belongs to ikiwiki; it should not be edited directly.

diff -urx .svn ikiwiki/IkiWiki/CGI.pm ikiwiki-new/IkiWiki/CGI.pm
--- ikiwiki/IkiWiki/CGI.pm	2007-01-04 03:52:47.000000000 -0800
+++ ikiwiki-new/IkiWiki/CGI.pm	2007-01-11 18:49:37.000000000 -0800
@@ -523,6 +523,97 @@
 	}
 } #}}}
 
+sub cgi_movepage($$) {
+	my $q = shift;
+	my $session = shift;
+	eval q{use CGI::FormBuilder};
+	error($@) if $@;
+	my @fields=qw(do from rcsinfo subpage page newname message); # subpage ignored so far
+	my @buttons=("Rename Page", "Cancel");
+
+	my $form = CGI::FormBuilder->new(
+		fields => \@fields,
+                header => 1,
+                charset => "utf-8",
+                method => 'POST',
+		action => $config{cgiurl},
+                template => (-e "$config{templatedir}/movepage.tmpl" ?
+			     {template_params("movepage.tpml")} : ""),
+	);
+	run_hooks(formbuilder_setup => sub {
+		shift->(form => $form, cgi => $q, session => $session);
+	});
+
+	decode_form_utf8($form);
+	
+	# This untaint is safe because if the page doesn't exist, bail.
+	my $page = $form->field('page');
+	$page = possibly_foolish_untaint($page);
+	if (! exists $pagesources{$page}) {
+		error("page does not exist");
+	}
+	my $file=$pagesources{$page};
+	my $type=pagetype($file);
+
+	my $from;
+	if (defined $form->field('from')) {
+		($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
+	}
+	
+	$form->field(name => "do", type => 'hidden');
+	$form->field(name => "from", type => 'hidden');
+	$form->field(name => "rcsinfo", type => 'hidden');
+	$form->field(name => "subpage", type => 'hidden');
+	$form->field(name => "page", value => $page, force => 1);
+	$form->field(name => "newname", type => "text", size => 80);
+	$form->field(name => "message", type => "text", size => 80);
+
+	if (! $form->submitted) {
+		$form->field(name => "rcsinfo", value => rcs_prepedit($file),
+			     force => 1);
+	}
+
+	if ($form->submitted eq "Cancel") {
+		redirect($q, "$config{url}/".htmlpage($from));
+		return;
+	}
+		
+	if (! $form->submitted || $form->submitted eq "Preview" || 
+	    ! $form->validate) {
+		if ($form->field("do") eq "move"){
+			page_locked($page, $session);
+			$form->tmpl_param("page_select", 0);
+			$form->field(name => "page", type => 'hidden');
+			$form->field(name => "type", type => 'hidden');
+			$form->title(sprintf(gettext("moving %s"), pagetitle($page)));
+			if (! defined $form->field('newname') ||
+			    ! length $form->field('newname')) {
+				$form->field(name => "newname", 
+					     value => pagetitle($page), force => 1);
+			}
+
+		}
+		print $form->render(submit => \@buttons);
+	}
+	else{
+		# This untaint is safe because titlepage removes any problematic
+		# characters.
+		my ($newname)=$form->field('newname');
+		$newname=titlepage(possibly_foolish_untaint($newname));
+		if (! defined $newname || ! length $newname || file_pruned($newname, $config{srcdir}) || $newname=~/^\//) {
+			error("bad page name");
+		}
+		page_locked($page, $session);
+
+		my $newfile = $newname . ".$type";
+		my $message = $form->field('message');
+		unlockwiki();
+		rcs_move($file, $newfile, $message, $form->field("rcsinfo"), 
+			 $session->param("name"), $ENV{REMOTE_ADDR});
+		redirect($q, "$config{url}/".htmlpage($newname));
+	}
+}
+
 sub cgi_getsession ($) { #{{{
 	my $q=shift;
 
@@ -631,6 +722,9 @@
 	if ($do eq 'create' || $do eq 'edit') {
 		cgi_editpage($q, $session);
 	}
+	elsif ($do eq 'move') {
+		cgi_movepage($q, $session);
+	}
 	elsif ($do eq 'prefs') {
 		cgi_prefs($q, $session);
 	}
diff -urx .svn ikiwiki/IkiWiki/Rcs/svn.pm ikiwiki-new/IkiWiki/Rcs/svn.pm
--- ikiwiki/IkiWiki/Rcs/svn.pm	2006-12-28 17:50:46.000000000 -0800
+++ ikiwiki-new/IkiWiki/Rcs/svn.pm	2007-01-11 18:14:30.000000000 -0800
@@ -60,6 +60,34 @@
 	}
 } #}}}
 
+sub rcs_move ($$$$;$$) {
+	my $file=shift;
+	my $newname=shift;
+	my $message=shift;
+	my $rcstoken=shift;
+	my $user=shift;
+	my $ipaddr=shift;
+	if (defined $user) {
+		$message="web commit by $user".(length $message ? ": $message" : "");
+	}
+	elsif (defined $ipaddr) {
+		$message="web commit from $ipaddr".(length $message ? ": $message" : "");
+	}
+
+	chdir($config{srcdir}); # svn merge wants to be here
+
+	if (system("svn", "move", "--quiet", 
+		   "$file", "$newname") != 0) {
+		return 1;
+	}
+	if (system("svn", "commit", "--quiet", 
+		   "--encoding", "UTF-8", "-m",
+		   possibly_foolish_untaint($message)) != 0) {
+		return 1;
+	}
+	return undef # success
+}
+
 sub rcs_commit ($$$;$$) { #{{{
 	# Tries to commit the page; returns undef on _success_ and
 	# a version of the page with the rcs's conflict markers on failure.