]> sipb.mit.edu Git - ikiwiki.git/blob - IkiWiki/Plugin/editpage.pm
support indexpages when creating new pages
[ikiwiki.git] / IkiWiki / Plugin / editpage.pm
1 #!/usr/bin/perl
2 package IkiWiki::Plugin::editpage;
3
4 use warnings;
5 use strict;
6 use IkiWiki;
7 use open qw{:utf8 :std};
8
9 sub import { #{{{
10         hook(type => "getsetup", id => "editpage", call => \&getsetup);
11         hook(type => "refresh", id => "editpage", call => \&refresh);
12         hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
13 } # }}}
14
15 sub getsetup () { #{{{
16         return
17                 plugin => {
18                         safe => 1,
19                         rebuild => 1,
20                 },
21 } #}}}
22
23 sub refresh () {
24         if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
25                 # Expire old preview files after one hour.
26                 my $expire=time - (60 * 60);
27
28                 my @previews;
29                 foreach my $file (@{$wikistate{editpage}{previews}}) {
30                         my $mtime=(stat("$config{destdir}/$file"))[9];
31                         if (defined $mtime && $mtime <= $expire) {
32                                 # Avoid deleting a preview that was later saved.
33                                 my $delete=1;
34                                 foreach my $page (keys %renderedfiles) {
35                                         if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
36                                                 $delete=0;
37                                         }
38                                 }
39                                 if ($delete) {
40                                         debug(sprintf(gettext("removing old preview %s"), $file));
41                                         IkiWiki::prune("$config{destdir}/$file");
42                                 }
43                         }
44                         elsif (defined $mtime) {
45                                 push @previews, $file;
46                         }
47                 }
48                 $wikistate{editpage}{previews}=\@previews;
49         }
50 }
51
52 # Back to ikiwiki namespace for the rest, this code is very much
53 # internal to ikiwiki even though it's separated into a plugin,
54 # and other plugins use the functions below.
55 package IkiWiki;
56
57 sub check_canedit ($$$;$) { #{{{
58         my $page=shift;
59         my $q=shift;
60         my $session=shift;
61         my $nonfatal=shift;
62         
63         my $canedit;
64         run_hooks(canedit => sub {
65                 return if defined $canedit;
66                 my $ret=shift->($page, $q, $session);
67                 if (defined $ret) {
68                         if ($ret eq "") {
69                                 $canedit=1;
70                         }
71                         elsif (ref $ret eq 'CODE') {
72                                 $ret->() unless $nonfatal;
73                                 $canedit=0;
74                         }
75                         elsif (defined $ret) {
76                                 error($ret) unless $nonfatal;
77                                 $canedit=0;
78                         }
79                 }
80         });
81         return $canedit;
82 } #}}}
83
84 sub cgi_editpage ($$) { #{{{
85         my $q=shift;
86         my $session=shift;
87         
88         my $do=$q->param('do');
89         return unless $do eq 'create' || $do eq 'edit';
90
91         decode_cgi_utf8($q);
92
93         my @fields=qw(do rcsinfo subpage from page type editcontent comments);
94         my @buttons=("Save Page", "Preview", "Cancel");
95         eval q{use CGI::FormBuilder};
96         error($@) if $@;
97         my $form = CGI::FormBuilder->new(
98                 fields => \@fields,
99                 charset => "utf-8",
100                 method => 'POST',
101                 required => [qw{editcontent}],
102                 javascript => 0,
103                 params => $q,
104                 action => $config{cgiurl},
105                 header => 0,
106                 table => 0,
107                 template => scalar template_params("editpage.tmpl"),
108                 wikiname => $config{wikiname},
109         );
110         
111         decode_form_utf8($form);
112         run_hooks(formbuilder_setup => sub {
113                 shift->(form => $form, cgi => $q, session => $session,
114                         buttons => \@buttons);
115         });
116         decode_form_utf8($form);
117         
118         # This untaint is safe because we check file_pruned and
119         # wiki_file_regexp.
120         my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
121         $page=possibly_foolish_untaint($page);
122         my $absolute=($page =~ s#^/+##);
123         if (! defined $page || ! length $page ||
124             file_pruned($page, $config{srcdir})) {
125                 error("bad page name");
126         }
127
128         my $baseurl = urlto($page, undef, 1);
129
130         my $from;
131         if (defined $form->field('from')) {
132                 ($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
133         }
134         
135         my $file;
136         my $type;
137         if (exists $pagesources{$page} && $form->field("do") ne "create") {
138                 $file=$pagesources{$page};
139                 $type=pagetype($file);
140                 if (! defined $type || $type=~/^_/) {
141                         error(sprintf(gettext("%s is not an editable page"), $page));
142                 }
143                 if (! $form->submitted) {
144                         $form->field(name => "rcsinfo",
145                                 value => rcs_prepedit($file), force => 1);
146                 }
147                 $form->field(name => "editcontent", validate => '/.*/');
148         }
149         else {
150                 $type=$form->param('type');
151                 if (defined $type && length $type && $hooks{htmlize}{$type}) {
152                         $type=possibly_foolish_untaint($type);
153                 }
154                 elsif (defined $from && exists $pagesources{$from}) {
155                         # favor the type of linking page
156                         $type=pagetype($pagesources{$from});
157                 }
158                 $type=$config{default_pageext} unless defined $type;
159                 if (! $config{indexpages}) {
160                         $file=$page.".".$type;
161                 }
162                 else {
163                         $file=$page."/index.".$type;
164                 }
165                 if (! $form->submitted) {
166                         $form->field(name => "rcsinfo", value => "", force => 1);
167                 }
168                 $form->field(name => "editcontent", validate => '/.+/');
169         }
170
171         $form->field(name => "do", type => 'hidden');
172         $form->field(name => "sid", type => "hidden", value => $session->id,
173                 force => 1);
174         $form->field(name => "from", type => 'hidden');
175         $form->field(name => "rcsinfo", type => 'hidden');
176         $form->field(name => "subpage", type => 'hidden');
177         $form->field(name => "page", value => $page, force => 1);
178         $form->field(name => "type", value => $type, force => 1);
179         $form->field(name => "comments", type => "text", size => 80);
180         $form->field(name => "editcontent", type => "textarea", rows => 20,
181                 cols => 80);
182         $form->tmpl_param("can_commit", $config{rcs});
183         $form->tmpl_param("indexlink", indexlink());
184         $form->tmpl_param("helponformattinglink",
185                 htmllink($page, $page, "ikiwiki/formatting",
186                         noimageinline => 1,
187                         linktext => "FormattingHelp"));
188         
189         if ($form->submitted eq "Cancel") {
190                 if ($form->field("do") eq "create" && defined $from) {
191                         redirect($q, urlto($from, undef, 1));
192                 }
193                 elsif ($form->field("do") eq "create") {
194                         redirect($q, $config{url});
195                 }
196                 else {
197                         redirect($q, urlto($page, undef, 1));
198                 }
199                 exit;
200         }
201         elsif ($form->submitted eq "Preview") {
202                 my $new=not exists $pagesources{$page};
203                 if ($new) {
204                         # temporarily record its type
205                         $pagesources{$page}=$page.".".$type;
206                 }
207                 my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
208
209                 my $content=$form->field('editcontent');
210
211                 run_hooks(editcontent => sub {
212                         $content=shift->(
213                                 content => $content,
214                                 page => $page,
215                                 cgi => $q,
216                                 session => $session,
217                         );
218                 });
219                 my $preview=htmlize($page, $page, $type,
220                         linkify($page, $page,
221                         preprocess($page, $page,
222                         filter($page, $page, $content), 0, 1)));
223                 run_hooks(format => sub {
224                         $preview=shift->(
225                                 page => $page,
226                                 content => $preview,
227                         );
228                 });
229                 $form->tmpl_param("page_preview", $preview);
230                 
231                 if ($new) {
232                         delete $pagesources{$page};
233                 }
234
235                 # Previewing may have created files on disk.
236                 # Keep a list of these to be deleted later.
237                 my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
238                 foreach my $f (@{$renderedfiles{$page}}) {
239                         $previews{$f}=1 unless $wasrendered{$f};
240                 }
241                 @{$wikistate{editpage}{previews}} = keys %previews;
242                 $renderedfiles{$page}=[keys %wasrendered];
243                 saveindex();
244         }
245         elsif ($form->submitted eq "Save Page") {
246                 $form->tmpl_param("page_preview", "");
247         }
248         
249         if ($form->submitted ne "Save Page" || ! $form->validate) {
250                 if ($form->field("do") eq "create") {
251                         my @page_locs;
252                         my $best_loc;
253                         if (! defined $from || ! length $from ||
254                             $from ne $form->field('from') ||
255                             file_pruned($from, $config{srcdir}) ||
256                             $from=~/^\// || 
257                             $absolute ||
258                             $form->submitted eq "Preview") {
259                                 @page_locs=$best_loc=$page;
260                         }
261                         else {
262                                 my $dir=$from."/";
263                                 $dir=~s![^/]+/+$!!;
264                                 
265                                 if ((defined $form->field('subpage') && length $form->field('subpage')) ||
266                                     $page eq gettext('discussion')) {
267                                         $best_loc="$from/$page";
268                                 }
269                                 else {
270                                         $best_loc=$dir.$page;
271                                 }
272                                 
273                                 push @page_locs, $dir.$page;
274                                 push @page_locs, "$from/$page";
275                                 while (length $dir) {
276                                         $dir=~s![^/]+/+$!!;
277                                         push @page_locs, $dir.$page;
278                                 }
279                         
280                                 push @page_locs, "$config{userdir}/$page"
281                                         if length $config{userdir};
282                         }
283
284                         @page_locs = grep {
285                                 ! exists $pagecase{lc $_}
286                         } @page_locs;
287                         if (! @page_locs) {
288                                 # hmm, someone else made the page in the
289                                 # meantime?
290                                 if ($form->submitted eq "Preview") {
291                                         # let them go ahead with the edit
292                                         # and resolve the conflict at save
293                                         # time
294                                         @page_locs=$page;
295                                 }
296                                 else {
297                                         redirect($q, urlto($page, undef, 1));
298                                         exit;
299                                 }
300                         }
301
302                         my @editable_locs = grep {
303                                 check_canedit($_, $q, $session, 1)
304                         } @page_locs;
305                         if (! @editable_locs) {
306                                 # let it throw an error this time
307                                 map { check_canedit($_, $q, $session) } @page_locs;
308                         }
309                         
310                         my @page_types;
311                         if (exists $hooks{htmlize}) {
312                                 @page_types=grep { !/^_/ }
313                                         keys %{$hooks{htmlize}};
314                         }
315                         
316                         $form->tmpl_param("page_select", 1);
317                         $form->field(name => "page", type => 'select',
318                                 options => [ map { [ $_, pagetitle($_, 1) ] } @editable_locs ],
319                                 value => $best_loc);
320                         $form->field(name => "type", type => 'select',
321                                 options => \@page_types);
322                         $form->title(sprintf(gettext("creating %s"), pagetitle($page)));
323                         
324                 }
325                 elsif ($form->field("do") eq "edit") {
326                         check_canedit($page, $q, $session);
327                         if (! defined $form->field('editcontent') || 
328                             ! length $form->field('editcontent')) {
329                                 my $content="";
330                                 if (exists $pagesources{$page}) {
331                                         $content=readfile(srcfile($pagesources{$page}));
332                                         $content=~s/\n/\r\n/g;
333                                 }
334                                 $form->field(name => "editcontent", value => $content,
335                                         force => 1);
336                         }
337                         $form->tmpl_param("page_select", 0);
338                         $form->field(name => "page", type => 'hidden');
339                         $form->field(name => "type", type => 'hidden');
340                         $form->title(sprintf(gettext("editing %s"), pagetitle($page)));
341                 }
342                 
343                 showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
344         }
345         else {
346                 # save page
347                 check_canedit($page, $q, $session);
348         
349                 # The session id is stored on the form and checked to
350                 # guard against CSRF. But only if the user is logged in,
351                 # as anonok can allow anonymous edits.
352                 if (defined $session->param("name")) {
353                         my $sid=$q->param('sid');
354                         if (! defined $sid || $sid ne $session->id) {
355                                 error(gettext("Your login session has expired."));
356                         }
357                 }
358
359                 my $exists=-e "$config{srcdir}/$file";
360
361                 if ($form->field("do") ne "create" && ! $exists &&
362                     ! defined srcfile($file, 1)) {
363                         $form->tmpl_param("message", template("editpagegone.tmpl")->output);
364                         $form->field(name => "do", value => "create", force => 1);
365                         $form->tmpl_param("page_select", 0);
366                         $form->field(name => "page", type => 'hidden');
367                         $form->field(name => "type", type => 'hidden');
368                         $form->title(sprintf(gettext("editing %s"), $page));
369                         showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
370                         exit;
371                 }
372                 elsif ($form->field("do") eq "create" && $exists) {
373                         $form->tmpl_param("message", template("editcreationconflict.tmpl")->output);
374                         $form->field(name => "do", value => "edit", force => 1);
375                         $form->tmpl_param("page_select", 0);
376                         $form->field(name => "page", type => 'hidden');
377                         $form->field(name => "type", type => 'hidden');
378                         $form->title(sprintf(gettext("editing %s"), $page));
379                         $form->field("editcontent", 
380                                 value => readfile("$config{srcdir}/$file").
381                                          "\n\n\n".$form->field("editcontent"),
382                                 force => 1);
383                         showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
384                         exit;
385                 }
386                 
387                 my $content=$form->field('editcontent');
388                 run_hooks(editcontent => sub {
389                         $content=shift->(
390                                 content => $content,
391                                 page => $page,
392                                 cgi => $q,
393                                 session => $session,
394                         );
395                 });
396                 $content=~s/\r\n/\n/g;
397                 $content=~s/\r/\n/g;
398                 $content.="\n" if $content !~ /\n$/;
399
400                 $config{cgi}=0; # avoid cgi error message
401                 eval { writefile($file, $config{srcdir}, $content) };
402                 $config{cgi}=1;
403                 if ($@) {
404                         $form->field(name => "rcsinfo", value => rcs_prepedit($file),
405                                 force => 1);
406                         my $mtemplate=template("editfailedsave.tmpl");
407                         $mtemplate->param(error_message => $@);
408                         $form->tmpl_param("message", $mtemplate->output);
409                         $form->field("editcontent", value => $content, force => 1);
410                         $form->tmpl_param("page_select", 0);
411                         $form->field(name => "page", type => 'hidden');
412                         $form->field(name => "type", type => 'hidden');
413                         $form->title(sprintf(gettext("editing %s"), $page));
414                         showform($form, \@buttons, $session, $q,
415                                 forcebaseurl => $baseurl);
416                         exit;
417                 }
418                 
419                 my $conflict;
420                 if ($config{rcs}) {
421                         my $message="";
422                         if (defined $form->field('comments') &&
423                             length $form->field('comments')) {
424                                 $message=$form->field('comments');
425                         }
426                         
427                         if (! $exists) {
428                                 rcs_add($file);
429                         }
430
431                         # Prevent deadlock with post-commit hook by
432                         # signaling to it that it should not try to
433                         # do anything.
434                         disable_commit_hook();
435                         $conflict=rcs_commit($file, $message,
436                                 $form->field("rcsinfo"),
437                                 $session->param("name"), $ENV{REMOTE_ADDR});
438                         enable_commit_hook();
439                         rcs_update();
440                 }
441                 
442                 # Refresh even if there was a conflict, since other changes
443                 # may have been committed while the post-commit hook was
444                 # disabled.
445                 require IkiWiki::Render;
446                 refresh();
447                 saveindex();
448
449                 if (defined $conflict) {
450                         $form->field(name => "rcsinfo", value => rcs_prepedit($file),
451                                 force => 1);
452                         $form->tmpl_param("message", template("editconflict.tmpl")->output);
453                         $form->field("editcontent", value => $conflict, force => 1);
454                         $form->field("do", "edit", force => 1);
455                         $form->tmpl_param("page_select", 0);
456                         $form->field(name => "page", type => 'hidden');
457                         $form->field(name => "type", type => 'hidden');
458                         $form->title(sprintf(gettext("editing %s"), $page));
459                         showform($form, \@buttons, $session, $q,
460                                 forcebaseurl => $baseurl);
461                 }
462                 else {
463                         # The trailing question mark tries to avoid broken
464                         # caches and get the most recent version of the page.
465                         redirect($q, urlto($page, undef, 1)."?updated");
466                 }
467         }
468
469         exit;
470 } #}}}
471
472 1