IkiWiki/Plugin/smcvpostcomment.pm

   1 #!/usr/bin/perl
   2 # Copyright © 2006-2008 Joey Hess <joey@ikiwiki.info>
   3 # Copyright © 2008 Simon McVittie <http://smcv.pseudorandom.co.uk/>
   4 # Licensed under the GNU GPL, version 2, or any later version published by the
   5 # Free Software Foundation
   6 package IkiWiki::Plugin::smcvpostcomment;
   7
   8 use warnings;
   9 use strict;
  10 use IkiWiki 2.00;
  11 use IkiWiki::Plugin::inline;
  12 use IkiWiki::Plugin::mdwn;
  13 use CGI 'escapeHTML';
  14
  15 use constant PLUGIN => "smcvpostcomment";
  16 use constant PREVIEW => "Preview";
  17 use constant POST_COMMENT => "Post comment";
  18 use constant CANCEL => "Cancel";
  19
  20 sub import { #{{{
  21         hook(type => "getsetup", id => PLUGIN,  call => \&getsetup);
  22         hook(type => "preprocess", id => PLUGIN, call => \&preprocess);
  23         hook(type => "sessioncgi", id => PLUGIN, call => \&sessioncgi);
  24         hook(type => "htmlize", id => "_".PLUGIN,
  25                 call => \&IkiWiki::Plugin::mdwn::htmlize);
  26         IkiWiki::loadplugin("inline");
  27 } # }}}
  28
  29 sub getsetup () { #{{{
  30         return
  31                 plugin => {
  32                         safe => 1,
  33                         rebuild => undef,
  34                 },
  35 } #}}}
  36
  37 # Somewhat based on IkiWiki::Plugin::inline blog posting support
  38 sub preprocess (@) { #{{{
  39         my %params=@_;
  40
  41         unless (length $config{cgiurl}) {
  42                 error(sprintf (gettext("[[!%s plugin requires CGI enabled]]"),
  43                         PLUGIN));
  44         }
  45
  46         my $formtemplate = IkiWiki::template(PLUGIN . "_embed.tmpl",
  47                 blind_cache => 1);
  48         $formtemplate->param(cgiurl => $config{cgiurl});
  49         $formtemplate->param(page => $params{page});
  50
  51         if ($params{preview}) {
  52                 $formtemplate->param("disabled" =>
  53                         gettext('not available during Preview'));
  54         }
  55
  56         debug("page $params{page} => destpage $params{destpage}");
  57
  58         # I'm reasonably sure that this counts as abuse of [[!inline]]
  59         return $formtemplate->output . "\n" .
  60                 IkiWiki::preprocess_inline(
  61                         pages => "internal($params{page}/_comment_*)",
  62                         template => PLUGIN . "_display",
  63                         show => 0,
  64                         reverse => "yes",
  65                         page => $params{page},
  66                         destpage => $params{destpage},
  67                         preview => $params{preview});
  68 } # }}}
  69
  70 # FIXME: logic taken from editpage, should be common code?
  71 sub getcgiuser ($) { # {{{
  72         my $session = shift;
  73         my $user = $session->param('name');
  74         $user = $ENV{REMOTE_ADDR} unless defined $user;
  75         debug("getcgiuser() -> $user");
  76         return $user;
  77 } # }}}
  78
  79 # FIXME: logic adapted from recentchanges, should be common code?
  80 sub linkuser ($) { # {{{
  81         my $user = shift;
  82         my $oiduser = eval { IkiWiki::openiduser($user) };
  83
  84         if (defined $oiduser) {
  85                 return ($user, $oiduser);
  86         }
  87         else {
  88                 my $page = bestlink('', (length $config{userdir}
  89                                 ? "$config{userdir}/"
  90                                 : "").$user);
  91                 return (urlto($page, undef, 1), $user);
  92         }
  93 } # }}}
  94
  95 # FIXME: taken from IkiWiki::Plugin::editpage, should be common?
  96 sub checksessionexpiry ($$) { # {{{
  97         my $session = shift;
  98         my $sid = shift;
  99
 100         if (defined $session->param("name")) {
 101                 if (! defined $sid || $sid ne $session->id) {
 102                         error(gettext("Your login session has expired."));
 103                 }
 104         }
 105 } # }}}
 106
 107 # Mostly cargo-culted from IkiWiki::plugin::editpage
 108 sub sessioncgi ($$) { #{{{
 109         my $cgi=shift;
 110         my $session=shift;
 111
 112         my $do = $cgi->param('do');
 113         return unless $do eq PLUGIN;
 114
 115         # These are theoretically configurable, but currently hard-coded
 116         my $allow_wikilinks = 0;
 117         my $allow_directives = 0;
 118         my $commit_comments = 1;
 119
 120         IkiWiki::decode_cgi_utf8($cgi);
 121
 122         eval q{use CGI::FormBuilder};
 123         error($@) if $@;
 124
 125         my @buttons = (POST_COMMENT, PREVIEW, CANCEL);
 126         my $form = CGI::FormBuilder->new(
 127                 fields => [qw{do sid page subject body}],
 128                 charset => 'utf-8',
 129                 method => 'POST',
 130                 required => [qw{body}],
 131                 javascript => 0,
 132                 params => $cgi,
 133                 action => $config{cgiurl},
 134                 header => 0,
 135                 table => 0,
 136                 template => scalar IkiWiki::template_params(PLUGIN . '_form.tmpl'),
 137                 # wtf does this do in editpage?
 138                 wikiname => $config{wikiname},
 139         );
 140
 141         IkiWiki::decode_form_utf8($form);
 142         IkiWiki::run_hooks(formbuilder_setup => sub {
 143                         shift->(title => PLUGIN, form => $form, cgi => $cgi,
 144                                 session => $session, buttons => \@buttons);
 145                 });
 146         IkiWiki::decode_form_utf8($form);
 147
 148         $form->field(name => 'do', type => 'hidden');
 149         $form->field(name => 'sid', type => 'hidden', value => $session->id,
 150                 force => 1);
 151         $form->field(name => 'page', type => 'hidden');
 152         $form->field(name => 'subject', type => 'text', size => 72);
 153         $form->field(name => 'body', type => 'textarea', rows => 5,
 154                 cols => 80);
 155
 156         # The untaint is OK (as in editpage) because we're about to pass
 157         # it to file_pruned anyway
 158         my $page = $form->field('page');
 159         $page = IkiWiki::possibly_foolish_untaint($page);
 160         if (!defined $page || !length $page ||
 161                 IkiWiki::file_pruned($page, $config{srcdir})) {
 162                 error(gettext("bad page name"));
 163         }
 164
 165         # FIXME: is this right? Or should we be using the candidate subpage
 166         # (whatever that might mean) as the base URL?
 167         my $baseurl = urlto($page, undef, 1);
 168
 169         $form->title(sprintf(gettext("commenting on %s"),
 170                         IkiWiki::pagetitle($page)));
 171
 172         $form->tmpl_param('helponformattinglink',
 173                 htmllink($page, $page, 'ikiwiki/formatting',
 174                         noimageinline => 1,
 175                         linktext => 'FormattingHelp'));
 176
 177         if (not exists $pagesources{$page}) {
 178                 error(sprintf(gettext(
 179                         "page '%s' doesn't exist, so you can't comment"),
 180                         $page));
 181         }
 182
 183         if ($form->submitted eq CANCEL) {
 184                 # bounce back to the page they wanted to comment on, and exit.
 185                 # CANCEL need not be considered in future
 186                 IkiWiki::redirect($cgi, urlto($page, undef, 1));
 187                 exit;
 188         }
 189
 190         my ($authorurl, $author) = linkuser(getcgiuser($session));
 191
 192         my $body = $form->field('body') || '';
 193         $body =~ s/\r\n/\n/g;
 194         $body =~ s/\r/\n/g;
 195         $body .= "\n" if $body !~ /\n$/;
 196
 197         $body =~ s/\[\[([^!])/&#91;&#91;$1/g unless $allow_wikilinks;
 198         $body =~ s/\[\[!/&#91;&#91;!/g unless $allow_directives;
 199
 200         # In this template, the [[!meta]] directives should stay at the end,
 201         # so that they will override anything the user specifies. (For
 202         # instance, [[!meta author="I can fake the author"]]...)
 203         my $content_tmpl = template(PLUGIN . '_comment.tmpl');
 204         $content_tmpl->param(author => $author);
 205         $content_tmpl->param(authorurl => $authorurl);
 206         $content_tmpl->param(subject => $form->field('subject'));
 207         $content_tmpl->param(body => $body);
 208
 209         my $content = $content_tmpl->output;
 210
 211         # This is essentially a simplified version of editpage:
 212         # - the user does not control the page that's created, only the parent
 213         # - it's always a create operation, never an edit
 214         # - this means that conflicts should never happen
 215         # - this means that if they do, rocks fall and everyone dies
 216
 217         if ($form->submitted eq PREVIEW) {
 218                 # $fake is a location that has the same number of slashes
 219                 # as the eventual location of this comment.
 220                 my $fake = "$page/_" . PLUGIN . "hypothetical";
 221                 my $preview = IkiWiki::htmlize($fake, $page, 'mdwn',
 222                                 IkiWiki::linkify($page, $page,
 223                                         IkiWiki::preprocess($page, $page,
 224                                                 IkiWiki::filter($fake, $page,
 225                                                         $content),
 226                                                 0, 1)));
 227                 IkiWiki::run_hooks(format => sub {
 228                                 $preview = shift->(page => $page,
 229                                         content => $preview);
 230                         });
 231
 232                 my $template = template(PLUGIN . "_display.tmpl");
 233                 $template->param(content => $preview);
 234                 $template->param(title => $form->field('subject'));
 235                 $template->param(ctime => displaytime(time));
 236                 $template->param(author => $author);
 237                 $template->param(authorurl => $authorurl);
 238
 239                 $form->tmpl_param(page_preview => $template->output);
 240         }
 241         else {
 242                 $form->tmpl_param(page_preview => "");
 243         }
 244
 245         if ($form->submitted eq POST_COMMENT && $form->validate) {
 246                 # Let's get posting. We don't check_canedit here because
 247                 # that somewhat defeats the point of this plugin.
 248
 249                 checksessionexpiry($session, $cgi->param('sid'));
 250
 251                 # FIXME: check that the wiki is locked right now, because
 252                 # if it's not, there are mad race conditions!
 253
 254                 # FIXME: rather a simplistic way to make the comments...
 255                 my $i = 0;
 256                 my $file;
 257                 do {
 258                         $i++;
 259                         $file = "$page/_comment_${i}._" . PLUGIN;
 260                 } while (-e "$config{srcdir}/$file");
 261
 262                 # FIXME: could probably do some sort of graceful retry
 263                 # if I could be bothered
 264                 writefile($file, $config{srcdir}, $content);
 265
 266                 my $conflict;
 267
 268                 if ($config{rcs} and $commit_comments) {
 269                         my $message = gettext("Added a comment");
 270                         if (defined $form->field('subject') &&
 271                                 length $form->field('subject')) {
 272                                 $message .= ": ".$form->field('subject');
 273                         }
 274
 275                         IkiWiki::rcs_add($file);
 276                         IkiWiki::disable_commit_hook();
 277                         $conflict = IkiWiki::rcs_commit_staged($message,
 278                                 $session->param('name'), $ENV{REMOTE_ADDR});
 279                         IkiWiki::enable_commit_hook();
 280                         IkiWiki::rcs_update();
 281                 }
 282
 283                 # Now we need a refresh
 284                 require IkiWiki::Render;
 285                 IkiWiki::refresh();
 286                 IkiWiki::saveindex();
 287
 288                 # this should never happen, unless a committer deliberately
 289                 # breaks it or something
 290                 error($conflict) if defined $conflict;
 291
 292                 # Bounce back to where we were, but defeat broken caches
 293                 my $anticache = "?updated=$page/_comment_$i";
 294                 IkiWiki::redirect($cgi, urlto($page, undef, 1).$anticache);
 295         }
 296         else {
 297                 IkiWiki::showform ($form, \@buttons, $session, $cgi,
 298                         forcebaseurl => $baseurl);
 299         }
 300
 301         exit;
 302 } #}}}
 303
 304 1