moved comments pending moderation

[ikiwiki.git] / IkiWiki / Plugin / websetup.pm

diff --git a/IkiWiki/Plugin/websetup.pm b/IkiWiki/Plugin/websetup.pm
index 445552e4044c0e62e073b20188198a884a5f745b..4d2e611ebe17af3bbbaaed3b54002df89aaf811d 100644 (file)
--- a/IkiWiki/Plugin/websetup.pm
+++ b/IkiWiki/Plugin/websetup.pm
@@ -18,6 +18,7 @@ sub getsetup () {
                plugin => {
                        safe => 1,
                        rebuild => 0,
+                       section => "web",
                },
                websetup_force_plugins => {
                        type => "string",
@@ -26,6 +27,13 @@ sub getsetup () {
                        safe => 0,
                        rebuild => 0,
                },
+               websetup_unsafe => {
+                       type => "string",
+                       example => [],
+                       description => "list of additional setup field keys to treat as unsafe",
+                       safe => 0,
+                       rebuild => 0,
+               },
                websetup_show_unsafe => {
                        type => "boolean",
                        example => 1,
@@ -56,6 +64,12 @@ sub formatexample ($$) {
        }
 }
 
+sub issafe ($) {
+       my $key=shift;
+
+       return ! grep { $_ eq $key } @{$config{websetup_unsafe}};
+}
+
 sub showfields ($$$@) {
        my $form=shift;
        my $plugin=shift;
@@ -77,7 +91,8 @@ sub showfields ($$$@) {
                # XXX hashes not handled yet
                next if ref $config{$key} && ref $config{$key} eq 'HASH' || ref $info{example} eq 'HASH';
                # maybe skip unsafe settings
-               next if ! $info{safe} && ! ($config{websetup_show_unsafe} && $config{websetup_advanced});
+               next if ! ($config{websetup_show_unsafe} && $config{websetup_advanced}) &&
+                       (! $info{safe} || ! issafe($key));
                # maybe skip advanced settings
                next if $info{advanced} && ! $config{websetup_advanced};
                # these are handled specially, so don't show
@@ -87,7 +102,7 @@ sub showfields ($$$@) {
        }
 
        my $section=defined $plugin
-               ? sprintf(gettext("%s plugin:"), $plugininfo{section}).$plugin
+               ? sprintf(gettext("%s plugin:"), $plugininfo{section})." ".$plugin
                : "main";
        my %enabledfields;
        my $shownfields=0;
@@ -155,7 +170,7 @@ sub showfields ($$$@) {
 
                if (ref $value eq 'ARRAY' || ref $info{example} eq 'ARRAY') {
                        $value=[(ref $value eq 'ARRAY' ? map { Encode::encode_utf8($_) }  @{$value} : "")];
-                       push @$value, "", "" if $info{safe}; # blank items for expansion
+                       push @$value, "", "" if $info{safe} && issafe($key); # blank items for expansion
                }
                else {
                        $value=Encode::encode_utf8($value);
@@ -209,7 +224,7 @@ sub showfields ($$$@) {
                        }
                }
                
-               if (! $info{safe}) {
+               if (! $info{safe} || ! issafe($key)) {
                        $form->field(name => $name, disabled => 1);
                }
                else {
@@ -250,6 +265,8 @@ sub showform ($$) {
        my $cgi=shift;
        my $session=shift;
 
+       IkiWiki::needsignin($cgi, $session);
+
        if (! defined $session->param("name") || 
            ! IkiWiki::is_admin($session->param("name"))) {
                error(gettext("you are not logged in as an admin"));
@@ -345,7 +362,7 @@ sub showform ($$) {
                                @value=0;
                        }
                
-                       if (! $info{safe}) {
+                       if (! $info{safe} || ! issafe($key)) {
                                error("unsafe field $key"); # should never happen
                        }
                
@@ -486,9 +503,10 @@ sub formbuilder_setup (@) {
        my %params=@_;
 
        my $form=$params{form};
-       if ($form->title eq "preferences") {
-               push @{$params{buttons}}, "Wiki Setup";
-               if ($form->submitted && $form->submitted eq "Wiki Setup") {
+       if ($form->title eq "preferences" &&
+           IkiWiki::is_admin($params{session}->param("name"))) {
+               push @{$params{buttons}}, "Setup";
+               if ($form->submitted && $form->submitted eq "Setup") {
                        showform($params{cgi}, $params{session});
                        exit;
                }