X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/20ba12802b3897bf48d8a7704a57e9cede2466bd..4c320176c080038f95131f39ecaca3101b4b1745:/IkiWiki/Plugin/websetup.pm

diff --git a/IkiWiki/Plugin/websetup.pm b/IkiWiki/Plugin/websetup.pm
index 5c19c9b63..9cb5eb13c 100644
--- a/IkiWiki/Plugin/websetup.pm
+++ b/IkiWiki/Plugin/websetup.pm
@@ -27,6 +27,13 @@ sub getsetup () {
 			safe => 0,
 			rebuild => 0,
 		},
+		websetup_unsafe => {
+			type => "string",
+			example => [],
+			description => "list of additional setup field keys to treat as unsafe",
+			safe => 0,
+			rebuild => 0,
+		},
 		websetup_show_unsafe => {
 			type => "boolean",
 			example => 1,
@@ -57,6 +64,12 @@ sub formatexample ($$) {
 	}
 }
 
+sub issafe ($) {
+	my $key=shift;
+
+	return ! grep { $_ eq $key } @{$config{websetup_unsafe}};
+}
+
 sub showfields ($$$@) {
 	my $form=shift;
 	my $plugin=shift;
@@ -78,7 +91,8 @@ sub showfields ($$$@) {
 		# XXX hashes not handled yet
 		next if ref $config{$key} && ref $config{$key} eq 'HASH' || ref $info{example} eq 'HASH';
 		# maybe skip unsafe settings
-		next if ! $info{safe} && ! ($config{websetup_show_unsafe} && $config{websetup_advanced});
+		next if ! ($config{websetup_show_unsafe} && $config{websetup_advanced}) &&
+			(! $info{safe} || ! issafe($key));
 		# maybe skip advanced settings
 		next if $info{advanced} && ! $config{websetup_advanced};
 		# these are handled specially, so don't show
@@ -88,7 +102,7 @@ sub showfields ($$$@) {
 	}
 
 	my $section=defined $plugin
-		? sprintf(gettext("%s plugin:"), $plugininfo{section}).$plugin
+		? sprintf(gettext("%s plugin:"), $plugininfo{section})." ".$plugin
 		: "main";
 	my %enabledfields;
 	my $shownfields=0;
@@ -156,7 +170,7 @@ sub showfields ($$$@) {
 
 		if (ref $value eq 'ARRAY' || ref $info{example} eq 'ARRAY') {
 			$value=[(ref $value eq 'ARRAY' ? map { Encode::encode_utf8($_) }  @{$value} : "")];
-			push @$value, "", "" if $info{safe}; # blank items for expansion
+			push @$value, "", "" if $info{safe} && issafe($key); # blank items for expansion
 		}
 		else {
 			$value=Encode::encode_utf8($value);
@@ -210,7 +224,7 @@ sub showfields ($$$@) {
 			}
 		}
 		
-		if (! $info{safe}) {
+		if (! $info{safe} || ! issafe($key)) {
 			$form->field(name => $name, disabled => 1);
 		}
 		else {
@@ -251,6 +265,8 @@ sub showform ($$) {
 	my $cgi=shift;
 	my $session=shift;
 
+	IkiWiki::needsignin($cgi, $session);
+
 	if (! defined $session->param("name") || 
 	    ! IkiWiki::is_admin($session->param("name"))) {
 		error(gettext("you are not logged in as an admin"));
@@ -277,7 +293,7 @@ sub showform ($$) {
 		],
 		action => $config{cgiurl},
 		template => {type => 'div'},
-		stylesheet => IkiWiki::baseurl()."style.css",
+		stylesheet => 1,
 	);
 	
 	$form->field(name => "do", type => "hidden", value => "setup",
@@ -346,7 +362,7 @@ sub showform ($$) {
 				@value=0;
 			}
 		
-			if (! $info{safe}) {
+			if (! $info{safe} || ! issafe($key)) {
 	 			error("unsafe field $key"); # should never happen
 			}
 		
@@ -487,9 +503,10 @@ sub formbuilder_setup (@) {
 	my %params=@_;
 
 	my $form=$params{form};
-	if ($form->title eq "preferences") {
-		push @{$params{buttons}}, "Wiki Setup";
-		if ($form->submitted && $form->submitted eq "Wiki Setup") {
+	if ($form->title eq "preferences" &&
+	    IkiWiki::is_admin($params{session}->param("name"))) {
+		push @{$params{buttons}}, "Setup";
+		if ($form->submitted && $form->submitted eq "Setup") {
 			showform($params{cgi}, $params{session});
 			exit;
 		}