X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/20ba12802b3897bf48d8a7704a57e9cede2466bd..9923f5db65f85485d10cb2b5a10c42bb36168de7:/IkiWiki/Plugin/websetup.pm diff --git a/IkiWiki/Plugin/websetup.pm b/IkiWiki/Plugin/websetup.pm index 5c19c9b63..c4b75c4b3 100644 --- a/IkiWiki/Plugin/websetup.pm +++ b/IkiWiki/Plugin/websetup.pm @@ -27,6 +27,13 @@ sub getsetup () { safe => 0, rebuild => 0, }, + websetup_unsafe => { + type => "string", + example => [], + description => "list of additional setup field keys to treat as unsafe", + safe => 0, + rebuild => 0, + }, websetup_show_unsafe => { type => "boolean", example => 1, @@ -57,6 +64,12 @@ sub formatexample ($$) { } } +sub issafe ($) { + my $key=shift; + + return ! grep { $_ eq $key } @{$config{websetup_unsafe}}; +} + sub showfields ($$$@) { my $form=shift; my $plugin=shift; @@ -78,7 +91,8 @@ sub showfields ($$$@) { # XXX hashes not handled yet next if ref $config{$key} && ref $config{$key} eq 'HASH' || ref $info{example} eq 'HASH'; # maybe skip unsafe settings - next if ! $info{safe} && ! ($config{websetup_show_unsafe} && $config{websetup_advanced}); + next if ! ($config{websetup_show_unsafe} && $config{websetup_advanced}) && + (! $info{safe} || ! issafe($key)); # maybe skip advanced settings next if $info{advanced} && ! $config{websetup_advanced}; # these are handled specially, so don't show @@ -88,7 +102,7 @@ sub showfields ($$$@) { } my $section=defined $plugin - ? sprintf(gettext("%s plugin:"), $plugininfo{section}).$plugin + ? sprintf(gettext("%s plugin:"), $plugininfo{section})." ".$plugin : "main"; my %enabledfields; my $shownfields=0; @@ -156,7 +170,7 @@ sub showfields ($$$@) { if (ref $value eq 'ARRAY' || ref $info{example} eq 'ARRAY') { $value=[(ref $value eq 'ARRAY' ? map { Encode::encode_utf8($_) } @{$value} : "")]; - push @$value, "", "" if $info{safe}; # blank items for expansion + push @$value, "", "" if $info{safe} && issafe($key); # blank items for expansion } else { $value=Encode::encode_utf8($value); @@ -210,7 +224,7 @@ sub showfields ($$$@) { } } - if (! $info{safe}) { + if (! $info{safe} || ! issafe($key)) { $form->field(name => $name, disabled => 1); } else { @@ -251,6 +265,8 @@ sub showform ($$) { my $cgi=shift; my $session=shift; + IkiWiki::needsignin($cgi, $session); + if (! defined $session->param("name") || ! IkiWiki::is_admin($session->param("name"))) { error(gettext("you are not logged in as an admin")); @@ -277,7 +293,7 @@ sub showform ($$) { ], action => $config{cgiurl}, template => {type => 'div'}, - stylesheet => IkiWiki::baseurl()."style.css", + stylesheet => 1, ); $form->field(name => "do", type => "hidden", value => "setup", @@ -346,7 +362,7 @@ sub showform ($$) { @value=0; } - if (! $info{safe}) { + if (! $info{safe} || ! issafe($key)) { error("unsafe field $key"); # should never happen } @@ -434,8 +450,8 @@ sub showform ($$) { IkiWiki::unlockwiki(); # Print the top part of a standard misctemplate, - # then show the rebuild or refresh. - my $divider="xxx"; + # then show the rebuild or refresh, live. + my $divider="\0"; my $html=IkiWiki::misctemplate("setup", $divider); IkiWiki::printheader($session); my ($head, $tail)=split($divider, $html, 2); @@ -487,9 +503,10 @@ sub formbuilder_setup (@) { my %params=@_; my $form=$params{form}; - if ($form->title eq "preferences") { - push @{$params{buttons}}, "Wiki Setup"; - if ($form->submitted && $form->submitted eq "Wiki Setup") { + if ($form->title eq "preferences" && + IkiWiki::is_admin($params{session}->param("name"))) { + push @{$params{buttons}}, "Setup"; + if ($form->submitted && $form->submitted eq "Setup") { showform($params{cgi}, $params{session}); exit; }