},
} #}}}
-sub check_canremove ($$$$) { #{{{
+sub check_canremove ($$$) { #{{{
my $page=shift;
my $q=shift;
my $session=shift;
- my $attachment=shift;
# Must be a known source file.
if (! exists $pagesources{$page}) {
# Must be editiable.
IkiWiki::check_canedit($page, $q, $session);
- # This is sorta overkill, but better safe
- # than sorry. If a user can't upload an
- # attachment, don't let them delete it.
- if ($attachment) {
- IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
+ # If a user can't upload an attachment, don't let them delete it.
+ # This is sorta overkill, but better safe than sorry.
+ if (! defined IkiWiki::pagetype($pagesources{$page})) {
+ if (IkiWiki::Plugin::attachment->can("check_canattach")) {
+ IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
+ }
+ else {
+ error("renaming of attachments is not allowed");
+ }
}
} #}}}
my $attachment=shift;
my @pages=@_;
- check_canremove($_, $q, $session, $attachment) foreach @pages;
+ check_canremove($_, $q, $session) foreach @pages;
# Save current form state to allow returning to it later
# without losing any edits.
# and that the user is allowed to edit(/remove) it.
my @files;
foreach my $page (@pages) {
- check_canremove($page, $q, $session, $q->param("attachment"));
+ check_canremove($page, $q, $session);
# This untaint is safe because of the
# checks performed above, which verify the
},
} #}}}
-sub check_canrename ($$$$$$$) { #{{{
+sub check_canrename ($$$$$$) { #{{{
my $src=shift;
my $srcfile=shift;
my $dest=shift;
my $destfile=shift;
my $q=shift;
my $session=shift;
- my $attachment=shift;
+
+ my $attachment=! defined IkiWiki::pagetype($pagesources{$src});
# Must be a known source file.
if (! exists $pagesources{$src}) {
# Must be editable.
IkiWiki::check_canedit($src, $q, $session);
if ($attachment) {
- IkiWiki::Plugin::attachment::check_canattach($session, $src, $srcfile);
+ if (IkiWiki::Plugin::attachment->can("check_canattach")) {
+ IkiWiki::Plugin::attachment::check_canattach($session, $src, $srcfile);
+ }
+ else {
+ error("renaming of attachments is not allowed");
+ }
}
# Dest checks can be omitted by passing undef.
my $page=shift;
check_canrename($page, $pagesources{$page}, undef, undef,
- $q, $session, $attachment);
+ $q, $session);
# Save current form state to allow returning to it later
# without losing any edits.
}
check_canrename($src, $srcfile, $dest, $destfile,
- $q, $session, $q->param("attachment"));
+ $q, $session);
# Ensures that the dest directory exists and is ok.
IkiWiki::prep_writefile($destfile, $config{srcdir});
characters, in addition to the existing check for pruned filenames.
* Print a debug message if a page has multiple source files.
* Add keepextension parameter to htmlize hook. (Willu)
+ * rename, remove: Don't rely on a form parameter to tell whether the page
+ should be treated as an attachment.
-- Joey Hess <joeyh@debian.org> Wed, 17 Sep 2008 14:26:56 -0400
sipb-www / ikiwiki.git / commitdiff
