checkcontent: New hook, can be used to implement arbitrary content filters, including...

diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 16f9a873fb018ed2fc748766e7a1f36f18ec198f..14e785c8f71cc06977899abc5220856697f5fb4d 100644 (file)
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -467,9 +467,18 @@ sub sessioncgi ($$) {
        }
 
        if ($form->submitted eq POST_COMMENT && $form->validate) {
        }
 
        if ($form->submitted eq POST_COMMENT && $form->validate) {

-               my $file = "$location._comment";
-

                IkiWiki::checksessionexpiry($cgi, $session);
                IkiWiki::checksessionexpiry($cgi, $session);

+               
+               IkiWiki::check_content(content => $form->field('editcontent'),
+                       subject => $form->field('subject'),
+                       $config{comments_allowauthor} ? (
+                               author => $form->field('author'),
+                               url => $form->field('url'),
+                       ) : (),
+                       page => $location,
+                       cgi => $cgi, session => $session);
+               
+               my $file = "$location._comment";

 
                # FIXME: could probably do some sort of graceful retry
                # on error? Would require significant unwinding though
 
                # FIXME: could probably do some sort of graceful retry
                # on error? Would require significant unwinding though

diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index ed994306f55251b561acf61459fcdc06fef8b994..bba52e4fd322e8bbad5f63a13198ff5f491cdef5 100644 (file)
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -78,7 +78,43 @@ sub check_canedit ($$$;$) {
                        }
                }
        });
                        }
                }
        });

-       return $canedit;
+       return defined $canedit ? $canedit : 1;
+}
+
+sub check_content (@) {
+       my %params=@_;
+       
+       return 1 if ! exists $hooks{checkcontent}; # optimisation
+
+       if (exists $pagesources{$params{page}}) {
+               my @diff;
+               my %old=map { $_ => 1 }
+                       split("\n", readfile(srcfile($pagesources{$params{page}})));
+               foreach my $line (split("\n", $params{content})) {
+                       push @diff, $line if ! exists $old{$_};
+               }
+               $params{content}=join("\n", @diff);
+       }
+
+       my $ok;
+       run_hooks(checkcontent => sub {
+               return if defined $ok;
+               my $ret=shift->(%params);
+               if (defined $ret) {
+                       if ($ret eq "") {
+                               $ok=1;
+                       }
+                       elsif (ref $ret eq 'CODE') {
+                               $ret->();
+                               $ok=0;
+                       }
+                       elsif (defined $ret) {
+                               error($ret);
+                       }
+               }
+
+       });
+       return defined $ok ? $ok : 1;

 }
 
 sub cgi_editpage ($$) {
 }
 
 sub cgi_editpage ($$) {


@@ -368,8 +404,17 @@ sub cgi_editpage ($$) {
                        showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
                        exit;
                }
                        showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
                        exit;
                }

+                       
+               my $message="";
+               if (defined $form->field('comments') &&
+                   length $form->field('comments')) {
+                       $message=$form->field('comments');
+               }

                
                my $content=$form->field('editcontent');
                
                my $content=$form->field('editcontent');

+               check_content(content => $content, page => $page,
+                       cgi => $q, session => $session,
+                       subject => $message);

                run_hooks(editcontent => sub {
                        $content=shift->(
                                content => $content,
                run_hooks(editcontent => sub {
                        $content=shift->(
                                content => $content,


@@ -403,12 +448,6 @@ sub cgi_editpage ($$) {
                
                my $conflict;
                if ($config{rcs}) {
                
                my $conflict;
                if ($config{rcs}) {

-                       my $message="";
-                       if (defined $form->field('comments') &&
-                           length $form->field('comments')) {
-                               $message=$form->field('comments');
-                       }
-                       

                        if (! $exists) {
                                rcs_add($file);
                        }
                        if (! $exists) {
                                rcs_add($file);
                        }

diff --git a/debian/changelog b/debian/changelog
index f35606148353cd863b65070e3487cca13033a6d5..b75fe6afc41755721611e5970d1a3fda65b7c9f7 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,6 +18,8 @@ ikiwiki (3.02) UNRELEASED; urgency=low
     behave better.
   * Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
     in blogging.
     behave better.
   * Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
     in blogging.

+  * checkcontent: New hook, can be used to implement arbitrary content
+    filters, including spam filters.

 
  -- Joey Hess <joeyh@debian.org>  Tue, 06 Jan 2009 15:02:52 -0500
 
 
  -- Joey Hess <joeyh@debian.org>  Tue, 06 Jan 2009 15:02:52 -0500
 

diff --git a/doc/plugins/write.mdwn b/doc/plugins/write.mdwn
index 405876d58a9a7200e01d2d77ed91cb9892523ed4..99eea3d1696b3240647b439edae4d8768ddf1033 100644 (file)
--- a/doc/plugins/write.mdwn
+++ b/doc/plugins/write.mdwn
@@ -303,7 +303,7 @@ can check if the session object has a "name" parameter set.
 
 ### canedit
 
 
 ### canedit
 

-       hook(type => "canedit", id => "foo", call => \&pagelocked);
+       hook(type => "canedit", id => "foo", call => \&canedit);

 
 This hook can be used to implement arbitrary access methods to control when
 a page can be edited using the web interface (commits from revision control
 
 This hook can be used to implement arbitrary access methods to control when
 a page can be edited using the web interface (commits from revision control


@@ -321,6 +321,26 @@ This hook should avoid directly redirecting the user to a signin page,
 since it's sometimes used to test to see which pages in a set of pages a
 user can edit.
 
 since it's sometimes used to test to see which pages in a set of pages a
 user can edit.
 

+### checkcontent
+       
+       hook(type => "checkcontent", id => "foo", call => \&checkcontent);
+
+This hook is called to check the content a user has entered on a page,
+before it is saved, and decide if it should be allowed.
+
+It is passed named parameters: `content`, `page`, `cgi`, and `session`. If
+the content the user has entered is a comment, it may also be passed some
+additional parameters: `author`, `url`, and `subject`. The `subject`
+parameter may also be filled with the user's comment about the change.
+
+Note: When the user edits an existing wiki page, the passed `content` will
+include only the lines that they added to the page, or modified.
+
+The hook should return `undef` on success. If the content is disallowed, it
+should return a message stating what the problem is, or a function
+that can be run to perform whatever action is necessary to allow the user
+to post the content.
+

 ### editcontent
 
        hook(type => "editcontent", id => "foo", call => \&editcontent);
 ### editcontent
 
        hook(type => "editcontent", id => "foo", call => \&editcontent);