Startsida Utforska Hjälp
Logga in
kensanata
/
oddmuse
Bevaka 4
Stjärnmärk 3
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: eaa9108845
Grenar Taggar
oddmuse
/
modules
/
private-pages.pl

private-pages.pl 4.9 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. # Copyright (C) 2012–2013  Alex Schroeder <alex@gnu.org>
    2. 

  2. #
    3. 

  3. # This program is free software; you can redistribute it and/or modify it under
    4. 

  4. # the terms of the GNU General Public License as published by the Free Software
    5. 

  5. # Foundation; either version 3 of the License, or (at your option) any later
    6. 

  6. # version.
    7. 

  7. #
    8. 

  8. # This program is distributed in the hope that it will be useful, but WITHOUT
    9. 

  9. # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    10. 

  10. # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
    11. 

  11. #
    12. 

  12. # You should have received a copy of the GNU General Public License along with
    13. 

  13. # this program. If not, see <http://www.gnu.org/licenses/>.
    14. 

  14. 

  15. use strict;
    16. 

  16. use v5.10;
    17. 

  17. 

  18. =head1 Private Pages Extension
    19. 

  19. 

  20. This module allows you to hide the content of particular pages in Oddmuse.
    21. 

  21. Unlike the I<Hidden Pages Extension>, this is not based on the user's role of
    22. 

  22. editor or administrator. Instead, every page can have a different password by
    23. 

  23. beginning it with #PASSWORD XYZZY where XYZZY is the password required to read
    24. 

  24. it. Multiple passwords can be supplied, separated by spaces.
    25. 

  25. 

  26. Note that all the meta information of the private page remains public: The
    27. 

  27. I<name> of the page, the fact that is has been edited, the author, the
    28. 

  28. revision, the content of past revisions that have not been protected by a
    29. 

  29. password all remain visible to other users.
    30. 

  30. 

  31. Notes:
    32. 

  32. 

  33. =over
    34. 

  34. 

  35. =item * If you're protecting a comment page, people can still leave comments
    36. 

  36.         -- they just can't read the resulting page.
    37. 

  37. 

  38. =back
    39. 

  39. 

  40. =cut
    41. 

  41. 

  42. AddModuleDescription('private-pages.pl', 'Private Pages Extension');
    43. 

  43. 

  44. our (%IndexHash, %Page, $OpenPageName, $Now, @MyRules);
    45. 

  45. 

  46. sub PrivatePageLocked {
    47. 

  47.   my $text = shift;
    48. 

  48.   my ($line) = split(/\n/, $text, 1);
    49. 

  49.   my @token = split(/\s+/, $line);
    50. 

  50.   my $lock = 0;
    51. 

  51.   if (shift(@token) eq '#PASSWORD') {
    52. 

  52.     my $pwd = GetParam('pwd', '');
    53. 

  53.     $lock = 1;
    54. 

  54.     foreach (@token) {
    55. 

  55.       if ($pwd eq $_) {
    56. 

  56. 	$lock = 0;
    57. 

  57. 	last;
    58. 

  58.       }
    59. 

  59.     }
    60. 

  60.   }
    61. 

  61.   return $lock;
    62. 

  62. }
    63. 

  63. 

  64. *OldPrivatePagesUserCanEdit = \&UserCanEdit;
    65. 

  65. *UserCanEdit = \&NewPrivatePagesUserCanEdit;
    66. 

  66. 

  67. sub NewPrivatePagesUserCanEdit {
    68. 

  68.   my ($id, $editing, @rest) = @_;
    69. 

  69.   my $result = OldPrivatePagesUserCanEdit($id, $editing, @rest);
    70. 

  70.   # bypass OpenPage and GetPageContent (these are redefined below)
    71. 

  71.   if ($result > 0 and $editing and $IndexHash{$id}) {
    72. 

  72.     my $data = ParseData(ReadFileOrDie(GetPageFile($id)));
    73. 

  73.     if (PrivatePageLocked($data->{text})) {
    74. 

  74.       return 0;
    75. 

  75.     }
    76. 

  76.   }
    77. 

  77.   return $result;
    78. 

  78. }
    79. 

  79. 

  80. *OldPrivatePageNewText = \&NewText;
    81. 

  81. 

  82. sub NewPrivatePageNewText {
    83. 

  83.   return Ts('This page is password protected. If you know the password, you can %s. Once you have done that, return and reload this page.',
    84. 

  84. 	    '[' . ScriptUrl('action=password') . ' '
    85. 

  85. 	    . T('supply the password now') . ']');
    86. 

  86. }
    87. 

  87. 

  88. # prevent unauthorized reading
    89. 

  89. 

  90. # If we leave $Page{revision} set, PrintWikiToHTML will save the new
    91. 

  91. # PrivatePageMessage as the new page content. If we don't set $Page{revision},
    92. 

  92. # BrowsePage() will show NewText(). Therefore we need to override NewText(). If
    93. 

  93. # we have no $Page{ts}, PageDeletable will return 1. As a workaround, we set a
    94. 

  94. # timestamp. Aging of the page doesn't matter since the text starts with
    95. 

  95. # #PASSWORD and therefore cannot be the empty string or $DeletedPage.
    96. 

  96. 

  97. *OldPrivatePagesOpenPage = \&OpenPage;
    98. 

  98. *OpenPage = \&NewPrivatePagesOpenPage;
    99. 

  99. 

  100. sub NewPrivatePagesOpenPage {
    101. 

  101.   OldPrivatePagesOpenPage(@_);
    102. 

  102.   if (PrivatePageLocked($Page{text})) {
    103. 

  103.     %Page = (); # reset everything
    104. 

  104.     $Page{ts} = $Now;
    105. 

  105.     *NewText = \&NewPrivatePageNewText;
    106. 

  106.   } else {
    107. 

  107.     *NewText = \&OldPrivatePageNewText;
    108. 

  108.   }
    109. 

  109.   return $OpenPageName;
    110. 

  110. }
    111. 

  111. 

  112. # prevent reading of page content by other code
    113. 

  113. 

  114. *OldPrivatePagesGetPageContent = \&GetPageContent;
    115. 

  115. *GetPageContent = \&NewPrivatePagesGetPageContent;
    116. 

  116. 

  117. sub NewPrivatePagesGetPageContent {
    118. 

  118.   my $text = OldPrivatePagesGetPageContent(@_);
    119. 

  119.   if (PrivatePageLocked($text)) {
    120. 

  120.     return NewPrivatePageNewText();
    121. 

  121.   }
    122. 

  122.   return $text;
    123. 

  123. }
    124. 

  124. 

  125. # prevent reading of old revisions
    126. 

  126. 

  127. *OldPrivatePagesGetTextRevision = \&GetTextRevision;
    128. 

  128. *GetTextRevision = \&NewPrivatePagesGetTextRevision;
    129. 

  129. 

  130. sub NewPrivatePagesGetTextRevision {
    131. 

  131.   my ($page, $revision) = OldPrivatePagesGetTextRevision(@_);
    132. 

  132.   if (PrivatePageLocked($page->{text})) {
    133. 

  133.     return ({text => NewPrivatePageNewText()}, $revision); # XXX faking a page object like this is not good
    134. 

  134.   }
    135. 

  135.   return wantarray ? ($page, $revision) : $page;
    136. 

  136. }
    137. 

  137. 

  138. # hide #PASSWORD
    139. 

  139. 

  140. push(@MyRules, \&PrivatePageRule);
    141. 

  141. 

  142. sub PrivatePageRule {
    143. 

  143.   if (pos == 0 && m/\G#PASSWORD.*\n/cg) {
    144. 

  144.     return '';
    145. 

  145.   }
    146. 

  146.   return;
    147. 

  147. }
    148. 

  148. 

  149. # prevent leaking of edit summary
    150. 

  150. 

  151. *OldPrivatePagesGetSummary = \&GetSummary;
    152. 

  152. *GetSummary = \&NewPrivatePagesGetSummary;
    153. 

  153. 

  154. sub NewPrivatePagesGetSummary {
    155. 

  155.   my $text = GetParam('text', '');
    156. 

  156.   if ($text and $text =~ /^#PASSWORD\b/
    157. 

  157.       # no text means aftertext is set (leaving a comment)
    158. 

  158.       or $Page{text} =~ /^#PASSWORD\b/) {
    159. 

  159.     # if no summary was set, set something in order to avoid the default
    160. 

  160.     return '';
    161. 

  161.   }
    162. 

  162.   return OldPrivatePagesGetSummary();
    163. 

  163. }
    164. 

  164.