X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=scripts%2Fcocanwiki.ml;h=9df94a7b8d4f25dd8262839e3b60d7176623c2d5;hb=a9168cad656af034b671c9dea53057845e2196c9;hp=cfe43f72d3538c6eb1ee2811470ed862dbee3548;hpb=714e5e5b4b585da1eca55274e3903ee9a1dbf0d6;p=cocanwiki.git diff --git a/scripts/cocanwiki.ml b/scripts/cocanwiki.ml index cfe43f7..9df94a7 100644 --- a/scripts/cocanwiki.ml +++ b/scripts/cocanwiki.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: cocanwiki.ml,v 1.2 2004/09/07 13:40:10 rich Exp $ + * $Id: cocanwiki.ml,v 1.4 2004/09/07 16:19:43 rich Exp $ *) open Apache @@ -9,20 +9,10 @@ open Registry open Cgi open Printf -open Merjisforwiki - open Cocanwiki_ok module Pool = DbiPool (Dbi_postgres) -(* Generate a printable datestamp for pages. *) -let printable_date (date, _) = - sprintf "%d %s %04d" date.Dbi.day (short_month date.Dbi.month) date.Dbi.year - -let printable_date_time (date, time) = - sprintf "%d %s %04d %02d:%02d" date.Dbi.day (short_month date.Dbi.month) - date.Dbi.year time.Dbi.hour time.Dbi.min - (* This function is used to grab a database handle. It's used in a couple * of very special places, and is not for general consumption. *) @@ -56,8 +46,25 @@ let test_permission edit_anon perm user = let can_edit edit_anon = test_permission edit_anon CanEdit let can_manage_users = test_permission false CanManageUsers -(* Our wrapper around the standard [register_script] function. *) -let register_script ?(restrict = []) run = +(* Our wrapper around the standard [register_script] function. + * + * The optional ~restrict and ~anonymous parameters work as follows: + * + * By default (neither parameter given), anonymous or logged-in users + * at any level are permitted to run the script. + * + * If ~anonymous:false then a user must be logged in to use the script. + * + * If ~restrict contains a list of permissions (eg. CanEdit, etc.) then + * the user must have the ability to do AT LEAST ONE of those actions. + * (Note that this does not necessarily imply that the user must be + * logged in, because in some circumstances even anonymous users have + * the CanEdit permission - very typical for a wiki). + * + * If ~anonymous:false and ~restrict is given then the user must be + * logged in AND have the ability to do AT LEAST ONE of those actions. + *) +let register_script ?(restrict = []) ?(anonymous = true) run = (* Actually register the script with the real [Registry] module. *) register_script (fun r -> @@ -135,11 +142,13 @@ let register_script ?(restrict = []) run = * the user has sufficient permission to run this script. *) let permitted = - match restrict with - [] -> true (* empty list = no restrictions *) - | rs -> - List.fold_left ((||)) false - (List.map (fun r -> test_permission edit_anon r user) rs) in + if not anonymous && user = Anonymous then false + else + match restrict with + [] -> true (* empty list = no restrictions *) + | rs -> + List.fold_left ((||)) false + (List.map (fun r -> test_permission edit_anon r user) rs) in if permitted then ( (* Call the actual CGI script. *)