From ca4d4140c5ab4b351dd5483337cf61e8e9fa94e6 Mon Sep 17 00:00:00 2001 From: rich Date: Wed, 8 Sep 2004 09:54:28 +0000 Subject: [PATCH] Modified all scripts with appropriate restrictions based on editing capabilities. --- scripts/create.ml | 4 ++-- scripts/create_form.ml | 4 ++-- scripts/delete_file.ml | 4 ++-- scripts/delete_file_form.ml | 4 ++-- scripts/delete_image.ml | 4 ++-- scripts/delete_image_form.ml | 4 ++-- scripts/diff.ml | 4 ++-- scripts/edit.ml | 4 ++-- scripts/edit_page_css.ml | 4 ++-- scripts/edit_page_css_form.ml | 4 ++-- scripts/files.ml | 4 ++-- scripts/history.ml | 4 ++-- scripts/images.ml | 4 ++-- scripts/page.ml | 19 ++++++++++++++----- scripts/recent.ml | 4 ++-- scripts/restore.ml | 4 ++-- scripts/restore_form.ml | 4 ++-- scripts/undelete_file.ml | 4 ++-- scripts/undelete_file_form.ml | 4 ++-- scripts/undelete_image.ml | 4 ++-- scripts/undelete_image_form.ml | 4 ++-- scripts/upload_file.ml | 4 ++-- scripts/upload_file_form.ml | 4 ++-- scripts/upload_image.ml | 4 ++-- scripts/upload_image_form.ml | 4 ++-- templates/page.html | 12 +++++++++++- 26 files changed, 73 insertions(+), 54 deletions(-) diff --git a/scripts/create.ml b/scripts/create.ml index c7bc6f2..c1f5f23 100644 --- a/scripts/create.ml +++ b/scripts/create.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: create.ml,v 1.2 2004/09/07 13:40:10 rich Exp $ + * $Id: create.ml,v 1.3 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -75,4 +75,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/" ^ url ^ "/edit") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/create_form.ml b/scripts/create_form.ml index 124be21..829b72a 100644 --- a/scripts/create_form.ml +++ b/scripts/create_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: create_form.ml,v 1.2 2004/09/07 13:40:10 rich Exp $ + * $Id: create_form.ml,v 1.3 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -38,4 +38,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/delete_file.ml b/scripts/delete_file.ml index 430d008..2efd82f 100644 --- a/scripts/delete_file.ml +++ b/scripts/delete_file.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: delete_file.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: delete_file.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -41,4 +41,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/_files") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/delete_file_form.ml b/scripts/delete_file_form.ml index 11d2362..5283ad4 100644 --- a/scripts/delete_file_form.ml +++ b/scripts/delete_file_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: delete_file_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: delete_file_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -29,4 +29,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/delete_image.ml b/scripts/delete_image.ml index 1480e86..aa3bb1d 100644 --- a/scripts/delete_image.ml +++ b/scripts/delete_image.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: delete_image.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: delete_image.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -40,4 +40,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/_images") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/delete_image_form.ml b/scripts/delete_image_form.ml index f004f08..3efe9bc 100644 --- a/scripts/delete_image_form.ml +++ b/scripts/delete_image_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: delete_image_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: delete_image_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -37,4 +37,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/diff.ml b/scripts/diff.ml index bf5eb42..ceeaed7 100644 --- a/scripts/diff.ml +++ b/scripts/diff.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: diff.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: diff.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -47,4 +47,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/edit.ml b/scripts/edit.ml index c00c79d..410e9e0 100644 --- a/scripts/edit.ml +++ b/scripts/edit.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: edit.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: edit.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -479,4 +479,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/edit_page_css.ml b/scripts/edit_page_css.ml index 43219aa..9c91d32 100644 --- a/scripts/edit_page_css.ml +++ b/scripts/edit_page_css.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: edit_page_css.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: edit_page_css.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -88,4 +88,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = "Note: You must RELOAD the page to see changes to stylesheets.") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/edit_page_css_form.ml b/scripts/edit_page_css_form.ml index c262495..ec9ff2f 100644 --- a/scripts/edit_page_css_form.ml +++ b/scripts/edit_page_css_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: edit_page_css_form.ml,v 1.2 2004/09/07 13:40:10 rich Exp $ + * $Id: edit_page_css_form.ml,v 1.3 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -33,4 +33,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/files.ml b/scripts/files.ml index 3deb0f2..cfade36 100644 --- a/scripts/files.ml +++ b/scripts/files.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: files.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: files.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -48,4 +48,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/history.ml b/scripts/history.ml index bc008c4..ae47e64 100644 --- a/scripts/history.ml +++ b/scripts/history.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: history.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: history.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -67,4 +67,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/images.ml b/scripts/images.ml index 30f585f..9484239 100644 --- a/scripts/images.ml +++ b/scripts/images.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: images.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: images.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -68,4 +68,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/page.ml b/scripts/page.ml index 1fcc223..53e6791 100644 --- a/scripts/page.ml +++ b/scripts/page.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: page.ml,v 1.4 2004/09/07 16:19:43 rich Exp $ + * $Id: page.ml,v 1.5 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -26,7 +26,7 @@ type fp_status = FPOK of int * string * string * Dbi.datetime * bool | FPRedirect of string | FPNotFound -let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) user = +let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, edit_anon) user = let page = q#param "page" in let page = if page = "" then "index" else page in @@ -39,6 +39,9 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) user = | [ `Bool has_host_css ] -> has_host_css | _ -> assert false in + (* Can the user edit? *) + let can_edit = can_edit edit_anon user in + (* This code generates ordinary pages. *) let make_page title description pageid last_modified_date has_page_css version page page' = @@ -62,6 +65,8 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) user = t#conditional "has_host_css" has_host_css; t#conditional "has_page_css" has_page_css; + t#conditional "can_edit" can_edit; + (* Pull out the sections in this page. *) let sth = dbh#prepare_cached "select ordering, sectionname, content, divname @@ -194,9 +199,13 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) user = in (* Here we deal with the complex business of redirects and versions. *) - let allow_redirect = not (q#param_true "no_redirect") in - let version = - try Some (int_of_string (q#param "version")) with Not_found -> None in + (* Only allow the no_redirect and version syntax for editors. *) + let allow_redirect, version = + if can_edit then ( + not (q#param_true "no_redirect"), + try Some (int_of_string (q#param "version")) with Not_found -> None + ) else + (true, None) in let rec loop page' i = if i > max_redirect then ( diff --git a/scripts/recent.ml b/scripts/recent.ml index f726245..4af4886 100644 --- a/scripts/recent.ml +++ b/scripts/recent.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: recent.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: recent.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -67,4 +67,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/restore.ml b/scripts/restore.ml index c8f9d3f..274a3e6 100644 --- a/scripts/restore.ml +++ b/scripts/restore.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: restore.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: restore.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -84,4 +84,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/" ^ page) let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/restore_form.ml b/scripts/restore_form.ml index b7dde16..41e7c4a 100644 --- a/scripts/restore_form.ml +++ b/scripts/restore_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: restore_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: restore_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -47,4 +47,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/undelete_file.ml b/scripts/undelete_file.ml index f95c1e9..8be78f6 100644 --- a/scripts/undelete_file.ml +++ b/scripts/undelete_file.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: undelete_file.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: undelete_file.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -52,4 +52,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/_files") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/undelete_file_form.ml b/scripts/undelete_file_form.ml index 152842d..f8ada78 100644 --- a/scripts/undelete_file_form.ml +++ b/scripts/undelete_file_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: undelete_file_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: undelete_file_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -34,4 +34,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/undelete_image.ml b/scripts/undelete_image.ml index e0d9f57..fbce7bf 100644 --- a/scripts/undelete_image.ml +++ b/scripts/undelete_image.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: undelete_image.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: undelete_image.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -57,4 +57,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q#redirect ("http://" ^ hostname ^ "/_images") let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/undelete_image_form.ml b/scripts/undelete_image_form.ml index a287e42..0fe6ee3 100644 --- a/scripts/undelete_image_form.ml +++ b/scripts/undelete_image_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: undelete_image_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: undelete_image_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -38,4 +38,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/upload_file.ml b/scripts/upload_file.ml index 77c5e9e..bca6237 100644 --- a/scripts/upload_file.ml +++ b/scripts/upload_file.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: upload_file.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: upload_file.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -73,4 +73,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q "File was uploaded successfully." let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/upload_file_form.ml b/scripts/upload_file_form.ml index 24f8e22..8606a9d 100644 --- a/scripts/upload_file_form.ml +++ b/scripts/upload_file_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: upload_file_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: upload_file_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -18,4 +18,4 @@ let run r (q : cgi) (dbh : Dbi.connection) _ _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/upload_image.ml b/scripts/upload_image.ml index 579f609..c22fa45 100644 --- a/scripts/upload_image.ml +++ b/scripts/upload_image.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: upload_image.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: upload_image.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -122,4 +122,4 @@ let run r (q : cgi) (dbh : Dbi.connection) (hostid, hostname, _) _ = q "Image was uploaded successfully." let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/scripts/upload_image_form.ml b/scripts/upload_image_form.ml index bdd18f3..3706417 100644 --- a/scripts/upload_image_form.ml +++ b/scripts/upload_image_form.ml @@ -1,7 +1,7 @@ (* COCANWIKI scripts. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: upload_image_form.ml,v 1.3 2004/09/07 14:58:34 rich Exp $ + * $Id: upload_image_form.ml,v 1.4 2004/09/08 09:54:28 rich Exp $ *) open Apache @@ -18,4 +18,4 @@ let run r (q : cgi) (dbh : Dbi.connection) _ _ = q#template template let () = - register_script run + register_script ~restrict:[CanEdit] run diff --git a/templates/page.html b/templates/page.html index 986c5f1..10aab87 100644 --- a/templates/page.html +++ b/templates/page.html @@ -23,34 +23,44 @@
  • Go to the live version of this page.
  • See other old versions of this page.
  • See the differences between this version and the previous version of this page.
    • +::if(can_edit)::
  • Restore this version live.
    • +::end:: ::end:: ::table(sections):: -::if(has_divname)::
    ::end::

    [edit]

    ::sectionname_html::

    +::if(has_divname)::
    ::end::::if(can_edit)::

    [edit]

    ::end::

    ::sectionname_html::

    ::content:: ::if(has_divname)::
    ::end::::end:: -- 1.8.3.1