From c6aa42773a17d53b4572488967b99666ab97ef97 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 21 May 2016 14:56:42 -0400 Subject: Trying to fix wiki branch starting fresh from dev --- Zotlabs/Module/Wiki.php | 113 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 113 insertions(+) create mode 100644 Zotlabs/Module/Wiki.php (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php new file mode 100644 index 000000000..ca0dcff82 --- /dev/null +++ b/Zotlabs/Module/Wiki.php @@ -0,0 +1,113 @@ + 1) + $which = argv(1); // if the channel name is in the URL, use that + if(! $which) { // if no channel name was provided, assume the current logged in channel + if(local_channel()) { + $channel = \App::get_channel(); + if($channel && $channel['channel_address']) + $which = $channel['channel_address']; + goaway(z_root().'/wiki/'.$which); + } + } + if(! $which) { + notice( t('You must be logged in to see this page.') . EOL ); + return; + } + } + + function get() { + require_once('include/acl_selectors.php'); + if(local_channel()) { + $channel = \App::get_channel(); + } + + // TODO: check observer permissions + //$ob = \App::get_observer(); + //$observer = get_observer_hash(); + + // Obtain the default permission settings of the channel + $channel_acl = array( + 'allow_cid' => $channel['channel_allow_cid'], + 'allow_gid' => $channel['channel_allow_gid'], + 'deny_cid' => $channel['channel_deny_cid'], + 'deny_gid' => $channel['channel_deny_gid'] + ); + // Initialize the ACL to the channel default permissions + $x = array( + 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), + 'acl' => populate_acl($channel_acl), + 'bang' => '' + ); + $o .= replace_macros(get_markup_template('wiki.tpl'),array( + '$channel' => $channel['channel_address'], + '$lockstate' => $x['lockstate'], + '$acl' => $x['acl'], + '$bang' => $x['bang'], + '$content' => '# Start your wiki', + '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), + '$pageName' => array('pageName', t('Enter the name of the new page:'), '', '') + )); + head_add_js('library/ace/ace.js'); + return $o; + } + + function post() { + + // TODO: Implement wiki API + + // Render mardown-formatted text in HTML + if((argc() > 2) && (argv(2) === 'preview')) { + $content = $_POST['content']; + logger('preview content: ' . $content); + //require_once('library/parsedown/Parsedown.php'); + $parsedown = new Parsedown(); + $html = $parsedown->text($content); + json_return_and_die(array('html' => $html, 'success' => true)); + } + + // Create a new wiki + if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { + // Determine if observer has permission to create wiki + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $which = argv(1); + $channel = get_channel_by_nick($which); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), get_observer_hash()); + + if (!$perms['write_wiki']) { + notice(t('Permission denied.') . EOL); + json_return_and_die(array('success' => false)); + } + } + $name = escape_tags(urlencode($_REQUEST['name'])); //Get new wiki name + // Get ACL for permissions + $acl = new Zotlabs\Access\AccessList($channel); + $acl->set_from_array($_REQUEST); + + $r = wiki_create_wiki($channel, $name, $acl); + if ($r['success']) { + json_return_and_die(array('success' => true)); + } else { + json_return_and_die(array('success' => false)); + } + } + + + json_return_and_die(array('success' => false)); + + + + } +} -- cgit v1.2.3 From 049147a9d78b981482297c3daf48c67f31754259 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 21 May 2016 19:02:23 -0400 Subject: Successful new wiki git repo and item table record --- Zotlabs/Module/Wiki.php | 25 ++++++++++++++----------- Zotlabs/Storage/GitRepo.php | 9 +++++++++ 2 files changed, 23 insertions(+), 11 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index ca0dcff82..c4546e5ef 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -62,6 +62,7 @@ class Wiki extends \Zotlabs\Web\Controller { } function post() { + require_once('include/wiki.php'); // TODO: Implement wiki API @@ -77,37 +78,39 @@ class Wiki extends \Zotlabs\Web\Controller { // Create a new wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { + $which = argv(1); // Determine if observer has permission to create wiki if (local_channel()) { $channel = \App::get_channel(); } else { - $which = argv(1); $channel = get_channel_by_nick($which); + $observer_hash = get_observer_hash(); // Figure out who the page owner is. - $perms = get_all_perms(intval($channel['channel_id']), get_observer_hash()); + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); if (!$perms['write_wiki']) { notice(t('Permission denied.') . EOL); json_return_and_die(array('success' => false)); } } - $name = escape_tags(urlencode($_REQUEST['name'])); //Get new wiki name + $name = escape_tags(urlencode($_REQUEST['wikiName'])); //Get new wiki name + if($name === '') { + notice('Error creating wiki. Invalid name.'); + goaway('/wiki'); + } // Get ACL for permissions - $acl = new Zotlabs\Access\AccessList($channel); + $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_REQUEST); - - $r = wiki_create_wiki($channel, $name, $acl); + $r = wiki_create_wiki($channel, $observer_hash, $name, $acl); if ($r['success']) { - json_return_and_die(array('success' => true)); + goaway('/wiki/'.$which.'/'.$name); } else { - json_return_and_die(array('success' => false)); + notice('Error creating wiki'); + goaway('/wiki'); } } - json_return_and_die(array('success' => false)); - - } } diff --git a/Zotlabs/Storage/GitRepo.php b/Zotlabs/Storage/GitRepo.php index 2a24e03c0..f4a129bb3 100644 --- a/Zotlabs/Storage/GitRepo.php +++ b/Zotlabs/Storage/GitRepo.php @@ -75,6 +75,15 @@ class GitRepo { } } } + + public function initRepo() { + if(!$this->path) return false; + try { + return $this->git->init($this->path); + } catch (\PHPGit\Exception\GitException $ex) { + return false; + } + } public function pull() { try { -- cgit v1.2.3 From a36bef7979aecd72751d319f85b7037991979e35 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 21 May 2016 21:55:09 -0400 Subject: List of wikis populates with links according to observer permissions. --- Zotlabs/Module/Wiki.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index c4546e5ef..53a3eb26b 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -48,7 +48,22 @@ class Wiki extends \Zotlabs\Web\Controller { 'acl' => populate_acl($channel_acl), 'bang' => '' ); +// $wikiheader = t('Wiki Sandbox'); +// $hide_editor = false; + if(argc()<3) { + $wikiheader = t('Wiki Sandbox'); + $hide_editor = false; + } elseif (argc()<4) { + $wikiheader = 'Empty wiki: ' . rawurldecode(argv(2)); // show wiki name + $hide_editor = true; + } elseif (argc()<5) { + $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page + $hide_editor = false; + } + $o .= replace_macros(get_markup_template('wiki.tpl'),array( + '$wikiheader' => $wikiheader, + '$hideEditor' => $hide_editor, '$channel' => $channel['channel_address'], '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], -- cgit v1.2.3 From e00b8a70829213a4333a53a097c2c498d529f5d6 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Tue, 24 May 2016 06:15:42 -0400 Subject: Delete wiki (in progress) --- Zotlabs/Module/Wiki.php | 52 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 7 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 53a3eb26b..221068e0a 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -21,7 +21,7 @@ class Wiki extends \Zotlabs\Web\Controller { } if(! $which) { notice( t('You must be logged in to see this page.') . EOL ); - return; + goaway('/login'); } } @@ -91,6 +91,12 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('html' => $html, 'success' => true)); } + // Check if specified wiki exists and redirect if not + if((argc() > 2)) { + $wikiname = argv(2); + // TODO: Check if specified wiki exists and redirect if not + } + // Create a new wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { $which = argv(1); @@ -102,20 +108,23 @@ class Wiki extends \Zotlabs\Web\Controller { $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); - - if (!$perms['write_wiki']) { + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { notice(t('Permission denied.') . EOL); - json_return_and_die(array('success' => false)); + goaway(argv(0).'/'.argv(1).'/'.argv(2)); } } - $name = escape_tags(urlencode($_REQUEST['wikiName'])); //Get new wiki name + $name = escape_tags(urlencode($_POST['wikiName'])); //Get new wiki name if($name === '') { notice('Error creating wiki. Invalid name.'); goaway('/wiki'); } // Get ACL for permissions $acl = new \Zotlabs\Access\AccessList($channel); - $acl->set_from_array($_REQUEST); + logger('POST: ' . json_encode($_POST)); + $acl->set_from_array($_POST); + logger('acl: ' . json_encode($acl)); $r = wiki_create_wiki($channel, $observer_hash, $name, $acl); if ($r['success']) { goaway('/wiki/'.$which.'/'.$name); @@ -125,7 +134,36 @@ class Wiki extends \Zotlabs\Web\Controller { } } - json_return_and_die(array('success' => false)); + // Delete a wiki + if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { + $which = argv(1); + // Determine if observer has permission to create wiki + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($which); + $observer_hash = get_observer_hash(); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { + logger('Wiki delete permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $resource_id = $_POST['resource_id']; + $deleted = wiki_delete_wiki($resource_id); + if ($deleted['success']) { + json_return_and_die(array('success' => true)); + } else { + logger('Error deleting wiki: ' . $resource_id); + json_return_and_die(array('success' => false)); + } + } + + notice('You must be authenticated.'); + goaway('/wiki'); } } -- cgit v1.2.3 From ca78ebce6d254f244b4c1fbe25eb3aca40b26952 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Fri, 27 May 2016 20:37:37 -0400 Subject: Check if wiki exists and redirect if it does not --- Zotlabs/Module/Wiki.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 221068e0a..290c2e005 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -26,6 +26,7 @@ class Wiki extends \Zotlabs\Web\Controller { } function get() { + require_once('include/wiki.php'); require_once('include/acl_selectors.php'); if(local_channel()) { $channel = \App::get_channel(); @@ -56,6 +57,10 @@ class Wiki extends \Zotlabs\Web\Controller { } elseif (argc()<4) { $wikiheader = 'Empty wiki: ' . rawurldecode(argv(2)); // show wiki name $hide_editor = true; + // Check if wiki exists andr redirect if it does not + if(!wiki_exists_by_name(argv(2))['id']) { + goaway('/'.argv(0).'/'.argv(1)); + } } elseif (argc()<5) { $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page $hide_editor = false; @@ -112,7 +117,7 @@ class Wiki extends \Zotlabs\Web\Controller { // then, use webpage permissions if (!$perms['write_pages']) { notice(t('Permission denied.') . EOL); - goaway(argv(0).'/'.argv(1).'/'.argv(2)); + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); } } $name = escape_tags(urlencode($_POST['wikiName'])); //Get new wiki name -- cgit v1.2.3 From 4691c3ec01eda972e7b4cae4ec940c8c24d51b5a Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Fri, 27 May 2016 22:19:05 -0400 Subject: Add new page to wiki and redirect to editor page. --- Zotlabs/Module/Wiki.php | 59 +++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 52 insertions(+), 7 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 290c2e005..909b2c84d 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -49,18 +49,25 @@ class Wiki extends \Zotlabs\Web\Controller { 'acl' => populate_acl($channel_acl), 'bang' => '' ); -// $wikiheader = t('Wiki Sandbox'); -// $hide_editor = false; + + $resource_id = ''; + if(argc()>2) { + // Check if wiki exists andr redirect if it does not + $channel = get_channel_by_nick(argv(1)); + $w = wiki_exists_by_name($channel['channel_id'], argv(2)); + logger('wiki_Exists: ' . json_encode($w)); + if(!$w['id']) { + goaway('/'.argv(0).'/'.argv(1)); + } else { + $resource_id = $w['resource_id']; + } + } if(argc()<3) { $wikiheader = t('Wiki Sandbox'); $hide_editor = false; } elseif (argc()<4) { $wikiheader = 'Empty wiki: ' . rawurldecode(argv(2)); // show wiki name - $hide_editor = true; - // Check if wiki exists andr redirect if it does not - if(!wiki_exists_by_name(argv(2))['id']) { - goaway('/'.argv(0).'/'.argv(1)); - } + $hide_editor = true; } elseif (argc()<5) { $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page $hide_editor = false; @@ -70,6 +77,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$wikiheader' => $wikiheader, '$hideEditor' => $hide_editor, '$channel' => $channel['channel_address'], + '$resource_id' => $resource_id, '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], '$bang' => $x['bang'], @@ -166,6 +174,43 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('success' => false)); } } + + // Create a page + if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) { + $which = argv(1); + $resource_id = $_POST['resource_id']; + // Determine if observer has permission to create wiki + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($which); + $observer_hash = get_observer_hash(); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { + logger('Wiki editing permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. Read only.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $name = escape_tags(urlencode($_POST['name'])); //Get new wiki name + if($name === '') { + json_return_and_die(array('message' => 'Error creating page. Invalid name.', 'success' => false)); + } + $page = wiki_create_page($name . '.md', $resource_id); + if ($page['success']) { + json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki'].'/'.$name, 'success' => true)); + } else { + logger('Error creating page'); + json_return_and_die(array('message' => 'Error creating page.', 'success' => false)); + } + } notice('You must be authenticated.'); goaway('/wiki'); -- cgit v1.2.3 From f884fa66782544cd6fc44a81b978a905d4755cea Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 28 May 2016 07:17:42 -0400 Subject: Wiki page list is fetched and the page widget is updated --- Zotlabs/Module/Wiki.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 909b2c84d..9d905f561 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -92,8 +92,6 @@ class Wiki extends \Zotlabs\Web\Controller { function post() { require_once('include/wiki.php'); - // TODO: Implement wiki API - // Render mardown-formatted text in HTML if((argc() > 2) && (argv(2) === 'preview')) { $content = $_POST['content']; @@ -212,8 +210,22 @@ class Wiki extends \Zotlabs\Web\Controller { } } - notice('You must be authenticated.'); - goaway('/wiki'); + // Fetch page list for a wiki + if ((argc() === 5) && (argv(2) === 'get') && (argv(3) === 'page') && (argv(4) === 'list')) { + $resource_id = $_POST['resource_id']; // resource_id for wiki in db + $channel = get_channel_by_nick(argv(1)); + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); + } + $page_list_html = widget_wiki_pages(array('resource_id' => $resource_id)); + json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); + } + + //notice('You must be authenticated.'); + json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); } } -- cgit v1.2.3 From ae94e8a855d31125b96e158c0fb8c0d6f22631d6 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 28 May 2016 07:42:18 -0400 Subject: Wiki page list links work. File content is not yet loaded into the editor. Removed some logger calls. --- Zotlabs/Module/Wiki.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 9d905f561..54511fc91 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -55,7 +55,6 @@ class Wiki extends \Zotlabs\Web\Controller { // Check if wiki exists andr redirect if it does not $channel = get_channel_by_nick(argv(1)); $w = wiki_exists_by_name($channel['channel_id'], argv(2)); - logger('wiki_Exists: ' . json_encode($w)); if(!$w['id']) { goaway('/'.argv(0).'/'.argv(1)); } else { @@ -95,8 +94,6 @@ class Wiki extends \Zotlabs\Web\Controller { // Render mardown-formatted text in HTML if((argc() > 2) && (argv(2) === 'preview')) { $content = $_POST['content']; - logger('preview content: ' . $content); - //require_once('library/parsedown/Parsedown.php'); $parsedown = new Parsedown(); $html = $parsedown->text($content); json_return_and_die(array('html' => $html, 'success' => true)); @@ -133,9 +130,7 @@ class Wiki extends \Zotlabs\Web\Controller { } // Get ACL for permissions $acl = new \Zotlabs\Access\AccessList($channel); - logger('POST: ' . json_encode($_POST)); $acl->set_from_array($_POST); - logger('acl: ' . json_encode($acl)); $r = wiki_create_wiki($channel, $observer_hash, $name, $acl); if ($r['success']) { goaway('/wiki/'.$which.'/'.$name); @@ -220,7 +215,10 @@ class Wiki extends \Zotlabs\Web\Controller { logger('Wiki read permission denied.' . EOL); json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); } - $page_list_html = widget_wiki_pages(array('resource_id' => $resource_id)); + $page_list_html = widget_wiki_pages(array( + 'resource_id' => $resource_id, + 'refresh' => true, + 'channel' => argv(1))); json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); } -- cgit v1.2.3 From 7393dccde816bafca2e3efe534fae56339e2c536 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 28 May 2016 12:33:07 -0400 Subject: Page content is loaded from the file on disk --- Zotlabs/Module/Wiki.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 54511fc91..76c07f2bc 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -63,12 +63,20 @@ class Wiki extends \Zotlabs\Web\Controller { } if(argc()<3) { $wikiheader = t('Wiki Sandbox'); + $content = '# Wiki Sandbox\nContent you **edit** and **preview** here *will not be saved*.'; $hide_editor = false; } elseif (argc()<4) { - $wikiheader = 'Empty wiki: ' . rawurldecode(argv(2)); // show wiki name + $wikiheader = rawurldecode(argv(2)); // show wiki name + $content = ''; $hide_editor = true; } elseif (argc()<5) { - $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page + $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page + $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => argv(3))); + if(!$p['success']) { + logger('Error getting page content'); + $content = 'Error retrieving page content. Try again.'; + } + $content = $p['content']; $hide_editor = false; } @@ -80,7 +88,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], '$bang' => $x['bang'], - '$content' => '# Start your wiki', + '$content' => $content, '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), '$pageName' => array('pageName', t('Enter the name of the new page:'), '', '') )); -- cgit v1.2.3 From 819683a073f85b05807d6c936a2b746296fc8de4 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 28 May 2016 14:11:36 -0400 Subject: Show page content by default. Hide page controls where appropriate. Fix sandbox text format. --- Zotlabs/Module/Wiki.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 76c07f2bc..a53cb3f6a 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -63,12 +63,14 @@ class Wiki extends \Zotlabs\Web\Controller { } if(argc()<3) { $wikiheader = t('Wiki Sandbox'); - $content = '# Wiki Sandbox\nContent you **edit** and **preview** here *will not be saved*.'; + $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; $hide_editor = false; + $showPageControls = false; } elseif (argc()<4) { $wikiheader = rawurldecode(argv(2)); // show wiki name $content = ''; - $hide_editor = true; + $hide_editor = true; + $showPageControls = true; } elseif (argc()<5) { $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => argv(3))); @@ -78,17 +80,23 @@ class Wiki extends \Zotlabs\Web\Controller { } $content = $p['content']; $hide_editor = false; + $showPageControls = true; } + $parsedown = new Parsedown(); + $renderedContent = $parsedown->text(json_decode($content)); + $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheader' => $wikiheader, '$hideEditor' => $hide_editor, + '$showPageControls' => $showPageControls, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], '$bang' => $x['bang'], '$content' => $content, + '$renderedContent' => $renderedContent, '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), '$pageName' => array('pageName', t('Enter the name of the new page:'), '', '') )); -- cgit v1.2.3 From ab54bf514921ae3fe0fafcdf154364815ed6375f Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 28 May 2016 15:11:19 -0400 Subject: Wiki pages can be saved. --- Zotlabs/Module/Wiki.php | 44 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index a53cb3f6a..5d293e6f0 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -51,6 +51,7 @@ class Wiki extends \Zotlabs\Web\Controller { ); $resource_id = ''; + $pagename = ''; if(argc()>2) { // Check if wiki exists andr redirect if it does not $channel = get_channel_by_nick(argv(1)); @@ -68,12 +69,13 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = false; } elseif (argc()<4) { $wikiheader = rawurldecode(argv(2)); // show wiki name - $content = ''; + $content = '""'; $hide_editor = true; $showPageControls = true; } elseif (argc()<5) { - $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode(argv(3)); // show wiki name and page - $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => argv(3))); + $pagename = argv(3); + $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page + $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); if(!$p['success']) { logger('Error getting page content'); $content = 'Error retrieving page content. Try again.'; @@ -82,7 +84,6 @@ class Wiki extends \Zotlabs\Web\Controller { $hide_editor = false; $showPageControls = true; } - $parsedown = new Parsedown(); $renderedContent = $parsedown->text(json_decode($content)); @@ -92,6 +93,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$showPageControls' => $showPageControls, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, + '$page' => $pagename, '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], '$bang' => $x['bang'], @@ -238,6 +240,40 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('pages' => $page_list_html, 'message' => '', 'success' => true)); } + // Save a page + if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { + $which = argv(1); + $resource_id = $_POST['resource_id']; + $pagename = escape_tags(urlencode($_POST['name'])); + $content = escape_tags($_POST['content']); //Get new content + // Determine if observer has permission to create wiki + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($which); + $observer_hash = get_observer_hash(); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { + logger('Wiki editing permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. Read only.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $saved = wiki_save_page(array('resource_id' => $resource_id, 'name' => $pagename, 'content' => $content)); + if($saved['success']) { + json_return_and_die(array('success' => true)); + } else { + json_return_and_die(array('success' => false)); + } + } + //notice('You must be authenticated.'); json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); -- cgit v1.2.3 From 63a97ff6fc313372d9cb439a621f12fdecc2fac1 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 10:18:26 -0400 Subject: Git commit made for the page edits when the page is saved. --- Zotlabs/Module/Wiki.php | 15 +++++++++++++-- Zotlabs/Storage/GitRepo.php | 9 +++++++++ 2 files changed, 22 insertions(+), 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 5d293e6f0..70d326faf 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -268,9 +268,20 @@ class Wiki extends \Zotlabs\Web\Controller { } $saved = wiki_save_page(array('resource_id' => $resource_id, 'name' => $pagename, 'content' => $content)); if($saved['success']) { - json_return_and_die(array('success' => true)); + $ob = \App::get_observer(); + $commit = wiki_git_commit(array( + 'commit_msg' => 'Updated ' . $pagename, + 'resource_id' => $resource_id, + 'observer' => $ob, + 'files' => array($pagename) + )); + if($commit['success']) { + json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); + } else { + json_return_and_die(array('message' => 'Error making git commit','success' => false)); + } } else { - json_return_and_die(array('success' => false)); + json_return_and_die(array('message' => 'Error saving page', 'success' => false)); } } diff --git a/Zotlabs/Storage/GitRepo.php b/Zotlabs/Storage/GitRepo.php index f4a129bb3..306abc0ba 100644 --- a/Zotlabs/Storage/GitRepo.php +++ b/Zotlabs/Storage/GitRepo.php @@ -127,6 +127,15 @@ class GitRepo { $repo['logs'] = $git->log(array('limit' => 50)); return $repo; } + + // Commit changes to the repo. Default is to stage all changes and commit everything. + public function commit($msg, $options = array()) { + try { + return $this->git->commit($msg, $options); + } catch (\PHPGit\Exception\GitException $ex) { + return false; + } + } public static function isValidGitRepoURL($url) { if (validate_url($url) && strrpos(parse_url($url, PHP_URL_PATH), '.')) { -- cgit v1.2.3 From df7772e301be10fd31329f646db98361baa04857 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 13:33:52 -0400 Subject: Home page create with new wiki. URL redirects here when no page given. Fixed bug with author in wiki item table record. --- Zotlabs/Module/Wiki.php | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 70d326faf..51630bddc 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -52,7 +52,10 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = ''; $pagename = ''; - if(argc()>2) { + + // GET https://hubzilla.hub/argv(0)/argv(1)/argv(2)/argv(3)/argv(4)/... + if(argc() > 2) { + // GET /wiki/channel/wiki // Check if wiki exists andr redirect if it does not $channel = get_channel_by_nick(argv(1)); $w = wiki_exists_by_name($channel['channel_id'], argv(2)); @@ -62,17 +65,23 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = $w['resource_id']; } } + if(argc()<3) { + // GET /wiki/channel $wikiheader = t('Wiki Sandbox'); $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; $hide_editor = false; $showPageControls = false; } elseif (argc()<4) { + // GET /wiki/channel/wiki + // No page was specified, so redirect to Home.md + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); $wikiheader = rawurldecode(argv(2)); // show wiki name $content = '""'; $hide_editor = true; $showPageControls = true; } elseif (argc()<5) { + // GET /wiki/channel/wiki/page $pagename = argv(3); $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); @@ -127,11 +136,11 @@ class Wiki extends \Zotlabs\Web\Controller { if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { $which = argv(1); // Determine if observer has permission to create wiki + $observer_hash = get_observer_hash(); if (local_channel()) { $channel = \App::get_channel(); } else { $channel = get_channel_by_nick($which); - $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); // TODO: Create a new permission setting for wiki analogous to webpages. Until @@ -151,7 +160,12 @@ class Wiki extends \Zotlabs\Web\Controller { $acl->set_from_array($_POST); $r = wiki_create_wiki($channel, $observer_hash, $name, $acl); if ($r['success']) { - goaway('/wiki/'.$which.'/'.$name); + $homePage = wiki_create_page('Home.md', $r['item']['resource_id']); + if(!$homePage['success']) { + notice('Wiki created, but error creating Home page.'); + goaway('/wiki/'.$which.'/'.$name); + } + goaway('/wiki/'.$which.'/'.$name.'/Home.md'); } else { notice('Error creating wiki'); goaway('/wiki'); -- cgit v1.2.3 From 3e6af5c87692b5dbefd59d7b2350670d4e1cb3a4 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 17:06:45 -0400 Subject: Hacked Parsedown and Markdown to add class inline-code to blocks for proper inline code rendering. Stopped using Parsedown even though Markdown is slower, hence extra delay when previewing pages. --- Zotlabs/Module/Wiki.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 51630bddc..efd4120ca 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -93,8 +93,10 @@ class Wiki extends \Zotlabs\Web\Controller { $hide_editor = false; $showPageControls = true; } - $parsedown = new Parsedown(); - $renderedContent = $parsedown->text(json_decode($content)); + //$parsedown = new Parsedown(); + //$renderedContent = $parsedown->text(json_decode($content)); + require_once('library/markdown.php'); + $renderedContent = Markdown(json_decode($content)); $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheader' => $wikiheader, @@ -121,8 +123,10 @@ class Wiki extends \Zotlabs\Web\Controller { // Render mardown-formatted text in HTML if((argc() > 2) && (argv(2) === 'preview')) { $content = $_POST['content']; - $parsedown = new Parsedown(); - $html = $parsedown->text($content); + //$parsedown = new Parsedown(); + //$html = $parsedown->text($content); + require_once('library/markdown.php'); + $html = Markdown($content); json_return_and_die(array('html' => $html, 'success' => true)); } @@ -230,7 +234,7 @@ class Wiki extends \Zotlabs\Web\Controller { } $page = wiki_create_page($name . '.md', $resource_id); if ($page['success']) { - json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki'].'/'.$name, 'success' => true)); + json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki'].'/'.$name.'.md', 'success' => true)); } else { logger('Error creating page'); json_return_and_die(array('message' => 'Error creating page.', 'success' => false)); -- cgit v1.2.3 From fad27fc1e791dbe77321d4b45eb6293f8ff97310 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 20:16:17 -0400 Subject: Hide page controls when not owner. Fixed some serious access control issues. --- Zotlabs/Module/Wiki.php | 49 +++++++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 22 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index efd4120ca..b369221c8 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -28,14 +28,11 @@ class Wiki extends \Zotlabs\Web\Controller { function get() { require_once('include/wiki.php'); require_once('include/acl_selectors.php'); + $wiki_owner = false; if(local_channel()) { $channel = \App::get_channel(); } - // TODO: check observer permissions - //$ob = \App::get_observer(); - //$observer = get_observer_hash(); - // Obtain the default permission settings of the channel $channel_acl = array( 'allow_cid' => $channel['channel_allow_cid'], @@ -58,13 +55,26 @@ class Wiki extends \Zotlabs\Web\Controller { // GET /wiki/channel/wiki // Check if wiki exists andr redirect if it does not $channel = get_channel_by_nick(argv(1)); + if(local_channel() === intval($channel['channel_id'])) { + $wiki_owner = true; + } $w = wiki_exists_by_name($channel['channel_id'], argv(2)); - if(!$w['id']) { + if(!$w['resource_id']) { + notice('Wiki not found' . EOL); goaway('/'.argv(0).'/'.argv(1)); - } else { + } else { $resource_id = $w['resource_id']; } - } + if (!$wiki_owner) { + // Check for observer permissionswhich); + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + notice('Permission denied.' . EOL); + goaway('/'.argv(0).'/'.argv(1)); + } + } + } if(argc()<3) { // GET /wiki/channel @@ -79,22 +89,23 @@ class Wiki extends \Zotlabs\Web\Controller { $wikiheader = rawurldecode(argv(2)); // show wiki name $content = '""'; $hide_editor = true; - $showPageControls = true; + // Until separate read and write permissions are implemented, only allow + // the wiki owner to see page controls + $showPageControls = $wiki_owner; } elseif (argc()<5) { // GET /wiki/channel/wiki/page $pagename = argv(3); $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); if(!$p['success']) { - logger('Error getting page content'); + logger('wiki_get_page_content: ' . $p['message']); $content = 'Error retrieving page content. Try again.'; } - $content = $p['content']; + logger('content: ' . $content); + $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; - $showPageControls = true; + $showPageControls = $wiki_owner; } - //$parsedown = new Parsedown(); - //$renderedContent = $parsedown->text(json_decode($content)); require_once('library/markdown.php'); $renderedContent = Markdown(json_decode($content)); @@ -120,23 +131,17 @@ class Wiki extends \Zotlabs\Web\Controller { function post() { require_once('include/wiki.php'); - // Render mardown-formatted text in HTML + // /wiki/channel/preview + // Render mardown-formatted text in HTML for preview if((argc() > 2) && (argv(2) === 'preview')) { $content = $_POST['content']; - //$parsedown = new Parsedown(); - //$html = $parsedown->text($content); require_once('library/markdown.php'); $html = Markdown($content); json_return_and_die(array('html' => $html, 'success' => true)); } - // Check if specified wiki exists and redirect if not - if((argc() > 2)) { - $wikiname = argv(2); - // TODO: Check if specified wiki exists and redirect if not - } - // Create a new wiki + // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { $which = argv(1); // Determine if observer has permission to create wiki -- cgit v1.2.3 From 00d32f6b947d10b836cf1a4d59dbff3413517fd5 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 20:39:19 -0400 Subject: Only show wiki delete control if channel owner --- Zotlabs/Module/Wiki.php | 1 + 1 file changed, 1 insertion(+) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index b369221c8..3c1f14a9b 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -78,6 +78,7 @@ class Wiki extends \Zotlabs\Web\Controller { if(argc()<3) { // GET /wiki/channel + $channel = get_channel_by_nick(argv(1)); $wikiheader = t('Wiki Sandbox'); $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; $hide_editor = false; -- cgit v1.2.3 From a3dfdd9d3886451f5e97940387a56171c5810cf6 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 20:44:28 -0400 Subject: Remove Parsedown library files and remove references. --- Zotlabs/Module/Wiki.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 3c1f14a9b..946529424 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -2,8 +2,6 @@ namespace Zotlabs\Module;/** @file */ -use \library\parsedown\Parsedown as Parsedown; - class Wiki extends \Zotlabs\Web\Controller { function init() { -- cgit v1.2.3 From 4b350b909025ba2102d5ad2c5ee32b3c4eecaa48 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 29 May 2016 21:23:56 -0400 Subject: Fixed bug in access control. Hide new wiki/page buttons if not channel owner. --- Zotlabs/Module/Wiki.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 946529424..030e34cf6 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -97,10 +97,8 @@ class Wiki extends \Zotlabs\Web\Controller { $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); if(!$p['success']) { - logger('wiki_get_page_content: ' . $p['message']); $content = 'Error retrieving page content. Try again.'; } - logger('content: ' . $content); $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; $showPageControls = $wiki_owner; -- cgit v1.2.3 From a52cdcb2410fc67823a3dab62b413d70ec57cdec Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Mon, 30 May 2016 14:59:33 -0400 Subject: Replaced wiki item record object field with ActivityStreams information. Wiki git repo path is stored in iconfig instead. --- Zotlabs/Module/Wiki.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 030e34cf6..d6acbf6b0 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -27,6 +27,7 @@ class Wiki extends \Zotlabs\Web\Controller { require_once('include/wiki.php'); require_once('include/acl_selectors.php'); $wiki_owner = false; + $showNewWikiButton = false; if(local_channel()) { $channel = \App::get_channel(); } @@ -47,15 +48,16 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = ''; $pagename = ''; - + if(argc() > 1) { + $channel = get_channel_by_nick(argv(1)); + if(local_channel() === intval($channel['channel_id'])) { + $wiki_owner = true; + } + } // GET https://hubzilla.hub/argv(0)/argv(1)/argv(2)/argv(3)/argv(4)/... if(argc() > 2) { // GET /wiki/channel/wiki // Check if wiki exists andr redirect if it does not - $channel = get_channel_by_nick(argv(1)); - if(local_channel() === intval($channel['channel_id'])) { - $wiki_owner = true; - } $w = wiki_exists_by_name($channel['channel_id'], argv(2)); if(!$w['resource_id']) { notice('Wiki not found' . EOL); @@ -81,6 +83,7 @@ class Wiki extends \Zotlabs\Web\Controller { $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; $hide_editor = false; $showPageControls = false; + $showNewWikiButton = $wiki_owner; } elseif (argc()<4) { // GET /wiki/channel/wiki // No page was specified, so redirect to Home.md @@ -90,7 +93,8 @@ class Wiki extends \Zotlabs\Web\Controller { $hide_editor = true; // Until separate read and write permissions are implemented, only allow // the wiki owner to see page controls - $showPageControls = $wiki_owner; + $showPageControls = $wiki_owner; + $showNewWikiButton = $wiki_owner; } elseif (argc()<5) { // GET /wiki/channel/wiki/page $pagename = argv(3); @@ -102,6 +106,7 @@ class Wiki extends \Zotlabs\Web\Controller { $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; $showPageControls = $wiki_owner; + $showNewWikiButton = $wiki_owner; } require_once('library/markdown.php'); $renderedContent = Markdown(json_decode($content)); @@ -110,6 +115,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$wikiheader' => $wikiheader, '$hideEditor' => $hide_editor, '$showPageControls' => $showPageControls, + '$showNewWikiButton'=> $showNewWikiButton, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, '$page' => $pagename, -- cgit v1.2.3 From 8d284bab474c7e669ae9a639bdb22f7b28b95cc3 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Mon, 30 May 2016 20:59:54 -0400 Subject: Created page history widget to dynamically fetch and display the git commit history for wiki pages. --- Zotlabs/Module/Wiki.php | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index d6acbf6b0..0f8db9350 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -26,8 +26,11 @@ class Wiki extends \Zotlabs\Web\Controller { function get() { require_once('include/wiki.php'); require_once('include/acl_selectors.php'); + // TODO: Combine the interface configuration into a unified object + // Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...) $wiki_owner = false; $showNewWikiButton = false; + $pageHistory = array(); if(local_channel()) { $channel = \App::get_channel(); } @@ -107,6 +110,7 @@ class Wiki extends \Zotlabs\Web\Controller { $hide_editor = false; $showPageControls = $wiki_owner; $showNewWikiButton = $wiki_owner; + $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); } require_once('library/markdown.php'); $renderedContent = Markdown(json_decode($content)); @@ -125,7 +129,8 @@ class Wiki extends \Zotlabs\Web\Controller { '$content' => $content, '$renderedContent' => $renderedContent, '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), - '$pageName' => array('pageName', t('Enter the name of the new page:'), '', '') + '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), + '$pageHistory' => $pageHistory['history'] )); head_add_js('library/ace/ace.js'); return $o; @@ -236,7 +241,7 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('success' => false)); } } - $name = escape_tags(urlencode($_POST['name'])); //Get new wiki name + $name = escape_tags(urlencode($_POST['name'])); //Get new page name if($name === '') { json_return_and_die(array('message' => 'Error creating page. Invalid name.', 'success' => false)); } @@ -272,7 +277,7 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = $_POST['resource_id']; $pagename = escape_tags(urlencode($_POST['name'])); $content = escape_tags($_POST['content']); //Get new content - // Determine if observer has permission to create wiki + // Determine if observer has permission to save content if (local_channel()) { $channel = \App::get_channel(); } else { @@ -311,6 +316,31 @@ class Wiki extends \Zotlabs\Web\Controller { } } + // Update page history + // /wiki/channel/history/page + if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { + $which = argv(1); + $resource_id = $_POST['resource_id']; + $pagename = escape_tags(urlencode($_POST['name'])); + // Determine if observer has permission to view content + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($which); + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if (!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false)); + } + } + $historyHTML = widget_wiki_page_history(array( + 'resource_id' => $resource_id, + 'page' => $pagename + )); + json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true)); + } + //notice('You must be authenticated.'); json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); -- cgit v1.2.3 From b70c6809648bb3c78e5e26f9293727b3a7aa4025 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Thu, 2 Jun 2016 22:27:26 -0400 Subject: Major corrections to access control and page construction. --- Zotlabs/Lib/Apps.php | 1 + Zotlabs/Module/Wiki.php | 211 +++++++++++++++++++++++++----------------------- 2 files changed, 110 insertions(+), 102 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index 6d2ef4e45..07a50766e 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -169,6 +169,7 @@ class Apps { 'Settings' => t('Settings'), 'Files' => t('Files'), 'Webpages' => t('Webpages'), + 'Wiki' => t('Wiki'), 'Channel Home' => t('Channel Home'), 'View Profile' => t('View Profile'), 'Photos' => t('Photos'), diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 0f8db9350..ef7b4dfe1 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -6,19 +6,18 @@ class Wiki extends \Zotlabs\Web\Controller { function init() { // Determine which channel's wikis to display to the observer - $which = null; - if(argc() > 1) - $which = argv(1); // if the channel name is in the URL, use that - if(! $which) { // if no channel name was provided, assume the current logged in channel - if(local_channel()) { - $channel = \App::get_channel(); - if($channel && $channel['channel_address']) - $which = $channel['channel_address']; - goaway(z_root().'/wiki/'.$which); + $nick = null; + if (argc() > 1) + $nick = argv(1); // if the channel name is in the URL, use that + if (!$nick && local_channel()) { // if no channel name was provided, assume the current logged in channel + $channel = \App::get_channel(); + if ($channel && $channel['channel_address']) { + $nick = $channel['channel_address']; + goaway(z_root() . '/wiki/' . $nick); } } - if(! $which) { - notice( t('You must be logged in to see this page.') . EOL ); + if (!$nick) { + notice(t('You must be logged in to see this page.') . EOL); goaway('/login'); } } @@ -31,95 +30,103 @@ class Wiki extends \Zotlabs\Web\Controller { $wiki_owner = false; $showNewWikiButton = false; $pageHistory = array(); - if(local_channel()) { - $channel = \App::get_channel(); - } - - // Obtain the default permission settings of the channel - $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); - // Initialize the ACL to the channel default permissions - $x = array( - 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl), - 'bang' => '' - ); - + $local_observer = null; $resource_id = ''; $pagename = ''; - if(argc() > 1) { - $channel = get_channel_by_nick(argv(1)); - if(local_channel() === intval($channel['channel_id'])) { - $wiki_owner = true; - } + + // init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1 + $nick = argv(1); + $channel = get_channel_by_nick($nick); // The channel who owns the wikis being viewed + if(! $channel) { + notice('Invalid channel' . EOL); + goaway('/' . argv(0)); } - // GET https://hubzilla.hub/argv(0)/argv(1)/argv(2)/argv(3)/argv(4)/... - if(argc() > 2) { - // GET /wiki/channel/wiki - // Check if wiki exists andr redirect if it does not - $w = wiki_exists_by_name($channel['channel_id'], argv(2)); - if(!$w['resource_id']) { - notice('Wiki not found' . EOL); - goaway('/'.argv(0).'/'.argv(1)); - } else { - $resource_id = $w['resource_id']; - } - if (!$wiki_owner) { - // Check for observer permissionswhich); - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - notice('Permission denied.' . EOL); + // Determine if the observer is the channel owner so the ACL dialog can be populated + if (local_channel() === intval($channel['channel_id'])) { + $local_observer = \App::get_channel(); + $wiki_owner = true; + + // Obtain the default permission settings of the channel + $channel_acl = array( + 'allow_cid' => $local_observer['channel_allow_cid'], + 'allow_gid' => $local_observer['channel_allow_gid'], + 'deny_cid' => $local_observer['channel_deny_cid'], + 'deny_gid' => $local_observer['channel_deny_gid'] + ); + // Initialize the ACL to the channel default permissions + $x = array( + 'lockstate' => (( $local_observer['channel_allow_cid'] || + $local_observer['channel_allow_gid'] || + $local_observer['channel_deny_cid'] || + $local_observer['channel_deny_gid']) + ? 'lock' : 'unlock'), + 'acl' => populate_acl($channel_acl), + 'bang' => '' + ); + } else { + // Not the channel owner + $channel_acl = $x = array(); + } + + switch (argc()) { + case 2: + // Configure page template + $wikiheader = t('Wiki Sandbox'); + $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; + $hide_editor = false; + $showPageControls = false; + $showNewWikiButton = $wiki_owner; + $showNewPageButton = false; + break; + case 3: + // /wiki/channel/wiki -> No page was specified, so redirect to Home.md + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); + case 4: + // GET /wiki/channel/wiki/page + // Fetch the wiki info and determine observer permissions + $wikiname = argv(2); + $pagename = argv(3); + $w = wiki_exists_by_name($channel['channel_id'], $wikiname); + if(!$w['resource_id']) { + notice('Wiki not found' . EOL); goaway('/'.argv(0).'/'.argv(1)); + } + $resource_id = $w['resource_id']; + + if (!$wiki_owner) { + // Check for observer permissions + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + notice('Permission denied.' . EOL); + goaway('/'.argv(0).'/'.argv(1)); + } } - } - } - - if(argc()<3) { - // GET /wiki/channel - $channel = get_channel_by_nick(argv(1)); - $wikiheader = t('Wiki Sandbox'); - $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; - $hide_editor = false; - $showPageControls = false; - $showNewWikiButton = $wiki_owner; - } elseif (argc()<4) { - // GET /wiki/channel/wiki - // No page was specified, so redirect to Home.md - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); - $wikiheader = rawurldecode(argv(2)); // show wiki name - $content = '""'; - $hide_editor = true; - // Until separate read and write permissions are implemented, only allow - // the wiki owner to see page controls - $showPageControls = $wiki_owner; - $showNewWikiButton = $wiki_owner; - } elseif (argc()<5) { - // GET /wiki/channel/wiki/page - $pagename = argv(3); - $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page - $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); - if(!$p['success']) { - $content = 'Error retrieving page content. Try again.'; - } - $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); - $hide_editor = false; - $showPageControls = $wiki_owner; - $showNewWikiButton = $wiki_owner; - $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); + $wikiheader = rawurldecode($wikiname) . ': ' . rawurldecode($pagename); // show wiki name and page + $p = wiki_get_page_content(array('resource_id' => $resource_id, 'page' => $pagename)); + if(!$p['success']) { + notice('Error retrieving page content' . EOL); + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); + } + $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); + $hide_editor = false; + $showPageControls = $wiki_owner; + $showNewWikiButton = $wiki_owner; + $showNewPageButton = $wiki_owner; + $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); + break; + default: // Strip the extraneous URL components + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/'.argv(3)); } - require_once('library/markdown.php'); - $renderedContent = Markdown(json_decode($content)); + // Render the Markdown-formatted page content in HTML + require_once('library/markdown.php'); $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheader' => $wikiheader, '$hideEditor' => $hide_editor, '$showPageControls' => $showPageControls, '$showNewWikiButton'=> $showNewWikiButton, + '$showNewPageButton'=> $showNewPageButton, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, '$page' => $pagename, @@ -127,12 +134,12 @@ class Wiki extends \Zotlabs\Web\Controller { '$acl' => $x['acl'], '$bang' => $x['bang'], '$content' => $content, - '$renderedContent' => $renderedContent, + '$renderedContent' => Markdown(json_decode($content)), '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), '$pageHistory' => $pageHistory['history'] )); - head_add_js('library/ace/ace.js'); + head_add_js('library/ace/ace.js'); // Ace Code Editor return $o; } @@ -151,13 +158,13 @@ class Wiki extends \Zotlabs\Web\Controller { // Create a new wiki // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { - $which = argv(1); + $nick = argv(1); // Determine if observer has permission to create wiki $observer_hash = get_observer_hash(); if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); // TODO: Create a new permission setting for wiki analogous to webpages. Until @@ -180,9 +187,9 @@ class Wiki extends \Zotlabs\Web\Controller { $homePage = wiki_create_page('Home.md', $r['item']['resource_id']); if(!$homePage['success']) { notice('Wiki created, but error creating Home page.'); - goaway('/wiki/'.$which.'/'.$name); + goaway('/wiki/'.$nick.'/'.$name); } - goaway('/wiki/'.$which.'/'.$name.'/Home.md'); + goaway('/wiki/'.$nick.'/'.$name.'/Home.md'); } else { notice('Error creating wiki'); goaway('/wiki'); @@ -191,12 +198,12 @@ class Wiki extends \Zotlabs\Web\Controller { // Delete a wiki if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { - $which = argv(1); + $nick = argv(1); // Determine if observer has permission to create wiki if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -219,13 +226,13 @@ class Wiki extends \Zotlabs\Web\Controller { // Create a page if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; // Determine if observer has permission to create wiki if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -273,7 +280,7 @@ class Wiki extends \Zotlabs\Web\Controller { // Save a page if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; $pagename = escape_tags(urlencode($_POST['name'])); $content = escape_tags($_POST['content']); //Get new content @@ -281,7 +288,7 @@ class Wiki extends \Zotlabs\Web\Controller { if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -319,14 +326,14 @@ class Wiki extends \Zotlabs\Web\Controller { // Update page history // /wiki/channel/history/page if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; $pagename = escape_tags(urlencode($_POST['name'])); // Determine if observer has permission to view content if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if (!$perms['read']) { -- cgit v1.2.3 From b5d8443f59d96cece2357b6a791fe8ffe854dd95 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 4 Jun 2016 06:26:41 -0400 Subject: Created three distinct names for wiki and page that are suitable for URL, HTML, and raw display. Implemented in new wiki POST activity only so far. --- Zotlabs/Module/Wiki.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index ef7b4dfe1..c74fc6c6f 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -174,22 +174,26 @@ class Wiki extends \Zotlabs\Web\Controller { goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); } } - $name = escape_tags(urlencode($_POST['wikiName'])); //Get new wiki name - if($name === '') { + $wiki = array(); + // Generate new wiki info from input name + $wiki['rawName'] = $_POST['wikiName']; + $wiki['htmlName'] = escape_tags($_POST['wikiName']); + $wiki['urlName'] = urlencode(escape_tags($_POST['wikiName'])); + if($wiki['urlName'] === '') { notice('Error creating wiki. Invalid name.'); goaway('/wiki'); } // Get ACL for permissions $acl = new \Zotlabs\Access\AccessList($channel); $acl->set_from_array($_POST); - $r = wiki_create_wiki($channel, $observer_hash, $name, $acl); + $r = wiki_create_wiki($channel, $observer_hash, $wiki, $acl); if ($r['success']) { - $homePage = wiki_create_page('Home.md', $r['item']['resource_id']); + $homePage = wiki_create_page('Home', $r['item']['resource_id']); if(!$homePage['success']) { notice('Wiki created, but error creating Home page.'); - goaway('/wiki/'.$nick.'/'.$name); + goaway('/wiki/'.$nick.'/'.$wiki['urlName']); } - goaway('/wiki/'.$nick.'/'.$name.'/Home.md'); + goaway('/wiki/'.$nick.'/'.$wiki['urlName'].'/'.$homePage['urlName']); } else { notice('Error creating wiki'); goaway('/wiki'); -- cgit v1.2.3 From 344c293424716cc53eed2fea9eb3a7512e725516 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 4 Jun 2016 15:12:04 -0400 Subject: Wiki and page filenames are abstracted from their displayed names. Special characters do not seem to break things. --- Zotlabs/Module/Wiki.php | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index c74fc6c6f..ef42c85cf 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -80,13 +80,13 @@ class Wiki extends \Zotlabs\Web\Controller { break; case 3: // /wiki/channel/wiki -> No page was specified, so redirect to Home.md - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home'); case 4: // GET /wiki/channel/wiki/page // Fetch the wiki info and determine observer permissions - $wikiname = argv(2); - $pagename = argv(3); - $w = wiki_exists_by_name($channel['channel_id'], $wikiname); + $wikiUrlName = urlencode(argv(2)); + $pageUrlName = urlencode(argv(3)); + $w = wiki_exists_by_name($channel['channel_id'], $wikiUrlName); if(!$w['resource_id']) { notice('Wiki not found' . EOL); goaway('/'.argv(0).'/'.argv(1)); @@ -102,8 +102,8 @@ class Wiki extends \Zotlabs\Web\Controller { goaway('/'.argv(0).'/'.argv(1)); } } - $wikiheader = rawurldecode($wikiname) . ': ' . rawurldecode($pagename); // show wiki name and page - $p = wiki_get_page_content(array('resource_id' => $resource_id, 'page' => $pagename)); + $wikiheader = urldecode($wikiUrlName) . ': ' . urldecode($pageUrlName); // show wiki name and page + $p = wiki_get_page_content(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if(!$p['success']) { notice('Error retrieving page content' . EOL); goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); @@ -113,7 +113,7 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = $wiki_owner; $showNewWikiButton = $wiki_owner; $showNewPageButton = $wiki_owner; - $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); + $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); break; default: // Strip the extraneous URL components goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/'.argv(3)); @@ -129,7 +129,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$showNewPageButton'=> $showNewPageButton, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, - '$page' => $pagename, + '$page' => $pageUrlName, '$lockstate' => $x['lockstate'], '$acl' => $x['acl'], '$bang' => $x['bang'], @@ -178,7 +178,7 @@ class Wiki extends \Zotlabs\Web\Controller { // Generate new wiki info from input name $wiki['rawName'] = $_POST['wikiName']; $wiki['htmlName'] = escape_tags($_POST['wikiName']); - $wiki['urlName'] = urlencode(escape_tags($_POST['wikiName'])); + $wiki['urlName'] = urlencode($_POST['wikiName']); if($wiki['urlName'] === '') { notice('Error creating wiki. Invalid name.'); goaway('/wiki'); @@ -193,7 +193,7 @@ class Wiki extends \Zotlabs\Web\Controller { notice('Wiki created, but error creating Home page.'); goaway('/wiki/'.$nick.'/'.$wiki['urlName']); } - goaway('/wiki/'.$nick.'/'.$wiki['urlName'].'/'.$homePage['urlName']); + goaway('/wiki/'.$nick.'/'.$wiki['urlName'].'/'.$homePage['page']['urlName']); } else { notice('Error creating wiki'); goaway('/wiki'); @@ -252,13 +252,13 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('success' => false)); } } - $name = escape_tags(urlencode($_POST['name'])); //Get new page name - if($name === '') { + $name = $_POST['name']; //Get new page name + if(urlencode(escape_tags($_POST['name'])) === '') { json_return_and_die(array('message' => 'Error creating page. Invalid name.', 'success' => false)); } - $page = wiki_create_page($name . '.md', $resource_id); + $page = wiki_create_page($name, $resource_id); if ($page['success']) { - json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki'].'/'.$name.'.md', 'success' => true)); + json_return_and_die(array('url' => '/'.argv(0).'/'.argv(1).'/'.$page['wiki']['urlName'].'/'.urlencode($page['page']['urlName']), 'success' => true)); } else { logger('Error creating page'); json_return_and_die(array('message' => 'Error creating page.', 'success' => false)); @@ -286,7 +286,9 @@ class Wiki extends \Zotlabs\Web\Controller { if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { $nick = argv(1); $resource_id = $_POST['resource_id']; - $pagename = escape_tags(urlencode($_POST['name'])); + $pageUrlName = $_POST['name']; + logger('pageURLname: ' . $pageUrlName); + $pageHtmlName = escape_tags($_POST['name']); $content = escape_tags($_POST['content']); //Get new content // Determine if observer has permission to save content if (local_channel()) { @@ -308,14 +310,14 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('success' => false)); } } - $saved = wiki_save_page(array('resource_id' => $resource_id, 'name' => $pagename, 'content' => $content)); + $saved = wiki_save_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content)); if($saved['success']) { $ob = \App::get_observer(); $commit = wiki_git_commit(array( - 'commit_msg' => 'Updated ' . $pagename, + 'commit_msg' => 'Updated ' . $pageHtmlName, 'resource_id' => $resource_id, 'observer' => $ob, - 'files' => array($pagename) + 'files' => array($pageUrlName.'.md') )); if($commit['success']) { json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); @@ -332,7 +334,7 @@ class Wiki extends \Zotlabs\Web\Controller { if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { $nick = argv(1); $resource_id = $_POST['resource_id']; - $pagename = escape_tags(urlencode($_POST['name'])); + $pageUrlName = $_POST['name']; // Determine if observer has permission to view content if (local_channel()) { $channel = \App::get_channel(); @@ -347,7 +349,7 @@ class Wiki extends \Zotlabs\Web\Controller { } $historyHTML = widget_wiki_page_history(array( 'resource_id' => $resource_id, - 'page' => $pagename + 'pageUrlName' => $pageUrlName )); json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true)); } -- cgit v1.2.3 From 4bc4fd5b7ebd7c5f25cfc9acfbda5b14a38dedb8 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sat, 4 Jun 2016 18:00:32 -0400 Subject: Page deletion implemented. Hide the delete button and disallow for Home page. --- Zotlabs/Module/Wiki.php | 55 +++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 51 insertions(+), 4 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index ef42c85cf..e335e8917 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -80,7 +80,8 @@ class Wiki extends \Zotlabs\Web\Controller { break; case 3: // /wiki/channel/wiki -> No page was specified, so redirect to Home.md - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home'); + $wikiUrlName = urlencode(argv(2)); + goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName.'/Home'); case 4: // GET /wiki/channel/wiki/page // Fetch the wiki info and determine observer permissions @@ -106,7 +107,7 @@ class Wiki extends \Zotlabs\Web\Controller { $p = wiki_get_page_content(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); if(!$p['success']) { notice('Error retrieving page content' . EOL); - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); + goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName); } $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; @@ -116,7 +117,7 @@ class Wiki extends \Zotlabs\Web\Controller { $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); break; default: // Strip the extraneous URL components - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/'.argv(3)); + goaway('/'.argv(0).'/'.argv(1).'/'.$wikiUrlName.'/'.$pageUrlName); } // Render the Markdown-formatted page content in HTML require_once('library/markdown.php'); @@ -287,7 +288,6 @@ class Wiki extends \Zotlabs\Web\Controller { $nick = argv(1); $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; - logger('pageURLname: ' . $pageUrlName); $pageHtmlName = escape_tags($_POST['name']); $content = escape_tags($_POST['content']); //Get new content // Determine if observer has permission to save content @@ -354,6 +354,53 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true)); } + // Delete a page + if ((argc() === 4) && (argv(2) === 'delete') && (argv(3) === 'page')) { + $nick = argv(1); + $resource_id = $_POST['resource_id']; + $pageUrlName = $_POST['name']; + if ($pageUrlName === 'Home') { + json_return_and_die(array('message' => 'Cannot delete Home','success' => false)); + } + // Determine if observer has permission to delete pages + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($nick); + $observer_hash = get_observer_hash(); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { + logger('Wiki editing permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. Read only.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $deleted = wiki_delete_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + if($deleted['success']) { + $ob = \App::get_observer(); + $commit = wiki_git_commit(array( + 'commit_msg' => 'Deleted ' . $pageHtmlName, + 'resource_id' => $resource_id, + 'observer' => $ob, + 'files' => null + )); + if($commit['success']) { + json_return_and_die(array('message' => 'Wiki git repo commit made', 'success' => true)); + } else { + json_return_and_die(array('message' => 'Error making git commit','success' => false)); + } + } else { + json_return_and_die(array('message' => 'Error deleting page', 'success' => false)); + } + } + //notice('You must be authenticated.'); json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); -- cgit v1.2.3 From 0a3fbdd128dd3b80868c93cb93901b501edf576c Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 5 Jun 2016 16:32:03 -0400 Subject: Basic page reversion implemented. The revert button on the history view replaces the editor text but does not save the page. --- Zotlabs/Module/Wiki.php | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index e335e8917..5b5bfe87f 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -401,6 +401,41 @@ class Wiki extends \Zotlabs\Web\Controller { } } + // Revert a page + if ((argc() === 4) && (argv(2) === 'revert') && (argv(3) === 'page')) { + $nick = argv(1); + $resource_id = $_POST['resource_id']; + $pageUrlName = $_POST['name']; + $commitHash = $_POST['commitHash']; + // Determine if observer has permission to revert pages + if (local_channel()) { + $channel = \App::get_channel(); + } else { + $channel = get_channel_by_nick($nick); + $observer_hash = get_observer_hash(); + // Figure out who the page owner is. + $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); + // TODO: Create a new permission setting for wiki analogous to webpages. Until + // then, use webpage permissions + if (!$perms['write_pages']) { + logger('Wiki editing permission denied.' . EOL); + json_return_and_die(array('success' => false)); + } + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['write']) { + logger('Wiki write permission denied. Read only.' . EOL); + json_return_and_die(array('success' => false)); + } + } + $reverted = wiki_revert_page(array('commitHash' => $commitHash, 'observer' => \App::get_observer(), 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); + if($reverted['success']) { + json_return_and_die(array('content' => $reverted['content'], 'message' => '', 'success' => true)); + } else { + json_return_and_die(array('content' => '', 'message' => 'Error reverting page', 'success' => false)); + } + } + + //notice('You must be authenticated.'); json_return_and_die(array('message' => 'You must be authenticated.', 'success' => false)); -- cgit v1.2.3 From b8b50bdb5abb5403f3f8a8662b7db0703b39073b Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 5 Jun 2016 20:30:45 -0400 Subject: Custom commit message available. Improved history viewer and feedback from revert buttons. --- Zotlabs/Module/Wiki.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 5b5bfe87f..a1dc317ff 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -29,6 +29,7 @@ class Wiki extends \Zotlabs\Web\Controller { // Something like $interface = array('new_page_button' => false, 'new_wiki_button' => false, ...) $wiki_owner = false; $showNewWikiButton = false; + $showCommitMsg = false; $pageHistory = array(); $local_observer = null; $resource_id = ''; @@ -77,6 +78,7 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = false; $showNewWikiButton = $wiki_owner; $showNewPageButton = false; + $showCommitMsg = false; break; case 3: // /wiki/channel/wiki -> No page was specified, so redirect to Home.md @@ -114,6 +116,7 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = $wiki_owner; $showNewWikiButton = $wiki_owner; $showNewPageButton = $wiki_owner; + $showCommitMsg = true; $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); break; default: // Strip the extraneous URL components @@ -128,6 +131,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$showPageControls' => $showPageControls, '$showNewWikiButton'=> $showNewWikiButton, '$showNewPageButton'=> $showNewPageButton, + '$showCommitMsg' => $showCommitMsg, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, '$page' => $pageUrlName, @@ -138,6 +142,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$renderedContent' => Markdown(json_decode($content)), '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), + '$commitMsg' => array('commitMsg', '', '', '', '', 'placeholder="(optional) Enter a custom message when saving the page..."'), '$pageHistory' => $pageHistory['history'] )); head_add_js('library/ace/ace.js'); // Ace Code Editor @@ -290,6 +295,10 @@ class Wiki extends \Zotlabs\Web\Controller { $pageUrlName = $_POST['name']; $pageHtmlName = escape_tags($_POST['name']); $content = escape_tags($_POST['content']); //Get new content + $commitMsg = $_POST['commitMsg']; + if ($commitMsg === '') { + $commitMsg = 'Updated ' . $pageHtmlName; + } // Determine if observer has permission to save content if (local_channel()) { $channel = \App::get_channel(); @@ -314,7 +323,7 @@ class Wiki extends \Zotlabs\Web\Controller { if($saved['success']) { $ob = \App::get_observer(); $commit = wiki_git_commit(array( - 'commit_msg' => 'Updated ' . $pageHtmlName, + 'commit_msg' => $commitMsg, 'resource_id' => $resource_id, 'observer' => $ob, 'files' => array($pageUrlName.'.md') -- cgit v1.2.3 From 2af8105b460d300ba41928734c960f5f70613952 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 5 Jun 2016 21:14:30 -0400 Subject: Hide page history viewer when viewing sandbox --- Zotlabs/Module/Wiki.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index a1dc317ff..0945ad919 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -30,10 +30,10 @@ class Wiki extends \Zotlabs\Web\Controller { $wiki_owner = false; $showNewWikiButton = false; $showCommitMsg = false; + $hidePageHistory = false; $pageHistory = array(); $local_observer = null; $resource_id = ''; - $pagename = ''; // init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1 $nick = argv(1); @@ -78,6 +78,7 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = false; $showNewWikiButton = $wiki_owner; $showNewPageButton = false; + $hidePageHistory = true; $showCommitMsg = false; break; case 3: @@ -116,6 +117,7 @@ class Wiki extends \Zotlabs\Web\Controller { $showPageControls = $wiki_owner; $showNewWikiButton = $wiki_owner; $showNewPageButton = $wiki_owner; + $hidePageHistory = false; $showCommitMsg = true; $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); break; @@ -131,6 +133,7 @@ class Wiki extends \Zotlabs\Web\Controller { '$showPageControls' => $showPageControls, '$showNewWikiButton'=> $showNewWikiButton, '$showNewPageButton'=> $showNewPageButton, + '$hidePageHistory' => $hidePageHistory, '$showCommitMsg' => $showCommitMsg, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, -- cgit v1.2.3 From 9410b63bbc819955964706c876bc2f7ecea10adf Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Wed, 8 Jun 2016 06:26:27 -0400 Subject: Revised permissions checks across API and enabled collaborative editing using the write_pages per-channel permission. --- Zotlabs/Module/Wiki.php | 139 +++++++++++++++++++++--------------------------- 1 file changed, 60 insertions(+), 79 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 0945ad919..fbf751ddf 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -105,6 +105,13 @@ class Wiki extends \Zotlabs\Web\Controller { notice('Permission denied.' . EOL); goaway('/'.argv(0).'/'.argv(1)); } + if($perms['write']) { + $wiki_editor = true; + } else { + $wiki_editor = false; + } + } else { + $wiki_editor = true; } $wikiheader = urldecode($wikiUrlName) . ': ' . urldecode($pageUrlName); // show wiki name and page $p = wiki_get_page_content(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); @@ -114,9 +121,9 @@ class Wiki extends \Zotlabs\Web\Controller { } $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); $hide_editor = false; - $showPageControls = $wiki_owner; + $showPageControls = $wiki_editor; $showNewWikiButton = $wiki_owner; - $showNewPageButton = $wiki_owner; + $showNewPageButton = $wiki_editor; $hidePageHistory = false; $showCommitMsg = true; $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName)); @@ -168,11 +175,15 @@ class Wiki extends \Zotlabs\Web\Controller { // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { $nick = argv(1); + $channel = get_channel_by_nick($nick); // Determine if observer has permission to create wiki $observer_hash = get_observer_hash(); - if (local_channel()) { - $channel = \App::get_channel(); - } else { + // Only the channel owner can create a wiki, at least until we create a + // more detail permissions framework + if (local_channel() !== intval($channel['channel_id'])) { + goaway('/'.argv(0).'/'.$nick.'/'); + } else { + /* $channel = get_channel_by_nick($nick); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -180,8 +191,9 @@ class Wiki extends \Zotlabs\Web\Controller { // then, use webpage permissions if (!$perms['write_pages']) { notice(t('Permission denied.') . EOL); - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); + goaway('/'.argv(0).'/'.argv(1).'/'); } + */ } $wiki = array(); // Generate new wiki info from input name @@ -212,10 +224,14 @@ class Wiki extends \Zotlabs\Web\Controller { // Delete a wiki if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { $nick = argv(1); - // Determine if observer has permission to create wiki - if (local_channel()) { - $channel = \App::get_channel(); - } else { + $channel = get_channel_by_nick($nick); + // Only the channel owner can delete a wiki, at least until we create a + // more detail permissions framework + if (local_channel() !== intval($channel['channel_id'])) { + logger('Wiki delete permission denied.' . EOL); + json_return_and_die(array('message' => 'Wiki delete permission denied.', 'success' => false)); + } else { + /* $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. @@ -226,14 +242,15 @@ class Wiki extends \Zotlabs\Web\Controller { logger('Wiki delete permission denied.' . EOL); json_return_and_die(array('success' => false)); } + */ } $resource_id = $_POST['resource_id']; $deleted = wiki_delete_wiki($resource_id); if ($deleted['success']) { - json_return_and_die(array('success' => true)); + json_return_and_die(array('message' => '', 'success' => true)); } else { logger('Error deleting wiki: ' . $resource_id); - json_return_and_die(array('success' => false)); + json_return_and_die(array('message' => 'Error deleting wiki', 'success' => false)); } } @@ -241,23 +258,13 @@ class Wiki extends \Zotlabs\Web\Controller { if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) { $nick = argv(1); $resource_id = $_POST['resource_id']; - // Determine if observer has permission to create wiki - if (local_channel()) { - $channel = \App::get_channel(); - } else { - $channel = get_channel_by_nick($nick); + // Determine if observer has permission to create a page + $channel = get_channel_by_nick($nick); + if (local_channel() !== intval($channel['channel_id'])) { $observer_hash = get_observer_hash(); - // Figure out who the page owner is. - $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); - // TODO: Create a new permission setting for wiki analogous to webpages. Until - // then, use webpage permissions - if (!$perms['write_pages']) { - logger('Wiki editing permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if(!$perms['write']) { - logger('Wiki write permission denied. Read only.' . EOL); + logger('Wiki write permission denied. ' . EOL); json_return_and_die(array('success' => false)); } } @@ -279,10 +286,12 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = $_POST['resource_id']; // resource_id for wiki in db $channel = get_channel_by_nick(argv(1)); $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - logger('Wiki read permission denied.' . EOL); - json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); + if (local_channel() !== intval($channel['channel_id'])) { + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + logger('Wiki read permission denied.' . EOL); + json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); + } } $page_list_html = widget_wiki_pages(array( 'resource_id' => $resource_id, @@ -293,7 +302,7 @@ class Wiki extends \Zotlabs\Web\Controller { // Save a page if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { - $nick = argv(1); + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $pageHtmlName = escape_tags($_POST['name']); @@ -302,26 +311,18 @@ class Wiki extends \Zotlabs\Web\Controller { if ($commitMsg === '') { $commitMsg = 'Updated ' . $pageHtmlName; } + $nick = argv(1); + $channel = get_channel_by_nick($nick); // Determine if observer has permission to save content - if (local_channel()) { - $channel = \App::get_channel(); - } else { - $channel = get_channel_by_nick($nick); + if (local_channel() !== intval($channel['channel_id'])) { $observer_hash = get_observer_hash(); - // Figure out who the page owner is. - $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); - // TODO: Create a new permission setting for wiki analogous to webpages. Until - // then, use webpage permissions - if (!$perms['write_pages']) { - logger('Wiki editing permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if(!$perms['write']) { - logger('Wiki write permission denied. Read only.' . EOL); + logger('Wiki write permission denied. ' . EOL); json_return_and_die(array('success' => false)); } } + $saved = wiki_save_page(array('resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'content' => $content)); if($saved['success']) { $ob = \App::get_observer(); @@ -344,17 +345,17 @@ class Wiki extends \Zotlabs\Web\Controller { // Update page history // /wiki/channel/history/page if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { - $nick = argv(1); + $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; - // Determine if observer has permission to view content - if (local_channel()) { - $channel = \App::get_channel(); - } else { - $channel = get_channel_by_nick($nick); + + $nick = argv(1); + $channel = get_channel_by_nick($nick); + // Determine if observer has permission to read content + if (local_channel() !== intval($channel['channel_id'])) { $observer_hash = get_observer_hash(); $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if (!$perms['read']) { + if(!$perms['read']) { logger('Wiki read permission denied.' . EOL); json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false)); } @@ -368,29 +369,19 @@ class Wiki extends \Zotlabs\Web\Controller { // Delete a page if ((argc() === 4) && (argv(2) === 'delete') && (argv(3) === 'page')) { - $nick = argv(1); $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; if ($pageUrlName === 'Home') { json_return_and_die(array('message' => 'Cannot delete Home','success' => false)); } // Determine if observer has permission to delete pages - if (local_channel()) { - $channel = \App::get_channel(); - } else { - $channel = get_channel_by_nick($nick); + $nick = argv(1); + $channel = get_channel_by_nick($nick); + if (local_channel() !== intval($channel['channel_id'])) { $observer_hash = get_observer_hash(); - // Figure out who the page owner is. - $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); - // TODO: Create a new permission setting for wiki analogous to webpages. Until - // then, use webpage permissions - if (!$perms['write_pages']) { - logger('Wiki editing permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if(!$perms['write']) { - logger('Wiki write permission denied. Read only.' . EOL); + logger('Wiki write permission denied. ' . EOL); json_return_and_die(array('success' => false)); } } @@ -415,27 +406,17 @@ class Wiki extends \Zotlabs\Web\Controller { // Revert a page if ((argc() === 4) && (argv(2) === 'revert') && (argv(3) === 'page')) { - $nick = argv(1); $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; $commitHash = $_POST['commitHash']; // Determine if observer has permission to revert pages - if (local_channel()) { - $channel = \App::get_channel(); - } else { - $channel = get_channel_by_nick($nick); + $nick = argv(1); + $channel = get_channel_by_nick($nick); + if (local_channel() !== intval($channel['channel_id'])) { $observer_hash = get_observer_hash(); - // Figure out who the page owner is. - $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); - // TODO: Create a new permission setting for wiki analogous to webpages. Until - // then, use webpage permissions - if (!$perms['write_pages']) { - logger('Wiki editing permission denied.' . EOL); - json_return_and_die(array('success' => false)); - } $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if(!$perms['write']) { - logger('Wiki write permission denied. Read only.' . EOL); + logger('Wiki write permission denied.' . EOL); json_return_and_die(array('success' => false)); } } -- cgit v1.2.3