ikiwiki/IkiWiki/Plugin/remove.pm

#!/usr/bin/perl
package IkiWiki::Plugin::remove;

use warnings;
use strict;
use IkiWiki 2.00;

sub import { #{{{
	hook(type => "getsetup", id => "remove", call => \&getsetup);
	hook(type => "formbuilder_setup", id => "remove", call => \&formbuilder_setup);
	hook(type => "formbuilder", id => "remove", call => \&formbuilder);
	hook(type => "sessioncgi", id => "remove", call => \&sessioncgi);

} # }}}

sub getsetup () { #{{{
	return 
		plugin => {
			safe => 1,
			rebuild => 0,
		},
} #}}}

sub check_canremove ($$$$) { #{{{
	my $page=shift;
	my $q=shift;
	my $session=shift;
	my $attachment=shift;

	# Must be a known source file.
	if (! exists $pagesources{$page}) {
		error(sprintf(gettext("%s does not exist"),
			htmllink("", "", $page, noimageinline => 1)));
	}

	# Must exist on disk, and be a regular file.
	my $file=$pagesources{$page};
	if (! -e "$config{srcdir}/$file") {
		error(sprintf(gettext("%s is not in the srcdir, so it cannot be deleted"), $file));
	}
	elsif (-l "$config{srcdir}/$file" && ! -f _) {
		error(sprintf(gettext("%s is not a file"), $file));
	}
	
	# Must be editiable.
	IkiWiki::check_canedit($page, $q, $session);

	# This is sorta overkill, but better safe
	# than sorry. If a user can't upload an
	# attachment, don't let them delete it.
	if ($attachment) {
		IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
	}
} #}}}

sub formbuilder_setup (@) { #{{{
	my %params=@_;
	my $form=$params{form};
	my $q=$params{cgi};

	if (defined $form->field("do") && $form->field("do") eq "edit") {
		# Removal button for the page, and also for attachments.
		push @{$params{buttons}}, "Remove";
		$form->tmpl_param("field-remove" => '<input name="_submit" type="submit" value="Remove Attachments" />');
	}
} #}}}

sub confirmation_form ($$) { #{{{ 
	my $q=shift;
	my $session=shift;

	eval q{use CGI::FormBuilder};
	error($@) if $@;
	my $f = CGI::FormBuilder->new(
		name => "remove",
		header => 0,
		charset => "utf-8",
		method => 'POST',
		javascript => 0,
		params => $q,
		action => $config{cgiurl},
		stylesheet => IkiWiki::baseurl()."style.css",
		fields => [qw{do page}],
	);
	
	$f->field(name => "do", type => "hidden", value => "remove", force => 1);

	return $f, ["Remove", "Cancel"];
} #}}}

sub removal_confirm ($$@) { #{{{
	my $q=shift;
	my $session=shift;
	my $attachment=shift;
	my @pages=@_;

	check_canremove($_, $q, $session, $attachment) foreach @pages;

   	# Save current form state to allow returning to it later
	# without losing any edits.
	# (But don't save what button was submitted, to avoid
	# looping back to here.)
	# Note: "_submit" is CGI::FormBuilder internals.
	$q->param(-name => "_submit", -value => "");
	$session->param(postremove => scalar $q->Vars);
	IkiWiki::cgi_savesession($session);
	
	my ($f, $buttons)=confirmation_form($q, $session);
	$f->title(sprintf(gettext("confirm removal of %s"),
		join(", ", map { IkiWiki::pagetitle($_) } @pages)));
	$f->field(name => "page", type => "hidden", value => \@pages, force => 1);
	if (defined $attachment) {
		$f->field(name => "attachment", type => "hidden",
			value => $attachment, force => 1);
	}

	IkiWiki::showform($f, $buttons, $session, $q);
	exit 0;
} #}}}

sub postremove ($) { #{{{
	my $session=shift;

	# Load saved form state and return to edit form.
	my $postremove=CGI->new($session->param("postremove"));
	$session->clear("postremove");
	IkiWiki::cgi_savesession($session);
	IkiWiki::cgi($postremove, $session);
} #}}}

sub formbuilder (@) { #{{{
	my %params=@_;
	my $form=$params{form};

	if (defined $form->field("do") && $form->field("do") eq "edit") {
		my $q=$params{cgi};
		my $session=$params{session};

		if ($form->submitted eq "Remove") {
			removal_confirm($q, $session, 0, $form->field("page"));
		}
		elsif ($form->submitted eq "Remove Attachments") {
			my @selected=$q->param("attachment_select");
			if (! @selected) {
				error(gettext("Please select the attachments to remove."));
			}
			removal_confirm($q, $session, 1, @selected);
		}
	}
} #}}}

sub sessioncgi ($$) { #{{{
        my $q=shift;

	if ($q->param("do") eq 'remove') {
        	my $session=shift;
		my ($form, $buttons)=confirmation_form($q, $session);
		IkiWiki::decode_form_utf8($form);

		if ($form->submitted eq 'Cancel') {
			postremove($session);
		}
		elsif ($form->submitted eq 'Remove' && $form->validate) {
			my @pages=$q->param("page");
	
			# Validate removal by checking that the page exists,
			# and that the user is allowed to edit(/remove) it.
			my @files;
			foreach my $page (@pages) {
				check_canremove($page, $q, $session, $q->param("attachment"));
				
				# This untaint is safe because of the
				# checks performed above, which verify the
				# page is a normal file, etc.
				push @files, IkiWiki::possibly_foolish_untaint($pagesources{$page});
			}

			# Do removal, and update the wiki.
			require IkiWiki::Render;
			if ($config{rcs}) {
				IkiWiki::disable_commit_hook();
				foreach my $file (@files) {
					IkiWiki::rcs_remove($file);
				}
				IkiWiki::rcs_commit_staged(gettext("removed"),
					$session->param("name"), $ENV{REMOTE_ADDR});
				IkiWiki::enable_commit_hook();
				IkiWiki::rcs_update();
			}
			else {
				foreach my $file (@files) {
					IkiWiki::prune("$config{srcdir}/$file");
				}
			}
			IkiWiki::refresh();
			IkiWiki::saveindex();

			if ($q->param("attachment")) {
				# Attachments were deleted, so redirect
				# back to the edit form.
				postremove($session);
			}
			else {
				# The page is gone, so redirect to parent
				# of the page.
				my $parent=IkiWiki::dirname($pages[0]);
				if (! exists $pagesources{$parent}) {
					$parent="index";
				}
				IkiWiki::redirect($q, $config{url}."/".htmlpage($parent));
			}
		}
		else {
			IkiWiki::showform($form, $buttons, $session, $q);
		}

		exit 0;
	}
}

1
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`#!/usr/bin/perl`
			`package IkiWiki::Plugin::remove;`

			`use warnings;`
			`use strict;`
			`use IkiWiki 2.00;`

			`sub import { #{{{`
add plugin safe/rebuild info (part 2 of 3) (brain.. melting..) 2008-08-03 23:20:21 +02:00			`hook(type => "getsetup", id => "remove", call => \&getsetup);`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`hook(type => "formbuilder_setup", id => "remove", call => \&formbuilder_setup);`
			`hook(type => "formbuilder", id => "remove", call => \&formbuilder);`
			`hook(type => "sessioncgi", id => "remove", call => \&sessioncgi);`

			`} # }}}`

add plugin safe/rebuild info (part 2 of 3) (brain.. melting..) 2008-08-03 23:20:21 +02:00			`sub getsetup () { #{{{`
			`return`
			`plugin => {`
			`safe => 1,`
			`rebuild => 0,`
			`},`
			`} #}}}`

foldage 2008-07-24 01:25:46 +02:00			`sub check_canremove ($$$$) { #{{{`
permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00			`my $page=shift;`
			`my $q=shift;`
			`my $session=shift;`
			`my $attachment=shift;`

			`# Must be a known source file.`
			`if (! exists $pagesources{$page}) {`
			`error(sprintf(gettext("%s does not exist"),`
rename checks improvements 2008-07-22 20:00:23 +02:00			`htmllink("", "", $page, noimageinline => 1)));`
permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00			`}`

			`# Must exist on disk, and be a regular file.`
			`my $file=$pagesources{$page};`
			`if (! -e "$config{srcdir}/$file") {`
			`error(sprintf(gettext("%s is not in the srcdir, so it cannot be deleted"), $file));`
			`}`
			`elsif (-l "$config{srcdir}/$file" && ! -f _) {`
			`error(sprintf(gettext("%s is not a file"), $file));`
			`}`

			`# Must be editiable.`
			`IkiWiki::check_canedit($page, $q, $session);`

			`# This is sorta overkill, but better safe`
			`# than sorry. If a user can't upload an`
			`# attachment, don't let them delete it.`
			`if ($attachment) {`
			`IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);`
			`}`
foldage 2008-07-24 01:25:46 +02:00			`} #}}}`
permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`sub formbuilder_setup (@) { #{{{`
			`my %params=@_;`
			`my $form=$params{form};`
			`my $q=$params{cgi};`

			`if (defined $form->field("do") && $form->field("do") eq "edit") {`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`# Removal button for the page, and also for attachments.`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`push @{$params{buttons}}, "Remove";`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`$form->tmpl_param("field-remove" => '<input name="_submit" type="submit" value="Remove Attachments" />');`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`}`
			`} #}}}`

support for removing attachments 2008-07-21 21:02:29 +02:00			`sub confirmation_form ($$) { #{{{`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`my $q=shift;`
			`my $session=shift;`

			`eval q{use CGI::FormBuilder};`
			`error($@) if $@;`
			`my $f = CGI::FormBuilder->new(`
			`name => "remove",`
			`header => 0,`
			`charset => "utf-8",`
			`method => 'POST',`
			`javascript => 0,`
			`params => $q,`
			`action => $config{cgiurl},`
			`stylesheet => IkiWiki::baseurl()."style.css",`
error if nothing selected 2008-07-22 04:11:24 +02:00			`fields => [qw{do page}],`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`);`
form tweaks; use title 2008-07-21 19:31:58 +02:00
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`$f->field(name => "do", type => "hidden", value => "remove", force => 1);`

			`return $f, ["Remove", "Cancel"];`
			`} #}}}`

foldage 2008-07-24 01:25:46 +02:00			`sub removal_confirm ($$@) { #{{{`
support for removing attachments 2008-07-21 21:02:29 +02:00			`my $q=shift;`
			`my $session=shift;`
			`my $attachment=shift;`
			`my @pages=@_;`

permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00			`check_canremove($_, $q, $session, $attachment) foreach @pages;`

support for removing attachments 2008-07-21 21:02:29 +02:00			`# Save current form state to allow returning to it later`
			`# without losing any edits.`
			`# (But don't save what button was submitted, to avoid`
			`# looping back to here.)`
			`# Note: "_submit" is CGI::FormBuilder internals.`
			`$q->param(-name => "_submit", -value => "");`
			`$session->param(postremove => scalar $q->Vars);`
			`IkiWiki::cgi_savesession($session);`

			`my ($f, $buttons)=confirmation_form($q, $session);`
			`$f->title(sprintf(gettext("confirm removal of %s"),`
			`join(", ", map { IkiWiki::pagetitle($_) } @pages)));`
			`$f->field(name => "page", type => "hidden", value => \@pages, force => 1);`
			`if (defined $attachment) {`
			`$f->field(name => "attachment", type => "hidden",`
			`value => $attachment, force => 1);`
			`}`

			`IkiWiki::showform($f, $buttons, $session, $q);`
			`exit 0;`
foldage 2008-07-24 01:25:46 +02:00			`} #}}}`
support for removing attachments 2008-07-21 21:02:29 +02:00
foldage 2008-07-24 01:25:46 +02:00			`sub postremove ($) { #{{{`
support for removing attachments 2008-07-21 21:02:29 +02:00			`my $session=shift;`

			`# Load saved form state and return to edit form.`
			`my $postremove=CGI->new($session->param("postremove"));`
			`$session->clear("postremove");`
			`IkiWiki::cgi_savesession($session);`
			`IkiWiki::cgi($postremove, $session);`
foldage 2008-07-24 01:25:46 +02:00			`} #}}}`
support for removing attachments 2008-07-21 21:02:29 +02:00
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`sub formbuilder (@) { #{{{`
			`my %params=@_;`
			`my $form=$params{form};`

simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`if (defined $form->field("do") && $form->field("do") eq "edit") {`
support for removing attachments 2008-07-21 21:02:29 +02:00			`my $q=$params{cgi};`
			`my $session=$params{session};`

simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`if ($form->submitted eq "Remove") {`
support for removing attachments 2008-07-21 21:02:29 +02:00			`removal_confirm($q, $session, 0, $form->field("page"));`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`}`
			`elsif ($form->submitted eq "Remove Attachments") {`
skeleton rename plugin 2008-07-22 04:30:43 +02:00			`my @selected=$q->param("attachment_select");`
			`if (! @selected) {`
error if nothing selected 2008-07-22 04:11:24 +02:00			`error(gettext("Please select the attachments to remove."));`
			`}`
skeleton rename plugin 2008-07-22 04:30:43 +02:00			`removal_confirm($q, $session, 1, @selected);`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`}`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`}`
			`} #}}}`

			`sub sessioncgi ($$) { #{{{`
			`my $q=shift;`

			`if ($q->param("do") eq 'remove') {`
			`my $session=shift;`
support for removing attachments 2008-07-21 21:02:29 +02:00			`my ($form, $buttons)=confirmation_form($q, $session);`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`IkiWiki::decode_form_utf8($form);`
touchups 2008-07-21 20:03:39 +02:00
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`if ($form->submitted eq 'Cancel') {`
support for removing attachments 2008-07-21 21:02:29 +02:00			`postremove($session);`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`}`
			`elsif ($form->submitted eq 'Remove' && $form->validate) {`
support for removing attachments 2008-07-21 21:02:29 +02:00			`my @pages=$q->param("page");`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00
			`# Validate removal by checking that the page exists,`
			`# and that the user is allowed to edit(/remove) it.`
a few bugfixes Including a check the the file is in the srcdir, as opposed to some other directory. 2008-07-21 22:18:28 +02:00			`my @files;`
support for removing attachments 2008-07-21 21:02:29 +02:00			`foreach my $page (@pages) {`
permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00			`check_canremove($page, $q, $session, $q->param("attachment"));`
rename checks improvements 2008-07-22 20:00:23 +02:00
			`# This untaint is safe because of the`
			`# checks performed above, which verify the`
			`# page is a normal file, etc.`
permission checking improvements Break out into function so it can be done up-front before confirmation too. 2008-07-22 19:29:54 +02:00			`push @files, IkiWiki::possibly_foolish_untaint($pagesources{$page});`
simplified confirmation form also, there's no titlepage conversion issues 2008-07-21 20:22:57 +02:00			`}`
basically, removal works Still need to consider all the edge cases.. 2008-07-21 19:50:12 +02:00
			`# Do removal, and update the wiki.`
			`require IkiWiki::Render;`
			`if ($config{rcs}) {`
			`IkiWiki::disable_commit_hook();`
support for removing attachments 2008-07-21 21:02:29 +02:00			`foreach my $file (@files) {`
			`IkiWiki::rcs_remove($file);`
			`}`
add rcs_commit_staged and rcs_rename Implemented for git and svn so far. Note that rcs_commit_staged does assume that the rcs has the ability to "stage" multiple changes for a later commit. Support for this varies, but all we really care about is staging removals and renames, which, AFAIK, all modern rcs's support. 2008-07-22 22:14:33 +02:00			`IkiWiki::rcs_commit_staged(gettext("removed"),`
			`$session->param("name"), $ENV{REMOTE_ADDR});`
basically, removal works Still need to consider all the edge cases.. 2008-07-21 19:50:12 +02:00			`IkiWiki::enable_commit_hook();`
			`IkiWiki::rcs_update();`
			`}`
a few bugfixes Including a check the the file is in the srcdir, as opposed to some other directory. 2008-07-21 22:18:28 +02:00			`else {`
			`foreach my $file (@files) {`
			`IkiWiki::prune("$config{srcdir}/$file");`
			`}`
			`}`
basically, removal works Still need to consider all the edge cases.. 2008-07-21 19:50:12 +02:00			`IkiWiki::refresh();`
			`IkiWiki::saveindex();`
redirect after removal 2008-07-21 19:53:34 +02:00
support for removing attachments 2008-07-21 21:02:29 +02:00			`if ($q->param("attachment")) {`
			`# Attachments were deleted, so redirect`
a few bugfixes Including a check the the file is in the srcdir, as opposed to some other directory. 2008-07-21 22:18:28 +02:00			`# back to the edit form.`
support for removing attachments 2008-07-21 21:02:29 +02:00			`postremove($session);`
			`}`
			`else {`
			`# The page is gone, so redirect to parent`
			`# of the page.`
			`my $parent=IkiWiki::dirname($pages[0]);`
			`if (! exists $pagesources{$parent}) {`
			`$parent="index";`
			`}`
			`IkiWiki::redirect($q, $config{url}."/".htmlpage($parent));`
redirect after removal 2008-07-21 19:53:34 +02:00			`}`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`}`
			`else {`
			`IkiWiki::showform($form, $buttons, $session, $q);`
			`}`
touchups 2008-07-21 20:03:39 +02:00
			`exit 0;`
basic removal form skeleton 2008-07-21 18:54:23 +02:00			`}`
			`}`

			`1`