reorder canedit checks during page creation to have best_loc first

When creating a page, multiple locations are tested to see if they can be
edited. If all fail, one of the failure subs is called, to log the user in
to allow them to proceed with the edit. So far so good.

But, what if some pages fail for one reason, and some for another? This
occurs when httpauth_pagespec is used in conjunction with signinedit (and
openid or something). When the user is not signed in at all
The former will fail to edit a page because the user was not httpauthed.
The latter will fail to edit a different page, because the user was not
signed in. One of their failure methods gets to run first.

The page creation code always ran the failure method corresponding to the
topmost page location. So, when editing a foo/Discussion page, and with
httpauth_pagespec => "*!/Discussion", it ran the httpauth failure method,
which was exactly the wrong thing to do.

I fixed this by making it instead run the failure method for the *best*
page location. In the above example, that's foo/Discussion, so signinedit
runs, as desired, and we get the signin page.

This seems like it will be the right choice, or at least an acceptable
choice. If a user wants to use httpauth they can always choose it on the
signin page.
master
Joey Hess 2010-02-11 20:13:30 -05:00
parent 6f1d623618
commit 7af18f2a1e
1 changed files with 4 additions and 2 deletions

View File

@ -272,8 +272,10 @@ sub cgi_editpage ($$) {
check_canedit($_, $q, $session, 1) check_canedit($_, $q, $session, 1)
} @page_locs; } @page_locs;
if (! @editable_locs) { if (! @editable_locs) {
# let it throw an error this time # now let it throw an error, or prompt for
map { check_canedit($_, $q, $session) } @page_locs; # login
map { check_canedit($_, $q, $session) }
($best_loc, @page_locs);
} }
my @page_types; my @page_types;