* Add basic spam fighting tool for admins: An admin's prefs page now allows
editing a list of banned users who are not allowed to log in.master
joey
parent
ed463de21f
commit
b6509c74a9
|
|
@ -314,9 +314,11 @@ sub cgi_prefs ($$) { #{{{
|
|||
comment => "(".htmllink("", "", "PageSpec", 1).")");
|
||||
$form->field(name => "locked_pages", size => 50,
|
||||
comment => "(".htmllink("", "", "PageSpec", 1).")");
|
||||
$form->field(name => "banned_users", size => 50);
|
||||
|
||||
if (! is_admin($user_name)) {
|
||||
$form->field(name => "locked_pages", type => "hidden");
|
||||
$form->field(name => "banned_users", type => "hidden");
|
||||
}
|
||||
|
||||
if ($config{httpauth}) {
|
||||
|
|
@ -331,6 +333,10 @@ sub cgi_prefs ($$) { #{{{
|
|||
value => userinfo_get($user_name, "subscriptions"));
|
||||
$form->field(name => "locked_pages", force => 1,
|
||||
value => userinfo_get($user_name, "locked_pages"));
|
||||
if (is_admin($user_name)) {
|
||||
$form->field(name => "banned_users", force => 1,
|
||||
value => join(" ", get_banned_users()));
|
||||
}
|
||||
}
|
||||
|
||||
decode_form_utf8($form);
|
||||
|
|
@ -350,6 +356,10 @@ sub cgi_prefs ($$) { #{{{
|
|||
userinfo_set($user_name, $field, $form->field($field)) || error("failed to set $field");
|
||||
}
|
||||
}
|
||||
if (is_admin($user_name)) {
|
||||
set_banned_users(grep { ! is_admin($_) }
|
||||
split(' ', $form->field("banned_users")));
|
||||
}
|
||||
$form->text("Preferences saved.");
|
||||
}
|
||||
|
||||
|
|
@ -671,7 +681,7 @@ sub cgi () { #{{{
|
|||
}
|
||||
else {
|
||||
$session->param("name", $q->remote_user());
|
||||
if (!userinfo_get($session->param("name"),"regdate")) {
|
||||
if (! userinfo_get($session->param("name"), "regdate")) {
|
||||
userinfo_setall($session->param("name"), {
|
||||
email => "",
|
||||
password => "",
|
||||
|
|
@ -680,6 +690,12 @@ sub cgi () { #{{{
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (userinfo_get($session->param("name"), "banned")) {
|
||||
print $q->header(-status => "403 Forbidden");
|
||||
print "You are banned.";
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($do eq 'create' || $do eq 'edit') {
|
||||
cgi_editpage($q, $session);
|
||||
|
|
|
|||
|
|
@ -67,6 +67,24 @@ sub is_admin ($) { #{{{
|
|||
return grep { $_ eq $user_name } @{$config{adminuser}};
|
||||
} #}}}
|
||||
|
||||
sub get_banned_users () { #{{{
|
||||
my @ret;
|
||||
my $userinfo=userinfo_retrieve();
|
||||
foreach my $user (keys %{$userinfo}) {
|
||||
push @ret, $user if $userinfo->{$user}->{banned};
|
||||
}
|
||||
return @ret;
|
||||
} #}}}
|
||||
|
||||
sub set_banned_users (@) { #{{{
|
||||
my %banned=map { $_ => 1 } @_;
|
||||
my $userinfo=userinfo_retrieve();
|
||||
foreach my $user (keys %{$userinfo}) {
|
||||
$userinfo->{$user}->{banned} = $banned{$user};
|
||||
}
|
||||
return userinfo_store($userinfo);
|
||||
} #}}}
|
||||
|
||||
sub commit_notify_list ($@) { #{{{
|
||||
my $committer=shift;
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,10 @@ ikiwiki (1.31) UNRELEASED; urgency=low
|
|||
just in case. Should not be exploitable anyway, since it only tries to run
|
||||
polygen after finding the specified grammar file.
|
||||
* Add missing dependency on the URI perl module.
|
||||
* Add basic spam fighting tool for admins: An admin's prefs page now allows
|
||||
editing a list of banned users who are not allowed to log in.
|
||||
|
||||
-- Joey Hess <joeyh@debian.org> Fri, 27 Oct 2006 13:10:49 -0400
|
||||
-- Joey Hess <joeyh@debian.org> Fri, 27 Oct 2006 20:00:33 -0400
|
||||
|
||||
ikiwiki (1.30) unstable; urgency=low
|
||||
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Admins need the ability to lock/remove users, and to block IP ranges.
|
||||
Admins need the ability to block IP ranges. They can already ban users.
|
||||
|
|
|
|||
Loading…
Reference in New Issue