Add [cmd:permissions]
This commit is contained in:
parent
234db99ef5
commit
1095d38b02
@ -98,7 +98,10 @@ Response Handler::handle(const Request &r)
|
|||||||
|
|
||||||
Permissions Handler::effectivePermissions(std::string page)
|
Permissions Handler::effectivePermissions(std::string page)
|
||||||
{
|
{
|
||||||
return this->database->createPermissionsDao()
|
Permissions &userPerms = this->userSession->user.permissions;
|
||||||
->find(page, this->userSession->user.login)
|
if(userPerms.isAdmin())
|
||||||
.value_or(this->userSession->user.permissions);
|
{
|
||||||
|
return userPerms;
|
||||||
|
}
|
||||||
|
return this->database->createPermissionsDao()->find(page, this->userSession->user.login).value_or(userPerms);
|
||||||
}
|
}
|
||||||
|
@ -24,6 +24,7 @@ SOFTWARE.
|
|||||||
|
|
||||||
#include "../parser.h"
|
#include "../parser.h"
|
||||||
#include "../revisionrenderer.h"
|
#include "../revisionrenderer.h"
|
||||||
|
|
||||||
bool HandlerPageEdit::canAccess([[maybe_unused]] std::string page)
|
bool HandlerPageEdit::canAccess([[maybe_unused]] std::string page)
|
||||||
{
|
{
|
||||||
return effectivePermissions(page).canEdit();
|
return effectivePermissions(page).canEdit();
|
||||||
@ -56,7 +57,8 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
{
|
{
|
||||||
if(!effectivePermissions(from).canRead())
|
if(!effectivePermissions(from).canRead())
|
||||||
{
|
{
|
||||||
return this->errorResponse("Permission denied", "No access permissions, so you can't use this page as a template");
|
return this->errorResponse("Permission denied",
|
||||||
|
"No access permissions, so you can't use this page as a template");
|
||||||
}
|
}
|
||||||
body = revisiondao->getCurrentForPage(from)->content;
|
body = revisiondao->getCurrentForPage(from)->content;
|
||||||
}
|
}
|
||||||
@ -77,6 +79,7 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
std::string visiblecmd = parser.extractCommand("visible", newContent);
|
std::string visiblecmd = parser.extractCommand("visible", newContent);
|
||||||
std::string rename = parser.extractCommand("rename", newContent);
|
std::string rename = parser.extractCommand("rename", newContent);
|
||||||
std::string customtitle = parser.extractCommand("pagetitle", newContent);
|
std::string customtitle = parser.extractCommand("pagetitle", newContent);
|
||||||
|
std::vector<std::string> perms = parser.extractCommands("permissions", newContent);
|
||||||
Page page;
|
Page page;
|
||||||
std::optional<Page> currentPage = pageDao.find(pagename);
|
std::optional<Page> currentPage = pageDao.find(pagename);
|
||||||
if(currentPage)
|
if(currentPage)
|
||||||
@ -91,6 +94,33 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
}
|
}
|
||||||
pagename = rename;
|
pagename = rename;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for(const std::string &perm : perms)
|
||||||
|
{
|
||||||
|
auto splitted = utils::split(perm, '|');
|
||||||
|
if(splitted.size() != 2)
|
||||||
|
{
|
||||||
|
return this->errorResponse("Invalid command", "permissions command is misformated");
|
||||||
|
}
|
||||||
|
auto permissionDao = this->database->createPermissionsDao();
|
||||||
|
auto currentPermission = permissionDao->find(pagename, splitted[0]);
|
||||||
|
|
||||||
|
Permissions newPermissions = Permissions{splitted[1]};
|
||||||
|
if(!currentPermission || newPermissions != currentPermission.value())
|
||||||
|
{
|
||||||
|
if(this->userSession->user.permissions.canSetPagePerms())
|
||||||
|
{
|
||||||
|
permissionDao->save(pagename, splitted[0], newPermissions);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
this->database->rollbackTransaction();
|
||||||
|
return errorResponse("Invalid permissions",
|
||||||
|
"You don't have permission to change page permissions");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
page.current_revision = current_revision;
|
page.current_revision = current_revision;
|
||||||
page.listed = !(visiblecmd == "0");
|
page.listed = !(visiblecmd == "0");
|
||||||
page.name = pagename;
|
page.name = pagename;
|
||||||
@ -130,7 +160,7 @@ Response HandlerPageEdit::handleRequest(PageDao &pageDao, std::string pagename,
|
|||||||
TemplatePage templatePage = this->templ->getPage("page_creation_preview");
|
TemplatePage templatePage = this->templ->getPage("page_creation_preview");
|
||||||
templatePage.setVar("actionurl", urlProvider->editPage(pagename));
|
templatePage.setVar("actionurl", urlProvider->editPage(pagename));
|
||||||
|
|
||||||
RevisionRenderer revisionRenderer { *this->templ, *this->database, *this->urlProvider };
|
RevisionRenderer revisionRenderer{*this->templ, *this->database, *this->urlProvider, *this->userSession};
|
||||||
|
|
||||||
templatePage.setVar("preview_content", revisionRenderer.renderContent(newContent));
|
templatePage.setVar("preview_content", revisionRenderer.renderContent(newContent));
|
||||||
templatePage.setVar("content", newContent);
|
templatePage.setVar("content", newContent);
|
||||||
|
@ -16,6 +16,8 @@ class IParser
|
|||||||
|
|
||||||
public:
|
public:
|
||||||
virtual std::string extractCommand(std::string cmdname, const std::string &content) const = 0;
|
virtual std::string extractCommand(std::string cmdname, const std::string &content) const = 0;
|
||||||
|
virtual std::vector<std::string> extractCommands(std::string cmdname, const std::string &content) const = 0;
|
||||||
|
|
||||||
virtual std::vector<Headline> extractHeadlines(const std::string &content) const = 0;
|
virtual std::vector<Headline> extractHeadlines(const std::string &content) const = 0;
|
||||||
virtual inline std::string parse(const PageDao &pagedao, UrlProvider &provider, const std::string &content) const
|
virtual inline std::string parse(const PageDao &pagedao, UrlProvider &provider, const std::string &content) const
|
||||||
{
|
{
|
||||||
|
24
parser.cpp
24
parser.cpp
@ -82,6 +82,28 @@ std::string Parser::extractCommand(std::string cmdname, const std::string &conte
|
|||||||
}
|
}
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
std::vector<std::string> Parser::extractCommands(std::string cmdname, const std::string &content) const
|
||||||
|
{
|
||||||
|
std::vector<std::string> result;
|
||||||
|
|
||||||
|
std::string cmd = "[cmd:" + cmdname + "]";
|
||||||
|
std::string cmdend = "[/cmd:" + cmdname + "]";
|
||||||
|
|
||||||
|
std::string_view view = content;
|
||||||
|
size_t pos = 0;
|
||||||
|
while((pos = view.find(cmd)) != std::string::npos)
|
||||||
|
{
|
||||||
|
view.remove_prefix(pos);
|
||||||
|
view.remove_prefix(cmd.size());
|
||||||
|
if((pos = view.find(cmdend)) != std::string::npos)
|
||||||
|
{
|
||||||
|
result.emplace_back(view.substr(0, pos));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
std::string Parser::processLink(const PageDao &pageDao, UrlProvider &urlProvider, std::smatch &match) const
|
std::string Parser::processLink(const PageDao &pageDao, UrlProvider &urlProvider, std::smatch &match) const
|
||||||
{
|
{
|
||||||
std::string linktag = match.str(1);
|
std::string linktag = match.str(1);
|
||||||
@ -148,7 +170,7 @@ std::string Parser::parse(const PageDao &pagedao, UrlProvider &provider, const s
|
|||||||
std::string result;
|
std::string result;
|
||||||
// we don't care about commands, but we nevertheless replace them with empty strings
|
// we don't care about commands, but we nevertheless replace them with empty strings
|
||||||
std::regex tagfinder(
|
std::regex tagfinder(
|
||||||
R"(\[(b|i|u|s|li||ul|ol|code|blockquote|img|link|wikilink|h\d|cmd:visible|cmd:rename|cmd:redirect|cmd:pagetitle|cmd:allowinclude|category|dynamic:postlist|dynamic:includepage|dynamic:getvar|dynamic:setvar)*?\]((\s|\S)*?)\[/\1])");
|
R"(\[(b|i|u|s|li||ul|ol|code|blockquote|img|link|wikilink|h\d|cmd:visible|cmd:rename|cmd:redirect|cmd:pagetitle|cmd:allowinclude|cmd:permissions|category|dynamic:postlist|dynamic:includepage|dynamic:getvar|dynamic:setvar)*?\]((\s|\S)*?)\[/\1])");
|
||||||
result = utils::regex_callback_replacer(
|
result = utils::regex_callback_replacer(
|
||||||
tagfinder, content,
|
tagfinder, content,
|
||||||
[&](std::smatch &match)
|
[&](std::smatch &match)
|
||||||
|
3
parser.h
3
parser.h
@ -9,7 +9,8 @@ class Parser : public IParser
|
|||||||
std::string processImage(std::smatch &match) const;
|
std::string processImage(std::smatch &match) const;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
std::string extractCommand(std::string cmdname, const std::string &content) const;
|
std::string extractCommand(std::string cmdname, const std::string &content) const override;
|
||||||
|
std::vector<std::string> extractCommands(std::string cmdname, const std::string &content) const override;
|
||||||
std::vector<Headline> extractHeadlines(const std::string &content) const override;
|
std::vector<Headline> extractHeadlines(const std::string &content) const override;
|
||||||
std::vector<std::string> extractCategories(const std::string &content) const override;
|
std::vector<std::string> extractCategories(const std::string &content) const override;
|
||||||
using IParser::parse;
|
using IParser::parse;
|
||||||
|
@ -20,7 +20,8 @@ SOFTWARE.
|
|||||||
*/
|
*/
|
||||||
#include "permissions.h"
|
#include "permissions.h"
|
||||||
|
|
||||||
static const std::map<std::string, int> permmap = {{"can_read", PERM_CAN_READ},
|
static const std::map<std::string, int> permmap = {{"can_nothing", PERM_CAN_NOTHING},
|
||||||
|
{"can_read", PERM_CAN_READ},
|
||||||
{"can_edit", PERM_CAN_EDIT},
|
{"can_edit", PERM_CAN_EDIT},
|
||||||
{"can_page_history", PERM_CAN_PAGE_HISTORY},
|
{"can_page_history", PERM_CAN_PAGE_HISTORY},
|
||||||
{"can_global_history", PERM_CAN_GLOBAL_HISTORY},
|
{"can_global_history", PERM_CAN_GLOBAL_HISTORY},
|
||||||
@ -29,7 +30,8 @@ static const std::map<std::string, int> permmap = {{"can_read", PERM_CAN_READ},
|
|||||||
{"can_create", PERM_CAN_CREATE},
|
{"can_create", PERM_CAN_CREATE},
|
||||||
{"can_see_category_list", PERM_CAN_SEE_CATEGORY_LIST},
|
{"can_see_category_list", PERM_CAN_SEE_CATEGORY_LIST},
|
||||||
{"can_see_links_here", PERM_CAN_SEE_LINKS_HERE},
|
{"can_see_links_here", PERM_CAN_SEE_LINKS_HERE},
|
||||||
{"can_search", PERM_CAN_SEARCH}};
|
{"can_search", PERM_CAN_SEARCH},
|
||||||
|
{"can_set_page_perms", PERM_CAN_SET_PAGE_PERMS}};
|
||||||
|
|
||||||
Permissions::Permissions(int permissions)
|
Permissions::Permissions(int permissions)
|
||||||
{
|
{
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#ifndef PERMISSIONS_H
|
#ifndef PERMISSIONS_H
|
||||||
#define PERMISSIONS_H
|
#define PERMISSIONS_H
|
||||||
|
|
||||||
|
#define PERM_CAN_NOTHING 0
|
||||||
#define PERM_CAN_READ 1 << 0
|
#define PERM_CAN_READ 1 << 0
|
||||||
#define PERM_CAN_EDIT 1 << 1
|
#define PERM_CAN_EDIT 1 << 1
|
||||||
#define PERM_CAN_PAGE_HISTORY 1 << 2
|
#define PERM_CAN_PAGE_HISTORY 1 << 2
|
||||||
@ -11,6 +12,8 @@
|
|||||||
#define PERM_CAN_SEE_CATEGORY_LIST 1 << 7
|
#define PERM_CAN_SEE_CATEGORY_LIST 1 << 7
|
||||||
#define PERM_CAN_SEE_LINKS_HERE 1 << 8
|
#define PERM_CAN_SEE_LINKS_HERE 1 << 8
|
||||||
#define PERM_CAN_SEARCH 1 << 9
|
#define PERM_CAN_SEARCH 1 << 9
|
||||||
|
#define PERM_CAN_SET_PAGE_PERMS 1 << 10
|
||||||
|
#define PERM_IS_ADMIN (1L<<31)-1
|
||||||
|
|
||||||
#include <string>
|
#include <string>
|
||||||
#include <map>
|
#include <map>
|
||||||
@ -54,10 +57,16 @@ class Permissions
|
|||||||
return this->permissions;
|
return this->permissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool canNothing() const
|
||||||
|
{
|
||||||
|
return this->permissions == PERM_CAN_NOTHING;
|
||||||
|
}
|
||||||
|
|
||||||
bool canRead() const
|
bool canRead() const
|
||||||
{
|
{
|
||||||
return this->permissions & PERM_CAN_READ;
|
return this->permissions & PERM_CAN_READ;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool canEdit() const
|
bool canEdit() const
|
||||||
{
|
{
|
||||||
return this->permissions & PERM_CAN_EDIT;
|
return this->permissions & PERM_CAN_EDIT;
|
||||||
@ -95,12 +104,27 @@ class Permissions
|
|||||||
return this->permissions & PERM_CAN_SEE_PAGE_LIST;
|
return this->permissions & PERM_CAN_SEE_PAGE_LIST;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool canSetPagePerms() const
|
||||||
|
{
|
||||||
|
return this->permissions & PERM_CAN_SET_PAGE_PERMS;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool isAdmin() const
|
||||||
|
{
|
||||||
|
return this->permissions == PERM_IS_ADMIN;
|
||||||
|
}
|
||||||
|
|
||||||
std::string toString() const
|
std::string toString() const
|
||||||
{
|
{
|
||||||
return Permissions::toString(this->permissions);
|
return Permissions::toString(this->permissions);
|
||||||
}
|
}
|
||||||
|
|
||||||
static std::string toString(int perms);
|
static std::string toString(int perms);
|
||||||
|
|
||||||
|
bool operator==(const Permissions &o) const
|
||||||
|
{
|
||||||
|
return this->permissions == o.permissions;
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
#endif // PERMISSIONS_H
|
#endif // PERMISSIONS_H
|
||||||
|
Loading…
Reference in New Issue
Block a user