From b70c6809648bb3c78e5e26f9293727b3a7aa4025 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Thu, 2 Jun 2016 22:27:26 -0400 Subject: [PATCH] Major corrections to access control and page construction. --- Zotlabs/Lib/Apps.php | 1 + Zotlabs/Module/Wiki.php | 215 +++++++++++++++++++++------------------- app/wiki.apd | 4 + app/wiki.png | Bin 0 -> 10668 bytes include/widgets.php | 24 ++--- include/wiki.php | 13 +-- view/tpl/wiki.tpl | 2 + 7 files changed, 137 insertions(+), 122 deletions(-) create mode 100644 app/wiki.apd create mode 100644 app/wiki.png diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php index 6d2ef4e45..07a50766e 100644 --- a/Zotlabs/Lib/Apps.php +++ b/Zotlabs/Lib/Apps.php @@ -169,6 +169,7 @@ class Apps { 'Settings' => t('Settings'), 'Files' => t('Files'), 'Webpages' => t('Webpages'), + 'Wiki' => t('Wiki'), 'Channel Home' => t('Channel Home'), 'View Profile' => t('View Profile'), 'Photos' => t('Photos'), diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 0f8db9350..ef7b4dfe1 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -6,19 +6,18 @@ class Wiki extends \Zotlabs\Web\Controller { function init() { // Determine which channel's wikis to display to the observer - $which = null; - if(argc() > 1) - $which = argv(1); // if the channel name is in the URL, use that - if(! $which) { // if no channel name was provided, assume the current logged in channel - if(local_channel()) { - $channel = \App::get_channel(); - if($channel && $channel['channel_address']) - $which = $channel['channel_address']; - goaway(z_root().'/wiki/'.$which); + $nick = null; + if (argc() > 1) + $nick = argv(1); // if the channel name is in the URL, use that + if (!$nick && local_channel()) { // if no channel name was provided, assume the current logged in channel + $channel = \App::get_channel(); + if ($channel && $channel['channel_address']) { + $nick = $channel['channel_address']; + goaway(z_root() . '/wiki/' . $nick); } } - if(! $which) { - notice( t('You must be logged in to see this page.') . EOL ); + if (!$nick) { + notice(t('You must be logged in to see this page.') . EOL); goaway('/login'); } } @@ -31,95 +30,103 @@ class Wiki extends \Zotlabs\Web\Controller { $wiki_owner = false; $showNewWikiButton = false; $pageHistory = array(); - if(local_channel()) { - $channel = \App::get_channel(); - } - - // Obtain the default permission settings of the channel - $channel_acl = array( - 'allow_cid' => $channel['channel_allow_cid'], - 'allow_gid' => $channel['channel_allow_gid'], - 'deny_cid' => $channel['channel_deny_cid'], - 'deny_gid' => $channel['channel_deny_gid'] - ); - // Initialize the ACL to the channel default permissions - $x = array( - 'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'), - 'acl' => populate_acl($channel_acl), - 'bang' => '' - ); - + $local_observer = null; $resource_id = ''; $pagename = ''; - if(argc() > 1) { - $channel = get_channel_by_nick(argv(1)); - if(local_channel() === intval($channel['channel_id'])) { - $wiki_owner = true; - } - } - // GET https://hubzilla.hub/argv(0)/argv(1)/argv(2)/argv(3)/argv(4)/... - if(argc() > 2) { - // GET /wiki/channel/wiki - // Check if wiki exists andr redirect if it does not - $w = wiki_exists_by_name($channel['channel_id'], argv(2)); - if(!$w['resource_id']) { - notice('Wiki not found' . EOL); - goaway('/'.argv(0).'/'.argv(1)); - } else { - $resource_id = $w['resource_id']; - } - if (!$wiki_owner) { - // Check for observer permissionswhich); - $observer_hash = get_observer_hash(); - $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); - if(!$perms['read']) { - notice('Permission denied.' . EOL); - goaway('/'.argv(0).'/'.argv(1)); - } - } - } - if(argc()<3) { - // GET /wiki/channel - $channel = get_channel_by_nick(argv(1)); - $wikiheader = t('Wiki Sandbox'); - $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; - $hide_editor = false; - $showPageControls = false; - $showNewWikiButton = $wiki_owner; - } elseif (argc()<4) { - // GET /wiki/channel/wiki - // No page was specified, so redirect to Home.md - goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); - $wikiheader = rawurldecode(argv(2)); // show wiki name - $content = '""'; - $hide_editor = true; - // Until separate read and write permissions are implemented, only allow - // the wiki owner to see page controls - $showPageControls = $wiki_owner; - $showNewWikiButton = $wiki_owner; - } elseif (argc()<5) { - // GET /wiki/channel/wiki/page - $pagename = argv(3); - $wikiheader = rawurldecode(argv(2)) . ': ' . rawurldecode($pagename); // show wiki name and page - $p = wiki_get_page_content(array('wiki_resource_id' => $resource_id, 'page' => $pagename)); - if(!$p['success']) { - $content = 'Error retrieving page content. Try again.'; - } - $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); - $hide_editor = false; - $showPageControls = $wiki_owner; - $showNewWikiButton = $wiki_owner; - $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); + // init() should have forced the URL to redirect to /wiki/channel so assume argc() > 1 + $nick = argv(1); + $channel = get_channel_by_nick($nick); // The channel who owns the wikis being viewed + if(! $channel) { + notice('Invalid channel' . EOL); + goaway('/' . argv(0)); } - require_once('library/markdown.php'); - $renderedContent = Markdown(json_decode($content)); + // Determine if the observer is the channel owner so the ACL dialog can be populated + if (local_channel() === intval($channel['channel_id'])) { + $local_observer = \App::get_channel(); + $wiki_owner = true; + + // Obtain the default permission settings of the channel + $channel_acl = array( + 'allow_cid' => $local_observer['channel_allow_cid'], + 'allow_gid' => $local_observer['channel_allow_gid'], + 'deny_cid' => $local_observer['channel_deny_cid'], + 'deny_gid' => $local_observer['channel_deny_gid'] + ); + // Initialize the ACL to the channel default permissions + $x = array( + 'lockstate' => (( $local_observer['channel_allow_cid'] || + $local_observer['channel_allow_gid'] || + $local_observer['channel_deny_cid'] || + $local_observer['channel_deny_gid']) + ? 'lock' : 'unlock'), + 'acl' => populate_acl($channel_acl), + 'bang' => '' + ); + } else { + // Not the channel owner + $channel_acl = $x = array(); + } + + switch (argc()) { + case 2: + // Configure page template + $wikiheader = t('Wiki Sandbox'); + $content = '"# Wiki Sandbox\n\nContent you **edit** and **preview** here *will not be saved*."'; + $hide_editor = false; + $showPageControls = false; + $showNewWikiButton = $wiki_owner; + $showNewPageButton = false; + break; + case 3: + // /wiki/channel/wiki -> No page was specified, so redirect to Home.md + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/Home.md'); + case 4: + // GET /wiki/channel/wiki/page + // Fetch the wiki info and determine observer permissions + $wikiname = argv(2); + $pagename = argv(3); + $w = wiki_exists_by_name($channel['channel_id'], $wikiname); + if(!$w['resource_id']) { + notice('Wiki not found' . EOL); + goaway('/'.argv(0).'/'.argv(1)); + } + $resource_id = $w['resource_id']; + + if (!$wiki_owner) { + // Check for observer permissions + $observer_hash = get_observer_hash(); + $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); + if(!$perms['read']) { + notice('Permission denied.' . EOL); + goaway('/'.argv(0).'/'.argv(1)); + } + } + $wikiheader = rawurldecode($wikiname) . ': ' . rawurldecode($pagename); // show wiki name and page + $p = wiki_get_page_content(array('resource_id' => $resource_id, 'page' => $pagename)); + if(!$p['success']) { + notice('Error retrieving page content' . EOL); + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2)); + } + $content = ($p['content'] !== '' ? $p['content'] : '"# New page\n"'); + $hide_editor = false; + $showPageControls = $wiki_owner; + $showNewWikiButton = $wiki_owner; + $showNewPageButton = $wiki_owner; + $pageHistory = wiki_page_history(array('resource_id' => $resource_id, 'page' => $pagename)); + break; + default: // Strip the extraneous URL components + goaway('/'.argv(0).'/'.argv(1).'/'.argv(2).'/'.argv(3)); + } + // Render the Markdown-formatted page content in HTML + require_once('library/markdown.php'); $o .= replace_macros(get_markup_template('wiki.tpl'),array( '$wikiheader' => $wikiheader, '$hideEditor' => $hide_editor, '$showPageControls' => $showPageControls, '$showNewWikiButton'=> $showNewWikiButton, + '$showNewPageButton'=> $showNewPageButton, '$channel' => $channel['channel_address'], '$resource_id' => $resource_id, '$page' => $pagename, @@ -127,12 +134,12 @@ class Wiki extends \Zotlabs\Web\Controller { '$acl' => $x['acl'], '$bang' => $x['bang'], '$content' => $content, - '$renderedContent' => $renderedContent, + '$renderedContent' => Markdown(json_decode($content)), '$wikiName' => array('wikiName', t('Enter the name of your new wiki:'), '', ''), '$pageName' => array('pageName', t('Enter the name of the new page:'), '', ''), '$pageHistory' => $pageHistory['history'] )); - head_add_js('library/ace/ace.js'); + head_add_js('library/ace/ace.js'); // Ace Code Editor return $o; } @@ -151,13 +158,13 @@ class Wiki extends \Zotlabs\Web\Controller { // Create a new wiki // /wiki/channel/create/wiki if ((argc() > 3) && (argv(2) === 'create') && (argv(3) === 'wiki')) { - $which = argv(1); + $nick = argv(1); // Determine if observer has permission to create wiki $observer_hash = get_observer_hash(); if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); // TODO: Create a new permission setting for wiki analogous to webpages. Until @@ -180,9 +187,9 @@ class Wiki extends \Zotlabs\Web\Controller { $homePage = wiki_create_page('Home.md', $r['item']['resource_id']); if(!$homePage['success']) { notice('Wiki created, but error creating Home page.'); - goaway('/wiki/'.$which.'/'.$name); + goaway('/wiki/'.$nick.'/'.$name); } - goaway('/wiki/'.$which.'/'.$name.'/Home.md'); + goaway('/wiki/'.$nick.'/'.$name.'/Home.md'); } else { notice('Error creating wiki'); goaway('/wiki'); @@ -191,12 +198,12 @@ class Wiki extends \Zotlabs\Web\Controller { // Delete a wiki if ((argc() > 3) && (argv(2) === 'delete') && (argv(3) === 'wiki')) { - $which = argv(1); + $nick = argv(1); // Determine if observer has permission to create wiki if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -219,13 +226,13 @@ class Wiki extends \Zotlabs\Web\Controller { // Create a page if ((argc() === 4) && (argv(2) === 'create') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; // Determine if observer has permission to create wiki if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -273,7 +280,7 @@ class Wiki extends \Zotlabs\Web\Controller { // Save a page if ((argc() === 4) && (argv(2) === 'save') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; $pagename = escape_tags(urlencode($_POST['name'])); $content = escape_tags($_POST['content']); //Get new content @@ -281,7 +288,7 @@ class Wiki extends \Zotlabs\Web\Controller { if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); // Figure out who the page owner is. $perms = get_all_perms(intval($channel['channel_id']), $observer_hash); @@ -319,14 +326,14 @@ class Wiki extends \Zotlabs\Web\Controller { // Update page history // /wiki/channel/history/page if ((argc() === 4) && (argv(2) === 'history') && (argv(3) === 'page')) { - $which = argv(1); + $nick = argv(1); $resource_id = $_POST['resource_id']; $pagename = escape_tags(urlencode($_POST['name'])); // Determine if observer has permission to view content if (local_channel()) { $channel = \App::get_channel(); } else { - $channel = get_channel_by_nick($which); + $channel = get_channel_by_nick($nick); $observer_hash = get_observer_hash(); $perms = wiki_get_permissions($resource_id, intval($channel['channel_id']), $observer_hash); if (!$perms['read']) { diff --git a/app/wiki.apd b/app/wiki.apd new file mode 100644 index 000000000..95245055c --- /dev/null +++ b/app/wiki.apd @@ -0,0 +1,4 @@ +url: $baseurl/wiki/$nick +requires: local_channel +name: Wiki +photo: $baseurl/app/wiki.png diff --git a/app/wiki.png b/app/wiki.png new file mode 100644 index 0000000000000000000000000000000000000000..31d98167943ed0612e417491de7b2a8414b21100 GIT binary patch literal 10668 zcmZvB19%0TP@E4YzU-8|jXnB-(se+hjN$Yup(aiGO z#$T$`Zj0}M$>cl|l&}CqsReGq0BXE_$W-;lAp-Vy=<&a4bnFpq?6?I8g+Iyn25ar_ z%MKVi$1*dh{}d4FfC#!cbK^QyH-S_;MRCvt`k7SQRz=_7EV?!1fPno6+PS&MY()So zc9zlPA$5U$G`kcw!A0~9Bmh2jkgv-XHTH?mIv3zwYV{`uI$F-O6k{pVX8&l^^7*<^ z{mGP#A$34$C(2uK>TeTr0xMonty8)b1eK0MmUZ%Z^{4Z5oy7y|r(Y{uBmwHLLZiN5 z&1>qjsa&zRT%9fZv!5*8xPW^~-5L?Ae*U8$_NRGs6)NI4{I${8t3uL)OFvSWBQ3Pb8Q^4u``+YQMCsR6%lb5*amP z%KY^K{e7>O&*t~o0AqGuFWzuyzu&IbvAg!cHJQHw_#?K#m=@ zwTBVFKb%jsO%86oINH-?U7cL(mdNh=cKA$+q#xtBqbNqM zesGVRXzof?$VgDM6=vTDiJ1iFo{z{G%*+bOXpHhHh{G9blME0RB#RD}4#g}BX(I~V zASS&0k%DZ?5T2p7&Vcz~-)U&&5N>B!edw>fD9%X8K{BF<5q%1*5Szg^@F7>|IE7-B zNw~#mS>lW6M7r=k5@M>n*ib_f(MjkjqEFM*<@ofWl?4*2LVqdT2|M5oLZ9>DrpY*A zUm^U%Fft+MOi-2qEkP@F0-xYz`X{y}y>YVP@OsyF7pDIqXE+a;41Lsm!ulTeF^+T&%DUH(A9Mi!W4;^Phz>_zIt?U-tr zESk!*E@YZzYANC!a9g5t1V4q8m@d?pYSa7_@kHRp_z}-EsAZgJtXG#&54CJ^Ch!S$ zq?cg#lXE~DzCODnR}FM4+EQF+(CGlm4)wKn7yTyoWe8fI+m-3J&pn8Np8`p?5=n=D z(Ig@0LfeI)eNHE%w5QZSCxkzQe+|Rv=Tr+WS8*qgK=&EcH>ImjSQhJ&`$Vn$9a}Df z67LHoT~<@DhMX{|am28)Gn&C&KlDd@Pm0`r3 zM`QFkQ2wp-r43T8Pqa@xxTsF6KzgUCUnpEo3RswC8f6MJjW!M4>PiVtX~k5j z5IwG&r7HPMC_Y!>Guzgr)WpAPvC2v;!&3~N`+hw1m-MLnFMGvYj~rhJO5(o9b;c#$avro#?MEtW?x=TEJe& zsdT7RnP;`7wl%R`u>~(MSH(}2O?l-`>(r| z)FjN{9OfbbIs(Ul`@loaktSWEpg6f*{GNu{f;*Bby zYP0f2ZL1>XMi7=k3bP)MSgU@kx|g_$0*f|_QLWl#fv{R$bzbo=nO}N=cD%TRA!)IuHt|2niYQ3U8hX-*v`i zr|pw#GP5~zoRPP4!Mx^L+Me#|^Q6*J{GsQd!{ElU(8_BYm;p@zEmkB~ zVN^!#*W|CYttk(tm$sK>!u-O~!tugbJ)S*P{w$9suaK{v&l|T(SBK9_U=?Uy=${Bj zh{e#-&{}Z9NbCrhFdonYeGq+}A*3v`MwI&VxRBy65}x6L2wcbpIL~hQ%#55rsn2}c zG`$17y`Y&)r6eT=J7p6`XGdjX<8c*my`;xvhNKo`l%)KmGNcqTv>A08|47H_#*vi@ z;gS;J_)&VgRy@pZC`9g^?IP}7FmvdqH=eD!Ht$zVOw}YA_360KlMs;-Z=t_OWA#_; zE7trqYWLcQUi#h{2~Ig2W;l$$Hh8pnNruh{YY3Z>%osF?Hj}H7!;#yAR1s_5_GmD= z3I0=&nv_~Z$5Am;@!KY>>9J`}oXRAoj=_LKh^CumfU}5IqGQ}<;X)IuP;@3)k=9Me zvNJQ`P4P}Pj`9aps18!2ZNsLOj78qK+9bxo-#@@VjuXUVw`1S{E=w*i533%}w}_WM zt_wTV>hQ%H{k3*wFN400ox7gXL4|s?qAkam&3UzawYnZ->&DB2Vexix zwViGzkRGc2kUft5`G#dBMf#t_sz9%ITJl|JSFD$@{SL?vncwu-CRH zyx021amTH8mZ^^6%5=@PLG}LRP2o*z=hw3yEfYN#V>FvY^Ta0h@`i5tT3eZgvXkPI zV8TS;LHCJY>v_)V$lB7cEr-B4hpMROrcMh_I(}IN z8U;$8%U&l>$%M<4jPxgZEC|dm@s#tVa`(rl4A<|uj5xh+-%0pkRUNBx6tzD>^M2;L z-W_=)z05@xT=9wVuRNxC&AV@z){W6ESX^I>ZYk!r@l*8MIu4r4AqEjMiTrr~_BZZ6 z3)nbrr7)EY!pZ)@m**95BR(8{9UF}o$^X?|xTERMY)(yG&E`aKMy=s>yKBW-H~2*} zqspp=&p^OG$G`hL;x&Geq%$|&=q$kIxcSnd``EehHGQu-p$EqQ@Yw*&vU%U(zn}1) zLj)BI`+ULNC5|S{c3i$S4e}XLZ4eHQvJH{xMW$;{r48rtsK zN{akuP7cf_=1!&-%-#;pAKU$2R;^W6K57SW>%K}pOCwa<^Q<%e@OlF+EdAF&2_xc9Xlerh#QbuSVjA8M=lTdq*+U+0 z2e~WYSzE8>)wHG#G;~O4Ovq?3H#r$AcVr!LLjQ6!mbzRvJ0iNkw(FN=2-0O~7Xo|v zohB4~q|knwurOx#f`$4A|KI+HenM+iM!zgAt+dE-D%bVi|GsvB!A1{$uO06&Z@bFy z5EBRsmit^m)klK!eASuujjK7=+CO;+WtLbrgC8Vq0&!1N@OwR~j4zw{9bMbATfGtW zt#H~lhCbC%VWY}~_FY}5Qr>?dxAl9u=6N;9gCV0{9YKKbzNA;_UI->tsif{99>Ic-FgrRW6_rtW4>o3fYfbDXdE1Z_czo~9W!ggBtVh&TZrxjvaw{|7 z^;$&6=KWqrOHfTtrLDDCwf6CPjwd;d`xN|GI75#kbWWjI{4|&^ton z_jA;={zc(XW@=OY($?d5wlGe*H#%x33il73F>}mhS?oSl{9sY^9#Mc?6;gc|4jg|- zX2-7K@`jWwC1&N%`;uH#I}w9b$=jQPAw2G0&qcVOg^M^ZFI*BERsYd&rXA2^oC?GyeuPbUb3H zqMlOZMRQ~=J4|e{t2QC$&YUP|KL7T&aD-BWwv@yLTPa%BxSIyVzr-tXSxRXA`<@hp zf5~x4f`@D)i}E40^bQ=4`mBgX$LJePhY(|@4iy~NS{#_x1lj=&-*M`9aIrQ0&=Vs} zK3i`?8aL}2H?E?$4kJWK@p{<*#Khc5QKUvc0z(VDU-9a{y+(miDKM_tGZg9?p+RzG z1?Cqx&R@BStL^eR(le=z?OBvOSBu?)kd}M|N#>W9^jaJ@bdy_5frFE^n;N_%v8udb z@W6O=PWfm%DMmu51>8X_mq9ZGNwd_!>>d~8H0U`@TOeksH$Z{V)VcKykN(86PmMoI zbSa7CG{PSq#X<6NVybV&onl<&R~k#diLDS$4!pJvLWx|{%1wG%j64W{*h%#?h@hG} z%RPB)(-@8|JKLtXCCeG&Oc_GE^ow?4XxF9f96^x@#dLMOgtjI(nzF<_Grm1HZsOE<&v-tn)(-QUR7T9NgB+A-Wcc;2Fy(1K$sXBB^3xuH#dJq(G-?G%E0=jKu7AJ5j$!tK)CA0y2aH9B6_?Y zdNdUR5Y5mBzA}Sse6Q?{W=^}Uws1MPp~D9oKL8}_np*|U4Ou4Yjv*-X`KMy*a`w0N z>_rGNTyf0`s5c6yL?ocg)l6!p?eHUu`RJKk4vt@39g(Is|8^H0=z98n`-3KT#7Qm4l^^e!?zO|m|heoeLI)mM`g7p^hUFe`7R-2m-KfA&x- z>r4_4nbq?oEd;5?(3HPph}A@{S2$0M0G8%>HHn2^ic$-7B~eNFLxeg-sJo-(MijL{ zKX_Qw7sF=VAf2B+CW^NsIt>j!Hm?9;T|GV4*_|O-H~3~899sH9=0nW4&m@Drq;cfi z=L20f`fHM}1--J;{<2~4u))}xv@oS#A+olcaMB`Ro{Fi%!$T^Xnk3V>5)^q4C9~TD zgxAw+He4XO_E356Nt#}p>{IZXJ<^&QKK<#y5icJP@r1;YM;_SZ128N}A@#*Zy?wQo zxWk4k+yOLWJ6;xwx#k$SWI5*oTmJM&&Z{K+C6}|wF1DorAi^Qh@FUWw1GvhCf57E9 zl3^*$H8tn4rX`Y#!tTM|ysuCs7pG!Z-3 zDoXWC2InS!RxJGsqnYX*rJlNOU9WC@#WGgGkWC|yLaCWWc^uO?zDjsQ@x>dKpFcr< z_ZwV#g`gLqnGVgkzc?*JP+4BAu1dja4}sDh{wMn~5S~^#Ud7QLLaSE2QHucHPpH`G zF|6Bv3jy_%14qR0yJR>g$FB~w6~ID`)M6n~)bC7W69{D~0^vxXx8;N|ST$^X`Ozpi ztsuk)24+)TvG&moL~`0=kfc-1$5;c2GT4B6dbgK3mdW`c({!k9yht3d& zD2f9Hb8BiwOl8m`9npYNI@yhsl$1Tg@n`@LqgS&^RkU%Q5%2fiW`Ichgg9|xlwGxW z5D|=$pbMhLAls*(eHWW7rnYnJ$VpgvXAFZLGlw%8Qk}*+C`#I>uB0%q4C8P7!xs6q z7A!4K2iqPK9!IU|yK5?4v7NQR;Eu`=>}$b*c(NaTI(5c{9ycMiARc(cwdG;*A~;#qIvt z?n*LfT#}b4D50`LlB@vRoF*PhjZnhkoMtM{B{#oZ4$C;?Rc>pjyhbFpzc(5b3_yWn z9<11+L?o&o>m-Cqhp#DSCMq;_Y*bsQPum^)3RW}JLn~VdWnIX+HzY09!gE#7jx*|M zfZKXI)s**Eg67=lbblMm&p;5J7==e+**Ov;gtP3Z(0%NhU%=)eEW0=gkwvc-)Ht~V zNw52pjE~1o&ng^OwpcYSQ`+MfgRmNLO}Fxqc(^8qC_B>*>9p(xIK$p#0lD}Sj}@vD z{Jmw}OR=yu!GW7w;YPymxFDbi9Wks=8Iyh+>q10DDXjV`kBXoAj9Fn802%@r+&%V{ zU*MTJOSmX`ou`*hMuAf-nT_7cxEK02oI!A-+LA`-8^(!$YTdeG5}nkkLcW!1T)i?h zxfZg_25)zAI)USy;d9ghqYQ>`7U?0gRGZ$BOd-NwlqWTn{ny{bui75N$h^dq-k902 z3g5@!SPf*rSpe)PMnA6|7?r;1{Su3zjQIubg4){fxfnlfH8G87Yyt>cd?uOMl|hRs z*vmQ<2&UMQpBaU>#r$+yr_k-T04or4qzLvvE`>%Sysmze%jZgx9#n;p#T;}de&r@q z8EY8VLL2GoiwBn;g48`k*3Vd~2OU}CB}G{XqI5*a;jGJxz;B~FXXSfo@!`!LbLCqz z*(_i^n8JM7@7-Jx2?f5qss)qJ{c>8a8E4##`iH4CWj~oiEHL%%9|~IoF(Y2oIKASo z%qdHdVhl428G32vXGEjMz2$7!xO+NfR`4`KU)a!e%MuS&a`-)d$_k6dYqG;MK+x(s z=HH=v4vN<|f2ThYUgud?y46r6?isE4k>0PRX3*ui?7d6fiUl18?LlHuNbZc?0<9eI zIDLl-O%yaMwEAQF^lUJ<)CSLZI1W~EC%3JngaAsSd%dcq!b~2noiWw9Ag}aWSv)R2 zMDiL()!cx`_wgcLnB1R{y-_T|_qiDEt{bt}_F;!NwkNg#3&0KJu3(%zwY3UmWO_1^ z6aXL20a*d-iI+pR`nN#cbvUUBIL~M=%M-sf+i1QY^u|e2FLeKRZ6GwuIuR~^UOk&u zCV-3UPP^wte=^sf@L@Rg=RUvg0zW$ueHWN({t>ZCldAajp$V$@QLBF*pY@9-T4oXd@8-aqSTsDhrk z!4y0twIM{r2_(J}Hg%-80^D_DDv5eY?y^@y56w>lnvL z7j@1Ne*&*#)LARe0EXXMVZ?MR_JKbp#yBk0?!VwyxD@j$hsa=AG?=RuD)^ zwBvkbtPNS)9eH~N<78Bg7m0K@n5}x7v<}76kh~!tgPoTacy_Z-G({OuS_!+h1f7Y&-9r^@hZ8wSaO zLqZ^NGB^uLa@xDEXFYlzS>6x8-uqeaqCPeRj@`GB@K;)yrieY+Ju8hfzXS5FyD$5A z5Di7Ze4orGu8*@8VM4#yC{JMs8T; zp&XWGjCs(3h)kbzSLmQjnv>x&>naUYMzOPI)H#g9OEp8yO zzG1wDCSvL(V*OoFhC~M56TCd%0Y6uW`5cv{Yj+!01u+tr;TQe>1OAw(=mh1tfIu$> z62EOj_f{UWnQY&mJtySAsq*}oMws@u^WNg~A2U7M)G)a~hbE96qBmyZ6!H z^T(Oc)@l0r#M^YxPb2-ZWqu3A2@EI8Z;j?84ATR<%4R{|7%1^=g!JYQ2ewKS z%5iep+n;y15HI(WV`=HvYzR&jlM0bdQFpyB%Dr|D4hwPwr=>-7*=x(onJo$JFD(y7 zeb1L$1K<16wTwEj6>#&o7fYeVL*aHVH~Ul(vGlh5qEu|Y*f~2t_<84T&!kgo6|Du{ zl{$6Lj~yt(iz+P(!prfLA;58Qavsr-Ja+uN_b5$>1fEH-bHhK87SpfpQx} z$)X2@$AswD2Wiu6)sYXAwkvn-SZxiLZiz&vkfS*oxFJ+l*|~GWU?=LV@lfpUUG#73 z`WA5>p%&IXAlTakz;WGiuvtCnc0GdQBfhMJ@q3(Md%-yD}P~8f`9q?En?V z_KQ-|ElhVld+Tixae+#GarP>9W#A-^2x1DFGrT(JJiZ#% zizxtQci!Fta)eq8ffI5NWkn9ryssg9hL89KpCI|5G96E1!i&4Q^f%IKe*RQk z!$1i-3O)vLy7$!AuFT#$`lC2?|Aq2Mc?h>->0MuGMAr1-D71t7CBSDc3$+R^TK3_M z6LZ2A8c@?va_kj)c#jdM(Bv`j8$ln%{KylIoXSf2c^5RgSn-6sR_^XAT0|ko^@an}`GrNf23J=kt<*i*UmR>5{^uBkP6J0IF|*{@1Cvh* zE=wXp(S@_)8r?JJ741wE@%B4i0M1&6!X=x#!L|w6C4&0?(dqyf{;e~jTaCUMQoc;z z`)DVVHNRg2#fZsG8P`d4%}lA}t|QK2Dcqp7n$?+z*z-v7Bg%*7he(V#$~yBQ+iy>o zfwD*{vkU6tKw{o zHurN|-My!ew09aqF1#4^j+cdtjfo+%YUpUR6d|q--sBd1C<0F}dEl2Z+4nDGR2PoD zTW3&ga?7t)|H&^>7;z>m=*2RbStW|tI38Ad5Dbx0V9|6?=mhS??OYEh(Y;$cv8UmG z?ENLEGn%#FOIr|gLRlpsLC6U-IWYwEyCH3j0+_Yy@foIcgz z_GJk?e_{(`?F?;(%-1_F=nR_$Jdin+-X%whh(3O6{r1lyTokqLw+ytlrai^xUKD8p z6L(#oJ@7IWwY^oQ@mlohL$yPzJd22D=4}!hxLHAiSG{?D$mC0C=v3NT?cV%Yx<1Q# z|79|fUSFt?9yRVZFV~qh?B1ktpb7%WQ?zrYR!ERn%&kCqEO7??*zzWH>UqpeIcs&% zTjWhUNLHgU67*Sni?a@*u`W_hVDKbCRcnncGz%Jmdm%Ii?cUZu-@|#M3{}gQoO+c8 z*mkr((-8M6qQr8QCegU>a%!(G+0;5dLTq~Pi1;|FDRS+zYiMef-`rpwM)Ef>#oqqF zJpbd@%>);6M6}~O;_r}J_z*+%4!g8@UtQ1bu0s*U|5J?fULs>^VTwRhDBO+8{vy?d z#uS7F-0XAoIO3?N{AAQ~&X0X%oWocPjD-bbA09i&QO@8gZcE6oeh$oD3fXV#jhNcF zcVOf{mH#CCO?!dk9o~7aOofLgPgU?^LcRX>VL=hZZ%&MD1*^InxPImD;czjm*Ao`= zboiweiF~~Q#w37X|8i5AwPHEG!?4DV^qQmbv;3;EvYv_w0yDUuf1ZNL+D9B0FS**kJ60X-7(q?E}YNWd^dK1pN*dLD{`_Dh7g zbmnpJ=9Iegqv#^RlQ7u(^vz+TR!wt`bury`@MG;VfzOSd<;-dYPzeJUdp#>k_7n16 z58*#gs`OArw>>|fF7Qy|J{<}vX6PB_R#=g(cakP2Gk;sh9LA{eFbGvs-odxbb7gjX zTP->{r7oz-DXr~GX+u3_w=`N}D@(-ti0yH&ch2Zyrnci><-z3@A<~`@(4s$Y;64E@ zbM2p2w<2+IW`l%H4tI^;eFCH;g`b1^3lnAXns%53Pu+MA$2+HIRwT~+7L@Ak&jWRR z^7w-wI{?&}+Ii8|fc^FRW2IlaB3CXZPvbbyDm{Nv1vqaS+74XM7`L!#9{qEiH!v<3 z&3$VP{Y26Y{=!J{5VIcOIV2o@p)tsExA}N?)p;`#itQw42ak*wq4NAL)E>Jf+U_fH zoUh1e`vQYap;h0e#3zFNy)Q#^c;|^jI`iSZ-u9;IjmMrU30}#YYK^o?g|lVfIc6pa zL^s+V`Lm;~nU7t!yQ5pht$yo-nLlB=dtGnkXy8^5@9;c-{I| z9$#{{hRjJ`Mw#GT2ziOq+mz=_&Z`iML}-fMfrf^FgSooYh0vM!XqMyt-|w%t;50xM z=jk{7_ma!)dpo?H(%3TN+r`)Ax$K5xAHlgb?hT&B-n9 zxy7e#s6_ql& z1tH3Aj=yiHZ|w-QY^yl+gxY1`^zOyoLJ_0kGIt}#PPM1MGaIK9My2B2$$YahdJx<7 z-6kaaEw!uQH{1rGcd4N1;U!)?79Wu{@<*Xn}q3&b}#^hCnU>DlvRv63Q&P~5VkbrRo>uZ>Lf$c~ zj#ZnhNf!$3l(M~!nwqk*o|?SaJdU7#gjE8kczGa6(&H>0L9zRACe03$Q+H6+FK<#% z&o(SJ_BF$u8tNCACkhu7;}*^_g|9pY9ibU+v^?N9KMykR&qZIygiL#P= z6eG^VG9b-63Q}1@(sp+ym+QL$w3&q0&CqLv_U|b9^;nQ`1cE5pK_$U+J;ic?O|^Yy zDXx|Ps$5h_IV{%SWQg7=0be%C5c1oL`ZXaFl94=s#YB86ZuwaeLDVNf_f(8QHe2x7 z%2xMfhi@zpliY|Dtpt5@$3Spc1guIV)f?V}j?{J_1eimnb3!jW_Ma_qIVoky8gb*0 F{{_YFL$d$? literal 0 HcmV?d00001 diff --git a/include/widgets.php b/include/widgets.php index 536af8818..d9dac1afa 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -857,27 +857,27 @@ function widget_chatroom_members() { function widget_wiki_list($arr) { require_once("include/wiki.php"); - if (argc() > 1) { - $nick = argv(1); - $channel = get_channel_by_nick($nick); - } else { + $channel = null; + if (argc() < 2 && local_channel()) { + // This should not occur because /wiki should redirect to /wiki/channel ... $channel = \App::get_channel(); - $nick = $channel['channel_address']; + } else { + $channel = get_channel_by_nick(argv(1)); // Channel being viewed by observer + } + if (!$channel) { + return ''; } $wikis = wiki_list($channel, get_observer_hash()); - if (local_channel() === intval($channel['channel_id'])) { - $showControls = true; - } else { - $showControls = false; - } if ($wikis) { return replace_macros(get_markup_template('wikilist.tpl'), array( '$header' => t('Wiki List'), - '$channel' => $nick, + '$channel' => $channel['channel_address'], '$wikis' => $wikis['wikis'], - '$showControls' => $showControls + // If the observer is the local channel owner, show the wiki controls + '$showControls' => ((local_channel() === intval($channel['channel_id'])) ? true : false) )); } + return ''; } function widget_wiki_pages($arr) { diff --git a/include/wiki.php b/include/wiki.php index 14e8cc53a..84e7d8dfa 100644 --- a/include/wiki.php +++ b/include/wiki.php @@ -9,8 +9,9 @@ define ( 'WIKI_ITEM_RESOURCE_TYPE', 'wiki' ); function wiki_list($channel, $observer_hash) { $sql_extra = item_permissions_sql($channel['channel_id'], $observer_hash); - $wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND item_deleted = 0 $sql_extra", - dbesc(WIKI_ITEM_RESOURCE_TYPE) + $wikis = q("SELECT * FROM item WHERE resource_type = '%s' AND mid = parent_mid AND uid = %d AND item_deleted = 0 $sql_extra", + dbesc(WIKI_ITEM_RESOURCE_TYPE), + intval($channel['channel_id']) ); // TODO: query db for wikis the observer can access. Return with two lists, for read and write access return array('wikis' => $wikis); @@ -195,8 +196,8 @@ function wiki_create_page($name, $resource_id) { function wiki_get_page_content($arr) { $page = ((array_key_exists('page',$arr)) ? $arr['page'] : ''); // TODO: look for page resource_id and retrieve that way alternatively - $wiki_resource_id = ((array_key_exists('wiki_resource_id',$arr)) ? $arr['wiki_resource_id'] : ''); - $w = wiki_get_wiki($wiki_resource_id); + $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); + $w = wiki_get_wiki($resource_id); if (!$w['path']) { return array('content' => null, 'message' => 'Error reading wiki', 'success' => false); } @@ -230,7 +231,7 @@ function wiki_page_history($arr) { if($reponame === '') { $reponame = 'repo'; } - $git = new GitRepo('sys', null, false, $w['wiki']['title'], $w['path']); + $git = new GitRepo('', null, false, $w['wiki']['title'], $w['path']); try { $gitlog = $git->git->log('', $page_path , array('limit' => 50)); logger('gitlog: ' . json_encode($gitlog)); @@ -272,7 +273,7 @@ function wiki_git_commit($arr) { if($reponame === '') { $reponame = 'repo'; } - $git = new GitRepo('sys', null, false, $w['wiki']['title'], $w['path']); + $git = new GitRepo($observer['xchan_addr'], null, false, $w['wiki']['title'], $w['path']); try { $git->setIdentity($observer['xchan_name'], $observer['xchan_addr']); if ($files === null) { diff --git a/view/tpl/wiki.tpl b/view/tpl/wiki.tpl index d2ce03f5a..86c503bb3 100644 --- a/view/tpl/wiki.tpl +++ b/view/tpl/wiki.tpl @@ -16,6 +16,8 @@
{{if $showNewWikiButton}} + {{/if}} + {{if $showNewPageButton}} {{/if}}