IkiWiki/Plugin/remove.pm

   1 #!/usr/bin/perl
   2 package IkiWiki::Plugin::remove;
   3
   4 use warnings;
   5 use strict;
   6 use IkiWiki 2.00;
   7
   8 sub import { #{{{
   9         hook(type => "getsetup", id => "remove", call => \&getsetup);
  10         hook(type => "formbuilder_setup", id => "remove", call => \&formbuilder_setup);
  11         hook(type => "formbuilder", id => "remove", call => \&formbuilder);
  12         hook(type => "sessioncgi", id => "remove", call => \&sessioncgi);
  13
  14 } # }}}
  15
  16 sub getsetup () { #{{{
  17         return
  18                 plugin => {
  19                         safe => 1,
  20                         rebuild => 0,
  21                 },
  22 } #}}}
  23
  24 sub check_canremove ($$$) { #{{{
  25         my $page=shift;
  26         my $q=shift;
  27         my $session=shift;
  28
  29         # Must be a known source file.
  30         if (! exists $pagesources{$page}) {
  31                 error(sprintf(gettext("%s does not exist"),
  32                         htmllink("", "", $page, noimageinline => 1)));
  33         }
  34
  35         # Must exist on disk, and be a regular file.
  36         my $file=$pagesources{$page};
  37         if (! -e "$config{srcdir}/$file") {
  38                 error(sprintf(gettext("%s is not in the srcdir, so it cannot be deleted"), $file));
  39         }
  40         elsif (-l "$config{srcdir}/$file" && ! -f _) {
  41                 error(sprintf(gettext("%s is not a file"), $file));
  42         }
  43
  44         # Must be editiable.
  45         IkiWiki::check_canedit($page, $q, $session);
  46
  47         # If a user can't upload an attachment, don't let them delete it.
  48         # This is sorta overkill, but better safe than sorry.
  49         if (! defined pagetype($pagesources{$page})) {
  50                 if (IkiWiki::Plugin::attachment->can("check_canattach")) {
  51                         IkiWiki::Plugin::attachment::check_canattach($session, $page, $file);
  52                 }
  53                 else {
  54                         error("renaming of attachments is not allowed");
  55                 }
  56         }
  57 } #}}}
  58
  59 sub formbuilder_setup (@) { #{{{
  60         my %params=@_;
  61         my $form=$params{form};
  62         my $q=$params{cgi};
  63
  64         if (defined $form->field("do") && $form->field("do") eq "edit") {
  65                 # Removal button for the page, and also for attachments.
  66                 push @{$params{buttons}}, "Remove";
  67                 $form->tmpl_param("field-remove" => '<input name="_submit" type="submit" value="Remove Attachments" />');
  68         }
  69 } #}}}
  70
  71 sub confirmation_form ($$) { #{{{
  72         my $q=shift;
  73         my $session=shift;
  74
  75         eval q{use CGI::FormBuilder};
  76         error($@) if $@;
  77         my $f = CGI::FormBuilder->new(
  78                 name => "remove",
  79                 header => 0,
  80                 charset => "utf-8",
  81                 method => 'POST',
  82                 javascript => 0,
  83                 params => $q,
  84                 action => $config{cgiurl},
  85                 stylesheet => IkiWiki::baseurl()."style.css",
  86                 fields => [qw{do page}],
  87         );
  88
  89         $f->field(name => "do", type => "hidden", value => "remove", force => 1);
  90
  91         return $f, ["Remove", "Cancel"];
  92 } #}}}
  93
  94 sub removal_confirm ($$@) { #{{{
  95         my $q=shift;
  96         my $session=shift;
  97         my $attachment=shift;
  98         my @pages=@_;
  99
 100         check_canremove($_, $q, $session) foreach @pages;
 101
 102         # Save current form state to allow returning to it later
 103         # without losing any edits.
 104         # (But don't save what button was submitted, to avoid
 105         # looping back to here.)
 106         # Note: "_submit" is CGI::FormBuilder internals.
 107         $q->param(-name => "_submit", -value => "");
 108         $session->param(postremove => scalar $q->Vars);
 109         IkiWiki::cgi_savesession($session);
 110
 111         my ($f, $buttons)=confirmation_form($q, $session);
 112         $f->title(sprintf(gettext("confirm removal of %s"),
 113                 join(", ", map { pagetitle($_) } @pages)));
 114         $f->field(name => "page", type => "hidden", value => \@pages, force => 1);
 115         if (defined $attachment) {
 116                 $f->field(name => "attachment", type => "hidden",
 117                         value => $attachment, force => 1);
 118         }
 119
 120         IkiWiki::showform($f, $buttons, $session, $q);
 121         exit 0;
 122 } #}}}
 123
 124 sub postremove ($) { #{{{
 125         my $session=shift;
 126
 127         # Load saved form state and return to edit form.
 128         my $postremove=CGI->new($session->param("postremove"));
 129         $session->clear("postremove");
 130         IkiWiki::cgi_savesession($session);
 131         IkiWiki::cgi($postremove, $session);
 132 } #}}}
 133
 134 sub formbuilder (@) { #{{{
 135         my %params=@_;
 136         my $form=$params{form};
 137
 138         if (defined $form->field("do") && $form->field("do") eq "edit") {
 139                 my $q=$params{cgi};
 140                 my $session=$params{session};
 141
 142                 if ($form->submitted eq "Remove") {
 143                         removal_confirm($q, $session, 0, $form->field("page"));
 144                 }
 145                 elsif ($form->submitted eq "Remove Attachments") {
 146                         my @selected=$q->param("attachment_select");
 147                         if (! @selected) {
 148                                 error(gettext("Please select the attachments to remove."));
 149                         }
 150                         removal_confirm($q, $session, 1, @selected);
 151                 }
 152         }
 153 } #}}}
 154
 155 sub sessioncgi ($$) { #{{{
 156         my $q=shift;
 157
 158         if ($q->param("do") eq 'remove') {
 159                 my $session=shift;
 160                 my ($form, $buttons)=confirmation_form($q, $session);
 161                 IkiWiki::decode_form_utf8($form);
 162
 163                 if ($form->submitted eq 'Cancel') {
 164                         postremove($session);
 165                 }
 166                 elsif ($form->submitted eq 'Remove' && $form->validate) {
 167                         my @pages=$q->param("page");
 168
 169                         # Validate removal by checking that the page exists,
 170                         # and that the user is allowed to edit(/remove) it.
 171                         my @files;
 172                         foreach my $page (@pages) {
 173                                 check_canremove($page, $q, $session);
 174
 175                                 # This untaint is safe because of the
 176                                 # checks performed above, which verify the
 177                                 # page is a normal file, etc.
 178                                 push @files, IkiWiki::possibly_foolish_untaint($pagesources{$page});
 179                         }
 180
 181                         # Do removal, and update the wiki.
 182                         require IkiWiki::Render;
 183                         if ($config{rcs}) {
 184                                 IkiWiki::disable_commit_hook();
 185                                 foreach my $file (@files) {
 186                                         IkiWiki::rcs_remove($file);
 187                                 }
 188                                 IkiWiki::rcs_commit_staged(gettext("removed"),
 189                                         $session->param("name"), $ENV{REMOTE_ADDR});
 190                                 IkiWiki::enable_commit_hook();
 191                                 IkiWiki::rcs_update();
 192                         }
 193                         else {
 194                                 foreach my $file (@files) {
 195                                         IkiWiki::prune("$config{srcdir}/$file");
 196                                 }
 197                         }
 198                         IkiWiki::refresh();
 199                         IkiWiki::saveindex();
 200
 201                         if ($q->param("attachment")) {
 202                                 # Attachments were deleted, so redirect
 203                                 # back to the edit form.
 204                                 postremove($session);
 205                         }
 206                         else {
 207                                 # The page is gone, so redirect to parent
 208                                 # of the page.
 209                                 my $parent=IkiWiki::dirname($pages[0]);
 210                                 if (! exists $pagesources{$parent}) {
 211                                         $parent="index";
 212                                 }
 213                                 IkiWiki::redirect($q, urlto($parent, '/', 1));
 214                         }
 215                 }
 216                 else {
 217                         IkiWiki::showform($form, $buttons, $session, $q);
 218                 }
 219
 220                 exit 0;
 221         }
 222 }
 223
 224 1