]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/lockedit.pm
cherry-pick uri security fix
[git.ikiwiki.info.git] / IkiWiki / Plugin / lockedit.pm
index 82ce1e7be75e2a7a6e0ae70e8a83c776e5068da0..010705c49a4fc460976b3239227c972d05d6df76 100644 (file)
@@ -21,10 +21,15 @@ sub canedit ($$) { #{{{
 
        foreach my $admin (@{$config{adminuser}}) {
                if (pagespec_match($page, IkiWiki::userinfo_get($admin, "locked_pages"))) {
 
        foreach my $admin (@{$config{adminuser}}) {
                if (pagespec_match($page, IkiWiki::userinfo_get($admin, "locked_pages"))) {
-                       IkiWiki::needsignin($cgi, $session) unless defined $user;
-                       return sprintf(gettext("%s is locked by %s and cannot be edited"),
-                               htmllink("", "", $page, noimageinline => 1),
-                               IkiWiki::userlink($admin));
+                       if (! defined $user ||
+                           ! IkiWiki::userinfo_get($session->param("name"), "regdate")) {
+                               return sub { IkiWiki::needsignin($cgi, $session) };
+                       }
+                       else {
+                               return sprintf(gettext("%s is locked by %s and cannot be edited"),
+                                       htmllink("", "", $page, noimageinline => 1),
+                                       IkiWiki::userlink($admin));
+                       }
                }
        }
 
                }
        }
 
@@ -42,7 +47,7 @@ sub formbuilder_setup (@) { #{{{
        if ($form->title eq "preferences") {
                $form->field(name => "locked_pages", size => 50,
                        fieldset => "admin",
        if ($form->title eq "preferences") {
                $form->field(name => "locked_pages", size => 50,
                        fieldset => "admin",
-                       comment => "(".htmllink("", "", "PageSpec", noimageinline => 1).")");
+                       comment => "(".htmllink("", "", "ikiwiki/PageSpec", noimageinline => 1).")");
                if (! IkiWiki::is_admin($user_name)) {
                        $form->field(name => "locked_pages", type => "hidden");
                }
                if (! IkiWiki::is_admin($user_name)) {
                        $form->field(name => "locked_pages", type => "hidden");
                }