]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/lockedit.pm
cherry-pick uri security fix
[git.ikiwiki.info.git] / IkiWiki / Plugin / lockedit.pm
index 587f7ee540b573d84ceb21ab88fc1ae8c28f7005..010705c49a4fc460976b3239227c972d05d6df76 100644 (file)
@@ -3,7 +3,7 @@ package IkiWiki::Plugin::lockedit;
 
 use warnings;
 use strict;
-use IkiWiki;
+use IkiWiki 2.00;
 
 sub import { #{{{
        hook(type => "canedit", id => "lockedit", call => \&canedit);
@@ -21,9 +21,15 @@ sub canedit ($$) { #{{{
 
        foreach my $admin (@{$config{adminuser}}) {
                if (pagespec_match($page, IkiWiki::userinfo_get($admin, "locked_pages"))) {
-                       return sprintf(gettext("%s is locked by %s and cannot be edited"),
-                               htmllink("", "", $page, 1),
-                               IkiWiki::userlink($admin));
+                       if (! defined $user ||
+                           ! IkiWiki::userinfo_get($session->param("name"), "regdate")) {
+                               return sub { IkiWiki::needsignin($cgi, $session) };
+                       }
+                       else {
+                               return sprintf(gettext("%s is locked by %s and cannot be edited"),
+                                       htmllink("", "", $page, noimageinline => 1),
+                                       IkiWiki::userlink($admin));
+                       }
                }
        }
 
@@ -40,7 +46,8 @@ sub formbuilder_setup (@) { #{{{
 
        if ($form->title eq "preferences") {
                $form->field(name => "locked_pages", size => 50,
-                       comment => "(".htmllink("", "", "PageSpec", 1).")");
+                       fieldset => "admin",
+                       comment => "(".htmllink("", "", "ikiwiki/PageSpec", noimageinline => 1).")");
                if (! IkiWiki::is_admin($user_name)) {
                        $form->field(name => "locked_pages", type => "hidden");
                }