]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/lockedit.pm
cherry-pick uri security fix
[git.ikiwiki.info.git] / IkiWiki / Plugin / lockedit.pm
index f204e72c0052df303469c5970a4046c6ba96bd7f..010705c49a4fc460976b3239227c972d05d6df76 100644 (file)
@@ -3,7 +3,7 @@ package IkiWiki::Plugin::lockedit;
 
 use warnings;
 use strict;
-use IkiWiki;
+use IkiWiki 2.00;
 
 sub import { #{{{
        hook(type => "canedit", id => "lockedit", call => \&canedit);
@@ -20,10 +20,16 @@ sub canedit ($$) { #{{{
        return undef if defined $user && IkiWiki::is_admin($user);
 
        foreach my $admin (@{$config{adminuser}}) {
-               if (pagespec_match($page, IkiWiki::userinfo_get($admin, "locked_pages"), "")) {
-                       return sprintf(gettext("%s is locked by %s and cannot be edited"),
-                               htmllink("", "", $page, noimageinline => 1),
-                               IkiWiki::userlink($admin));
+               if (pagespec_match($page, IkiWiki::userinfo_get($admin, "locked_pages"))) {
+                       if (! defined $user ||
+                           ! IkiWiki::userinfo_get($session->param("name"), "regdate")) {
+                               return sub { IkiWiki::needsignin($cgi, $session) };
+                       }
+                       else {
+                               return sprintf(gettext("%s is locked by %s and cannot be edited"),
+                                       htmllink("", "", $page, noimageinline => 1),
+                                       IkiWiki::userlink($admin));
+                       }
                }
        }
 
@@ -40,7 +46,8 @@ sub formbuilder_setup (@) { #{{{
 
        if ($form->title eq "preferences") {
                $form->field(name => "locked_pages", size => 50,
-                       comment => "(".htmllink("", "", "PageSpec", noimageinline => 1).")");
+                       fieldset => "admin",
+                       comment => "(".htmllink("", "", "ikiwiki/PageSpec", noimageinline => 1).")");
                if (! IkiWiki::is_admin($user_name)) {
                        $form->field(name => "locked_pages", type => "hidden");
                }