Mercurial > wikked

comparison wikked/webimpl/edit.py @ 451:6cd51ea6dfcf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: Rewrite permission system and improve support for it. - More proper ACL model for permissions. - Page-level ACL is only specified locally, not inherited anymore. - Protect more API and UI routes with permission checks. - Improve error handling and error pages.
author Ludovic Chabant <ludovic@chabant.com>
date Sun, 07 Jan 2018 11:11:04 -0800
parents 8ca8c2713c92
children faa4c8467291
comparison
equal deleted inserted replaced
450:ab47d3cf5e1e 451:6cd51ea6dfcf
5 from wikked.page import Page, PageData 5 from wikked.page import Page, PageData
6 from wikked.formatter import PageFormatter, FormattingContext 6 from wikked.formatter import PageFormatter, FormattingContext
7 from wikked.resolver import PageResolver 7 from wikked.resolver import PageResolver
8 from wikked.utils import PageNotFoundError 8 from wikked.utils import PageNotFoundError
9 from wikked.webimpl import ( 9 from wikked.webimpl import (
10 CHECK_FOR_WRITE,
11 get_page_or_raise, get_page_meta, make_page_title) 10 get_page_or_raise, get_page_meta, make_page_title)
12 11
13 12
14 logger = logging.getLogger(__name__) 13 logger = logging.getLogger(__name__)
15 14
44 43
45 def get_edit_page(wiki, user, url, author=None, custom_data=None): 44 def get_edit_page(wiki, user, url, author=None, custom_data=None):
46 page = None 45 page = None
47 try: 46 try:
48 page = get_page_or_raise(wiki, url, 47 page = get_page_or_raise(wiki, url,
49 check_perms=(user, CHECK_FOR_WRITE)) 48 check_perms=(user, 'edit'))
50 except PageNotFoundError: 49 except PageNotFoundError:
51 # Only catch errors about the page not existing. Permission 50 # Only catch errors about the page not existing. Permission
52 # errors still go through. 51 # errors still go through.
53 page = None 52 page = None
54 53
78 77
79 78
80 def do_edit_page(wiki, user, url, text, author=None, message=None): 79 def do_edit_page(wiki, user, url, text, author=None, message=None):
81 try: 80 try:
82 get_page_or_raise(wiki, url, 81 get_page_or_raise(wiki, url,
83 check_perms=(user, CHECK_FOR_WRITE)) 82 check_perms=(user, 'edit'))
84 except PageNotFoundError: 83 except PageNotFoundError:
85 # Only catch errors about the page not existing. Permission 84 # Only catch errors about the page not existing. Permission
86 # errors still go through. 85 # errors still go through.
87 pass 86 pass
88 87