Widelands Website

Merge lp:~widelands-dev/widelands-website/wiki_no_delete into lp:widelands-website

  1. wiki_no_delete
  2. Merge into trunk
Proposed by kaputtnik
Status: Merged
Merged at revision: 478
Proposed branch: lp:~widelands-dev/widelands-website/wiki_no_delete
Merge into: lp:widelands-website
Diff against target: 94 lines (+28/-4)
4 files modified
mainpage/admin.py (+12/-0)
wiki/admin.py (+2/-0)
wiki/models.py (+1/-0)
wiki/views.py (+13/-4)
To merge this branch: bzr merge lp:~widelands-dev/widelands-website/wiki_no_delete
Reviewer Review Type Date Requested Status
GunChleoc Approve
Review via email: mp+334639@code.launchpad.net

Description of the change

Prevent deleting of wiki articles over the admin page by:

1. Disable the 'Action' selection box in https://wl.widelands.org/admin/wiki/article/
2. Remove permission 'delete' for model Article. This removes the 'Delete' button from the admin page detail view of an article. This change do not apply to users who already had the permission (the permission get not removed from the django model user_user_permission). To remove the permission from users who have this permission formerly, i have added the Django permission model to the admins interface. Deleting the permission over the admin will make sure Djangos orm is used.

Additionally:
1. Serve a HTTP404 if an article isn't found in backlinks view to prevent server errors
2. Reworked the logic of backlinks, because it didn't worked correct under some circumstances, e.g. if a copied url from browsers addressbar contain percent encoding and is pasted into the article. E.g. [[ Go back to main page | Main%20Page ]]

To post a comment you must log in.
Revision history for this message
GunChleoc (gunchleoc) wrote :

LGTM - we can always do the more fancy stuff later

review: Approve
Revision history for this message
kaputtnik (franku) wrote :

Yes :-)

merged and deployed

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file 'mainpage/admin.py'
2--- mainpage/admin.py 1970-01-01 00:00:00 +0000
3+++ mainpage/admin.py 2017-12-03 12:34:33 +0000
4@@ -0,0 +1,12 @@
5+#!/usr/bin/env python
6+# -*- coding: utf-8 -*-
7+
8+"""Get acces to additional models which are not set by Django by default.
9+
10+So Djangos orm is used when changing things, e.g. delete a permission.
11+
12+"""
13+
14+from django.contrib import admin
15+from django.contrib.auth.models import Permission
16+admin.site.register(Permission)
17
18=== modified file 'wiki/admin.py'
19--- wiki/admin.py 2016-12-19 07:33:38 +0000
20+++ wiki/admin.py 2017-12-03 12:34:33 +0000
21@@ -14,6 +14,8 @@
22
23
24 class ArticleAdmin(admin.ModelAdmin):
25+ # Do not show 'Action' to prevent deleting:
26+ actions = None
27 search_fields = ['title']
28 list_display = ('title', 'creator', 'last_update',)
29 list_filter = ('title',)
30
31=== modified file 'wiki/models.py'
32--- wiki/models.py 2017-09-12 18:04:34 +0000
33+++ wiki/models.py 2017-12-03 12:34:33 +0000
34@@ -70,6 +70,7 @@
35 verbose_name = _(u'Article')
36 verbose_name_plural = _(u'Articles')
37 app_label = 'wiki'
38+ default_permissions = ('change', 'add',)
39
40 def get_absolute_url(self):
41 if self.group is None:
42
43=== modified file 'wiki/views.py'
44--- wiki/views.py 2017-02-24 19:15:17 +0000
45+++ wiki/views.py 2017-12-03 12:34:33 +0000
46@@ -21,6 +21,7 @@
47
48 from wl_utils import get_real_ip
49 import re
50+import urllib
51
52 # Settings
53 # lock duration in minutes
54@@ -632,14 +633,19 @@
55 """
56
57 # Find old title(s) of this article
58- this_article = Article.objects.get(title=title)
59+ this_article = get_object_or_404(Article, title=title)
60 changesets = this_article.changeset_set.all()
61 old_titles = []
62 for cs in changesets:
63 if cs.old_title and cs.old_title != title and cs.old_title not in old_titles:
64 old_titles.append(cs.old_title)
65
66- search_title = [re.compile(r"\[\[\s*%s\s*\]\]" % title)]
67+ # Search for semantic wiki links. The regexpr was copied from there
68+ # and slightly modified
69+ search_title = [re.compile(r"\[\[\s*(%s)/?\s*(\|\s*.+?\s*)?\]\]" % title)]
70+
71+ # Search for links in MarkDown syntax, like [Foo](wiki/FooBar)
72+ # The regexpr matches the title between '/' and ')'
73 search_title.append(re.compile(r"\/%s\)" % title))
74
75 # Search for current and previous titles
76@@ -648,13 +654,16 @@
77 articles_all = Article.objects.all().exclude(title=title)
78 for article in articles_all:
79 for regexp in search_title:
80- match = regexp.search(article.content)
81+ # Need to unqoute the content to match
82+ # e.g. [[ Back | Title%20of%20Page ]]
83+ match = regexp.search(urllib.unquote(article.content))
84 if match:
85 found_links.append({'title': article.title})
86
87 for old_title in old_titles:
88 if old_title in article.content:
89- found_old_links.append({'old_title': old_title, 'title': article.title })
90+ found_old_links.append(
91+ {'old_title': old_title, 'title': article.title })
92
93 context = {'found_links': found_links,
94 'found_old_links': found_old_links,

Subscribers

People subscribed via source and target branches