Beispiel #1
0
    def make_digest(self, wikitext):
        """
		Create a digest, suitable for use by the wikklytext.cache classes,
		for the given wikitext in this context (taking into account all
		uservars & sysvars since those affect rendering).
		"""
        from boodebr.util import makeSHA
        from wikklytext.serialize import utf8

        s = makeSHA()

        # account for all variables that can affect rendering.
        #
        # the user may have defined additional vars that affect how macros work,
        # but since macro results are not cached, that's OK.
        names = [
            '$BASE_URL', '$SITE_URL', '$REFLOW', '$TITLE', '$LINKS_NEW_WINDOW',
            '$FS_CWD'
        ]

        names.sort()

        for name in names:
            s.update(utf8(u'%s:%s' % (name, self.var_get_text(name))))

        s.update('%s' % str(self.restricted_mode))

        # add in wikitext itself
        s.update(utf8(wikitext))
        return s.hexdigest()
Beispiel #2
0
	def make_digest(self, wikitext):
		"""
		Create a digest, suitable for use by the wikklytext.cache classes,
		for the given wikitext in this context (taking into account all
		uservars & sysvars since those affect rendering).
		"""
		from boodebr.util import makeSHA
		from wikklytext.serialize import utf8

		s = makeSHA()
		
		# account for all variables that can affect rendering.
		#
		# the user may have defined additional vars that affect how macros work,
		# but since macro results are not cached, that's OK.
		names = ['$BASE_URL', '$SITE_URL', '$REFLOW', '$TITLE', '$LINKS_NEW_WINDOW',
				'$FS_CWD']
		
		names.sort()

		for name in names:
			s.update(utf8(u'%s:%s' % (name,self.var_get_text(name))))
			
		s.update('%s' % str(self.restricted_mode))
		
		# add in wikitext itself
		s.update(utf8(wikitext))
		return s.hexdigest()
Beispiel #3
0
	def user_check_password(self, UID, password):
		"""
		Check a users password (given plaintext password).
		
		Returns True if matches, False if not.
		"""		
		s = self.userdb.get_str(USERDBKEY+'/'+UID, 'pwdhash', None)
		if s is None:
			return False # no such user
			
		return makeSHA(password).hexdigest() == s
Beispiel #4
0
	def user_create(self, UID, username, email, can_login, password, safe_mode):
		"""
		Create a new user:
			UID: UID for user:
			       Pass "0" for superuser.
				   For normal users, this can be any other string.
				   In a multiuser/multithreaded setting, it is strongly recommended that
				   you generate UIDs with boodebr.util.guid.makeGUID().
				   In a single-threaded setting, you can pass anything for UID,
				   just make sure it is not already used (with user_valid_UID()).
			username: User name
			email: Email address
			can_login: True/False - is this user allowed to login?
			password: Plaintext password (only used if can_login is True)
			safe_mode: True/False if this user's content should be
			           rendered in safe mode.
					   
		Returns True if created OK.
		Returns False if not (username already exists).
		"""
		# The code below tries to not create a duplicate username, but
		# it could still be possible in a race condition. However, the two users 
		# will still have separate UIDs, so its just an issue on how they log in.
		
		# check before creating
		if self.user_exists(username):
			return False
		
		self.userdb.set_str(USERDBKEY+'/'+UID, 'username', username)
		self.userdb.set_str(USERDBKEY+'/'+UID, 'email', email)
		
		if can_login:
			self.userdb.set_str(USERDBKEY+'/'+UID, 'pwdhash', makeSHA(password).hexdigest())
		else: # set to impossible hash value to prevent user from logging in
			self.userdb.set_str(USERDBKEY+'/'+UID, 'pwdhash', '')
			
		self.userdb.set_bool(USERDBKEY+'/'+UID, 'safe_mode', safe_mode)

		# check again after creating
		if len(self.user_getUIDs(username)) > 1:
			# >1 UID with my username; delete self and try again
			self.userdb.delete_path(USERDBKEY, UID)
			return False
			
		# created OK
		return True
Beispiel #5
0
	def digest(self, extra=''):
		"""
		Generate and return a hexdigest (string) for item. Includes all metadata.
		
		Caller can pass 'extra' string to include any other metadata that
		needs to be including in digest. ('extra' must be a bytestring)
		"""
		from boodebr.util import makeSHA
		d = makeSHA()
		d.update(extra)
		d.update(self.name.encode('utf-8'))
		d.update(self.author.encode('utf-8'))
		d.update(self.ctime.to_store())
		d.update(self.mtime.to_store())
		d.update(u''.join(self.tags).encode('utf-8'))		
		d.update(self.content.encode('utf-8'))
		d.update(self.content_type.encode('utf-8'))
		d.update(str(self.revision).encode('utf-8'))
		return d.hexdigest()
Beispiel #6
0
	def user_set_password(self, UID, password):
		"Set user's password to given (cleartext) password."		
		self.userdb.set_str(USERDBKEY+'/'+UID, 'pwdhash', makeSHA(password).hexdigest())