def _fully_handle_blueprint_post(request, prefix, pagename): if not is_legal_wiki_pagename(prefix, pagename): raise Http404 check_edit_permission(request, prefix, pagename) response = handle_blueprint_post(request) if isinstance(response, SuccessfulEditRedirect): page, page_created = WikiPage.objects.get_or_create(name=join_pagename(prefix, pagename)) return _handle_successful_wikiedit(request, response, page) return response
def creation_view(request, page_type): try: view_func = registered_creation_views[page_type] except KeyError: raise Http404 response = view_func(request) if "target" in request.GET: try: target = split_pagename(request.GET["target"]) except WikiPrefixNotProvided: raise Http404 if not is_legal_wiki_pagename(*target): raise Http404 check_edit_permission(request, *target) if "target" in request.GET and isinstance(response, SuccessfulEditRedirect): page, page_created = WikiPage.objects.get_or_create(name=join_pagename(*target)) return _handle_successful_wikiedit(request, response, page) return response
def view_wikipage(request, prefix, pagename): """Used for pages represented by a WikiPage""" if not is_legal_wiki_pagename(prefix, pagename): raise Http404 if request.method == 'POST' and not request.GET.get('view', None): return _fully_handle_blueprint_post(request, prefix, pagename) name = join_pagename(prefix, pagename) try: page = WikiPage.objects.get(name=name) except WikiPage.DoesNotExist: page = None if page: if "oldid" in request.GET: try: revision = WikiRevision.objects.get(id=request.GET["oldid"], page=page) except (ValueError, WikiRevision.DoesNotExist): return query_string_not_found(request) if not revision.urn: return query_string_not_found(request) else: revision = page.get_latest_revision() else: revision = None if revision is None and getattr(settings, "DUCTUS_WIKI_REMOTE", None): # See if DUCTUS_WIKI_REMOTE has the page try: remote_url = "%s%s?view=urn" % (settings.DUCTUS_WIKI_REMOTE, iri_to_uri(urlquote(u'%s/%s' % (prefix, pagename)))) remote_urn = json.loads(urlopen(remote_url).read(1000))["urn"] # we never actually save this WikiPage or WikiRevision to the database if page is None: page, page_created = WikiPage.objects.get_or_create(name=name) revision = WikiRevision(page=page, urn=remote_urn[4:]) except urllib2_HTTPError: pass if revision and revision.urn: urn = 'urn:' + revision.urn else: urn = None if request.GET.get('view', None) == 'urn': if revision: return render_json_response({"urn": urn}) response = None if urn: response = main_document_view(request, urn, page, revision) if isinstance(response, SuccessfulEditRedirect): return _handle_successful_wikiedit(request, response, page) response["X-Ductus-URN"] = urn else: requested_view = request.GET.get("view", None) request.ductus = DuctusRequestInfo(None, requested_view, page, revision) if requested_view: f = registered_views[None].get(requested_view, None) if f and f.meets_requirements(request.ductus): response = f(request) if response is None: response = new_wikipage(request, prefix, pagename) # wikipage urls expire immediately since they can frequently be edited patch_response_headers(response, cache_timeout=0) patch_cache_control(response, must_revalidate=True) return response
def test_legal_wiki_pagename(): assert not is_legal_wiki_pagename('en', None) assert is_legal_wiki_pagename('en', 'somepage') assert is_legal_wiki_pagename('en', 'somepage_with_underscores') assert is_legal_wiki_pagename('en', 'somepage/with/slashes') assert not is_legal_wiki_pagename('en', 'somepage with spaces') assert not is_legal_wiki_pagename('en', 'somepage_') assert not is_legal_wiki_pagename('en', '_somepage') assert not is_legal_wiki_pagename('en', '/somepage') assert not is_legal_wiki_pagename('en', 'somepage/') assert not is_legal_wiki_pagename('en', 'some__page') assert not is_legal_wiki_pagename('en', '//somepage') assert is_legal_wiki_pagename('user', 'someuser/somepage') assert is_legal_wiki_pagename('user', 'someuser') assert not is_legal_wiki_pagename('user', '/someuser') assert is_legal_wiki_pagename('group', 'somegroup/somepage') assert is_legal_wiki_pagename('group', 'somegroup') assert not is_legal_wiki_pagename('group', 'somegroup//somepage')