wiki.ohea.xyz/gollum
10
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Merge pull request #990 from repotag/issue940

Browse Source 
Block on no-edit without using middleware
This commit is contained in:
Dawa Ometto
2015-04-03 17:32:20 +02:00
parent 9d0986f1ca 21bb1efb46
commit 6d33687866
2 changed files with 4 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/gollum/app.rb
+4 -6
View File
@@ -13,8 +13,6 @@ require 'gollum/views/has_page'
require File.expand_path '../helpers', __FILE__ require File.expand_path '../helpers', __FILE__
require 'gollum/editing_auth'
#required to upload bigger binary files #required to upload bigger binary files
Gollum::set_git_timeout(120) Gollum::set_git_timeout(120)
Gollum::set_git_max_filesize(190 * 10**6) Gollum::set_git_max_filesize(190 * 10**6)
@@ -51,8 +49,7 @@ module Precious
class App < Sinatra::Base class App < Sinatra::Base
register Mustache::Sinatra register Mustache::Sinatra
include Precious::Helpers include Precious::Helpers
use Precious::EditingAuth
dir = File.dirname(File.expand_path(__FILE__)) dir = File.dirname(File.expand_path(__FILE__))
# Detect unsupported browsers. # Detect unsupported browsers.
@@ -96,6 +93,9 @@ module Precious
end end
before do before do
settings.wiki_options[:allow_editing] = settings.wiki_options.fetch(:allow_editing, true)
@allow_editing = settings.wiki_options[:allow_editing]
forbid unless @allow_editing || request.request_method == "GET"
Precious::App.set(:mustache, {:templates => settings.wiki_options[:template_dir]}) if settings.wiki_options[:template_dir] Precious::App.set(:mustache, {:templates => settings.wiki_options[:template_dir]}) if settings.wiki_options[:template_dir]
@base_url = url('/', false).chomp('/') @base_url = url('/', false).chomp('/')
# above will detect base_path when it's used with map in a config.ru # above will detect base_path when it's used with map in a config.ru
@@ -103,8 +103,6 @@ module Precious
@css = settings.wiki_options[:css] @css = settings.wiki_options[:css]
@js = settings.wiki_options[:js] @js = settings.wiki_options[:js]
@mathjax_config = settings.wiki_options[:mathjax_config] @mathjax_config = settings.wiki_options[:mathjax_config]
settings.wiki_options[:allow_editing] = settings.wiki_options.fetch(:allow_editing, true)
@allow_editing = settings.wiki_options[:allow_editing]
end end
get '/' do get '/' do
lib/gollum/editing_auth.rb
-34
View File
@@ -1,34 +0,0 @@
module Precious
class EditingAuth < Sinatra::Base
def initialize(app)
@app = app
end
def call(env)
@env = env
# Blocks all potentially editable pages. Use EditingAuth::whitelist_pages to unblock pages.
unless (env["REQUEST_METHOD"] == "GET") || @app.settings.wiki_options[:allow_editing]
return block unless excluded_page?
end
@app.call(env)
end
def block
[403, {'Content-Type' => 'text/html', 'Content-Length' => '9'}, ['Forbidden']]
end
def excluded_page?
return false if env["REQUEST_PATH"].nil?
whitelist_pages.any? do |whitelisted_page|
env["REQUEST_PATH"].include? whitelisted_page
end
end
private
# List pages paths as str that you want to whitelist.
# Pages will be compared with env["REQUEST_PATH"] using String::include? method.
def whitelist_pages
return ["/compare/"]
end
end
end