# HG changeset patch # User Paul Boddie # Date 1318785524 -7200 # Node ID 7e7687892a5e32d7e70a1a383422bc47a0276904 # Parent cd9c2eb3f0c1f6c6255489ce11b82922f7f3239e Added user approval when approving their changes. Removed the obsolete secret key acquisition function in the library since page signing has not been done for several revisions. diff -r cd9c2eb3f0c1 -r 7e7687892a5e ApproveChangesSupport.py --- a/ApproveChangesSupport.py Sun Oct 16 17:57:55 2011 +0200 +++ b/ApproveChangesSupport.py Sun Oct 16 19:18:44 2011 +0200 @@ -12,17 +12,21 @@ default "PageReviewersGroup"). @copyright: 2011 by Paul Boddie + 2003-2007 MoinMoin:ThomasWaldmann, + 2003 by Gustavo Niemeyer @license: GNU GPL (v2 or later), see COPYING.txt for details. """ from MoinMoin import user from MoinMoin.Page import Page +from MoinMoin.PageEditor import PageEditor from MoinMoin.wikiutil import escape import re __version__ = "0.1" space_pattern = re.compile("(\s+)") +group_member_pattern = re.compile(ur'^ \* +(?:\[\[)?(?P.+?)(?:\]\])? *$', re.MULTILINE | re.UNICODE) def get_queued_changes_page(request): return getattr(request.cfg, "queued_changes_page", "ApprovalQueue") @@ -36,9 +40,6 @@ def get_queued_changes_user(request): return getattr(request.cfg, "queued_changes_user", "ApprovalQueueUser") -def get_secret_key(request): - return request.cfg.secrets["wikiutil/tickets"] - def is_reviewer(request): return request.user.valid and ( has_member(request, get_approved_editors_group(request), request.user.name) or \ @@ -46,9 +47,12 @@ def is_approved(request): return request.user.valid and ( - has_member(request, get_approved_editors_group(request), request.user.name) or \ + user_is_approved(request, request.user.name) or \ request.user.isSuperUser()) +def user_is_approved(request, username): + return has_member(request, get_approved_editors_group(request), username) + def is_queued_changes_user(request): return request.user.valid and request.user.name == get_queued_changes_user(request) @@ -168,6 +172,36 @@ return "\n".join(new_body), found +def add_to_group_page(request, username, groupname): + + """ + Using the 'request', add 'username' to 'groupname', changing the group page. + This is not the same as adding a member to the group, but it will have the + same effect when the group is rescanned. + """ + + _ = request.getText + + page = PageEditor(request, groupname) + body = page.get_raw_body() + match = None + + # Find the last matching span. + + for match in group_member_pattern.finditer(body): + start, end = match.span() + + # Add a group member to the body. + + entry = ("\n * %s" % username) + + if match: + body = body[:end] + entry + body[end:] + else: + body += entry + + page.saveText(body, 0, comment=_("Added %s to the approved editors group.") % username) + # Utility classes and associated functions. # NOTE: These are a subset of EventAggregatorSupport. diff -r cd9c2eb3f0c1 -r 7e7687892a5e actions/ApproveChanges.py --- a/actions/ApproveChanges.py Sun Oct 16 17:57:55 2011 +0200 +++ b/actions/ApproveChanges.py Sun Oct 16 19:18:44 2011 +0200 @@ -71,7 +71,12 @@ current_rev = target_page.current_rev() parent_rev = int(directives.get("parent-revision", current_rev)) + # Get the user who submitted the changes. + + username = directives.get("unapproved-user") + d = { + "approval_label" : escape(_("Make %s an approved user") % username), "buttons_html" : buttons_html, "prompt" : escape(_("Approve the displayed page version?")), "rev" : escattr(rev), @@ -92,6 +97,12 @@ %(notice)s ''' % d + if username and not user_is_approved(request, username): + html += ''' + + %(approval_label)s + ''' % d + html += ''' @@ -112,6 +123,7 @@ _ = self._ request = self.request + form = get_form(request) # Make sure that only suitably privileged users can perform this action. @@ -144,6 +156,15 @@ current_rev = target_page.current_rev() parent_rev = int(directives.get("parent-revision", current_rev)) + # Get the user who submitted the changes. + + username = directives.get("unapproved-user") + + # Approve the user if requested, regardless of what happens below. + + if username and form.get("approve", ["false"])[0] == "true": + add_to_group_page(request, username, get_approved_editors_group(request)) + # Where the parent revision differs from the current revision of the # page, attempt to merge the changes. @@ -187,7 +208,6 @@ # Switch user if a specific user was recorded. - username = directives.get("unapproved-user") if username: new_user = get_user(request, username) else: diff -r cd9c2eb3f0c1 -r 7e7687892a5e docs/COPYING.txt --- a/docs/COPYING.txt Sun Oct 16 17:57:55 2011 +0200 +++ b/docs/COPYING.txt Sun Oct 16 19:18:44 2011 +0200 @@ -3,6 +3,12 @@ Copyright (C) 2011 Paul Boddie +Group page parsing and manipulation involves code from the MoinMoin.wikidicts +module: + +Copyright (C) 2003-2007 MoinMoin:ThomasWaldmann +Copyright (C) 2003 by Gustavo Niemeyer + This software is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of diff -r cd9c2eb3f0c1 -r 7e7687892a5e to-do/approve-user.txt --- a/to-do/approve-user.txt Sun Oct 16 17:57:55 2011 +0200 +++ b/to-do/approve-user.txt Sun Oct 16 19:18:44 2011 +0200 @@ -1,3 +1,8 @@ -Permit the approval of users when approving their edits. The user will be added +Some testing around the immediate effect of approving users needs to be done. +The MoinMoin 1.8.x API allows users to be added to groups for immediate effect, +but the API in 1.9.x is more complicated. This may well affect mod_wsgi and +other "persistent server" deployments, not CGI. + +(Permit the approval of users when approving their edits. The user will be added to the ApprovedGroup if the reviewer indicates that they should henceforth be -considered as a trusted user in the Wiki. +considered as a trusted user in the Wiki.)