This patch is considerably improved over my first effort. In this version, I have properly supported configuring a wiki web, using edit_web, to require a username independently of requiring a password. See the attached patch, relative to 0.10.2.
Also, config/environments/production.rb is patched to use the environment variable INSTIKILOG as the log file if it is set.
Finally, I have also attached an init script.
Some notes about this script:
I would have preferred to use a pid file, but Instiki doesn't create one in --daemon mode, and start-stop-daemon --make-pidfile --background is an ugly hack, so --user was much easier.
To use this init script, I assume you have put unpacked the instiki tarball in /opt/instiki/ and have created an instiki user, e.g.
adduser --system --group instiki --home /var/lib/instiki --shell /bin/sh
You're also on your own for log rollover. I have a script external to the system that triggers a nightly backup of the wiki and log rollver, pulling off the files across the network to another system. Most people will probably want to use logrotate instead.
I would have liked to refine this manual setup and this init script into a proper package, but there are Debian packaging issues to address here that are larger than I have time to solve.
I have tested this init script on Ubuntu "breezy", but it should work just as well on most Debian systems, provided the system has a compatible version of ruby, since the only other dependency is the self-contained instiki 0.10.2 tarball (and therein lies most of the difficulty of packaging: I'd have to make it play nice with the current version of ruby + rails on each target distribution).
Ben
diff -ru instiki.orig/app/controllers/admin_controller.rb instiki.new/app/controllers/admin_controller.rb
--- instiki.orig/app/controllers/admin_controller.rb 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/controllers/admin_controller.rb 2006-01-23 16:16:02.000000000 -0400
@@ -58,6 +58,7 @@
@params['color'], @params['additional_style'],
@params['safe_mode'] ? true : false,
@params['password'].empty? ? nil : @params['password'],
+ @params['username_required'] ? true : false,
@params['published'] ? true : false,
@params['brackets_only'] ? true : false,
@params['count_pages'] ? true : false,
diff -ru instiki.orig/app/controllers/application.rb instiki.new/app/controllers/application.rb
--- instiki.orig/app/controllers/application.rb 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/controllers/application.rb 2006-01-24 09:31:10.000000000 -0400
@@ -22,9 +22,10 @@
def authorized?
@web.nil? ||
- @web.password.nil? ||
+ author_check(@author) &&
+ (@web.password.nil? ||
cookies['web_address'] == @web.password ||
- password_check(@params['password'])
+ password_check(@params['password']) )
end
def check_authorization
@@ -47,6 +48,7 @@
end
@page_name = @file_name = @params['id']
@page = @wiki.read_page(@web_name, @page_name) unless @page_name.nil?
+ cookies['author'] = @params['author'] if @params['author']
@author = cookies['author'] || 'AnonymousCoward'
check_authorization
end
@@ -87,6 +89,26 @@
end
end
+ def author_check(author)
+ if @web.username_required
+ if author.nil? or author.empty? or author == 'AnonymousCoward'
+ false
+ else
+ true
+ end
+ else
+ true
+ end
+ end
+
+ def author_error(author)
+ if author.nil? or author.empty?
+ 'Please enter a username.'
+ else
+ "You entered an invalid username: #{author}. Please enter a valid username."
+ end
+ end
+
def redirect_home(web = @web_name)
if web
redirect_to_page('HomePage', web)
diff -ru instiki.orig/app/controllers/wiki_controller.rb instiki.new/app/controllers/wiki_controller.rb
--- instiki.orig/app/controllers/wiki_controller.rb 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/controllers/wiki_controller.rb 2006-01-24 09:33:47.000000000 -0400
@@ -23,7 +23,12 @@
def authenticate
if password_check(@params['password'])
- redirect_home
+ if author_check(@params['author'])
+ redirect_home
+ else
+ flash[:info] = author_error(@params['author'])
+ redirect_to :action => 'login', :web => @web_name
+ end
else
flash[:info] = password_error(@params['password'])
redirect_to :action => 'login', :web => @web_name
diff -ru instiki.orig/app/models/web.rb instiki.new/app/models/web.rb
--- instiki.orig/app/models/web.rb 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/models/web.rb 2006-01-23 11:16:41.000000000 -0400
@@ -6,7 +6,7 @@
class Web
attr_accessor :name, :password, :safe_mode, :pages
- attr_accessor :additional_style, :allow_uploads, :published
+ attr_accessor :additional_style, :allow_uploads, :published, :username_required
attr_reader :address
# there are getters for all these attributes, too
@@ -22,6 +22,7 @@
@allow_uploads = true
@additional_style = nil
@published = false
+ @username_required = false
@count_pages = false
@allow_uploads = true
end
diff -ru instiki.orig/app/models/wiki_service.rb instiki.new/app/models/wiki_service.rb
--- instiki.orig/app/models/wiki_service.rb 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/models/wiki_service.rb 2006-01-23 11:44:10.000000000 -0400
@@ -39,7 +39,7 @@
end
def edit_web(old_address, new_address, name, markup, color, additional_style, safe_mode = false,
- password = nil, published = false, brackets_only = false, count_pages = false,
+ password = nil, username_required = false, published = false, brackets_only = false, count_pages = false,
allow_uploads = true, max_upload_size = nil)
if not @webs.key? old_address
@@ -61,8 +61,8 @@
web.name, web.markup, web.color, web.additional_style, web.safe_mode =
name, markup, color, additional_style, safe_mode
- web.password, web.published, web.brackets_only, web.count_pages =
- password, published, brackets_only, count_pages, allow_uploads
+ web.password, web.username_required, web.published, web.brackets_only, web.count_pages =
+ password, username_required, published, brackets_only, count_pages, allow_uploads
web.allow_uploads, web.max_upload_size = allow_uploads, max_upload_size.to_i
end
diff -ru instiki.orig/app/views/admin/edit_web.rhtml instiki.new/app/views/admin/edit_web.rhtml
--- instiki.orig/app/views/admin/edit_web.rhtml 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/views/admin/edit_web.rhtml 2006-01-23 11:36:28.000000000 -0400
@@ -92,6 +92,18 @@
value="<%= @web.password %>" name="password_check" />
</div>
+ <h2 style="margin-bottom: 3px">Require username to use this web (<%= @web.name %>)</h2>
+ <div class="help">
+ You can require that every user enters a username to use this web.
+ The user will be asked to enter a username to login before the web can be viewed or
+ edited. The username will be remembered for the duration of the session and cannot
+ be changed until the session ends.
+ </div>
+ <div class="inputBox">
+ <input type="checkbox" name="username_required" <%= 'checked="on"' if @web.username_required %> />
+ Require username to use this web
+ </div>
+
<h2 style="margin-bottom: 3px">Publish read-only version of this web (<%= @web.name %>)</h2>
<div class="help">
You can turn on a read-only version of this web that's accessible even when the regular web
diff -ru instiki.orig/app/views/wiki/edit.rhtml instiki.new/app/views/wiki/edit.rhtml
--- instiki.orig/app/views/wiki/edit.rhtml 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/views/wiki/edit.rhtml 2006-01-23 11:26:11.000000000 -0400
@@ -18,8 +18,13 @@
</p>
<p>
<input type="submit" value="Submit" accesskey="s"/> as
- <input type="text" name="author" id="authorName" value="<%= @author %>"
- onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <% if @web.username_required %>
+ <%= @author %>
+ <input type="hidden" name="author" id="authorName" value="<%= @author %>" />
+ <% else %>
+ <input type="text" name="author" id="authorName" value="<%= @author %>"
+ onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <% end %>
|
<%= link_to('Cancel', {:web => @web.address, :action => 'cancel_edit', :id => @page.name},
{:accesskey => 'c'})
diff -ru instiki.orig/app/views/wiki/login.rhtml instiki.new/app/views/wiki/login.rhtml
--- instiki.orig/app/views/wiki/login.rhtml 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/views/wiki/login.rhtml 2006-01-19 09:50:39.000000000 -0400
@@ -4,11 +4,14 @@
<%= form_tag({ :controller => 'wiki', :action => 'authenticate', :web => @web.address},
{ 'name' => 'loginForm', 'id' => 'loginForm', 'method' => 'post'})
%>
+ <b>Username</b><br />
+ <input type="author" name="author" id="author" /><br />
<b>Password</b><br />
- <input type="password" name="password" id="password" default="yes" />
+ <input type="password" name="password" id="password" /><br />
+ <input type="submit" name="login" id="login" value="Login" default="yes" />
<%= end_form_tag %>
</p>
<script language="JavaScript">
- document.forms["loginForm"].elements["password"].focus();
+ document.forms["loginForm"].elements["author"].focus();
</script>
diff -ru instiki.orig/app/views/wiki/new.rhtml instiki.new/app/views/wiki/new.rhtml
--- instiki.orig/app/views/wiki/new.rhtml 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/views/wiki/new.rhtml 2006-01-23 11:25:46.000000000 -0400
@@ -17,8 +17,14 @@
<textarea name="content" style="width: 450px; height: 500px"><%= h(@flash[:content] || '') %></textarea>
</p>
<p>
- <input type="submit" value="Submit" accesskey="s"/> as
- <input type="text" name="author" id="authorName" value="<%= @author %>" onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <input type="submit" value="Submit" accesskey="s"/> as
+ <% if @web.username_required %>
+ <%= @author %>
+ <input type="hidden" name="author" id="authorName" value="<%= @author %>" />
+ <% else %>
+ <input type="text" name="author" id="authorName" value="<%= @author %>"
+ onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <% end %>
</p>
<%= end_form_tag %>
diff -ru instiki.orig/app/views/wiki/rollback.rhtml instiki.new/app/views/wiki/rollback.rhtml
--- instiki.orig/app/views/wiki/rollback.rhtml 2006-01-24 09:47:20.000000000 -0400
+++ instiki.new/app/views/wiki/rollback.rhtml 2006-01-23 11:26:35.000000000 -0400
@@ -14,8 +14,13 @@
</p>
<p>
<input type="submit" value="Update" accesskey="u" /> as
- <input type="text" name="author" id="authorName" value="<%= @author %>"
- onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <% if @web.username_required %>
+ <%= @author %>
+ <input type="hidden" name="author" id="authorName" value="<%= @author %>" />
+ <% else %>
+ <input type="text" name="author" id="authorName" value="<%= @author %>"
+ onClick="this.value == 'AnonymousCoward' ? this.value = '' : true" />
+ <% end %>
|
<% link_to('Cancel',
{:web => @web.address, :action => 'cancel_edit', :id => @page.name},
diff -ru instiki.orig/config/environments/production.rb instiki.new/config/environments/production.rb
--- instiki.orig/config/environments/production.rb 2006-01-24 09:47:21.000000000 -0400
+++ instiki.new/config/environments/production.rb 2006-01-23 13:17:16.000000000 -0400
@@ -1,4 +1,4 @@
Dependencies.mechanism = :require
ActionController::Base.consider_all_requests_local = false
ActionController::Base.perform_caching = false
-
+ActionController::Base.logger = Logger.new(ENV["INSTIKILOG"]) unless ENV["INSTIKILOG"].nil?
instiki
Description: application/shellscript
_______________________________________________ Instiki-users mailing list [email protected] http://rubyforge.org/mailman/listinfo/instiki-users
