--- a/MoinMoin/security/__init__.py 2010-02-28 16:28:46.000000000 +0100 +++ b/MoinMoin/security/__init__.py 2010-06-03 18:10:16.000000000 +0200 @@ -24,6 +24,12 @@ from MoinMoin import wikiutil, user from MoinMoin.Page import Page +### HACK SAUVAGE 1/5 +import sys +sys.path.append('/usr/scripts/gestion/') +from iptools import is_crans +### FIN HACK 1/5 + ############################################################################# ### Basic Permissions Interface -- most features enabled by default ############################################################################# @@ -251,7 +257,10 @@ Default: ["read", "write", "delete", "admin"] ''' - special_users = ["All", "Known", "Trusted"] # order is important + #special_users = ["All", "Known", "Trusted"] # order is important + ### HACK SAUVAGE 2/5 + special_users = ["All", "Known", "Trusted", "Crans", "NoCrans"] # order is important + ### FIN HACK 2/5 def __init__(self, cfg, lines=[]): """Initialize an ACL, starting from . @@ -343,6 +352,10 @@ return acl_lines def _special_All(self, request, name, dowhat, rightsdict): + ### HACK SAUVAGE 3/5 + if dowhat == "read" and is_page_public(request): + return True + ### FIN HACK 3/5 return rightsdict.get(dowhat) def _special_Known(self, request, name, dowhat, rightsdict): @@ -365,6 +378,29 @@ return rightsdict.get(dowhat) return None + ### HACK SAUVAGE 4/5 + def _requete_interne(self, request): + try: + if is_crans(request.remote_addr): + return True + except: + pass + + return False + + def _special_Crans(self, request, name, dowhat, rightsdict): + if self._requete_interne(request): + return rightsdict.get(dowhat) + return None + + def _special_NoCrans(self, request, name, dowhat, rightsdict): + if dowhat == "read" and is_page_public(request): + return True + if not self._requete_interne(request): + return rightsdict.get(dowhat) + return None + ### FIN HACK 4/5 + def __eq__(self, other): return self.acl_lines == other.acl_lines @@ -456,3 +492,9 @@ pi, dummy = wikiutil.get_processing_instructions(text) acl_lines = [args for verb, args in pi if verb == 'acl'] return AccessControlList(request.cfg, acl_lines) + +### HACK SAUVAGE 5/5 +def is_page_public(request): + ## On recherche si la page est publique + return u'Cat\xe9goriePagePublique' in request.page.getCategories(request) +### FIN HACK 5/5 --- a/MoinMoin/Page.py 2010-02-28 16:28:45.000000000 +0100 +++ b/MoinMoin/Page.py 2010-06-03 18:07:14.000000000 +0200 @@ -1082,8 +1082,10 @@ if emit_headers: request.content_type = "%s; charset=%s" % (self.output_mimetype, self.output_charset) if page_exists: - if not request.user.may.read(self.page_name): + ### HACK SAUVAGE 1/2 + if not request.user.may.read(self.page_name) and not request.mode_getpagelinks: request.status_code = 403 + ### FIN HACK 1/2 else: request.status_code = 200 if not request.cacheable: @@ -1177,8 +1179,10 @@ if not send_special: if not page_exists and not body: special = 'missing' - elif not request.user.may.read(self.page_name): + ### HACK SAUVAGE 2/2 + elif not request.user.may.read(self.page_name) and not request.mode_getpagelinks: special = 'denied' + ### FIN HACK 2/2 # if we have a special page, output it, unless # - we should only output content (this is for say the pagelinks formatter)