From ec301e9b3cd1ae3a2bbdd71a9a480bfab6c0ca94 Mon Sep 17 00:00:00 2001 From: Matthias Andreas Benkard Date: Fri, 25 Nov 2011 11:27:38 +0100 Subject: Require authentication on wiki access. --- src/mulk/benki/auth.clj | 2 +- src/mulk/benki/main.clj | 3 +- src/mulk/benki/util.clj | 15 ++++++++- src/mulk/benki/wiki.clj | 89 ++++++++++++++++++++++--------------------------- 4 files changed, 57 insertions(+), 52 deletions(-) diff --git a/src/mulk/benki/auth.clj b/src/mulk/benki/auth.clj index 70662f8..cadd901 100644 --- a/src/mulk/benki/auth.clj +++ b/src/mulk/benki/auth.clj @@ -23,7 +23,7 @@ {:status 302, :headers {"Location" x}, :body ""}) -(defpartial return-from-openid-provider [] +(defn return-from-openid-provider [] (let [parlist (ParameterList. (:query-params (request/ring-request))) discovered (session/get :discovered) ;; Does the following work for POST requests? diff --git a/src/mulk/benki/main.clj b/src/mulk/benki/main.clj index 2448030..96faadb 100644 --- a/src/mulk/benki/main.clj +++ b/src/mulk/benki/main.clj @@ -6,7 +6,8 @@ [mulk.benki util]) (:require [noir server options] [mulk.benki wiki auth] - [ring.middleware.file])) + [ring.middleware.file] + [noir.session :as session])) (defn wrap-utf-8 [handler] diff --git a/src/mulk/benki/util.clj b/src/mulk/benki/util.clj index ea8ceae..fd2e353 100644 --- a/src/mulk/benki/util.clj +++ b/src/mulk/benki/util.clj @@ -2,7 +2,10 @@ (:refer-clojure) (:use [hiccup core page-helpers] [clojure.core.match.core :only [match]] - noir.core)) + noir.core) + (:require [noir.session :as session] + [noir.request :as request] + [noir.response :as response])) (def fmt clojure.pprint/cl-format) @@ -46,3 +49,13 @@ (defn link [& args] (match [(vec args)] [[:wiki title & xs]] (fresolve "/wiki/~a~@[~a~]" title (first xs)))) + +(defn call-with-auth [thunk] + (println (request/ring-request)) + (if (session/get :user) + (thunk) + (do (session/flash-put! (:uri (request/ring-request))) + (response/redirect "/login")))) + +(defmacro with-auth [& body] + `(call-with-auth (fn [] ~@body))) diff --git a/src/mulk/benki/wiki.clj b/src/mulk/benki/wiki.clj index d848c04..40a7a03 100644 --- a/src/mulk/benki/wiki.clj +++ b/src/mulk/benki/wiki.clj @@ -50,57 +50,48 @@ (response/redirect "/wiki/Home")) (defpage "/wiki/:title" {title :title, revision-id :revision} - (let [revisions-with-title (-> page_revisions - (select (where (=* :title title))) - (sort [:date#desc])) - revision (if revision-id - (with-dbt (first @(select page_revisions - (where (=* :id (Integer/parseInt revision-id)))))) - (with-dbt (first @revisions-with-title)))] - (layout (fmt nil "~A — Benki~@[/~A~] " title revision-id) - (if revision - [:div#wiki-page-content (wikilinkify (:content revision))] - [:div#wiki-page-content [:p "This page does not exist yet."]]) - [:hr] - [:div#wiki-page-footer {:style "text-align: right"} - [:a {:href (link :wiki title "/revisions")} "Page revisions" - ]]))) + (with-auth + (let [revisions-with-title (-> page_revisions + (select (where (=* :title title))) + (sort [:date#desc])) + revision (if revision-id + (with-dbt (first @(select page_revisions + (where (=* :id (Integer/parseInt revision-id)))))) + (with-dbt (first @revisions-with-title)))] + (layout (fmt nil "~A — Benki~@[/~A~] " title revision-id) + (if revision + [:div#wiki-page-content (wikilinkify (:content revision))] + [:div#wiki-page-content [:p "This page does not exist yet."]]) + [:hr] + [:div#wiki-page-footer {:style "text-align: right"} + [:a {:href (link :wiki title "/revisions")} "Page revisions"]])))) (defpage "/wiki/:title/revisions" {title :title} - (let [;; page (-> page_revisions - ;; (select (where (=* :title "abc"))) - ;; (project [:page]) - ;; (join pages (where (=* :id :page))) - ;; (sort [:date#desc]) - ;; (project [:id]) - ;; (limit 1)) - ;; revisions (-> page - ;; (rename {:id :page_id}) - ;; (join page_revisions (where (=* :page_id :id)))) - revisions (with-dbt - (query "SELECT r.* - FROM wiki_page_revisions r - JOIN (SELECT * FROM wiki_page_revisions - WHERE title = ? - ORDER BY date DESC - LIMIT 1) pr - ON (pr.page = r.page) - ORDER BY date DESC" - "Home"))] - (with-dbt - (layout (fmt nil "Revision list — ~A — Benki" title) - [:table {:style ""} - [:thead - [:th "Date"] - [:th "Title"]] - [:tbody - (for [rev revisions] - [:tr - [:td [:a {:href (link :wiki - (:title rev) - (fmt nil "?revision=~a" (:id rev)))} - (:date rev)]] - [:td (:title rev)]])]])))) + (with-auth + (let [revisions (with-dbt + (query "SELECT r.* + FROM wiki_page_revisions r + JOIN (SELECT * FROM wiki_page_revisions + WHERE title = ? + ORDER BY date DESC + LIMIT 1) pr + ON (pr.page = r.page) + ORDER BY date DESC" + "Home"))] + (with-dbt + (layout (fmt nil "Revision list — ~A — Benki" title) + [:table {:style ""} + [:thead + [:th "Date"] + [:th "Title"]] + [:tbody + (for [rev revisions] + [:tr + [:td [:a {:href (link :wiki + (:title rev) + (fmt nil "?revision=~a" (:id rev)))} + (:date rev)]] + [:td (:title rev)]])]]))))) (defn insert-empty-page [] (sql/with-query-results results ["INSERT INTO wiki_pages DEFAULT VALUES RETURNING *"] -- cgit v1.2.3