tinycm view index.cgi @ rev 8

Tiny edits
author Paul Issott <paul@slitaz.org>
date Sun Apr 22 10:49:23 2012 +0100 (2012-04-22)
parents af7569371649
children 6841b2e2379d
line source
1 #!/bin/sh
2 #
3 # TinyCM - Small, fast and elegent CGI/SHell Content Manager
4 #
5 # Copyright (C) 2012 SliTaz GNU/Linux - BSD License
6 #
7 . /usr/lib/slitaz/httphelper
8
9 # Let's have a peer site config file with a .cgi extension so content
10 # is secure even if left in a web server directory.
11 . config.cgi
12
13 tiny="$PWD"
14 po="en fr"
15 content="content"
16 wiki="$content/wiki"
17 index="index"
18 cache="cache"
19 plugins="plugins"
20 tmp="/tmp/tinycm"
21 sessions="$tmp/sessions"
22 script=$SCRIPT_NAME
23
24 # Content negotiation for Gettext
25 IFS=","
26 for lang in $HTTP_ACCEPT_LANGUAGE
27 do
28 lang=${lang%;*} lang=${lang# } lang=${lang%-*}
29 if echo "$po" | fgrep -q "$lang"; then
30 break
31 fi
32 case "$lang" in
33 en) lang="C" ;;
34 fr) lang="fr_FR" ;;
35 pt) lang="pt_BR" ;;
36 ru) lang="ru_RU" ;;
37 esac
38 done
39 unset IFS
40 export LANG=$lang LC_ALL=$lang
41
42 #
43 # Functions
44 #
45
46 # Used by edit to display language name and the language box. This is
47 # for CM content not gettext support.
48 get_lang() {
49 lang=$(echo $d | cut -d "/" -f 1)
50 doc=${d#$lang/}
51 echo '<div id="lang">'
52 for l in $LANGUAGES
53 do
54 case $lang in
55 en) i18n="English" ;;
56 fr) i18n="Français" ;;
57 pt) i18n="Português" ;;
58 ru) i18n="Русский" ;;
59 *) i18n="*" ;;
60 esac
61 echo "<a href='?d=$l/$doc'>$l</a>"
62 done
63 echo '</div>'
64 }
65
66 # HTML 5 header.
67 html_header() {
68 if [ -f "$tiny/lib/header.html" ]; then
69 cat $tiny/lib/header.html | sed -e s!'%TITLE%'!"$TITLE - $d"!g
70 else
71 cat << EOT
72 <!DOCTYPE html>
73 <html xmlns="http://www.w3.org/1999/xhtml">
74 <head>
75 <title>$TITLE</title>
76 <meta charset="utf-8" />
77 <style type="text/css">body { margin: 40px 120px; }</style>
78 </head>
79 <body>
80 <!-- Content -->
81 <div id="content">
82 EOT
83 fi
84 }
85
86 # HTML 5 footer.
87 html_footer() {
88 if [ -f "$tiny/lib/footer.html" ]; then
89 cat $tiny/lib/footer.html
90 else
91 cat << EOT
92
93 <!-- End content -->
94 </div>
95
96 <div id="footer">&hearts;</div>
97
98 </body>
99 </html>
100 EOT
101 fi
102 }
103
104 # Default index if missing
105 default_index() {
106 mkdir -p $(dirname $index)
107 cat > $wiki/$index.txt << EOT
108 ==== Welcome ====
109
110 This is the default index page of your CM, you can start to edit adding
111 some content to your TinyCM.
112
113 EOT
114 }
115
116 # Log documents activity.
117 log() {
118 grep ^[A-Z] | \
119 sed s"#^[A-Z]\([^']*\)#$(date '+%Y-%m-%d %H:%M') : \0#" \
120 >> $cache/$d/activity.log
121 }
122
123 # Check if user is auth
124 check_auth() {
125 auth="$(COOKIE auth)"
126 user="$(echo $auth | cut -d ":" -f 1)"
127 md5cookie="$(echo $auth | cut -d ":" -f 2)"
128 [ -f "$sessions/$user" ] && md5session="$(cat $sessions/$user)"
129 if [ "$md5cookie" == "$md5session" ] && [ "$auth" ]; then
130 . $PEOPLE/$user/account.conf
131 return 0
132 else
133 return 1
134 fi
135 }
136
137 # Authentified or not
138 user_box() {
139 if check_auth; then
140 cat << EOT
141
142 <div id="user">
143 <a href="$script?user=$user">$(get_gravatar $MAIL 20)</a>
144 <a href="$script?logout">Logout</a>
145 </div>
146
147 EOT
148 else
149 cat << EOT
150
151 <div id="user">
152 <a href="$script?login"><img src="images/avatar.png" alt="[ User ]" /></a>
153 <a href="$script?login">Login</a>
154 </div>
155
156 EOT
157 fi
158 cat << EOT
159 <!--
160 <div id="search">
161 <form method="get" action="$script">
162 <input type="text" name="search" placeholder="$(gettext "Search")" />
163 </form>
164 </div>
165 -->
166 EOT
167 }
168
169 # Link for online signup if enabled.
170 online_signup() {
171 if [ "$ONLINE_SIGNUP" == "yes" ]; then
172 echo -n "<p><a href='$script?signup'>"
173 gettext "Create a new account"
174 echo '</a></p>'
175 fi
176 }
177
178 # Login page
179 login_page() {
180 cat << EOT
181 <h2>$(gettext "Login")</h2>
182
183 <div id="account-info">
184 $(gettext "No account yet or trouble with you account? Please send
185 a request to $ADMIN_MAIL with your real name, user name, mail and password.")
186 $(online_signup)
187 </div>
188
189 <div id="login">
190 <form method="post" action="$script">
191 <input type="text" name="auth" placeholder="$(gettext "User name")" />
192 <input type="password" name="pass" placeholder="$(gettext "Password")" />
193 <div>
194 <input type="submit" value="Login" /> $error
195 </div>
196 </form>
197 </div>
198
199 <div style="clear: both;"></div>
200 EOT
201 }
202
203 # Signup page
204 signup_page() {
205 cat << EOT
206
207 <div id="signup">
208 <form method="post" name="signup" action="$script" onsubmit="return checkSignup();">
209 <input type="hidden" name="signup" value="new" />
210 <input type="text" name="name" placeholder="$(gettext "Real name")" />
211 <input type="text" name="user" placeholder="$(gettext "User name")" />
212 <input type="text" name="mail" placeholder="$(gettext "Email")" />
213 <input type="password" name="pass" placeholder="$(gettext "Password")" />
214 <div>
215 <input type="submit" value="$(gettext "Create new account")" />
216 </div>
217 </form>
218 </div>
219
220 EOT
221 }
222
223 # Create a new user in AUTH_FILE and PEOPLE
224 new_user_config() {
225 key=$(echo -n "$user:$mail:$pass" | md5sum | awk '{print $1}')
226 echo "$user:$pass" >> $AUTH_FILE
227 mkdir -p $PEOPLE/$user/
228 cat > $PEOPLE/$user/account.conf << EOT
229 # SliTaz user configuration
230 #
231
232 NAME="$name"
233 USER="$user"
234 MAIL="$mail"
235 KEY="$key"
236
237 EOT
238 chmod 0600 $PEOPLE/$user/account.conf
239 }
240
241 # Display user public profile.
242 public_people() {
243 cat << EOT
244 <pre>
245 Real name : $NAME
246 </pre>
247 EOT
248 }
249
250 # Display authentified user profile. TODO: change password
251 auth_people() {
252 cat << EOT
253 <pre>
254 Real name : $NAME
255 Email : $MAIL
256 Secure key : $KEY
257 </pre>
258 EOT
259 }
260
261 # The CM style parser. Just a title, simple text formating and internal
262 # links, as well as images and use HTML for other stuff. Keep it fast!
263 # To make TinyCM as easy as possible we have a small HTML editor/helper
264 # written in Javascript
265 wiki_parser() {
266 doc="[0-9a-zA-Z\.\#/~\_%=\?\&,\+\:@;!\(\)\*\$'\-]*"
267 sed \
268 -e s"#====\([^']*\)====#<h2>\1</h2>#"g \
269 -e s"#===\([^']*\)===#<h3>\1</h3>#"g \
270 -e s"#==\([^']*\)==#<h4>\1</h4>#"g \
271 -e s"#\*\*\([^']*\)\*\*#<strong>\1</strong>#"g \
272 -e s"#''\([^']*\)''#<em>\1</em>#"g \
273 -e s"#__\([^']*\)__#<u>\1</u>#"g \
274 -e s"#\[\([^]]*\)|\($doc\)\]#<a href='$script?d=\2'>\1</a>#"g \
275 -e s"#http://\([^']*\).png#<img src='\0' />#"g \
276 -e s"#http://\([^']*\).*# <a href='\0'>\1</a>#"g
277 #-e s"/^$/<br \/>/"g
278 }
279
280 link_user() {
281 echo "<a href='$script?user=$user'>$user</a>"
282 }
283
284 # Save a document. Do we need more than 1 backup and diff ?
285 save_document() {
286 mkdir -p $cache/$d $(dirname $wiki/$d)
287 # May be a new page.
288 if [ ! -f "$wiki/$d.txt" ]; then
289 new=0
290 touch $wiki/$d.txt
291 fi
292 cp $wiki/$d.txt $cache/$d/last.bak
293 sed "s/$(echo -en '\r') /\n/g" > $wiki/$d.txt << EOT
294 $(GET content)
295 EOT
296 diff $cache/$d/last.bak $wiki/$d.txt > $cache/$d/last.diff
297 # Log
298 if [ "$new" ]; then
299 echo "Page created by: $(link_user)" | log
300 if [ "$HG" == "yes" ]; then
301 cd $content && hg -q add
302 hg commit -q -u "$NAME <$MAIL>" -m "Created new document: $d"
303 cd $tiny
304 fi
305 else
306 # Here we will clean log: cat && tail -n 40
307 echo "Page edited by: $(link_user)" | log
308 if [ "$HG" == "yes" ]; then
309 cd $content && hg commit -q -u "$NAME <$MAIL>" \
310 -m "Edited document: $d"
311 cd $tiny
312 fi
313 fi
314 }
315
316 # CM tools (edit, diff, etc).
317 wiki_tools() {
318 cat << EOT
319 <div id="tools">
320 <a href="$script?edit=$d">$(gettext "Edit document")</a>
321 <a href="$script?diff=$d">$(gettext "Last diff")</a>
322 <a href="$script?log=$d">$(gettext "Activity")</a>
323 <a href="$script?dashboard">Dashboard</a>
324 $([ "$HG" == "yes" ] && echo "<a href='$script?hg'>Hg Log</a>")
325 </div>
326 EOT
327 }
328
329 # Get and display Gravatar image: get_gravatar email size
330 # Link to profile: <a href="http://www.gravatar.com/$md5">...</a>
331 get_gravatar() {
332 email=$1
333 size=$2
334 [ "$size" ] || size=48
335 url="http://www.gravatar.com/avatar"
336 md5=$(md5crypt $email)
337 echo "<img src='$url/$md5?d=identicon&s=$size' alt='&lowast;' />"
338 }
339
340 # List hg logs
341 hg_log() {
342 cd $content
343 cat << EOT
344 <table>
345 <thead>
346 <td>$(gettext "User")</td>
347 <td>$(gettext "Description")</td>
348 <td>$(gettext "Revision")</td>
349 </thead>
350 EOT
351 hg log --template "<tr><td>{author}</td><td>{desc}</td><td>{rev}</td></tr>\n"
352 echo '</table>'
353 }
354
355 #
356 # POST actions
357 #
358
359 case " $(POST) " in
360 *\ auth\ *)
361 # Authenticate user. Create a session file in $sessions to be used
362 # by check_auth. We have the user login name and a peer session
363 # md5 string in the COOKIE.
364 user="$(POST auth)"
365 pass="$(md5crypt "$(POST pass)")"
366 valid=$(fgrep "${user}:" $AUTH_FILE | cut -d ":" -f 2)
367 if [ "$pass" == "$valid" ] && [ "$pass" != "" ]; then
368 md5session=$(echo -n "$$:$user:$pass:$$" | md5sum | awk '{print $1}')
369 [ -d $sessions ] || mkdir -p $sessions
370 echo "$md5session" > $sessions/$user
371 header "Location: $script" \
372 "Set-Cookie: auth=$user:$md5session; HttpOnly"
373 else
374 header "Location: $script?login&error"
375 fi ;;
376 *\ signup\ *)
377 # POST action for signup
378 name="$(POST name)"
379 user="$(POST user)"
380 mail="$(POST mail)"
381 pass="$(md5crypt "$(POST pass)")"
382 if ! grep "^${user}:" $AUTH_FILE; then
383 new_user_config
384 header "Location: $script?login"
385 else
386 header
387 html_header
388 user_box
389 echo "<h2>gettext "User already exists: $user"</h2>"
390 html_footer
391 fi ;;
392 esac
393
394 #
395 # Plugins
396 #
397 for p in $(ls -1 $plugins)
398 do
399 [ -f "$plugins/$p/$p.conf" ] && . $plugins/$p/$p.conf
400 [ -x "$plugins/$p/$p.cgi" ] && . $plugins/$p/$p.cgi
401 done
402
403 #
404 # GET actions
405 #
406
407 case " $(GET) " in
408 *\ edit\ *)
409 d="$(GET edit)"
410 header
411 html_header
412 user_box
413 get_lang
414 if check_auth; then
415 get_lang
416 cat << EOT
417 <h2>$(gettext "Edit $doc [ $i18n ]")</h2>
418
419 <div id="edit">
420
421 <form method="get" action="$script" name="editor">
422 <input type="hidden" name="save" value="$d" />
423 <textarea name="content">$(cat "$wiki/$d.txt")</textarea>
424 <input type="submit" value="$(gettext "Save document")" />
425 $(gettext "Code Helper:")
426 $(cat lib/jseditor.html)
427 </form>
428
429 </div>
430 EOT
431 else
432 gettext "You must be logged in to edit pages"
433 fi
434 html_footer ;;
435 *\ save\ *)
436 d="$(GET save)"
437 if check_auth; then
438 save_document
439 fi
440 header "Location: $script?d=$d" ;;
441 *\ log\ *)
442 d="$(GET log)"
443 header
444 html_header
445 user_box
446 get_lang
447 echo "<h2>$(gettext "Activity for:") <a href='$script?d=$d'>$d</a></h2>"
448 echo '<pre>'
449 if [ -f "$cache/$d/activity.log" ]; then
450 tac $cache/$d/activity.log
451 else
452 gettext "No log for: $d"; echo
453 fi
454 echo '</pre>'
455 if check_auth; then
456 wiki_tools
457 fi
458 html_footer ;;
459 *\ diff\ *)
460 d="$(GET diff)"
461 date="last"
462 header
463 html_header
464 user_box
465 get_lang
466 echo "<h2>$(gettext "Diff for:") <a href='$script?d=$d'>$d</a></h2>"
467 echo '<pre>'
468 if [ -f "$cache/$d/$date.diff" ]; then
469 cat $cache/$d/$date.diff | sed \
470 -e 's|&|\&amp;|g' -e 's|<|\&lt;|g' -e 's|>|\&gt;|g' \
471 -e s"#^-\([^']*\).#<span style='color: red;'>\0</span>#"g \
472 -e s"#^+\([^']*\).#<span style='color: green;'>\0</span>#"g \
473 -e s"#@@\([^']*\)@@#<span style='color: blue;'>@@\1@@</span>#"g
474 else
475 gettext "No diff for: $d"; echo
476 fi
477 echo '</pre>'
478 if check_auth; then
479 wiki_tools
480 fi
481 html_footer ;;
482 *\ login\ *)
483 # The login page
484 d="Login"
485 [ "$(GET error)" ] && \
486 error="<p class="error">$(gettext "Bad login or pass")</p>"
487 header
488 html_header
489 user_box
490 login_page
491 html_footer ;;
492 *\ signup\ *)
493 # The login page
494 d="$(gettext "Sign Up")"
495 header
496 html_header
497 user_box
498 echo "<h2>$d</h2>"
499 if [ "$ONLINE_SIGNUP" == "yes" ]; then
500 signup_page
501 else
502 gettext "Online registration is disabled"
503 fi
504 html_footer ;;
505 *\ logout\ *)
506 # Set a Cookie in the past to logout.
507 expires="Expires=Wed, 01-Jan-1980 00:00:00 GMT"
508 if check_auth; then
509 rm -f "$sessions/$user"
510 header "Location: $script" "Set-Cookie: auth=none; $expires; HttpOnly"
511 fi ;;
512 *\ user\ *)
513 # User profile
514 header
515 html_header
516 user_box
517 . $PEOPLE/"$(GET user)"/account.conf
518 echo "<h2>$(get_gravatar $MAIL) $(GET user)</h2>"
519 loglines=$(fgrep $user $(find $cache -name *.log) | wc -l)
520 gettext "Activities:"; echo " $loglines"
521 if check_auth && [ "$(GET user)" == "$user" ]; then
522 auth_people
523 else
524 public_people
525 fi
526 html_footer ;;
527 *\ dashboard\ *)
528 # For now simply list plugins and users info. We could have a
529 # dashbord only for ADMINS found in the config file. The dashboard
530 # should also be a plugin.
531 d="Dashboard"
532 header
533 html_header
534 user_box
535 users=$(ls -1 $PEOPLE | wc -l)
536 docs=$(find $wiki -type f | wc -l)
537 size="$(du -sh $wiki | awk '{print $1}')"
538 echo "<h2>$d</h2>"
539 if check_auth; then
540 echo "<p>$(gettext "Users:") $users</p>"
541 echo "<p>$(gettext "Documents:") $docs ($size)</p>"
542 echo "<h3>$(gettext "Plugins")</h3>"
543 echo '<pre>'
544 for p in $(ls -1 $plugins)
545 do
546 . $plugins/$p/$p.conf
547 echo "<a href='?$p'>$PLUGIN</a> - $SHORT_DESC"
548 done
549 echo '</pre>'
550 else
551 gettext "You must be logged in to view the dashboard."
552 fi
553 html_footer ;;
554 *\ hg\ *)
555 header
556 [ "$HG" != "yes" ] && gettext "Hg is disabled" && exit 0
557 [ ! -x /usr/bin/hg ] && gettext "Hg is not installed" && exit 0
558 d="Hg Log"
559 html_header
560 user_box
561 echo "<h2>$d</h2>"
562 case " $(GET hg) " in
563 *\ init\ *)
564 if check_auth; then
565 [ -d "$content/.hg" ] && exit 0
566 echo '<pre>'
567 gettext "Executing: hg init"; echo
568 cd $content/ && hg init
569 echo '[hooks]' > .hg/hgrc
570 echo 'incoming = hg update' >> .hg/hgrc
571 gettext "Adding current content and committing"; echo
572 [ ! -f "$wiki/index.txt" ] && touch $wiki/$index.txt
573 hg add && hg commit -u "$NAME <$MAIL>" \
574 -m "Initial commit with curent content"
575 echo '</pre>' && cd ..
576 fi ;;
577 esac
578 hg_log
579 html_footer ;;
580 *)
581 # Display requested page
582 d="$(GET d)"
583 [ "$d" ] || d=$index
584 header
585 html_header
586 user_box
587 get_lang
588 [ ! -f "$wiki/$index.txt" ] && default_index
589 if [ ! -f "$wiki/$d.txt" ]; then
590 echo "<h2>$d</h2>"
591 gettext "The document does not exist. You can create it or read the"
592 echo " <a href='?d=help'>help</a>"
593 else
594 if fgrep NOWIKI $wiki/$d.txt; then
595 cat $wiki/$d.txt
596 else
597 cat $wiki/$d.txt | wiki_parser
598 fi
599 fi
600 if check_auth; then
601 wiki_tools
602 if [ "$HG" == "yes" ] && [ ! -d "$content/.hg" ]; then
603 echo '<p class="error box">'
604 gettext "Mercurial is enabled but no repository found"
605 echo ": <a href='?hg=init'>Hg init</a>"
606 echo '</p>'
607 fi
608 fi
609 html_footer ;;
610 esac
611
612 exit 0