From 4239920246a5123644fd7a778b467aa371f990e6 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sat, 22 Sep 2012 16:43:38 +0200 Subject: Custom patches for the list managers. --- patches/webschleuder.patch | 160 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) create mode 100644 patches/webschleuder.patch (limited to 'patches/webschleuder.patch') diff --git a/patches/webschleuder.patch b/patches/webschleuder.patch new file mode 100644 index 0000000..397a17d --- /dev/null +++ b/patches/webschleuder.patch @@ -0,0 +1,160 @@ +diff --git a/contrib/enable_webschleuder.rb b/contrib/enable_webschleuder.rb +old mode 100644 +new mode 100755 +index 32e20c6..f72dd94 +--- a/contrib/enable_webschleuder.rb ++++ b/contrib/enable_webschleuder.rb +@@ -40,17 +40,18 @@ class EnableWebschleuder + + def self.usage + puts "Usage: +-#{File.basename($0)} listname password (-encrypted) (-override)" ++#{File.basename($0)} listname [-encrypted] [-override]" + exit 1 + end + end + + listname = ARGV.shift +-password = ARGV.shift +-EnableWebschleuder.usage unless listname and password ++EnableWebschleuder.usage unless listname + encrypted = override = false + while nextarg = ARGV.shift + encrypted = (nextarg == '-encrypted') unless encrypted + override = (nextarg == '-override') unless override + end +-EnableWebschleuder.enable(listname,password,encrypted,override) ++print "Password for list" + listname + '' if STDIN.fcntl(Fcntl::F_GETFL, 0) != 0 ++password = gets ++EnableWebschleuder.enable(listname,password.chomp,encrypted,override) +diff --git a/webschleuder.rb b/webschleuder.rb +index c90db2f..6259836 100755 +--- a/webschleuder.rb ++++ b/webschleuder.rb +@@ -23,8 +23,8 @@ require 'webschleuder/errors' + + + module Webschleuder +- set :secret, Webschleuder::Models::WebConfig.loadconfig.session_secret + include Camping::Session ++ secret Webschleuder::Models::WebConfig.loadconfig.session_secret + + def r404(path) + "Sorry, but I can't find #{path}." +diff --git a/webschleuder/controllers.rb b/webschleuder/controllers.rb +index c84348c..4e85625 100755 +--- a/webschleuder/controllers.rb ++++ b/webschleuder/controllers.rb +@@ -21,7 +21,7 @@ module Webschleuder::Controllers + end + end + +- class Login < R '/([^/]*)/login' ++ class Login < R '/schleuder/([^/]*)/login' + def get(listname) + prepare + @myself = self +@@ -48,7 +48,7 @@ module Webschleuder::Controllers + end + end + +- class Logout < R '/([^/]*)/logout' ++ class Logout < R '/schleuder/([^/]*)/logout' + def get(listname) + return unless authenticate + $list = nil +@@ -60,7 +60,7 @@ module Webschleuder::Controllers + end + end + +- class ListIndex < R '/([^/?]+)' ++ class ListIndex < R '/schleuder/([^/?]+)' + def get(listname) + return unless authenticate + @myself = self +@@ -69,7 +69,7 @@ module Webschleuder::Controllers + end + end + +- class Index < R '/' ++ class Index < R '/schleuder/' + def get() + prepare + # catch get-params from startpage-jumpform +@@ -83,7 +83,7 @@ module Webschleuder::Controllers + end + end + +- class Users < R '/([^/]*)/users' ++ class Users < R '/schleuder/([^/]*)/users' + def get(listname) + return unless authenticate + @users = User.loadusers +@@ -123,7 +123,7 @@ module Webschleuder::Controllers + end + end + +- class Listconfig < R '/([^/]*)/listconfig' ++ class Listconfig < R '/schleuder/([^/]*)/listconfig' + def get(listname) + return unless authenticate + @config = SchleuderConfig.loadlistconfig +@@ -162,7 +162,7 @@ module Webschleuder::Controllers + end + end + +- class Keys < R '/([^/]*)/keys', '/([^/]*)/keys/([^/]*)', '/([^/]*)/keys/([^/]*)/(.*)' ++ class Keys < R '/schleuder/([^/]*)/keys', '/schleuder/([^/]*)/keys/([^/]*)', '/schleuder/([^/]*)/keys/([^/]*)/(.*)' + def get(listname, action=nil, keyid=nil) + return unless authenticate + case action +@@ -238,7 +238,7 @@ module Webschleuder::Controllers + end + end + +- class Password < R '/([^/]*)/password' ++ class Password < R '/schleuder/([^/]*)/password' + + def get(listname) + return unless authenticate +diff --git a/webschleuder/helpers.rb b/webschleuder/helpers.rb +index 3aafedc..2f619cd 100755 +--- a/webschleuder/helpers.rb ++++ b/webschleuder/helpers.rb +@@ -1,3 +1,4 @@ ++require "rack/utils" + module Webschleuder::Helpers + + def prepare +@@ -7,16 +8,14 @@ module Webschleuder::Helpers + # TODO: further input parsing (against XSS etc.) + # + # what does the request look like? +- request = @env['REQUEST_URI'].split('/') +- # throw away first element as it is empty +- request.shift ++ request = @env['REQUEST_URI'].gsub(/^\/schleuder\//,'').split('/') + + $appconf = Webschleuder::Models::SchleuderConfig.loadconfig + $webappconf = Webschleuder::Models::WebConfig.loadconfig + + @state.flash = {:info => [], :error => []} unless @state.flash.is_a?Hash + +- listname = request.first || '' ++ listname = Rack::Utils.unescape(request.first || '') + listdir = File.join($appconf.lists_dir, listname) + + if !listname.empty? and File.directory?(listdir) +diff --git a/webschleuder/webschleuder_config.rb b/webschleuder/webschleuder_config.rb +index 08f595b..b89004f 100644 +--- a/webschleuder/webschleuder_config.rb ++++ b/webschleuder/webschleuder_config.rb +@@ -47,7 +47,7 @@ module Webschleuder + private + + def _write(data,filename) +- if File.open(filename, 'w') { |f| f << data } ++ if File.open(filename, File::WRONLY|File::CREAT, 0600) { |f| f << data } + true + else + false -- cgit v1.2.3