RSS feeds are now smart about password-protected webs
This commit is contained in:
parent
bdb77c7108
commit
6f8b5b44d3
|
@ -8,6 +8,9 @@
|
|||
"textile link":LinkToSomePlace will not look insane.
|
||||
RSS feeds accept query parameters, sush as
|
||||
http://localhost:2500/wiki/rss_with_headlines?start=2005-02-18&end=2005-02-19&limit=10
|
||||
RSS feed wiuth page contents for a password-protected web behaves as follows:
|
||||
if the web is published, RSS feed links to the published version of the web
|
||||
otherwise, the feed is not available
|
||||
Madeleine will check every hour if there are new commands in the log or 24 hours have
|
||||
passed since last snapshot, and take snapshot if either of these conditions is true
|
||||
Madeleine will also not log read-only operations, resulting in a better performance
|
||||
|
|
|
@ -28,10 +28,8 @@ class ApplicationController < ActionController::Base
|
|||
end
|
||||
|
||||
def check_authorization
|
||||
if in_a_web? and
|
||||
not authorized? and
|
||||
not %w( login authenticate published ).include?(@action_name)
|
||||
redirect_to :action => 'login', :web => @web_name
|
||||
if in_a_web? and needs_authorization?(@action_name) and not authorized? and
|
||||
redirect_to :controller => 'wiki', :action => 'login', :web => @web_name
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
@ -126,4 +124,8 @@ class ApplicationController < ActionController::Base
|
|||
$instiki_wiki_service
|
||||
end
|
||||
|
||||
def needs_authorization?(action)
|
||||
not %w( login authenticate published rss_with_content rss_with_headlines ).include?(action)
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -75,6 +75,7 @@ class WikiController < ApplicationController
|
|||
end
|
||||
|
||||
def feeds
|
||||
@rss_with_content_allowed = rss_with_content_allowed?
|
||||
# show the template
|
||||
end
|
||||
|
||||
|
@ -91,7 +92,12 @@ class WikiController < ApplicationController
|
|||
end
|
||||
|
||||
def rss_with_content
|
||||
render_rss(hide_description = false, *parse_rss_params)
|
||||
if rss_with_content_allowed?
|
||||
render_rss(hide_description = false, *parse_rss_params)
|
||||
else
|
||||
render_text 'RSS feed with content for this web is blocked for security reasons. ' +
|
||||
'The web is password-protected and not published', '403 Forbidden'
|
||||
end
|
||||
end
|
||||
|
||||
def rss_with_headlines
|
||||
|
@ -326,6 +332,8 @@ class WikiController < ApplicationController
|
|||
|
||||
@hide_description = hide_description
|
||||
@response.headers['Content-Type'] = 'text/xml'
|
||||
@link_action = @web.password ? 'published' : 'show'
|
||||
|
||||
render 'wiki/rss_feed'
|
||||
end
|
||||
|
||||
|
@ -343,6 +351,10 @@ class WikiController < ApplicationController
|
|||
@template.render_file(template_name)
|
||||
end
|
||||
|
||||
def rss_with_content_allowed?
|
||||
@web.password.nil? or @web.published
|
||||
end
|
||||
|
||||
def truncate(text, length = 30, truncate_string = '...')
|
||||
if text.length > length then text[0..(length - 3)] + truncate_string else text end
|
||||
end
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
<ul id="feedsList">
|
||||
<li>
|
||||
<% unless @web.password and not @web.published %>
|
||||
<% if @rss_with_content_allowed %>
|
||||
<%= link_to 'Full content (RSS 2.0)', :web => @web.address, :action => :rss_with_content %>
|
||||
<% end %>
|
||||
</li>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
|
||||
<channel>
|
||||
<title><%= @web.name %></title>
|
||||
<link><%= url_for :only_path => false, :web => @web_name, :action => 'show', :id => 'HomePage' %></link>
|
||||
<link><%= url_for :only_path => false, :web => @web_name, :action => @link_action, :id => 'HomePage' %></link>
|
||||
<description>An Instiki wiki</description>
|
||||
<language>en-us</language>
|
||||
<ttl>40</ttl>
|
||||
|
@ -10,11 +10,11 @@
|
|||
<item>
|
||||
<title><%= page.plain_name %></title>
|
||||
<% unless @hide_description %>
|
||||
<description><%= CGI.escapeHTML(page.display_content) %></description>
|
||||
<description><%= h page.display_content %></description>
|
||||
<% end %>
|
||||
<pubDate><%= page.created_at.strftime "%a, %e %b %Y %H:%M:%S %Z" %></pubDate>
|
||||
<guid><%= url_for :only_path => false, :web => @web_name, :action => 'show', :id => page.name %></guid>
|
||||
<link><%= url_for :only_path => false, :web => @web_name, :action => 'show', :id => page.name %></link>
|
||||
<guid><%= url_for :only_path => false, :web => @web_name, :action => @link_action, :id => page.name %></guid>
|
||||
<link><%= url_for :only_path => false, :web => @web_name, :action => @link_action, :id => page.name %></link>
|
||||
<dc:creator><%= WikiWords.separate(page.author) %></dc:creator>
|
||||
</item>
|
||||
<% end %>
|
||||
|
|
|
@ -369,6 +369,16 @@ class WikiControllerTest < Test::Unit::TestCase
|
|||
assert !r.template_objects['hide_description']
|
||||
end
|
||||
|
||||
def test_rss_with_content_when_blocked
|
||||
setup_wiki_with_three_pages
|
||||
@web.password = 'aaa'
|
||||
@web.published = false
|
||||
|
||||
r = process 'rss_with_content', 'web' => 'wiki1'
|
||||
|
||||
assert_equal 403, r.response_code
|
||||
end
|
||||
|
||||
|
||||
def test_rss_with_headlines
|
||||
setup_wiki_with_three_pages
|
||||
|
@ -400,6 +410,30 @@ class WikiControllerTest < Test::Unit::TestCase
|
|||
assert_template_xpath_match '/rss/channel/item/link', expected_page_links
|
||||
end
|
||||
|
||||
def test_rss_switch_links_to_published
|
||||
setup_wiki_with_three_pages
|
||||
@web.password = 'aaa'
|
||||
@web.published = true
|
||||
|
||||
@request.host = 'foo.bar.info'
|
||||
@request.port = 80
|
||||
|
||||
r = process 'rss_with_headlines', 'web' => 'wiki1'
|
||||
|
||||
assert_success
|
||||
xml = REXML::Document.new(r.body)
|
||||
|
||||
expected_page_links =
|
||||
['http://foo.bar.info/wiki1/published/HomePage',
|
||||
'http://foo.bar.info/wiki1/published/Oak',
|
||||
'http://foo.bar.info/wiki1/published/Elephant']
|
||||
|
||||
assert_template_xpath_match '/rss/channel/link',
|
||||
'http://foo.bar.info/wiki1/published/HomePage'
|
||||
assert_template_xpath_match '/rss/channel/item/guid', expected_page_links
|
||||
assert_template_xpath_match '/rss/channel/item/link', expected_page_links
|
||||
end
|
||||
|
||||
def test_rss_with_params
|
||||
setup_wiki_with_30_pages
|
||||
|
||||
|
|
Loading…
Reference in a new issue