cgi-bin/loona.lua
author Timm S. Mueller <tmueller@neoscientists.org>
Fri, 16 Feb 2007 03:06:51 +0100
changeset 20 6ab0b2d1dec9
parent 16 966d826727c2
child 23 ebc5fbbd5996
permissions -rw-r--r--
Improved assertions, loads of cleanup
tmueller@0
     1
tmueller@0
     2
--
tmueller@0
     3
--	loona - tiny CMS
tmueller@0
     4
--	Written by Timm S. Mueller <tmueller at neoscientists.org>
tmueller@0
     5
--	See copyright notice in COPYRIGHT
tmueller@0
     6
--
tmueller@0
     7
tmueller@0
     8
require "tek"
tmueller@0
     9
require "tek.cgi"
tmueller@0
    10
require "tek.cgi.request"
tmueller@0
    11
require "tek.cgi.request.args"
tmueller@0
    12
require "tek.cgi.header"
tmueller@0
    13
require "tek.cgi.session"
tmueller@0
    14
require "tek.posix"
tmueller@0
    15
require "tek.web"
tmueller@0
    16
require "tek.web.markup"
tmueller@0
    17
require "tek.util"
tmueller@0
    18
tmueller@0
    19
local boxed_G = { 
tmueller@0
    20
	string = string, table = table,
tmueller@0
    21
	assert = assert, collectgarbage = collectgarbage, dofile = dofile,
tmueller@0
    22
	error = error, getfenv = getfenv, getmetatable = getmetatable,
tmueller@0
    23
	ipairs = ipairs, load = load, loadfile = loadfile, loadstring = loadstring,
tmueller@0
    24
	next = next, pairs = pairs, pcall = pcall, print = print,
tmueller@0
    25
	rawequal = rawequal, rawget = rawget, rawset = rawset, require = require,
tmueller@0
    26
	select = select, setfenv = setfenv, setmetatable = setmetatable,
tmueller@0
    27
	tonumber = tonumber, tostring = tostring, type = type, unpack = unpack,
tmueller@0
    28
	xpcall = xpcall
tmueller@0
    29
}
tmueller@0
    30
tmueller@0
    31
local tek, table, string, assert, unpack, ipairs, pairs, type, require =
tmueller@0
    32
	tek, table, string, assert, unpack, ipairs, pairs, type, require
tmueller@0
    33
local setmetatable, setfenv, getfenv = setmetatable, setfenv, getfenv
tmueller@0
    34
local open, remove, rename, getenv, time =
tmueller@0
    35
	io.open, os.remove, os.rename, os.getenv, os.time
tmueller@0
    36
tmueller@0
    37
local sectionfname, langs, locale
tmueller@0
    38
tmueller@0
    39
tmueller@0
    40
module "loona"
tmueller@0
    41
tmueller@0
    42
tmueller@0
    43
_VERSION = 2
tmueller@0
    44
_REVISION = 0
tmueller@0
    45
tmueller@0
    46
tmueller@0
    47
out = tek.web.out
tmueller@0
    48
setheader = tek.web.setheader
tmueller@0
    49
cgi = tek.cgi
tmueller@0
    50
session = cgi.session
tmueller@0
    51
request = cgi.request
tmueller@0
    52
args = request.args
tmueller@0
    53
posix = tek.posix
tmueller@0
    54
encodeform = cgi.encodeform
tmueller@0
    55
loadhtml = tek.web.include.load
tmueller@0
    56
source = tek.source
tmueller@0
    57
domarkup = tek.web.markup.main
tmueller@0
    58
expire = tek.util.expire
tmueller@0
    59
tmueller@0
    60
tmueller@20
    61
--	Special version of assert that exposes an extra detail argument
tmueller@20
    62
--	only if config.debug is set (in order to avoid information leaks)
tmueller@20
    63
tmueller@20
    64
local function dbmsg(msg, detail)
tmueller@20
    65
	return msg and msg .. 
tmueller@20
    66
		(detail and (config.debug == true and (" : " .. detail)) or "")
tmueller@20
    67
end
tmueller@20
    68
tmueller@20
    69
tmueller@0
    70
local function checkprofilename(c)
tmueller@20
    71
	assert(c:match("^%w+$") and c ~= "current", dbmsg(loc("INVALID_NAME"), c))
tmueller@0
    72
	return c
tmueller@0
    73
end
tmueller@0
    74
tmueller@0
    75
tmueller@0
    76
local function checksectionname(s)
tmueller@0
    77
	s = s or "main"
tmueller@20
    78
	assert(s:match("^[%w_]*%w+[%w_]*$"), dbmsg(loc("INVALID_NAME"), s))
tmueller@0
    79
	return s
tmueller@0
    80
end
tmueller@0
    81
tmueller@0
    82
tmueller@0
    83
local function deletedir(dst)
tmueller@0
    84
	for e in tek.util.readdir(dst) do
tmueller@0
    85
		local success, msg = remove(dst .. "/" .. e)
tmueller@20
    86
		assert(success, dbmsg("Error removing entry in profile", msg))
tmueller@0
    87
	end
tmueller@0
    88
	return remove(dst)
tmueller@0
    89
end
tmueller@0
    90
tmueller@0
    91
tmueller@0
    92
local function copyprofile(contentdir, lang, srcprofile, newprofile)
tmueller@0
    93
	local src = contentdir .. "/" .. srcprofile .. "_" .. lang
tmueller@20
    94
	assert(posix.stat(src, "mode") == "directory",
tmueller@20
    95
		dbmsg("Not a directory", src))
tmueller@0
    96
	local dst = contentdir .. "/" .. newprofile .. "_" .. lang
tmueller@0
    97
	local success, msg = posix.mkdir(dst)
tmueller@20
    98
	assert(success, dbmsg("Error creating profile directory", msg))
tmueller@0
    99
	for e in tek.util.readdir(src) do
tmueller@0
   100
		local ext = e:match("^[^.].*%.([^.]*)$")
tmueller@0
   101
		if ext ~= "LOCK" then
tmueller@0
   102
			local f = src .. "/" .. e
tmueller@0
   103
			if posix.stat(f, "mode") == "file" then
tmueller@0
   104
				success, msg = tek.copyfile(f, dst .. "/" .. e)
tmueller@20
   105
				assert(success, dbmsg("Error copying file", msg))
tmueller@0
   106
			end
tmueller@0
   107
		end
tmueller@0
   108
	end
tmueller@0
   109
end
tmueller@0
   110
tmueller@0
   111
tmueller@0
   112
local function publishprofile(contentdir, lang, profile)
tmueller@0
   113
	local oldpath = profile .. "_" .. lang
tmueller@0
   114
	local newpath = contentdir .. "/current_" .. lang
tmueller@0
   115
	local success, msg = posix.symlink(oldpath, newpath .. ".temp")
tmueller@20
   116
	assert(success, dbmsg("Cannot create symlink", msg))
tmueller@0
   117
	success, msg = rename(newpath .. ".temp", newpath)
tmueller@20
   118
	assert(success, dbmsg("Cannot overwrite symlink", msg))
tmueller@0
   119
end
tmueller@0
   120
tmueller@0
   121
tmueller@20
   122
local function lookupname(tab, val)
tmueller@0
   123
	if tab then
tmueller@0
   124
		for i, v in ipairs(tab) do
tmueller@20
   125
			if v.name == val then
tmueller@0
   126
				return i
tmueller@0
   127
			end
tmueller@0
   128
		end
tmueller@0
   129
	end
tmueller@0
   130
end
tmueller@0
   131
tmueller@0
   132
tmueller@20
   133
--	Index sections, determine accessibility and visibility in menu
tmueller@20
   134
tmueller@20
   135
local function indexsections(s)
tmueller@0
   136
	s = s or config.sections
tmueller@0
   137
	for _, e in ipairs(s) do
tmueller@0
   138
		if e.subs then
tmueller@20
   139
			indexsections(e.subs)
tmueller@0
   140
		end
tmueller@0
   141
		e.notvalid = (not secure and e.secure) or 
tmueller@0
   142
			(not authuser and e.secret) or nil
tmueller@0
   143
		e.notvisible = e.notvalid or not authuser and e.hidden or nil
tmueller@16
   144
		s[e.name] = e
tmueller@0
   145
	end
tmueller@0
   146
end
tmueller@0
   147
tmueller@0
   148
tmueller@20
   149
--	Decompose section path into a stack of sections, returning only up to
tmueller@0
   150
--	the last valid element in the path. additionally returns the table of
tmueller@0
   151
--	the last section path element (or the default section)
tmueller@0
   152
tmueller@0
   153
local function getsection(config, section, authuser, path, default)
tmueller@0
   154
	local tab = { { entries = config.sections, name = default } }
tmueller@0
   155
	local sections = config.sections
tmueller@0
   156
	local sectionpath
tmueller@0
   157
	(path or default):gsub("(%w+)/?", function(a)
tmueller@0
   158
		if sections then
tmueller@20
   159
			local s = sections[a]
tmueller@20
   160
			if s and not s.notvalid then
tmueller@20
   161
				sectionpath = s
tmueller@0
   162
				tab[#tab].name = a
tmueller@20
   163
				sections = s.subs
tmueller@0
   164
				if sections then
tmueller@0
   165
					table.insert(tab, { entries = sections })
tmueller@0
   166
				end
tmueller@0
   167
			else
tmueller@0
   168
				sections = nil -- stop.
tmueller@0
   169
			end
tmueller@0
   170
		end
tmueller@0
   171
	end)
tmueller@0
   172
	if not section and not sectionpath then
tmueller@20
   173
		sectionpath = config.sections[default]
tmueller@0
   174
		if sectionpath then
tmueller@0
   175
			table.insert(tab, { entries = sectionpath.subs })
tmueller@0
   176
		end
tmueller@0
   177
	end
tmueller@0
   178
	return tab, sectionpath
tmueller@0
   179
end
tmueller@0
   180
tmueller@0
   181
tmueller@0
   182
local function getpath(sections, delimiter)
tmueller@0
   183
	local t = { }
tmueller@0
   184
	for _, menu in ipairs(sections) do
tmueller@0
   185
		if menu.name then
tmueller@0
   186
			table.insert(t, menu.name)
tmueller@0
   187
		end
tmueller@0
   188
	end
tmueller@0
   189
	return table.concat(t, delimiter or "/")
tmueller@0
   190
end
tmueller@0
   191
tmueller@0
   192
tmueller@20
   193
--	Descending into the sections table alongside the current path,
tmueller@20
   194
--	return the filename to include, defaulting to its parent value
tmueller@20
   195
--	(or the default specified)
tmueller@0
   196
tmueller@20
   197
local function getsectionfile(sections, path, ext, default)
tmueller@20
   198
	local t, val = { }
tmueller@0
   199
	for _, menu in ipairs(sections) do
tmueller@20
   200
		if menu.entries and menu.entries[menu.name] then
tmueller@20
   201
			table.insert(t, menu.name)
tmueller@20
   202
			local fn = table.concat(t, "_") .. ext
tmueller@0
   203
			if posix.stat(path .. "/" .. fn, "mode") == "file" then
tmueller@0
   204
				val = fn
tmueller@0
   205
			end
tmueller@0
   206
		end
tmueller@0
   207
	end
tmueller@0
   208
	return val or default
tmueller@0
   209
end
tmueller@0
   210
tmueller@0
   211
tmueller@0
   212
local function deletenode(dir, fname)
tmueller@0
   213
	local fullname = dir .. "/" .. fname
tmueller@0
   214
	local success, msg = remove(fullname)
tmueller@0
   215
	if success then
tmueller@0
   216
		local pat = "^" .. 
tmueller@0
   217
			fname:gsub("%^%$%(%)%%%.%[%]%*%+%-%?", "%%%1") .. "%..*$"
tmueller@0
   218
		for e in tek.util.readdir(dir) do
tmueller@0
   219
			if e:match(pat) then
tmueller@0
   220
				remove(dir .. "/" .. e)
tmueller@0
   221
			end
tmueller@0
   222
		end
tmueller@0
   223
	end
tmueller@0
   224
	return success, msg
tmueller@0
   225
end
tmueller@0
   226
tmueller@0
   227
tmueller@20
   228
--	Add element to path
tmueller@0
   229
tmueller@20
   230
local function addtopath(tab, path, e)
tmueller@0
   231
	path:gsub("(%w+)/?", function(a)
tmueller@20
   232
		if tab then
tmueller@20
   233
			local s = tab[a]
tmueller@20
   234
			if s then
tmueller@20
   235
				if not s.subs then
tmueller@20
   236
					s.subs = { }
tmueller@0
   237
				end
tmueller@20
   238
				tab = s.subs
tmueller@0
   239
			else
tmueller@20
   240
				table.insert(tab, e)
tmueller@20
   241
				tab[a] = e
tmueller@20
   242
 				tab = nil -- stop
tmueller@0
   243
			end
tmueller@0
   244
		end
tmueller@0
   245
	end)
tmueller@0
   246
end
tmueller@0
   247
tmueller@0
   248
tmueller@20
   249
--	Remove element from path
tmueller@0
   250
tmueller@20
   251
local function rmpath(tab, path)
tmueller@20
   252
	local parent
tmueller@0
   253
	path:gsub("(%w+)/?", function(a)
tmueller@20
   254
		if tab then
tmueller@20
   255
			local idx = lookupname(tab, a)
tmueller@20
   256
			if idx then
tmueller@20
   257
				if tab[idx].subs then
tmueller@20
   258
					parent = tab[idx]
tmueller@20
   259
					tab = tab[idx].subs
tmueller@0
   260
				else
tmueller@20
   261
					table.remove(tab, idx)
tmueller@20
   262
					if #tab == 0 and parent then
tmueller@20
   263
						parent.subs = nil
tmueller@0
   264
					end
tmueller@20
   265
					tab = nil
tmueller@0
   266
				end
tmueller@0
   267
			end
tmueller@0
   268
		end
tmueller@0
   269
	end)
tmueller@0
   270
end
tmueller@0
   271
tmueller@0
   272
tmueller@0
   273
-------------------------------------------------------------------------------
tmueller@0
   274
tmueller@0
   275
tmueller@8
   276
--	Produce page title
tmueller@8
   277
tmueller@8
   278
function title()
tmueller@8
   279
	return section and (section.title or section.label or section.name) or ""
tmueller@8
   280
end
tmueller@8
   281
tmueller@8
   282
tmueller@0
   283
--	Return locale string
tmueller@0
   284
tmueller@0
   285
function loc(s)
tmueller@0
   286
	if not locale then
tmueller@0
   287
		for _, l in ipairs(langs) do
tmueller@0
   288
			locale = source(config.localedir .. "/" .. l)
tmueller@0
   289
			if locale then
tmueller@0
   290
				break
tmueller@0
   291
			end		
tmueller@0
   292
		end
tmueller@0
   293
	end
tmueller@14
   294
	return locale and encodeform(locale[s]) or 
tmueller@14
   295
		'nonlocalized message: "' .. s .. '"'
tmueller@0
   296
end
tmueller@0
   297
tmueller@0
   298
tmueller@0
   299
--	Find element in path
tmueller@0
   300
tmueller@0
   301
function checkpath(tab, path)
tmueller@0
   302
	local res, idx
tmueller@0
   303
	path:gsub("(%w+)/?", function(a)
tmueller@0
   304
		if tab then
tmueller@20
   305
			local i = lookupname(tab, a)
tmueller@0
   306
			if i then
tmueller@0
   307
				res, idx = tab, i
tmueller@0
   308
				tab = tab[i].subs
tmueller@0
   309
			else
tmueller@0
   310
				res, idx = nil, nil
tmueller@0
   311
			end
tmueller@0
   312
		end
tmueller@0
   313
	end)
tmueller@0
   314
	return res, idx
tmueller@0
   315
end
tmueller@0
   316
tmueller@0
   317
tmueller@0
   318
--	Run a site function snippet, with full error recovery
tmueller@0
   319
--	(also recovers from errors in error handling function)
tmueller@0
   320
tmueller@0
   321
function dosnippet(config, func, errfunc, showdetail)
tmueller@0
   322
	local ret = { tek.catch(func) }
tmueller@0
   323
	if ret[1] == 0 or (errfunc and tek.catch(errfunc) == 0) then
tmueller@0
   324
		return unpack(ret)
tmueller@0
   325
	end
tmueller@0
   326
	out("<h2>Error</h2>")
tmueller@14
   327
	out("<h3>" .. (ret[2] or "") .. "</h3>")
tmueller@0
   328
	if showdetail or config.debug == true then
tmueller@0
   329
		if type(ret[3]) == "string" then
tmueller@14
   330
			out("<p>" .. ret[3] .. "</p>")
tmueller@0
   331
		end
tmueller@0
   332
		if ret[4] and config.debug == true then
tmueller@14
   333
			out("<pre>" .. ret[4] .. "</pre>")
tmueller@0
   334
		end
tmueller@0
   335
	end
tmueller@0
   336
end	
tmueller@0
   337
tmueller@0
   338
tmueller@0
   339
function lockfile(newfile)
tmueller@0
   340
	return not session and true or 
tmueller@0
   341
		posix.symlink(session.filename, newfile .. ".LOCK")
tmueller@0
   342
end
tmueller@0
   343
tmueller@0
   344
tmueller@0
   345
function unlockfile(dstfile)
tmueller@0
   346
	return not session and true or remove(dstfile .. ".LOCK")
tmueller@0
   347
end
tmueller@0
   348
tmueller@0
   349
tmueller@0
   350
function savenode(dir, fname, content)
tmueller@0
   351
	fname = dir .. "/" .. fname
tmueller@0
   352
	local f, msg = open(fname, "wb")
tmueller@20
   353
	assert(f, dbmsg("Could not open file for writing", msg))
tmueller@0
   354
	f:write(content or "")
tmueller@0
   355
	f:close()
tmueller@0
   356
end
tmueller@0
   357
tmueller@20
   358
--	Run extension in a controlled environment
tmueller@0
   359
tmueller@0
   360
function include(fname, ...)
tmueller@20
   361
	assert(not fname:match("%W"), dbmsg(loc("INVALID_NAME"), fname))
tmueller@0
   362
	local fname2 = config.extdir .. "/" .. fname .. ".lua"
tmueller@0
   363
	local f, msg = open(fname2)
tmueller@20
   364
	assert(f, dbmsg("Cannot open file", msg))
tmueller@0
   365
	local parsed, msg = loadhtml(f, "loona.out", fname2)
tmueller@20
   366
	assert(parsed, dbmsg("Syntax error", msg))
tmueller@0
   367
 	local fenv = {
tmueller@0
   368
 		arg = arg,
tmueller@0
   369
 		loona = {
tmueller@0
   370
 			out = out,
tmueller@0
   371
 			setheader = setheader,
tmueller@0
   372
			hidden = hidden,
tmueller@15
   373
			link = link,
tmueller@0
   374
			elink = elink,
tmueller@0
   375
			href = href,
tmueller@0
   376
			checkpath = checkpath,
tmueller@0
   377
			authuser = authuser,
tmueller@0
   378
			document = document,
tmueller@0
   379
			contentdir = contentdir,
tmueller@0
   380
			profile = profile,
tmueller@0
   381
			pubprofile = pubprofile,
tmueller@0
   382
			lang = lang,
tmueller@0
   383
			secure = secure,
tmueller@0
   384
			config = config,
tmueller@0
   385
			session = session,
tmueller@0
   386
			sectionpath = sectionpath,
tmueller@0
   387
		}
tmueller@0
   388
	}
tmueller@0
   389
 	setmetatable(fenv, { __index = boxed_G }) -- boxed global environment
tmueller@0
   390
	setfenv(parsed, fenv)
tmueller@0
   391
	return parsed()
tmueller@0
   392
end
tmueller@0
   393
tmueller@0
   394
tmueller@0
   395
function href(section, ...)
tmueller@0
   396
	local target = cgi.document.Name
tmueller@0
   397
	target = section and target .. "/" .. section or target
tmueller@0
   398
	if session or args.profile and args.profile ~= pubprofile then
tmueller@0
   399
		return tek.web.gethref(target, "lang", "profile", "session",
tmueller@0
   400
			unpack(arg))
tmueller@0
   401
	end
tmueller@0
   402
	return tek.web.gethref(target, "lang", unpack(arg))
tmueller@0
   403
end
tmueller@0
   404
tmueller@0
   405
tmueller@0
   406
function link(section, text, ...) -- normal link
tmueller@0
   407
	return '<a href="' .. href(section, unpack(arg)) .. '">' ..
tmueller@0
   408
		(text or section) .. '</a>'
tmueller@0
   409
end
tmueller@0
   410
tmueller@0
   411
tmueller@15
   412
function uilink(section, text, ...) -- active link
tmueller@15
   413
	return '<a class="loonaUILink" href="' .. href(section, unpack(arg)) ..
tmueller@0
   414
		'">' .. (text or section) .. '</a>'
tmueller@0
   415
end
tmueller@0
   416
tmueller@0
   417
tmueller@0
   418
function elink(target, text) -- external link
tmueller@15
   419
	return '<a class="loonaExtLink" href="' .. target .. 
tmueller@0
   420
		'" onclick="void(window.open(this.href, \'\', \'\')); return false;">'
tmueller@0
   421
		.. (text or target) .. '</a>'
tmueller@0
   422
end
tmueller@0
   423
tmueller@0
   424
tmueller@0
   425
function hidden(name, value)
tmueller@0
   426
	return not value and "" or 
tmueller@0
   427
		'<input type="hidden" name="' .. name .. '" value="' .. value .. '" />'
tmueller@0
   428
end
tmueller@0
   429
tmueller@0
   430
tmueller@0
   431
function getprofiles(contentdir, lang)
tmueller@0
   432
	local t = { }
tmueller@0
   433
	for f in tek.util.readdir(contentdir) do
tmueller@0
   434
		if posix.lstat(contentdir .. "/" .. f, "mode") == "directory" then
tmueller@0
   435
			local e = f:match("^(%w+)_" .. lang .. "$")
tmueller@0
   436
 			if e then
tmueller@0
   437
	 			t[e] = e
tmueller@0
   438
 	 		end
tmueller@0
   439
		end
tmueller@0
   440
	end
tmueller@0
   441
	return t
tmueller@0
   442
end
tmueller@0
   443
tmueller@0
   444
tmueller@0
   445
-- Init
tmueller@0
   446
tmueller@0
   447
local function init()
tmueller@0
   448
	
tmueller@0
   449
	-- get list of languages, in order of preference
tmueller@0
   450
	
tmueller@0
   451
	langs = { args.lang and args.lang:match("^%w+$") }
tmueller@0
   452
	if config.browserlang == true then
tmueller@0
   453
		local s = getenv("HTTP_ACCEPT_LANGUAGE")
tmueller@0
   454
		while s do
tmueller@0
   455
			local l, r = s:match("^([%w.=]+)[,;](.*)$")
tmueller@0
   456
			l = l or s
tmueller@0
   457
			s = r
tmueller@0
   458
			if l:match("^%w+$") then
tmueller@0
   459
				table.insert(langs, l)
tmueller@0
   460
			end
tmueller@0
   461
		end
tmueller@0
   462
	end
tmueller@0
   463
	table.insert(langs, config.deflang)
tmueller@0
   464
	
tmueller@0
   465
	-- get list of possible profiles
tmueller@0
   466
	
tmueller@0
   467
	local profiles = { }
tmueller@0
   468
	for e in tek.util.readdir(config.contentdir) do
tmueller@0
   469
		profiles[e] = e
tmueller@0
   470
	end
tmueller@0
   471
	
tmueller@0
   472
	-- get pubprofile
tmueller@0
   473
	
tmueller@0
   474
	for _, lang in ipairs(langs) do
tmueller@0
   475
		local p = posix.readlink(config.contentdir .. "/current_" .. lang)
tmueller@0
   476
		p = p and p:match("^(%w+)_" .. lang .. "$")
tmueller@0
   477
		if p then
tmueller@0
   478
			pubprofile = p
tmueller@0
   479
			break
tmueller@0
   480
		end
tmueller@0
   481
	end
tmueller@0
   482
	
tmueller@0
   483
	-- get profile
tmueller@0
   484
	
tmueller@0
   485
	local checkprofile = authuser and args.profile or pubprofile or "default"
tmueller@0
   486
	for _, l in ipairs(langs) do
tmueller@0
   487
		if profiles[checkprofile .. "_" .. l] then
tmueller@0
   488
			profile = checkprofile
tmueller@0
   489
			lang = l
tmueller@0
   490
			break
tmueller@0
   491
		end
tmueller@0
   492
	end
tmueller@0
   493
	
tmueller@20
   494
	assert(profile and lang, "Invalid profile or language")
tmueller@0
   495
	
tmueller@0
   496
	-- write back language and profile into args
tmueller@0
   497
tmueller@0
   498
	args.lang = lang ~= config.deflang and lang or nil
tmueller@0
   499
	args.profile = profile
tmueller@0
   500
	
tmueller@0
   501
	-- determine content directory pathname and section filename
tmueller@0
   502
	
tmueller@0
   503
	contentdir = config.contentdir .. "/" .. profile .. "_" .. lang
tmueller@0
   504
	sectionfname = contentdir .. "/.sections"
tmueller@0
   505
	
tmueller@0
   506
	-- load sections
tmueller@0
   507
	
tmueller@0
   508
	config.sections = source(sectionfname)
tmueller@0
   509
	
tmueller@20
   510
	-- index sections, determine visibility in menu
tmueller@0
   511
	
tmueller@20
   512
	indexsections(config.sections)
tmueller@0
   513
	
tmueller@0
   514
	-- decompose section path, produce a stack of sections
tmueller@0
   515
	
tmueller@0
   516
	submenus, section = getsection(config, section, authuser, 
tmueller@0
   517
		cgi.document.VirtualPath or "", not authuser and config.defname)
tmueller@0
   518
tmueller@0
   519
	-- handle redirects if not logged on
tmueller@0
   520
	
tmueller@0
   521
	if not authuser and section and section.redirect then
tmueller@0
   522
		submenus, section = getsection(config, section, authuser, 
tmueller@0
   523
			section.redirect, not authuser and config.defname)
tmueller@0
   524
	end
tmueller@0
   525
			
tmueller@0
   526
	-- section path and document name (refined)
tmueller@0
   527
	
tmueller@0
   528
	sectionpath = getpath(submenus)
tmueller@0
   529
tmueller@0
   530
end
tmueller@0
   531
tmueller@0
   532
tmueller@20
   533
--	Handle state modifications (create/save/delete, profile management)
tmueller@0
   534
tmueller@0
   535
local function handlestate()
tmueller@20
   536
	
tmueller@0
   537
	if args.editkey == "main" then
tmueller@0
   538
		--
tmueller@0
   539
		--	in main editable section:
tmueller@0
   540
		--
tmueller@20
   541
		local reload
tmueller@0
   542
		
tmueller@0
   543
		if args.actioncreate then
tmueller@0
   544
			--
tmueller@0
   545
			--	create new node
tmueller@0
   546
			--
tmueller@0
   547
			local editname = args.editname:lower()
tmueller@20
   548
			assert(not editname:match("%W"),
tmueller@20
   549
				dbmsg(loc("INVALID_NAME"), editname))
tmueller@20
   550
			if not (section and (section.subs or section)[editname]) then
tmueller@20
   551
				local newpath = 
tmueller@20
   552
					(sectionpath and (sectionpath .. "/")) .. editname
tmueller@0
   553
				addtopath(config.sections, newpath, { name = editname,
tmueller@0
   554
					label = args.editlabel ~= "" and args.editlabel or nil,
tmueller@0
   555
					title = args.edittitle ~= "" and args.edittitle or nil,
tmueller@0
   556
					creator = authuser,
tmueller@20
   557
					creationdate = time() })
tmueller@0
   558
				reload = true
tmueller@0
   559
			end
tmueller@20
   560
		
tmueller@0
   561
		elseif args.actionsave then
tmueller@0
   562
			--
tmueller@0
   563
			--	save node
tmueller@0
   564
			--
tmueller@0
   565
			section.revisiondate = time()
tmueller@0
   566
			section.revisioner = authuser
tmueller@0
   567
			reload = true
tmueller@20
   568
		
tmueller@0
   569
		elseif args.actiondelete then
tmueller@0
   570
			--
tmueller@0
   571
			--	delete node
tmueller@0
   572
			--
tmueller@0
   573
			if not args.actionconfirm then
tmueller@20
   574
				useralert = {
tmueller@20
   575
					text = loc("ALERT_DELETE_NODE"),
tmueller@20
   576
					confirm =
tmueller@20
   577
						'<input type="submit" name="actiondelete" value="' .. 
tmueller@20
   578
						loc("DELETE") .. '" /> ' ..
tmueller@20
   579
						hidden("actionconfirm", "true")
tmueller@20
   580
				}
tmueller@0
   581
			else
tmueller@0
   582
				deletenode(contentdir, sectionpath:gsub("/", "_"))
tmueller@20
   583
				rmpath(config.sections, sectionpath)
tmueller@0
   584
				reload = true
tmueller@0
   585
			end
tmueller@20
   586
		
tmueller@0
   587
		elseif args.actionsaveprops then
tmueller@0
   588
			--
tmueller@0
   589
			--	save properties
tmueller@0
   590
			--
tmueller@0
   591
			section.hidden = args.editvisibility and true
tmueller@0
   592
			section.secret = args.editsecrecy and true
tmueller@0
   593
			section.secure = args.editsecure and true
tmueller@0
   594
			section.label = args.editlabel ~= "" and args.editlabel or nil
tmueller@0
   595
			section.title = args.edittitle ~= "" and args.edittitle or nil
tmueller@20
   596
			section.redirect =
tmueller@20
   597
				args.editredirect ~= "" and args.editredirect or nil
tmueller@0
   598
			reload = true
tmueller@20
   599
		
tmueller@0
   600
		elseif args.actionup then
tmueller@0
   601
			--
tmueller@0
   602
			--	move node up
tmueller@0
   603
			--
tmueller@0
   604
			local t, i = checkpath(config.sections, sectionpath)
tmueller@0
   605
			if t and i > 1 then
tmueller@0
   606
				local item = table.remove(t, i)
tmueller@0
   607
				table.insert(t, i - 1, item)
tmueller@0
   608
				reload = true
tmueller@0
   609
			end
tmueller@20
   610
		
tmueller@0
   611
		elseif args.actiondown then
tmueller@0
   612
			--
tmueller@0
   613
			--	move node down
tmueller@0
   614
			--
tmueller@0
   615
			local t, i = checkpath(config.sections, sectionpath)
tmueller@0
   616
			if t and i < #t then
tmueller@0
   617
				local item = table.remove(t, i)
tmueller@0
   618
				table.insert(t, i + 1, item)
tmueller@0
   619
				reload = true
tmueller@0
   620
			end
tmueller@20
   621
		
tmueller@0
   622
		elseif args.actioncreateprofile and args.createprofile then
tmueller@0
   623
			--
tmueller@0
   624
			--	create profile
tmueller@0
   625
			--
tmueller@0
   626
			local c = checkprofilename(args.createprofile:lower())
tmueller@0
   627
			if c == profile then
tmueller@0
   628
				useralert = { text = loc("ALERT_CANNOT_COPY_PROFILE_TO_SELF") }
tmueller@0
   629
			else
tmueller@0
   630
				local profiles = getprofiles(config.contentdir, lang)
tmueller@0
   631
				if profiles[c] and not args.actionconfirm then
tmueller@20
   632
					useralert = {
tmueller@20
   633
						text = c == pubprofile and 
tmueller@0
   634
							loc("ALERT_OVERWRITE_PUBLISHED_PROFILE") or
tmueller@0
   635
							loc("ALERT_OVERWRITE_EXISTING_PROFILE"),
tmueller@0
   636
						confirm =
tmueller@20
   637
							'<input type="submit" name="actioncreateprofile" value="' .. 
tmueller@20
   638
							loc("OVERWRITE") .. '" /> ' ..
tmueller@20
   639
							hidden("actionconfirm", "true") .. 
tmueller@20
   640
							hidden("createprofile", c)
tmueller@20
   641
					}
tmueller@0
   642
				else
tmueller@0
   643
					if profiles[c] then
tmueller@0
   644
						deletedir(config.contentdir .. "/" .. c .. "_" .. lang)
tmueller@0
   645
					end
tmueller@0
   646
					copyprofile(config.contentdir, lang, profile, c)
tmueller@0
   647
				end
tmueller@0
   648
			end
tmueller@20
   649
		
tmueller@0
   650
		elseif args.actiondeleteprofile and args.deleteprofile then
tmueller@0
   651
			--
tmueller@0
   652
			--	delete profile
tmueller@0
   653
			--
tmueller@0
   654
			local c = checkprofilename(args.deleteprofile:lower())
tmueller@20
   655
			assert(c ~= pubprofile,
tmueller@20
   656
				dbmsg(loc("CANNOT_DELETE_PUBLISHED_PROFILE"), c))
tmueller@0
   657
			if args.actionconfirm then
tmueller@0
   658
				deletedir(config.contentdir .. "/" .. c .. "_" .. lang)
tmueller@0
   659
				profile = nil
tmueller@0
   660
				args.profile = nil
tmueller@20
   661
				
tmueller@20
   662
				init() -- reinitialize - for getting new sectionfname etc.
tmueller@20
   663
				
tmueller@0
   664
				reload = true
tmueller@0
   665
			else
tmueller@20
   666
				useralert = { 
tmueller@20
   667
					text = loc("ALERT_DELETE_PROFILE"),
tmueller@20
   668
					confirm = 
tmueller@20
   669
						'<input type="submit" name="actiondeleteprofile" value="' .. 
tmueller@20
   670
						loc("DELETE") .. '" /> ' ..
tmueller@20
   671
						hidden("actionconfirm", "true") ..
tmueller@20
   672
						hidden("deleteprofile", c)
tmueller@20
   673
				}
tmueller@0
   674
			end
tmueller@20
   675
		
tmueller@0
   676
		elseif args.actionchangeprofile and args.changeprofile then
tmueller@0
   677
			--
tmueller@0
   678
			--	change profile
tmueller@0
   679
			--
tmueller@0
   680
			local c = checkprofilename(args.changeprofile:lower())
tmueller@0
   681
			profile = c
tmueller@0
   682
			args.profile = c
tmueller@0
   683
			reload = true
tmueller@20
   684
		
tmueller@0
   685
		elseif args.actionpublishprofile and args.publishprofile then
tmueller@0
   686
			--
tmueller@0
   687
			--	publish profile
tmueller@0
   688
			--
tmueller@0
   689
			local c = checkprofilename(args.publishprofile:lower())
tmueller@0
   690
			if c ~= _publicprofile then
tmueller@0
   691
				if args.actionconfirm then
tmueller@0
   692
					publishprofile(config.contentdir, lang, c)
tmueller@0
   693
					reload = true
tmueller@0
   694
				else
tmueller@20
   695
					useralert = {
tmueller@20
   696
						text = loc("ALERT_PUBLISH_PROFILE"),
tmueller@20
   697
						confirm =
tmueller@20
   698
							'<input type="submit" name="actionpublishprofile" value="' ..
tmueller@20
   699
							loc("PUBLISH") .. '" /> ' ..
tmueller@20
   700
							hidden("actionconfirm", "true") ..
tmueller@20
   701
							hidden("publishprofile", c)
tmueller@20
   702
					}
tmueller@20
   703
				end
tmueller@20
   704
			end
tmueller@0
   705
		end
tmueller@0
   706
		
tmueller@20
   707
		if reload == true then
tmueller@0
   708
			--
tmueller@0
   709
			--	write sections, reload
tmueller@0
   710
			--
tmueller@0
   711
			local tempname = sectionfname .. ".temp"
tmueller@0
   712
			local f, msg = open(tempname, "wb")
tmueller@20
   713
			assert(f, dbmsg("Error opening section file for writing", msg))
tmueller@0
   714
			tek.dump(config.sections, function(...)
tmueller@0
   715
				f:write(unpack(arg))
tmueller@0
   716
			end)
tmueller@0
   717
			f:close()
tmueller@0
   718
			local success, msg = rename(tempname, sectionfname)
tmueller@20
   719
			assert(success, dbmsg("Error renaming section file", msg))
tmueller@0
   720
			init()
tmueller@0
   721
		end
tmueller@0
   722
	
tmueller@0
   723
	elseif args.editkey and checksectionname(args.editkey) then
tmueller@0
   724
		if args.actiondelete then
tmueller@0
   725
			--
tmueller@0
   726
			--	delete node in secondary editable section:
tmueller@0
   727
			--
tmueller@20
   728
			deletenode(contentdir,
tmueller@20
   729
				sectionpath:gsub("/", "_") .. "." .. args.editkey)
tmueller@0
   730
		end
tmueller@0
   731
	end
tmueller@0
   732
end
tmueller@0
   733
tmueller@0
   734
tmueller@0
   735
--	load configuration
tmueller@0
   736
tmueller@0
   737
config = source("../etc/config.lua") or { }
tmueller@20
   738
config.passwdfile = posix.abspath(config.passwdfile or "../etc/passwd.lua")
tmueller@0
   739
config.sessiondir = posix.abspath(config.sessiondir or "../var/sessions")
tmueller@0
   740
config.extdir = posix.abspath(config.extdir or "../extensions")
tmueller@20
   741
config.contentdir = posix.abspath(config.contentdir or "../content")
tmueller@20
   742
config.localedir = posix.abspath(config.localedir or "../locale")
tmueller@0
   743
config.defname = config.defname or "home"
tmueller@0
   744
config.deflang = config.deflang or "en"
tmueller@20
   745
config.sessionmaxage = config.sessionmaxage or 600
tmueller@0
   746
config.secureport = config.secureport or 443
tmueller@0
   747
tmueller@20
   748
tmueller@0
   749
--	manage login and establish session
tmueller@0
   750
tmueller@0
   751
session.init(config.sessiondir, args.session, config.sessionmaxage)
tmueller@0
   752
if args.login then
tmueller@0
   753
	if args.login == "false" then
tmueller@0
   754
		session.delete()
tmueller@0
   755
		session = nil
tmueller@0
   756
	elseif args.password then
tmueller@0
   757
		local pwddb = source(config.passwdfile)
tmueller@0
   758
		local pwdentry = pwddb[args.login]
tmueller@0
   759
		if pwdentry and pwdentry.password == args.password then
tmueller@0
   760
			session.data.authuser = pwdentry.username
tmueller@0
   761
			session.data.id = session.id
tmueller@0
   762
		end
tmueller@0
   763
	end
tmueller@0
   764
end
tmueller@0
   765
tmueller@20
   766
secure = cgi.request.Port == config.secureport
tmueller@20
   767
authuser = session and session.data.authuser
tmueller@20
   768
tmueller@20
   769
if not authuser then
tmueller@0
   770
	session = nil
tmueller@0
   771
	args.session = nil
tmueller@0
   772
end
tmueller@0
   773
tmueller@20
   774
-- get lang, locale, profile, section
tmueller@0
   775
tmueller@0
   776
init()
tmueller@0
   777
tmueller@0
   778
-- handle state modifications
tmueller@20
   779
tmueller@0
   780
if authuser then
tmueller@0
   781
	handlestate()
tmueller@0
   782
end
tmueller@0
   783
tmueller@0
   784
-- current document
tmueller@20
   785
tmueller@0
   786
document = cgi.document.Name
tmueller@0
   787
document = sectionpath and document .. "/" .. sectionpath
tmueller@0
   788
tmueller@0
   789
-- get content filename from section path
tmueller@20
   790
tmueller@0
   791
local fname = sectionpath:gsub("/", "_")
tmueller@0
   792
tmueller@0
   793
-- add links for creating new nodes
tmueller@20
   794
tmueller@0
   795
if authuser then
tmueller@20
   796
	local newent = { name = "new", 
tmueller@20
   797
		label = "[" .. loc("NEW") .. "]",
tmueller@20
   798
		action = "actionnew=true" }
tmueller@0
   799
	for _, s in ipairs(submenus) do
tmueller@20
   800
		table.insert(s.entries, newent)
tmueller@0
   801
	end
tmueller@0
   802
	if submenus[#submenus].name then
tmueller@20
   803
		table.insert(submenus, {
tmueller@20
   804
			name = "new", 
tmueller@20
   805
			entries = { [1] = newent }
tmueller@20
   806
		})
tmueller@0
   807
	end
tmueller@0
   808
end
tmueller@0
   809
tmueller@0
   810
--	create section function
tmueller@0
   811
tmueller@0
   812
local func, msg = loadhtml(open("loona/editable.lua"),
tmueller@0
   813
	"tek.web.out", "loona/editable.lua")
tmueller@0
   814
tmueller@20
   815
assert(func, dbmsg("Syntax error", msg))
tmueller@0
   816
tmueller@0
   817
local editable = func()
tmueller@0
   818
tmueller@0
   819
function body(name)
tmueller@0
   820
	name = checksectionname(name)
tmueller@0
   821
	if name == "main" then
tmueller@0
   822
		dosnippet(config, editable("main", contentdir, fname, fname))
tmueller@0
   823
	else
tmueller@0
   824
		local ext = "." .. name
tmueller@0
   825
		dosnippet(config, editable(name, contentdir,
tmueller@20
   826
			getsectionfile(submenus, contentdir, ext), fname .. ext))
tmueller@0
   827
	end
tmueller@0
   828
end
tmueller@0
   829
tmueller@0
   830
--	write back session state
tmueller@0
   831
tmueller@0
   832
if session then
tmueller@0
   833
	session.save()
tmueller@0
   834
end
tmueller@0
   835
tmueller@0
   836
tmueller@0
   837
-- do
tmueller@0
   838
-- 	local f = open("/tmp/foo", "wb")
tmueller@0
   839
-- 	tek.dump(config.sections, function(s)
tmueller@0
   840
-- 		f:write(s)
tmueller@0
   841
-- 	end)
tmueller@0
   842
-- end
tmueller@0
   843