[shellwiki] / handlers / 40_edit_attachment.sh

#!/bin/sh

# Copyright 2022 - 2023 Paul Hänsch
# 
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
# 
# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
# IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

REV_ATTACHMENTS="${REV_ATTACHMENTS:-false}"

if [ "${PATH_INFO##*/\[attachment\]}" ]; then
  # Skip any action not happening on attachment page
  return 1
fi

page="${PATH_INFO%\[attachment\]}"
action="$(POST action)"

tsid="$(POST session_key)"; tsid="${tsid%% *}"


if ! acl_write "${PATH_INFO%\[attachment\]}"; then
  # Deny access to write protected pages
  printf 'Refresh: %i\r\n' 4
  theme_error 403
  [ "${CONTENT_TYPE%%;*}" = "multipart/form-data" ] \
  && head -c $((CONTENT_LENGTH)) >/dev/null
  return 0

elif [ "${CONTENT_TYPE%%;*}" = "multipart/form-data" ]; then
  . "$_EXEC/multipart.sh"
  multipart_cache

  # Use positional parameters for filename collection
  # The positional array is the only array available
  # in plain posix shells, see the documentation for
  # your shells "set" builtin for a hint to this
  # obscure use mode
  set --

  # Validate session id from form to prevent CSRF
  # Only validate if username is present, because no username means
  # anonymous uploads are allowed via acl and cgilite/session.sh does not
  # validate anonymous sessions from a multipart/formdata
  if [ "$USER_NAME" -a "$(multipart session_id)" != "$SESSION_ID" ]; then
    rm -- "$multipart_cachefile"
    printf 'Refresh: %i\r\n' 4
    theme_error 403
    return 0
  fi

  mkdir -p "$_DATA/pages${page}#attachments/"
  n=1; while filename=$(multipart_filename "file" "$n"); do
    filename="$(printf %s "$filename" |tr /\\0 __)"
    set -- "$@" "pages${page}#attachments/$filename"
    multipart "file" "$n" >"$_DATA/pages${page}#attachments/$filename"
    n=$((n + 1))
  done
  rm -- "$multipart_cachefile"
  if [ "$REV_ATTACHMENTS" = true ]; then
    git -C "$_DATA" add -- "$@"
    git -C "$_DATA" commit -qm "Attachments to # $page # uploaded by @ $USER_NAME @" -- "$@"
  fi
  REDIRECT "${_BASE}${PATH_INFO}"

elif [ "$SESSION_ID" != "$tsid" ]; then
  # Match session key from POST-Data to prevent CSRF:
  # For authenticated users the POST session_key must match
  # the session key used for authentication (usually from a
  # cookie). This should ensure that POST requests were not
  # triggered by malicious 3rd party sites freeriding on an
  # existing user authentication.
  # For pages that are writable by anonymous users, this is
  # not reliable.

  printf 'Refresh: %i\r\n' 4
  theme_error 403
  return 0
fi

if [ "$action" = delete -o "$action" = move ]; then
  set --
  n="$(POST_COUNT select)"; while [ $n -gt 0 ]; do
    select="$(POST select $n |PATH)"
    set -- "$@" "pages${page}#attachments/${select##*/}"
    n=$((n - 1))
  done
fi

if [ "$action" = delete ]; then
  if [ "$REV_ATTACHMENTS" = true ]; then
    git -C "$_DATA" rm -- "$@"
    git -C "$_DATA" commit -qm \
        "Attachment to # $page # deleted by @ $USER_NAME @" -- "$@"
  else
    ( cd "$_DATA" && rm -- "$@"; )
  fi
  REDIRECT "${_BASE}${PATH_INFO}"

elif [ "$action" = move ]; then
  moveto="$(POST moveto |PATH)"

  if ! acl_write "$moveto"; then
    printf 'Refresh: %i\r\n' 4
    theme_error 403
    return 0

  elif [ ! -d "${_DATA}/pages${moveto}" ]; then
    printf 'Refresh: %i\r\n' 4
    theme_error 404
    return 0

  elif [ "$REV_ATTACHMENTS" = true ]; then
    mkdir -p -- "${_DATA}/pages${moveto}/#attachments"
    git -C "$_DATA" mv -f -- "$@" "pages${moveto}/#attachments/"

    cnt=$#; while [ $cnt -gt 0 ]; do
      set -- "$@" "$1" "pages/${moveto}/#attachments/${1##*/}"
      cnt=$((cnt - 1)); shift 1
    done

    git -C "$_DATA" commit -qm \
        "Attachment moved from # $page # to # $moveto # by @ $USER_NAME @" -- "$@"
  else
    mkdir -p -- "${_DATA}/pages${moveto}/#attachments"
    ( cd "$_DATA" && mv -- "$@" "pages${moveto}/#attachments/"; )
  fi
  REDIRECT "${_BASE}${PATH_INFO}"

elif [ "$action" = rename ]; then
  fail='' success=''
  set --

  for file in "${_DATA}/pages${page}#attachments"/*; do
    rename="$(POST rename_"$(slopecode "${file##*/}" |sed 's;=;%3D;g')")"

    if [ "$REV_ATTACHMENTS" = true -a \
         -f "${file}" -a \
         "$rename" -a \
         "${rename%/*}" = "${rename}" -a \
         ! -e "${_DATA}/pages${page}#attachments/${rename}" ] \
       && git -C "$_DATA" mv -- "pages${page}#attachments/${file##*/}" "pages${page}#attachments/${rename}"; then
      success="${success}$(HTML "${file##*/}/${rename}")${BR}"
      set -- "$@" "pages${page}#attachments/${file##*/}" "pages${page}#attachments/${rename}"

    elif [ "$REV_ATTACHMENTS" = true -a "${rename}" ]; then
      fail="${fail}$(HTML "${file##*/}/${rename}")${BR}"

    elif [ -f "${file}" -a \
           "$rename" -a \
           "${rename%/*}" = "${rename}" -a \
           ! -e "${_DATA}/pages${page}#attachments/${rename}" ] \
         && mv -- "${file}" "${_DATA}/pages${page}#attachments/${rename}"; then
      success="${success}$(HTML "${file##*/}/${rename}")${BR}"

    elif [ "${rename}" ]; then
      fail="${fail}$(HTML "${file##*/}/${rename}")${BR}"

    fi
  done

  if [ "$REV_ATTACHMENTS" = true -a $# -gt 2 ]; then
    git -C "$_DATA" commit -qm \
        "Attachment files renamed by @ $USER_NAME @" -- "$@"
  elif [ "$REV_ATTACHMENTS" = true -a $# -eq 2 ]; then
    git -C "$_DATA" commit -qm \
        "Attachment file renamed by @ $USER_NAME @" -- "$@"
  fi

  if [ "$success" -a "$fail" ]; then
    printf "%s\r\n" "Status: 500 Internal Server Error"
    theme_page - "$(_ "Attachment rename")" <<-EOF
        <h1 class="rename partial">$(_ Some files could not be renamed)</h1>
        <h2 class="rename success">$(_ Successfully renamed:)</h2>
        <ul class="rename success">
        $(printf %s "$success" |while read html; do
          printf '<li><span class=from>%s</span> -&gt; <span class=to>%s</span></li>' \
                 "${html%%/*}" "${html##*/}"
        done)
        </ul>
        <h2 class="rename fail">$(_ Errors:)</h2>
        <ul class="rename fail">
        $(printf %s "$fail" |while read html; do
          printf '<li><span class=from>%s</span> -&gt; <span class=to>%s</span></li>' \
                 "${html%%/*}" "${html##*/}"
        done)
        </ul>
        <a class="button rename fail" href="[attachment]">$(_ OK)</a>
        EOF
    exit 0

  elif [ "$fail" ]; then
    printf "%s\r\n" "Status: 500 Internal Server Error"
    theme_page - "$(_ "Attachment rename")" <<-EOF
        <h1 class="rename fail">$(_ "Files could not be renamed")</h1>
        <ul class="rename fail">
        $(printf %s "$fail" |while read html; do
          printf '<li><span class=from>%s</span> -&gt; <span class=to>%s</span></li>' \
                 "${html%%/*}" "${html##*/}"
        done)
        </ul>
        <a class="button rename fail" href="[attachment]">$(_ OK)</a>
        EOF
    exit 0

  elif [ "$success" ]; then
    printf 'Refresh: %i\r\n' 4
    theme_page - "Attachment rename" <<-EOF
        <h1 class="rename success">$(_ Files were renamed)</h1>
        <ul class="rename success">
        $(printf %s "$success" |while read html; do
          printf '<li><span class=from>%s</span> -&gt; <span class=to>%s</span></li>' \
                 "${html%%/*}" "${html##*/}"
        done)
        </ul>
        <a class="button rename success" href="[attachment]">$(_ OK)</a>
        EOF
    exit 0

  else
    REDIRECT "${_BASE}${PATH_INFO}"

  fi
fi

return 1