use acls in edit processing

author Paul Hänsch <paul@plutz.net>

Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)

committer Paul Hänsch <paul@plutz.net>

Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)
author Paul Hänsch <paul@plutz.net>
Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)
committer Paul Hänsch <paul@plutz.net>
Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)
diff --git a/page_edit.sh b/page_edit.sh

index b5beeaf8e0fcdb022e59d2aa945e81e581627829..ca70c676c505df342ad4c989dd1fc79524309c89 100755 (executable)
--- a/page_edit.sh
+++ b/page_edit.sh
@@ -26,9 +26,8 @@ if [ "$edit_page" = "$PATH_INFO" ]; then
    # END EDIT SCRIPT, continue in index.cgi
  
  elif [ "$edit_action" = update ]; then
-  mkdir -p -- "${edit_file%/#page.md}"
-
-  if S_LOCK "$edit_file"; then
+  if mkdir -p -- "${edit_file%/#page.md}" \
+       && S_LOCK "$edit_file"; then
      POST pagetext >"$edit_file"
      S_RELEASE "$edit_file"
      REDIRECT "${_BASE}${PATH_INFO%\[edit\]}"
@@ -41,13 +40,16 @@ elif [ "$edit_action" = cancel ]; then
    S_RELEASE "$edit_file"
    REDIRECT "${_BASE}${PATH_INFO%\[edit\]}"
  
-elif mkdir -p -- "${edit_file%/#page.md}" && S_LOCK "$edit_file"; then
-  # Display editor page
-  SESSION_COOKIE
+elif ! acl_write "$edit_page"; then
+  theme_403
+
+elif mkdir -p -- "${edit_file%/#page.md}" \
+     && S_LOCK "$edit_file"; then
    theme_editor "$edit_page"
  
  else
-  export ERRMSG="ERR_NOLOCK"
-  theme_page "$edit_page"
+  printf 'Refresh: %i; url=%s\r\n' 4 ../
+  export ERROR_MSG="Unable to lock page for editing"
+  theme_409
  
  fi
author	Paul Hänsch <paul@plutz.net>
	Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)
committer	Paul Hänsch <paul@plutz.net>
	Wed, 11 May 2022 16:19:44 +0000 (18:19 +0200)