changeset 5515:28d3928f6e6e

xmlrpc: invalidate user object setup by the moin session/auth code (details below) If you need a valid user for xmlrpc calls, please use a multicall and getAuthToken / applyAuthToken (see some samples in MoinMoin/script/...). Removed some old scripts that only worked (until this changeset) if you had http auth and used that to authenticate. For many users who do not have http auth anyway, this is overly complicated and can be done more easily as mentioned above. See MoinMoin/script/xmlrpc/write.py (command: moin ... xmlrpc write ...) for some example code.
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sun, 07 Feb 2010 23:04:09 +0100
parents 09de6f176a91
children 5359bfdf91ba aa99f8e782dc
files MoinMoin/script/old/xmlrpc-tools/WhoAmI.py MoinMoin/script/old/xmlrpc-tools/wikibackup.py MoinMoin/script/old/xmlrpc-tools/wikirestore.py MoinMoin/xmlrpc/__init__.py
diffstat 4 files changed, 4 insertions(+), 115 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/script/old/xmlrpc-tools/WhoAmI.py	Sun Feb 07 20:03:03 2010 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,26 +0,0 @@
-#!/usr/bin/env python
-"""
-This script checks whether the wiki authenticates and trusts you.
-
-It calls the TrustMe.py xmlrpc plugin. To use http auth, you need to configure
-the srcwiki with auth = [http, moin_cookie] in its wikiconfig.
-
-GPL software, 2005 Thomas Waldmann
-"""
-
-def run():
-    user = "ThomasWaldmann"
-    password = "wrong"
-
-    import sys, xmlrpclib
-    sys.path.insert(0, '../../..')
-    from MoinMoin.support.BasicAuthTransport import BasicAuthTransport
-
-    srctrans = BasicAuthTransport(user, password)
-    srcwiki = xmlrpclib.ServerProxy("http://master.moinmo.in/?action=xmlrpc2", transport=srctrans)
-
-    print srcwiki.WhoAmI()
-
-if __name__ == "__main__":
-    run()
-
--- a/MoinMoin/script/old/xmlrpc-tools/wikibackup.py	Sun Feb 07 20:03:03 2010 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,45 +0,0 @@
-#!/usr/bin/env python
-"""
-This script gets all Pages from a wiki via xmlrpc and
-stores them into a backup file. We use wiki rpc v2 here.
-
-Important note:
-
-This script ONLY handles the current versions of the wiki pages.
-
-It does NOT handle:
-    * event or edit logs (page history)
-    * old versions of pages
-    * attachments
-    * user account data
-    * MoinMoin code or config running the wiki
-
-So this is definitely NOT a complete backup.
-
-GPL software, 2003-08-10 Thomas Waldmann
-"""
-def run():
-    import xmlrpclib
-    from MoinMoin.support.BasicAuthTransport import BasicAuthTransport
-    from MoinMoin.util import pickle, PICKLE_PROTOCOL
-
-    #user = "username"
-    #password = "xxxxxxxx"
-    #srctrans = BasicAuthTransport(user,password)
-    #srcwiki = xmlrpclib.ServerProxy("http://devel.linuxwiki.org/moin--cvs/__xmlrpc/?action=xmlrpc2", transport=srctrans)
-    srcwiki = xmlrpclib.ServerProxy("http://devel.linuxwiki.org/moin--cvs/?action=xmlrpc2")
-
-    backup = {}
-    allpages = srcwiki.getAllPages()
-    for pagename in allpages:
-        pagedata = srcwiki.getPage(pagename)
-        print "Got %s." % pagename
-        backup[pagename] = pagedata
-
-    backupfile = open("wikibackup.pickle", "w")
-    pickle.dump(backup, backupfile, PICKLE_PROTOCOL)
-    backupfile.close()
-
-if __name__ == "__main__":
-    run()
-
--- a/MoinMoin/script/old/xmlrpc-tools/wikirestore.py	Sun Feb 07 20:03:03 2010 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,44 +0,0 @@
-#!/usr/bin/env python
-"""
-This script reads a wikibackup.pickle file and puts
-all Pages contained there into a wiki via xmlrpc.
-We use wiki rpc v2 here.
-
-Important note:
-
-This script ONLY handles the current versions of the wiki pages.
-
-It does NOT handle:
-    * event or edit logs (page history)
-    * old versions of pages
-    * attachments
-    * user account data
-    * MoinMoin code or config running the wiki
-
-So this is definitely NOT a complete restore.
-
-GPL software, 2003-10-24 Thomas Waldmann
-"""
-def run():
-    import xmlrpclib
-    from MoinMoin.support.BasicAuthTransport import BasicAuthTransport
-    from MoinMoin.util import pickle
-
-    user = "ThomasWaldmann"
-    password = "xxxxxxxxxxxx"
-    dsttrans = BasicAuthTransport(user, password)
-    dstwiki = xmlrpclib.ServerProxy("http://devel.linuxwiki.org/moin--cvs/__xmlrpc/?action=xmlrpc2", transport=dsttrans)
-    #dstwiki = xmlrpclib.ServerProxy("http://devel.linuxwiki.org/moin--cvs/?action=xmlrpc2")
-
-    backupfile = open("wikibackup.pickle", "r")
-    backup = pickle.load(backupfile)
-    backupfile.close()
-
-    for pagename in backup:
-        pagedata = backup[pagename]
-        dstwiki.putPage(pagename, pagedata) # TODO: add error check
-        print "Put %s." % pagename
-
-if __name__ == "__main__":
-    run()
-
--- a/MoinMoin/xmlrpc/__init__.py	Sun Feb 07 20:03:03 2010 +0100
+++ b/MoinMoin/xmlrpc/__init__.py	Sun Feb 07 23:04:09 2010 +0100
@@ -132,6 +132,10 @@
                 # we do not handle xmlrpc v1 and v2 differently
                 response = xmlrpclib.Fault(1, "This moin wiki does not allow xmlrpc method calls.")
             else:
+                # overwrite any user there might be, if you need a valid user for
+                # xmlrpc, you have to use multicall and getAuthToken / applyAuthToken
+                self.request.user = user.User(self.request, auth_method='xmlrpc:invalid')
+
                 data = self.request.read(self.request.content_length)
 
                 try: