changeset 3790:4340777f31f9

remove backup action This code is quite unsafe and is totally incompatible with the storage abstraction.
author Johannes Berg <johannes AT sipsolutions DOT net>
date Tue, 24 Jun 2008 13:39:58 +0200
parents 9173925a53da
children 7f43f5c38310
files MoinMoin/action/backup.py MoinMoin/config/multiconfig.py docs/CHANGES
diffstat 3 files changed, 2 insertions(+), 166 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/action/backup.py	Tue Jun 24 13:16:03 2008 +0200
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,143 +0,0 @@
-# -*- coding: iso-8859-1 -*-
-"""
-    MoinMoin - make or restore a full backup of the wiki
-
-    Triggering backup action will check if you are authorized to do
-    a backup and if yes, just send a
-    <siteid>-<date>--<time>.tar.<format> to you.
-
-    @copyright: 2005 by MoinMoin:ThomasWaldmann
-    @license: GNU GPL, see COPYING for details.
-"""
-
-import os, re, time
-
-from MoinMoin import wikiutil
-from MoinMoin.support import tarfile
-
-def addFiles(path, tar, exclude):
-    """ Add files in path to tar """
-    for root, dirs, files in os.walk(path):
-        files.sort() # sorted page revs may compress better
-        for name in files:
-            path = os.path.join(root, name)
-            if exclude.search(path):
-                continue
-            tar.add(path)
-
-def sendBackup(request):
-    """ Send compressed tar file """
-    dateStamp = time.strftime("%Y-%m-%d--%H-%M-%S-UTC", time.gmtime())
-    filename = "%s-%s.tar.%s" % (request.cfg.siteid, dateStamp, request.cfg.backup_compression)
-    request.emit_http_headers([
-        "Content-Type: application/octet-stream",
-        "Content-Disposition: inline; filename=\"%s\"" % filename, ])
-
-    tar = tarfile.open(fileobj=request, mode="w|%s" % request.cfg.backup_compression)
-    # allow GNU tar's longer file/pathnames
-    tar.posix = False
-    exclude = re.compile("|".join(request.cfg.backup_exclude))
-    for path in request.cfg.backup_include:
-        addFiles(path, tar, exclude)
-    tar.close()
-
-def restoreBackup(request, pagename):
-    _ = request.getText
-    path = request.cfg.backup_storage_dir
-    filename = "%s.tar.%s" % (request.cfg.siteid, request.cfg.backup_compression)
-    filename = os.path.join(path, filename)
-    targetdir = request.cfg.backup_restore_target_dir
-    try:
-        tar = tarfile.open(fileobj=file(filename), mode="r|%s" % request.cfg.backup_compression)
-        # allow GNU tar's longer file/pathnames
-        tar.posix = False
-        files = []
-        dirs = []
-        for m in tar:
-            if m.isdir():
-                dirs.append("%s %s %s" % (m.name, m.size, m.mtime))
-            else:
-                files.append("%s %s %s" % (m.name, m.size, m.mtime))
-            tar.extract(m, targetdir)
-        tar.close()
-        #files = "<br>".join(files)
-        filecount = len(files)
-        dircount = len(dirs)
-        return sendMsg(request, pagename,
-            msg=_('Restored Backup: %(filename)s to target dir: %(targetdir)s.\nFiles: %(filecount)d, Directories: %(dircount)d') %
-                locals(), msgtype="info")
-    except:
-        return sendMsg(request, pagename, msg=_("Restoring backup: %(filename)s to target dir: %(targetdir)s failed.") % locals(), msgtype="info")
-
-def sendBackupForm(request, pagename):
-    _ = request.getText
-    request.emit_http_headers()
-    request.setContentLanguage(request.lang)
-    title = _('Wiki Backup / Restore')
-    request.theme.send_title(title, form=request.form, pagename=pagename)
-    request.write(request.formatter.startContent("content"))
-
-    request.write(_("""Some hints:
- * To restore a backup:
-  * Restoring a backup will overwrite existing data, so be careful.
-  * Rename it to <siteid>.tar.<compression> (remove the --date--time--UTC stuff).
-  * Put the backup file into the backup_storage_dir (use scp, ftp, ...).
-  * Hit the <<GetText(Restore)>> button below.
-
- * To make a backup, just hit the <<GetText(Backup)>> button and save the file
-   you get to a secure place.
-
-Please make sure your wiki configuration backup_* values are correct and complete.
-
-""", wiki=True))
-
-    request.write("""
-<form action="%(baseurl)s/%(pagename)s" method="POST" enctype="multipart/form-data">
-<input type="hidden" name="action" value="backup">
-<input type="hidden" name="do" value="backup">
-<input type="submit" value="%(backup_button)s">
-</form>
-
-<form action="%(baseurl)s/%(pagename)s" method="POST" enctype="multipart/form-data">
-<input type="hidden" name="action" value="backup">
-<input type="hidden" name="do" value="restore">
-<input type="submit" value="%(restore_button)s">
-</form>
-""" % {
-    'baseurl': request.getScriptname(),
-    'pagename': wikiutil.quoteWikinameURL(pagename),
-    'backup_button': _('Backup'),
-    'restore_button': _('Restore'),
-})
-
-    request.write(request.formatter.endContent())
-    request.theme.send_footer(pagename)
-    request.theme.send_closing_html()
-
-def sendMsg(request, pagename, msg, msgtype):
-    from MoinMoin import Page
-    request.theme.add_msg(msg, msgtype)
-    return Page.Page(request, pagename).send_page()
-
-def backupAllowed(request):
-    """ Return True if backup is allowed """
-    action = __name__.split('.')[-1]
-    user = request.user
-    return user.valid and user.name in request.cfg.backup_users
-
-def execute(pagename, request):
-    _ = request.getText
-    if not backupAllowed(request):
-        return sendMsg(request, pagename,
-                       msg=_('You are not allowed to do remote backup.'), msgtype="error")
-
-    dowhat = request.form.get('do', [None])[0]
-    if dowhat == 'backup':
-        sendBackup(request)
-    elif dowhat == 'restore':
-        restoreBackup(request, pagename)
-    elif dowhat is None:
-        sendBackupForm(request, pagename)
-    else:
-        return sendMsg(request, pagename,
-                       msg=_('Unknown backup subaction: %s.') % dowhat, msgtype="error")
--- a/MoinMoin/config/multiconfig.py	Tue Jun 24 13:16:03 2008 +0200
+++ b/MoinMoin/config/multiconfig.py	Tue Jun 24 13:39:58 2008 +0200
@@ -324,7 +324,6 @@
         # we replace any string placeholders with config values
         # e.g u'%(page_front_page)s' % self
         self.navi_bar = [elem % self for elem in self.navi_bar]
-        self.backup_exclude = [elem % self for elem in self.backup_exclude]
 
         # check if python-xapian is installed
         if self.xapian_search:
@@ -660,7 +659,7 @@
   # ==========================================================================
   'auth': ('Authentication / Authorization / Security settings', None, (
     ('superuser', [],
-     "List of trusted user names with wiki system administration super powers (not to be confused with ACL admin rights!). Used for e.g. making full backups, software installation, language installation via SystemPagesSetup and more. See also HelpOnSuperUser."),
+     "List of trusted user names with wiki system administration super powers (not to be confused with ACL admin rights!). Used for e.g. software installation, language installation via SystemPagesSetup and more. See also HelpOnSuperUser."),
     ('auth', DefaultExpression('[MoinAuth()]'),
      "list of auth objects, to be called in this order (see HelpOnAuthentication)"),
     ('auth_methods_trusted', ['http', 'xmlrpc_applytoken'],
@@ -1093,22 +1092,6 @@
        "User object attributes that are not persisted to permanent storage (internal use)."),
     )),
 
-    'backup': ('Backup', None, (
-      ('compression', 'gz', None),
-      ('users', [], None),
-      ('include', [], None),
-      ('exclude',
-       [
-        r"(.+\.py(c|o)$)",
-        r"%(cache_dir)s",
-        r"%(/)spages%(/)s.+%(/)scache%(/)s[^%(/)s]+$" % {'/': os.sep},
-        r"%(/)s(edit-lock|event-log|\.DS_Store)$" % {'/': os.sep},
-       ],
-       None),
-      ('storage_dir', '/tmp', None),
-      ('restore_target_dir', '/tmp', None),
-    )),
-
     'openid_server': ('OpenID Server',
         'These settings control the built-in OpenID Identity Provider (server).',
     (
--- a/docs/CHANGES	Tue Jun 24 13:16:03 2008 +0200
+++ b/docs/CHANGES	Tue Jun 24 13:39:58 2008 +0200
@@ -25,11 +25,6 @@
     editor_force = True
     editor_default = 'text'  # internal default, just for completeness
 
-  * "Backup" and especially "Restore" action have some issues, so please DON'T
-    USE THEM except if you want to help debugging and improving it and after
-    having made a backup with some other, proven method.
-    USE BOTH ON YOUR OWN RISK!
-
 
 Version 1.8.0current:
 
@@ -40,6 +35,7 @@
     * url_prefix setting
     * traceback_log_dir setting (we just use logging.exception)
     * editor_quickhelp setting (replaced by per-parser quickhelp)
+    * backup action and associated settings
 
   New Features:
     * per-parser quickhelp, 'quickhelp' class variable of parser class