changeset 6060:6a64e0b3b330

log failed page edit attempts with the abuse logger
author 'Karl O. Pinc' <kop@meme.com>
date Wed, 03 Sep 2014 22:43:26 -0500
parents fde5fea5986a
children 50251583a7bb
files MoinMoin/PageEditor.py
diffstat 1 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/PageEditor.py	Thu Aug 21 16:51:58 2014 +0200
+++ b/MoinMoin/PageEditor.py	Wed Sep 03 22:43:26 2014 -0500
@@ -27,6 +27,7 @@
 from MoinMoin.mail.sendmail import encodeSpamSafeEmail
 from MoinMoin.support.python_compatibility import set
 from MoinMoin.util import filesys, timefuncs, web
+from MoinMoin.util.abuse import log_attempt
 from MoinMoin.events import PageDeletedEvent, PageRenamedEvent, PageCopiedEvent, PageRevertedEvent
 from MoinMoin.events import PagePreSaveEvent, Abort, send_event
 import MoinMoin.events.notification as notification
@@ -603,6 +604,7 @@
 
         if not (request.user.may.delete(self.page_name)
                 and request.user.may.write(newpagename)):
+            log_attempt('edit: rename', False, request)
             msg = _('You are not allowed to rename this page!')
             raise self.AccessDenied(msg)
 
@@ -710,6 +712,7 @@
         success = True
         if not (request.user.may.write(self.page_name)
                 and request.user.may.delete(self.page_name)):
+            log_attempt('edit: delete', False, request)
             msg = _('You are not allowed to delete this page!')
             raise self.AccessDenied(msg)
 
@@ -1074,9 +1077,11 @@
 
         msg = ""
         if not request.user.may.save(self, newtext, rev, **kw):
+            log_attempt('edit: edit', False, request)
             msg = _('You are not allowed to edit this page!')
             raise self.AccessDenied(msg)
         elif not self.isWritable():
+            log_attempt('edit: immutable', False, request)
             msg = _('Page is immutable!')
             raise self.Immutable(msg)
         elif not newtext:
@@ -1120,6 +1125,7 @@
             if (not request.user.may.admin(self.page_name) and
                 parseACL(request, newtext).acl != acl.acl and
                 action != "SAVE/REVERT"):
+                log_attempt('edit: acl', False, request)
                 msg = _("You can't change ACLs on this page since you have no admin rights on it!")
                 raise self.NoAdmin(msg)