| |
@@ -42,28 +42,37 @@
|
| |
'decision': 'deny'},
|
| |
{'action': action,
|
| |
'page': data['page']['title'],
|
| |
+ 'author': data['page']['user'],
|
| |
'revision': data.get('revision', None),
|
| |
'decision': 'deny'},
|
| |
{'action': 'fedora.fas.registration',
|
| |
'username': data['page']['user'].lower(),
|
| |
'decision': 'deny'}]
|
| |
|
| |
- def _get_csrf_token(self, page):
|
| |
+ def _get_csrf_token(self, tokentype, page):
|
| |
self.log.debug('Getting CSRF token for deleting of %s' % page)
|
| |
|
| |
ver = self.core.wikiversion
|
| |
if ver[1] <= 24:
|
| |
self.log.debug('Old version')
|
| |
- info = self.core.wikiclient.raw_api('query', titles=page, prop='info', intoken='delete')
|
| |
- info = info['query']['pages']
|
| |
- info = info[info.keys()[0]]
|
| |
- token = info['deletetoken']
|
| |
+ if tokentype == 'csrf':
|
| |
+ # CSRF is used for deletion
|
| |
+ info = self.core.wikiclient.raw_api('query', prop='info', titles=page, intoken='delete')
|
| |
+ info = info['query']['pages']
|
| |
+ info = info[info.keys()[0]]
|
| |
+ token = info['deletetoken']
|
| |
+ elif tokentype == 'rollback':
|
| |
+ info = self.core.wikiclient.raw_api('query', prop='revisions', rvtoken='rollback', titles=page)
|
| |
+ raise Exception('Token response: %s' % info)
|
| |
+ raise NotImplementedError()
|
| |
+ else:
|
| |
+ raise NotImplementedError('Invalid token type %s requested' % tokentype)
|
| |
else:
|
| |
# The author of Basset does not have access to a new version...
|
| |
# The old code does still work for now, so you could bump up the ver[1] check above
|
| |
raise Exception('This code is untested')
|
| |
self.log.debug('New version')
|
| |
- info = self.core.wikiclient.raw_api('query', meta='tokens', type='csrf')
|
| |
+ info = self.core.wikiclient.raw_api('query', meta='tokens', type=tokentype)
|
| |
token = info['query']['tokens']['csrftoken']
|
| |
|
| |
self.log.debug('Token: %s' % token)
|
| |
@@ -71,7 +80,7 @@
|
| |
return token
|
| |
|
| |
def _delete_page(self, page):
|
| |
- token = self._get_csrf_token(page)
|
| |
+ token = self._get_csrf_token('csrf', page)
|
| |
result = self.core.wikiclient.raw_api('delete',
|
| |
title=page,
|
| |
token=token,
|
| |
@@ -82,8 +91,15 @@
|
| |
else:
|
| |
return True
|
| |
|
| |
- def _revert_page(self, page):
|
| |
- raise NotImplementedError()
|
| |
+ def _revert_page(self, page, author):
|
| |
+ token = self._get_csrf_token('rollback', page)
|
| |
+ result = self.core.wikiclient.raw_api('rollback',
|
| |
+ title=page,
|
| |
+ user=author,
|
| |
+ token=token,
|
| |
+ summary='Automatically rolled back by Basset',
|
| |
+ markbot=True)
|
| |
+ raise Exception('Result: %s' % result)
|
| |
|
| |
def handle(self, decision):
|
| |
if not self.coreconfig.get('core', 'do_wiki') == 'true':
|
| |
@@ -94,8 +110,7 @@
|
| |
if decision['action'] == 'mediawiki.new':
|
| |
return self._delete_page(decision['page'])
|
| |
elif decision['action'] == 'mediawiki.edit':
|
| |
- return self._delete_page(decision['page'])
|
| |
- #return self._revert_page(decision['page'], decision['revision'])
|
| |
+ return self._revert_page(decision['page'], decision['author'])
|
| |
elif decision['decision'] == 'manual':
|
| |
# TODO: Send notification to the admin
|
| |
self.error('Mediawiki page requires manual check!')
|
| |
