Mercurial > p > roundup > code
annotate tools/fixroles.py @ 6282:d30501bafdfb
issue2551098: markdown links missing rel="noreferer nofollow"
Links generated by all markdown backends are missing the noopener and
nofollow relation that roundup's normal text -> html core adds to
prevent security issues and link spam.
Now rel="nofollow" is added to links generated by markdown2 backends
and rel="nofollow noopener" for mistune and markdown backends.
Markdown2 isn't as programable as the other two backends so I used the
built-in nofollow support. This means that a user that generates a
link that opens in a new window can manpulate the parent window.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 31 Oct 2020 14:51:16 -0400 |
| parents | 52c8324d1539 |
| children |
| rev | line source |
|---|---|
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 import sys |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 from roundup import admin |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 class AdminTool(admin.AdminTool): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 def __init__(self): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 self.commands = admin.CommandDict() |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 for k in AdminTool.__dict__.keys(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 if k[:3] == 'do_': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
10 self.commands[k[3:]] = getattr(self, k) |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
11 self.help = {} |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
12 for k in AdminTool.__dict__.keys(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
13 if k[:5] == 'help_': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
14 self.help[k[5:]] = getattr(self, k) |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
15 self.instance_home = '' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
16 self.db = None |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
17 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
18 def do_fixroles(self, args): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
19 '''Usage: fixroles |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
20 Set the roles property for all users to reasonable defaults. |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
21 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
22 The admin user gets "Admin", the anonymous user gets "Anonymous" |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
23 and all other users get "User". |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
24 ''' |
| 2410 | 25 # get the user class |
| 26 cl = self.get_class('user') | |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
27 for userid in cl.list(): |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
28 username = cl.get(userid, 'username') |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
29 if username == 'admin': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
30 roles = 'Admin' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
31 elif username == 'anonymous': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
32 roles = 'Anonymous' |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
33 else: |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
34 roles = 'User' |
| 2410 | 35 cl.set(userid, roles=roles) |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
36 return 0 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
37 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
38 if __name__ == '__main__': |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
39 tool = AdminTool() |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
40 sys.exit(tool.main()) |