microengine 0.0.1

data/README

@@ -0,0 +1,102 @@
+= MicroEngine - fast and minimalistic site engine
+
+MicroEngine is a fast, simple and minimalistic site engine. It be created for 
+simple sites, which only share information (maybe in some languages) and 
+has web interface to edit, create and delete pages.
+
+MicroEngine has a good support for i18n. User languages will be detected 
+automatically. Search engines will be storage page on all languages.
+
+MicroEngine didn't use database. Information is storage in files and may be
+cached in memory on engine loading.
+
+It's ideal for simple homepages.
+
+== Install
+
+=== Depends
+MicroEngine used only FastCGI, so your web server must be support it. 
+Apache must has mod_rewrite and mod_fastcgi modules.
+
+=== Gems
+
+# gem install microengine
+$ cd /SITE/DIR/
+$ microengine ./
+$ ./password YOUR_PASSWORD
+
+=== All-include package
+It is good choise for hosting where you hasn't root password or access to gem.
+Just download archive with all libraries and unpack it to neccesary dir.
+
+$ tar -xf microengine-*.tar.bz2
+$ mv microengine-* /SITE/DIR/
+$ cd /SITE/DIR/
+$ ./password YOUR_PASSWORD
+
+=== Apache example config
+After install MicroEngine files you must add this information to Apache config
+file. Note, if .htaccess isn't support, you must copy content of
+/PATH/TO/MICROENGINE/ROOT/public/.htaccess in <VirtualHost *> tag.
+
+  NameVirtualHost *
+  <VirtualHost *>
+      ServerName YOUR_SITE.COM
+      DocumentRoot /PATH/TO/MICROENGINE/ROOT/public/
+  </VirtualHost>
+
+=== Security
+Note that anyone can catch you admin password in Internet. So change http://
+to https:// in admin links to use SSL (if you web server support it).
+
+== Layouts
+You must always open www.YOUR_SITE.COM/admin/refresh/ after any 
+changing  of layout to refresh cache.
+
+Layout contain design and other HTML code, which was repeated in pages.
+Page contain header and body section, which will be put in layout. 
+
+Layout is saved in /layout/LAYOUT_NAME/ dir. This dir must contain layout.rhtml
+file and YAML files for translations with name like LANG.yaml (LANG is a 
+language code). All translation files must contain language.code and 
+language.title values.
+
+layout.rhtml is a simple ERB file with HTML. You may use Ruby code in <% and %> 
+tags. To insert some variable value use <%= variable %> . 
+See http://en.wikipedia.org/wiki/ERuby for details.
+
+There are some predefined variables in ERB:
+* header - Will be contain page header. Must be located in <head> tag.
+* body - Will be contain page body. Must be located in <body> tag.
+* languages - Will be contain HTML list with available page translations.
+* translation - Hash with layout translation form YAML files in layout dir.
+* path - path to current page.
+
+== Usage
+=== Web interface
+To edit or create page open URL www.YOUR_SITE.COM/admin/edit/PATH . 
+You must change PATH to path for you page. For example, if you want to create
+page www.example.com/films/best/ open www.example.com/admin/edit/films/best/
+
+To delete translation open www.YOUR_SITE.COM/admin/untranslate/PATH?lang=LANG .
+LANG must be changed to language code of deleting translation. For example,
+if you want to delete French translation of www.example.com/resume/ page
+input www.example.com/admin/untranslate/resume/?lang=fr
+
+To delete page (and all translations) open www.YOUR_SITE.COM/admin/delete/PATH .
+
+=== Manually edit
+You must always open www.YOUR_SITE.COM/admin/refresh/ after any file changing to
+refresh cache.
+
+You can also edit site manually. Site content saved in /content/ dir. 
+'layout' file contain layout name. There are files LANG.body and LANG.header 
+(LANG is a language code) for all translations exists  with body and header, 
+respectively.
+
+== License
+Microengine is licensed under the GNU General Public License version 3.
+You can read it in LICENSE file or in http://www.gnu.org/licenses/gpl.html .
+
+== Author
+Andrey "A.I." Sitnik <andrey@sitnik.ru>

data/Rakefile

@@ -0,0 +1,67 @@
+require 'rake'
+require 'rake/rdoctask'
+require 'rake/gempackagetask'
+require 'rake/contrib/rubyforgepublisher'
+
+PKG_NAME = "microengine"
+PKG_VERSION = "0.0.1"
+
+RUBY_FORGE_PROJECT = "microengine"
+RUBY_FORGE_USER = "iskin"
+
+PKG_FILES = FileList[
+  "bin/*", 
+  "content/**/*", 
+  "layouts/**/*", 
+  "lib/microengine/**/*", 
+  "public/**/*",
+  "access.log",
+  "LICENSE",
+  "password",
+  "Rakefile",
+  "README"]
+
+# RDoc
+Rake::RDocTask.new do |rd|
+  rd.main = "README"
+  rd.rdoc_files.include("README", "lib/microengine/*.rb")
+  rd.title = "MicroEngine"
+  rd.options << "--all"
+end
+
+# Gem
+spec = Gem::Specification.new do |s|
+  s.platform = Gem::Platform::RUBY
+  s.name = PKG_NAME
+  s.version = PKG_VERSION
+  s.summary = "MicroEngine is a fast, simple and minimalistic site engine."
+  s.description = <<-EOF
+    MicroEngine is a fast, simple and minimalistic site engine. 
+    It contain good i18n support and web interface to edit, create and delete pages.
+    It be created for simple sites, which only share information 
+    (maybe in some languages) like homepages.
+  EOF
+  
+  s.add_dependency 'fastcgi'
+  
+  s.files = PKG_FILES
+  s.require_path = 'lib'
+  s.bindir = "bin"
+  s.executables = ["microengine"]
+  s.default_executable = "microengine"
+  
+  s.author = 'Andrey "A.I." Sitnik'
+  s.email = "andrey@sitnik.ru"
+  s.homepage = "http://microengine.rubyforge.org"
+  s.rubyforge_project = RUBY_FORGE_PROJECT
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.gem_spec = spec
+end
+
+# All-include package
+Rake::PackageTask.new(PKG_NAME, PKG_VERSION) do |pkg|
+  pkg.need_tar_bz2 = true
+  pkg.package_files = PKG_FILES
+end

data/access.log

@@ -0,0 +1 @@
+E, [2008-01-26T20:17:16.989961 #10063] ERROR -- : /home/ai/Разработка/microengine/public/../lib/../access.log

data/content/403/en.body

@@ -0,0 +1,2 @@
+<h1>Access denied</h1>
+<p>Wrong password. Wait 5 seconds, <a href="javascript:history.back()">go back</a> and repeat it.</p>

data/content/403/en.header

@@ -0,0 +1 @@
+<title>403 - Access denied</title>

data/content/403/layout

@@ -0,0 +1 @@
+default

data/content/403/ru.body

@@ -0,0 +1,2 @@
+<h1>Доступ запрещён</h1>
+<p>Пароль неправильный. Подождите 5 секунд, <a href="javascript:history.back()">вернитесь</a> и повторите его.</p>

data/content/403/ru.header

@@ -0,0 +1 @@
+<title>403 - Доступ запрещён</title>

data/content/404/en.body

@@ -0,0 +1,5 @@
+<h1>This page isn't exist</h1>
+<ul>
+    <li>Page may change address or be deleted. Maybe you can find it from <a href="/">home page</a>.</li>
+    <li>If you entered the address manually please check your spelling.</li>
+</ul>

data/content/404/en.header

@@ -0,0 +1 @@
+<title>404 - This page isn't exist</title>

data/content/404/layout

@@ -0,0 +1 @@
+default

data/content/404/ru.body

@@ -0,0 +1,5 @@
+<h1>Такой страницы нет</h1>
+<ul>
+    <li>Страница могла сменить адрес или быть удалена. Поищите её с <a href="/">главной страницы</a>.</li>
+    <li>Если вы вводили адрес вручную, проверьте его ещё раз.</li>
+</ul>

data/content/404/ru.header

@@ -0,0 +1 @@
+<title>404 - Такой страницы нет</title>

data/content/WARNING

@@ -0,0 +1,2 @@
+You must refresh cache by open http://YOU_SITE/admin/refresh/ in browser 
+after any changing content.

data/content/en.body

@@ -0,0 +1,2 @@
+<h1>It's work!</h1>
+<p>MicroEngine has been installed and now it's ready to use.</p>

data/content/en.header

@@ -0,0 +1 @@
+<title>It's work!</title>

data/content/layout

@@ -0,0 +1 @@
+default

data/content/ru.body

@@ -0,0 +1,2 @@
+<h1>Работает!</h1>
+<p>MicroEngine установлен и готов к работе.</p>

data/content/ru.header

@@ -0,0 +1 @@
+<title>Работает!</title>

data/layouts/WARNING

@@ -0,0 +1,2 @@
+You must refresh cache by open http://YOU_SITE/admin/refresh/ in browser 
+after any changing layouts and it's translations.

data/layouts/default/en.yaml

@@ -0,0 +1,7 @@
+# English layout translation
+
+language:
+  code: en
+  title: English
+
+edit: Edit

data/layouts/default/layout.rhtml

@@ -0,0 +1,18 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="<%= translation['language']['code'] %>" xml:lang="<%= translation['language']['code'] %>">
+    <head>
+        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+        <meta http-equiv="Content-Language" content="<%= translation['language']['code'] %>" />
+        <link rel="stylesheet" type="text/css" media="screen" href="/styles/screen.css" />
+        <link rel="stylesheet" type="text/css" media="print" href="/styles/print.css" />
+        <link rel="stylesheet" type="text/css" media="handheld" href="/styles/handheld.css" />
+<%= header %>
+    </head>
+    <body>
+<%= body %>
+        <%= languages %>
+        <div id="admin">
+            <a href="/admin/edit<%= path %>"><%= translation['edit'] %></a>
+        </div>
+    </body>
+</html>

data/layouts/default/ru.yaml

@@ -0,0 +1,7 @@
+# Russian layout translation
+
+language:
+  code: ru
+  title: Русский
+
+edit: Править

data/lib/microengine/admin.rb

@@ -0,0 +1,268 @@
+=begin
+Logic to edit site from web interface.
+Copyright (C) 2008 Andrey "A.I." Sitnik <andrey@sitnik.ru>
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+=end
+
+require 'admin_page'
+require 'admin_exception'
+require 'fileutils'
+
+module Microengine
+  # Change content and create/delete pages by web interface
+  class Admin
+    
+    attr_writer :logger
+    attr_writer :shadow
+    attr_accessor :cache
+    attr_accessor :config
+    attr_accessor :dispatcher
+    attr_accessor :assambler
+    
+    def initialize
+      @blocked = []
+      begin
+        @access_logger = Logger.new(MICROENGINE_ROOT + '/access.log', 7, 1048576)
+        @access_logger.level = Logger::WARN
+      rescue
+        @access_logger = Logger.new(STDERR)
+        @access_logger.warn "Can't access /access.log . Ensure, that it exists and is chmod 0666."
+      end
+    end
+    
+    # Check HTTP request for admin actions
+    def dispatch(http)
+      if http.url_start? '/admin/'
+        if http.url_start? '/admin/do/'
+          command, path = http.url[10..-1].split('/', 2)
+          
+          if not http.post['password'].nil?
+            password = http.post['password']
+          elsif not http.cookie['password'].nil?
+            password = http.cookie['password']
+          else
+            @dispatcher.not_found http
+            return true
+          end
+          
+          if not blocked? http.ip and right? password
+            if http.cookie['password'].nil?
+              http.set_cookie 'password', password
+            end
+            
+            begin
+              case command
+              when 'save':
+                save http, path
+              when 'delete':
+                delete http, path
+              when 'untranslate':
+                untranslate http, path
+              when 'refresh':
+                refresh_cache
+                http.redirect '/'
+              else
+                dispatcher.not_found http
+              end
+            rescue AdminException => e
+              AdminPage.new(http, path, self).error(e.message)
+            end
+          else
+            #TODO delete cookie
+            block http.ip, 5
+            @access_logger.warn 'Wrong password from ' + http.ip
+            http.status = '403 Forbidden'
+            http << @cache.get('/403/', dispatcher.language(http, @cache.langs['/403/']))
+          end
+        else
+          command, path = http.url[7..-1].split('/', 2)
+          
+          case command
+          when 'edit':
+            AdminPage.new(http, path, self).editor
+          when 'untranslate':
+            AdminPage.new(http, path, self).untranslater
+          when 'delete':
+            AdminPage.new(http, path, self).deleter
+          when 'refresh':
+            AdminPage.new(http, path, self).refresher
+          else
+            dispatcher.not_found http
+          end
+          
+        end
+        true
+        
+      else
+        false
+      end
+    end
+    
+    private
+    
+    # Save page content
+    def save(http, path)
+      lang = http.post['lang']
+      if lang.nil?
+        raise AdminException, 'no_lang'
+      end
+      if http.post['body'].nil? or '' == http.post['body']
+        raise AdminException, 'no_body'
+      end
+      if http.post['header'].nil?
+        raise AdminException, 'no_header'
+      end
+      if 'admin/' == path[0..5]
+        raise AdminException, 'admin_subdir'
+      end
+      
+      
+      begin
+        FileUtils.makedirs MICROENGINE_ROOT + '/content/' + path
+        {'body' => "#{lang}.body", 'header' => "#{lang}.header", 'layout' => 'layout'}.each do |post, file|
+          filename = "/content/#{path}#{file}"
+          file = File.new MICROENGINE_ROOT + filename, 'w'
+          file.write http.post[post]
+          file.close
+        end
+      rescue
+          raise AdminException, 'cant_write'
+      end
+      
+      refresh_cache
+      http.redirect '/' + path
+    end
+    
+    # Delete page translation
+    def untranslate(http, path)
+      lang = http.post['lang']
+      if lang.nil?
+        raise AdminException, 'no_lang'
+      end
+      
+      ['body', 'header'].each do |type|
+        filename = "/content/#{path}#{lang}.#{type}"
+        file = MICROENGINE_ROOT + filename
+        if not File.exists? file
+          http.redirect '/' + path
+        end
+          
+        begin
+          File.delete file
+        rescue
+          raise AdminException, 'cant_write'
+        end
+      end
+      
+      refresh_cache
+      http.redirect '/' + path
+    end
+    
+    # Delete page
+    def delete(http, path)
+      if ['404/', '403/', ''].include? path
+        raise AdminException, 'delete_system'
+      end
+      
+      dir = MICROENGINE_ROOT + '/content/' + path
+      if not File.exists? dir + 'layout'
+        http.redirect '/'
+        return 
+      end
+      
+      Dir.foreach(dir) do |file|
+        if File.directory? dir + file
+          next
+        elsif file =~ /^(layout|[^\.]+\.(body|header))$/
+          begin
+            File.delete dir + file
+          rescue
+            raise AdminException, 'cant_write'
+          end
+        end
+      end
+      
+      # Delete empty dirs
+      dir = path
+      while true
+        fullpath = MICROENGINE_ROOT + '/content/' + dir
+        if 2 == Dir.entries(fullpath).length
+          begin
+            Dir.rmdir fullpath
+          rescue
+            break
+          end
+        else
+          break
+        end
+        index = dir.rindex('/', -2)
+        if index.nil?
+          break
+        end
+        dir = dir[0..index]
+      end
+      
+      refresh_cache
+      http.redirect '/'
+    end
+    
+    # Check admin assword
+    def right?(password)
+      hash = SHA1::sha1(password + @shadow['salt']).to_s
+      if hash == @shadow['hash']
+        true
+      else
+        false
+      end
+    end
+    
+    # Block IP for bruteforce defence
+    def block(ip, seconds)
+      @blocked.push [ip, Time.now + seconds]
+    end
+    
+    # Check is IP blocked
+    def blocked?(ip)
+      now = Time.now
+      # Delete old
+      @blocked.each do |blocked|
+        if blocked[1] < now
+          @blocked.delete blocked
+        else
+          break
+        end
+      end
+      
+      # Check
+      @blocked.each do |blocked|
+        if blocked[0] == ip
+          return true
+        end
+      end
+      false
+    end
+    
+    # Recreate cache
+    def refresh_cache
+      begin
+        @assambler.refresh
+        @cache.refresh
+      rescue Exception => e
+        AdminPage.new(http, self).error('cant_cache')
+        raise "Cache wasn't refreshed. " + e.message
+      end
+    end
+  end
+end