remove chmod attempt

2021-12-30 21:13:34 +00:00 · 2021-12-30 21:13:34 +00:00 · b359937eab
commit b359937eab
parent c0545b8777
3 changed files with 23 additions and 19 deletions
--- a/core/models/caves.py
+++ b/core/models/caves.py
@ -42,18 +42,19 @@ def writetrogglefile(filepath, filecontent):
    '''Set permissions to rw-rw-r-- and commit the new saved file to git
    Callers to cave.writeDataFile() or entrance.writeDataFile() should handle the exception PermissionsError explicitly
    '''
+    # see also core/views/expo.py editexpopage()
    filepath = Path(filepath)
    cwd = filepath.parent
    filename = filepath.name
    git = settings.GIT

+    # as the wsgi process www-data, we have group write-access but are not owner, so cannot chmod.
    # do not trap exceptions, pass them up to the view that called this function
-    # if the os.chmod fails, it can zero the contents of the file as a side effect. Dangerous.
+    print(f'WRITING{cwd}---{filename} ')
    with open(filepath, "w") as f:
-        print(f'WRITING{cwd}---{filename} ')
        f.write(filecontent)
-    #filepath.chmod(0o664) # set file permissions to rw-rw-r--
-    os.chmod(filepath, 0o664) # set file permissions to rw-rw-r--
+    #os.chmod(filepath, 0o664) # set file permissions to rw-rw-r--
+    # should replace .call with .run and capture_output=True
    call([git, "add", filename], cwd=cwd)
    call([git, "commit", "-m", 'Online cave or entrance edit'], cwd=cwd)

--- a/core/views/caves.py
+++ b/core/views/caves.py
@ -359,16 +359,15 @@ def edit_cave(request, slug=None):
            for ceinst in ceinsts:
                ceinst.cave = cave
                ceinst.save()
-            cave.writeDataFile()
-            # try:
-                # cave.writeDataFile()
-            # except PermissionError:
-                # message = f'CANNOT  save this file.\nPERMISSIONS incorrectly set on server for this file {cave.filename}. Ask a nerd to fix this.'
-                # return render(request,'errors/generic.html', {'message': message})
-            # leave other exeptions unhandled so that they bubble up to userinterface
-            # except:
-                # message = f'CANNOT git on server for this file {cave.filename}. Edits not saved.\nAsk a nerd to fix this.'
-                # return render(request,'errors/generic.html', {'message': message})
+            try:
+                cave.writeDataFile()
+                # leave other exceptions unhandled so that they bubble up to user interface
+            except PermissionError:
+                message = f'CANNOT  save this file.\nPERMISSIONS incorrectly set on server for this file {cave.filename}. Ask a nerd to fix this.'
+                return render(request,'errors/generic.html', {'message': message})
+            except SubprocessError:
+                message = f'CANNOT git on server for this file {cave.filename}. Edits may not be committed.\nAsk a nerd to fix this.'
+                return render(request,'errors/generic.html', {'message': message})

            return HttpResponseRedirect("/" + cave.url)   
        else:
@ -432,11 +431,12 @@ def edit_entrance(request, caveslug=None, slug=None):
                el.save()
            try:
                entrance.writeDataFile()
+                # leave other exceptions unhandled so that they bubble up to user interface
            except PermissionError:
                message = f'CANNOT  save this file.\nPERMISSIONS incorrectly set on server for this file {entrance.filename}. Ask a nerd to fix this.'
                return render(request,'errors/generic.html', {'message': message})
-            except:
-                message = f'CANNOT git on server for this file {entrance.filename}. Edits not saved.\nAsk a nerd to fix this.'
+            except SubprocessError:
+                message = f'CANNOT git on server for this file {entrance.filename}. Edits may not be committed.\nAsk a nerd to fix this.'
                return render(request,'errors/generic.html', {'message': message})
            
            return HttpResponseRedirect("/" + cave.url) 
--- a/core/views/expo.py
+++ b/core/views/expo.py
@ -312,15 +312,18 @@ def editexpopage(request, path):
            git = settings.GIT
            try:
                with open(filepath, "w") as f:
-                    os.chmod(filepath, 0o664) # set file permissions to rw-rw-r--
-                    f.write(result)
                    print(f'WRITING{cwd}---{filename} ')
+                    # as the wsgi process www-data, we have group write-access but are not owner, so cannot chmod.
+                    # os.chmod(filepath, 0o664) # set file permissions to rw-rw-r--
+                    # see also core/models/cave.py writetrogglefile()
+                    f.write(result)
+                    # should replace .call with .run and capture_output=True
                    subprocess.call([git, "add", filename], cwd=cwd)
                    subprocess.call([git, "commit", "-m", 'Edit this page'], cwd=cwd)
            except PermissionError:
                message = f'CANNOT  save this file.\nPERMISSIONS incorrectly set on server for this file {filename}. Ask a nerd to fix this.'
                return render(request,'errors/generic.html', {'message': message})
-            except:
+            except SubprocessError:
                message = f'CANNOT git on server for this file {filename}. Edits not saved.\nAsk a nerd to fix this.'
                return render(request,'errors/generic.html', {'message': message})