September 06, 2010
shabti_moinmoin – Shabti with integrated MoinMoin wiki¶
This template is a basic shabti_auth setup to which has been added a controller and a corresponding configuration that integrates the MoinMoin wikiengine. MoinMoin is an “advanced, easy to use and extensible WikiEngine with a large community of users”. It provides a WSGI callable app and can be configured to use the Shabti basic auth’n’auth, so offering some nice low-hanging fruit in the form of an elementary “single sign-on” facility.
About MoinMoin¶
Because MoinMoin is a full-fledged application, it is amongst the few Python packages that are not easy_install-able. To install MoinMoin one must first download a tar.gz distro from the MoinMoin Download page and install it (there’s help), most preferably within a virtualenv space — and from here on, the narrative assumes that space.
MoinMoin is a file-based wikiengine and is capable of running a “farm” of several otherwise-independent wikis. A single folder of resources (aka “moindir”) is installed in a shared area. The copying of this folder and its contents (server stub code, styling themes, plugins, underlay pages, etc.) forms the basis for each new wiki instance.
Within each wiki instance’s copied <moindir>, user-generated wiki pages are stored as versions in the “<moindir>/data/pages” folder, each one in a subdirectory named for the page, i.e. the content and history of the page “MyWikiPage” is stored in the folder <moindir>/data/pages/MyWikiPage/.
Using this approach, MoinMoin installations can be configured to use shared or separate resources or a mix of both.
In an ideal world, this Shabti template would simply re-use the installed MoinMoin resources. However, I haven’t been able to make that work. Instead, two trivial copying tasks are required to be performed.
Using the template¶
After successfully installing Shabti, additional paster templates will be available. Simply create a Shabti-configured project by specifying that paster should use the shabti_moinmoin template:
$ paster create -t shabti_moinmoin myproj
These are the option dialogue choices appropriate for the Shabti auth shabti_moinmoin template — which uses mako templates and requires SQLAlchemy ...
(mako/genshi/jinja/etc: Template language) ['mako']:
(True/False: Include SQLAlchemy 0.4 configuration) [False]: True
(True/False: Setup default appropriate for Google App Engine) [False]:
Once the project has been created, navigate to the project directory.
The next step is to initialise the relational store by running the project setup script which will create an Admin user and corresponding Groups and Permissions.
$ paster setup-app development.ini
The next (optional) step after initialising the relational store is to run the tests.
$ nosetests myproj/tests
MoinMoin’s warnings about logging configuration are ignorable.
Copying and pasting resources¶
On creating a Pylons project with the shabti_moinmoin template, a <moindir> folder is prepared in MYPROJ/data/moin, pre-populated with the completed configuration, a starter page, a SysAdmin account, a theme and a couple of useful macros (e.g. Import HTML).
What’s missing from this picture are two things:
- the <moindir>/underlay folder which needs to be copied and pasted to create MYPROJ/data/moin/underlay and
- the resource files in <moindir>/htdocs/* (CSS files, etc.) need to be copied into the directory MYPROJ/MYPROJ/public/moin_static181/ alongside the pre-existing plsavez theme folder.
Template details¶
This template is an extension of the standard shabti_auth template that uses Elixir to create a basic identity model in SQL store. A login controller performs basic sign in and sign out facilities, mediated by session storage and temporary cookies.
A system of modular authentication has been developed for MoinMoin and the value of the auth configuration variable is used to set up a list of authenticators that are processed in the given order.
When an external user database is used, recreating all the users in moin is undesirable. For this case the authenticator objects which support user profile creation/updating have a parameter autocreate which, if set to True, causes a new user profile to be created/updated automatically when a (new) user has passed authentication.
By defining and adding a simple external authentication, MoinMoin can use the shabti_auth identity stored in the session. The added code is in the MoinMoin configuration file <moindir>/config/wikiconfig.py
from MoinMoin.auth import BaseAuth
from MoinMoin.config.multiconfig import DefaultConfig
from myproj import model
import pylons
class PylonsAuth(BaseAuth):
""" handle login from moin login form """
def __init__(self, verbose=False):
BaseAuth.__init__(self)
self.verbose = verbose
name = 'pylons_auth'
logout_possible = False
def request(self, req, user_obj, **kw):
user = None
try_next = True # if True, moin tries the next auth method
auth_user_id = req.env.get(
'beaker.session', {}).get('AUTH_USER_ID', 0)
if auth_user_id:
user_obj = model.Session.query(model.User).get(auth_user_id)
auth_username = user_obj.firstname + user_obj.lastname
from MoinMoin.user import User as MoinUser
# giving auth_username to User constructor
# means that authentication has already been done.
user = MoinUser(req, name=auth_username,
auth_username=auth_username,
auth_method='pylons_auth')
changed = False
if user:
user.create_or_update(changed)
if user and user.valid: # did we succeed making up a valid user?
try_next = False # stop processing auth method list
return user, try_next
class Config(DefaultConfig):
#from MoinMoin.auth import moin_cookie, http
# # first try the external_cookie, then http basic auth, then
# # the usual moin_cookie
# auth = [external_cookie, http, moin_cookie]
auth = [PylonsAuth()]
Note, an alternate auth solution based on external cookies is also available (“external_cookie”, above). Detailed instructions on authenticating by external cookie are on the MoinMoin web site as well as more general information on authentication in MoinMoin.
Running the generated app¶
After the graph has been initialised, start the Pylons web app with:
$ paster serve --reload development.ini
The Shabti MoinMoin template’s variant on the standard Pylons welcome screen is browsable at at http://localhost:5000/ ...
Welcome screen¶
Wiki page, anonymous user¶
The MoinMoin link to the wiki, shown above on the welcome screen above, leads to the default page of the wiki:
http://localhost:5000/wiki/ShabtiWiki
as presented to an anonymous user:
To sign in to the site, go to:
http://localhost:5000/login/signin
and login with user = admin, password = admin
Wiki page, signed-in user¶
Then navigate back to the wiki page, which will now include the standard editing bar and user-specific account and preference links (top right):
Wiki page, preferences¶
There’s more to single sign-on than just username and password. Whilst MoinMoin can make use of external authentication to map a shabti_auth identity to a MoinMoin user, that is the limit of the interconnectivity.
For example, email setting in this page will be completely unconnected to the email setting for the corresponding separate shabti_auth identity record held in relational store.
So, further interoperability is rather more than just “an exercise for the reader”.
Wiki page, attachment¶
In the past, some code adjustments were necessary in order to get attachments to work in MoinMoin. This is no longer the case, attachments simply work “out of the box” ...
Xapian search configuration settings¶
In case you were wondering ...
xapian_search = True
xapian_index_dir = '<moindir>/data/cache/xapian'
search_results_per_page = 5
show_timings = 1
| author: | Graham Higgins <gjh@bel-epa.com> |
|---|
September 06, 2010