Merge pull request #300 from pknowles/master

Added validation for slugs conflicting with 3rd party URLs

wiki/conf/settings.py

@@ -26,6 +26,10 @@ MARKDOWN_KWARGS.update(getattr( django_settings, 'WIKI_MARKDOWN_KWARGS', {} ))
 # and all their content.
 LOST_AND_FOUND_SLUG = getattr( django_settings, 'WIKI_LOST_AND_FOUND_SLUG', 'lost-and-found' )
 
+# When True, this blocks new slugs that resolve to non-wiki views, stopping
+# users creating articles that conflict with overlapping URLs from other apps.
+CHECK_SLUG_URL_AVAILABLE = getattr( django_settings, 'WIKI_CHECK_SLUG_URL_AVAILABLE', True )
+
 # Do we want to log IPs?
 LOG_IPS_ANONYMOUS = getattr( django_settings, 'WIKI_LOG_IPS_ANONYMOUS', True )
 LOG_IPS_USERS = getattr( django_settings, 'WIKI_LOG_IPS_USERS', False )

wiki/forms.py

@@ -16,6 +16,7 @@ except ImportError:
     def force_unicode(x):
         return(x)
 from django.utils.html import escape, conditional_escape
+from django.core.urlresolvers import resolve, Resolver404
 
 from itertools import chain
 
@@ -271,6 +272,15 @@ class CreateForm(forms.Form, SpamProtectionMixin):
             else:
                 raise forms.ValidationError(_('A slug named "%s" already exists.') % already_urlpath.slug)
         
+        if settings.CHECK_SLUG_URL_AVAILABLE:
+            try:
+                # Fail validation if URL resolves to non-wiki app
+                match = resolve(self.urlpath_parent.path + '/' + slug + '/')
+                if match.app_name != 'wiki':
+                    raise forms.ValidationError(_('This slug conflicts with an existing URL.'))
+            except Resolver404:
+                pass
+        
         return slug
     
     def clean(self):