OWASP O2 Platform Blog

OWASP MediaWiki Tool – File Uploader (O2 Script)

Following a request from a fellow OWASP Leader for an easier way to upload files to the OWASP wiki, here is an O2 script that allows the uploading of file(s) by just drag-and-droping then from a local folder (note that not all file types are currenly supported by the OWASP Wiki).

The script is called “Tool – OWASP Wiki – File Uploader.h2” and here is what the GUI looks like:

This script supports the upload of all files in a folder, but be careful when using it, since (in this version) there is no stop botton, and if you make a mistake, you might end uploading the wrong files to the OWASP wiki 🙂

The script was created using the very powerful O2 MediaWiki APIs, who can also be seen in action in these two YouTube videos:

Here is this script source code:

var userAccount = @"accounts.xml".credential("owasp.dinis");     
var permitedFileTypes = "vsd, odp, gif, png, jpg, jpeg, doc, ppt, mp3, pdf, psd, zip, tar, tar.gz, tar.bz2, jar, docx, pptx, xls, xlsx";
//var topPanel = panel.clear().add_Panel();
var topPanel = "Tool - OWASP Wiki - File Uploader : {0}".format(permitedFileTypes).popupWindow(1000,500); 
topPanel.insert_LogViewer();

var actionsPanel = topPanel.insert_Above(40,"Actions");
var recentChanges = topPanel.insert_Right("Recent Changes to OWASP Wiki"); 
var filesToUpload = topPanel.insert_Left(recentChanges.width()/2, "Files To Upload").add_TreeView();
var filesUploaded = topPanel.add_GroupBox("Files Uploaded").add_TextArea().wordWrap(false);
Label messageLabel = null;

var wikiApi = new OwaspWikiAPI(false);

Action showRecentChanges = `
    ()=>{
            wikiApi.add_Table_with_RecentChanges(recentChanges.clear());
        };
Action login =
    ()=>{
            if (userAccount.isNull())
                userAccount = ascx_AskUserForLoginDetails.ask();
           
            if (userAccount.isNull() || userAccount.UserName.inValid() )
                messageLabel.set_Text("Error, no user provided ").textColor(Color.Red);
            else
            {
                messageLabel.set_Text("Logging in as user: {0}".format(userAccount.UserName)).textColor(Color.DarkOrange);
                if (wikiApi.login(userAccount.UserName, userAccount.Password))
                {
                    messageLabel.set_Text("Logged in OK as: {0}".format(userAccount.UserName)).textColor(Color.Green);    
                    filesToUpload.enabled(true);
                    filesUploaded.enabled(true);
                    //showRecentChanges();
                    return;
                }               
                messageLabel.set_Text("Failed to Login as : {0}".format(userAccount.UserName)).textColor(Color.Red);    
            }
            userAccount = null;           
        };
Action<string> uploadFile =
    (fileToUpload)=>{       
                        filesToUpload.add_Node(fileToUpload);
                        filesToUpload.pink();
                        O2Thread.mtaThread(
                            ()=>{
                                    var fileUrl = wikiApi.uploadImage(fileToUpload);
                                    if (fileUrl.valid())
                                    {
                                        filesUploaded.append_Line("Uploaded OK: {0} ->".line() +
                                                                  "\t{1}", fileToUpload , fileUrl);
                                        messageLabel.set_Text("Uploaded file: {0}".format(fileToUpload)).textColor(Color.Black);
                                        showRecentChanges();
                                    }
                                    else
                                        filesUploaded.append_Line("Error uploading: {0}", fileToUpload);
                                    filesToUpload.white();                                                                       
                                });                       
                    };
                   
messageLabel = actionsPanel.add_Link("refresh recent changes table", ()=>showRecentChanges())
                            .append_Link("Login", ()=> login())
                            .append_Label("").autoSize();

 
filesToUpload.enabled(false);
filesUploaded.enabled(false);
messageLabel.set_Text("To Upload files, please login");
filesToUpload.add_Node("After login, drop file here to upload");
filesToUpload.onDrop(
    (fileOrDir)=>
        {
            if(fileOrDir.dirExists())
                 foreach(var file in fileOrDir.files())
                     uploadFile(file);
            else
                uploadFile(fileOrDir);
        });

login();

showRecentChanges();

//O2File:OwaspWikiAPI.cs
//O2File:ISecretData.cs
//O2File:ascx_AskUserForLoginDetails

November 14, 2011 - Posted by | MediaWiki, OWASP

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: