====== ifauth Plugin ====== ---- plugin ---- description: Set portion of page to be displayed/hidden for authorized group. author : Otto Vainio email : oiv-plugins@valjakko.net type : Syntax lastupdate : 2005-09-26 compatible : 2009-12-25c, Anteater, Rincewind depends : conflicts : similar : tags : acl, users, groups, hide securitywarning: partlyhidden downloadurl: http://koti.mbnet.fi/oiv/pubtest/ifauth.zip ---- ===== Description ===== With this plugin you can set portion of page to be displayed/hidden for authorized user or group. **Please note! The page is always set as not cached! So it will impact performance!** ==== Syntax ==== **Basic Syntax** * Just wrap the text, where the access authorization shall be checked with XML Style Tag \\ Text displayed if authorized * userName: the user listed is __allowed__ to see the text * @groupName: members of the group listed, are__allowed__ to see the text * !userName: the user listed with **!** is __ NOT allowed__ to see the text. User this to make exceptional rule. **More Examples** In with group admin, or user not oiv **OK** In as user oiv **OK** In with group not @admin **OK** In as user not oiv or is with group admin **OK** In with group not admin or user is oiv **OK** In with group admin or user is oiva **OK** In with group admin or other or user is oiva **OK** ==== Changes, Notes ==== > Added feature to add a list of users. The list works as OR. So that is any of the options are true, then the text is shown. > Now the plugin does not insert paragraph (

and

) marks around the text. >> Ok the removal of paragraph marks was broken. No should have better checks. >> --- //[[otto@valjakko.net|Otto Vainio]] 2005-09-26 08:46// >>> Removal of

tags is broken with latest version. Fix: >>> // Remove '\n

\n' from start and '\n

\n' from the end. if (stristr(substr($r,0,5),"\n

\n")) { $r = substr($r,5); } if (stristr(substr($r,-7),"\n\n

\n")) { $r = substr($r,0,strlen($r)-7); } $renderer->doc .= $r; --- SherriW 2009-02-04 >>> I have a fixed version if anyone needs it. >>> --- //[[mail@lukehowson.com|Luke Howson]] 2007-05-03// > And what about hide text from not authorized group? Like: //**OK**// > It will be useful... ===== Installation ===== Using Plugin Manager from [[http://koti.mbnet.fi/oiv/pubtest/ifauth.zip|here]] ==== Plugin ==== Create a new folder ''lib/plugin/ifauth/'' and place the following file in it: ''syntax.php''. ''lib/plugin/ifauth/syntax.php'': */ if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../../').'/'); if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/'); require_once(DOKU_PLUGIN.'syntax.php'); /** * All DokuWiki plugins to extend the parser/rendering mechanism * need to inherit from this class */ class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin { /** * return some info */ function getInfo(){ return array( 'author' => 'Otto Vainio', 'email' => 'oiv-ifauth@valjakko.net', 'date' => '2005-09-26', 'name' => 'ifauth plugin', 'desc' => 'Show content at this time', 'url' => 'http://www.dokuwiki.org/plugin:ifauth', ); } /** * What kind of syntax are we? */ function getType(){ return 'substition'; } /** * Paragraph Type * * Defines how this syntax is handled regarding paragraphs. This is important * for correct XHTML nesting. Should return one of the following: * * 'normal' - The plugin can be used inside paragraphs * 'block' - Open paragraphs need to be closed before plugin output * 'stack' - Special case. Plugin wraps other paragraphs. * * @see Doku_Handler_Block */ function getPType() { return 'normal'; } function getSort(){ return 360; } function connectTo($mode) { $this->Lexer->addEntryPattern('(?=.*?\x3C/ifauth\x3E)',$mode,'plugin_ifauth'); } function postConnect() { $this->Lexer->addExitPattern('','plugin_ifauth'); } /** * Handle the match */ function handle($match, $state, $pos, &$handler){ switch ($state) { case DOKU_LEXER_ENTER : // remove $auth = trim(substr($match, 8, -1)); // explode wanted auths $aauth = explode(",",$auth); return array($state, $aauth); case DOKU_LEXER_UNMATCHED : return array($state, $match); case DOKU_LEXER_EXIT : return array($state, ''); } return array(); } /** * Create output */ function render($mode, &$renderer, $data) { // ifauth stoes wanted user/group array global $ifauth; // grps hold curren user groups and userid global $grps; global $INFO; if($mode == 'xhtml'){ list($state, $match) = $data; switch ($state) { case DOKU_LEXER_ENTER : // Store wanted groups/userid $ifauth=$match; // Store current user info. Add '@' to the group names $grps=array(); if (is_array($INFO['userinfo'])) { foreach($INFO['userinfo']['grps'] as $val) { $grps[]="@" . $val; } } $grps[]=$_SERVER['REMOTE_USER']; break; case DOKU_LEXER_UNMATCHED : $rend=0; // Loop through each wanted user / group foreach($ifauth as $val) { $not=0; // Check negation if (substr($val,0,1)=="!") { $not=1; $val=substr($val,1); } // FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others. // If current user/group found in wanted groups/userid, then render. if ($not==0 && in_array($val,$grps)) { $rend=1; } // If user set as not wanted (!) or not found from current user/group then render. if ($not==1 && !in_array($val,$grps)) { $rend=1; } } if ($rend>0) { $r = p_render('xhtml',p_get_instructions($match),$info); // Remove '\n\n' from start and '\n\n' from the end. if (stristr(substr($r,0,5),"\n

\n")) { $r = substr($r,5); } if (stristr(substr($r,-7)," \n

\n")) { $r = substr($r,0,-7); } $renderer->doc .= $r; } $renderer->nocache(); break; case DOKU_LEXER_EXIT : break; } return true; } return false; } } ?> ===== Discussion ===== >This plugin messes up the Header levels causing them to nest/indent improperly. I've also come across situations where it caused the section edit buttons to be located improperly, and function improperly. Anyone know how to fix that? EDIT: the [[plugin:outdent]] plugin can help with the indenting problem (but not the section edit button problem). I suspect the plugin needs to be written to run BEFORE the rest of the syntax on the page is parsed. >What's happen if someone show source of page ? do they see the hidden text ? >> Yes they do. I should document that here. >> There was [[http://ktyp.com/dev/doku/dokuwiki/hacks/hidephp|this patch]] for older version of DokuWiki to not show PHP code if user was not logged in. Would be a nice feature to register your plugin so that you cannot see the source between your tags. --- //[[otto@valjakko.net|Otto Vainio]] 2005-09-23 14:50// >>> Sure wish email subscriptions were active for this page... --- //[[caylan@aero.und.edu|Caylan Larson]] 2005-10-05 17:13// > I was hoping to use this plugin to hide rows in a table (so users would see a filtered selection of rows relevant to them). However the table gets broken at the point that the tags are inserted. Is there any way round this. I can see that the problem might be in the table code rather than anything you can tackle! I can of course hide the text inside each cell in the table that that will look pretty odd :-D --- //[[gjw@iqx.co.uk|Justin Willey]] 2006-06-10 21:00// >> That __could__ be fixed by setting the sort number for the plugin lower than what table has. I cannot check this now. Will try next week. Or you can try it self also :-) --- //[[otto@valjakko.net|Otto Vainio]] 2006-06-10 13:19// >>> Hi - Thanks for the suggestion, I tried that but it still seems to cause the table to be broken at that point, presumably something in the table rendering gets upset. --- //[[gjw@iqx.co.uk|Justin Willey]] 2006-06-27 12:12// >>>>It does work if you hide the text in each cell separately, rather than the row as a whole. The table then suppresses the effectively blank row automatically. e.g.: |1.1.2|stuff, more stuff| >it would be a nice feature if the ifauth could be a coloured advertisement for groups(e.g. red) --- prom 2007-01-16 Recently made patch to add access check by user's IP ($_SERVER['REMOTE_ADDR']). Syntax: Hello, dear user of our LAN! --- syntax.php.orig 2005-09-26 09:42:06.000000000 +0300 +++ syntax.php 2007-10-10 15:38:56.000000000 +0300 @@ -15,6 +15,50 @@ * need to inherit from this class */ class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin { + +/** + * Function check`s if an ip address is inside the CIDR range specified + * + * Support`s CIDRs in format: + * 72.14.207.99/255.255.0.0 + * 72.14.0.0/16 + * + * @author chin [Yura Bogdanov] 2007 + * + * @param string $addr + * @param string|array $cidrs + * @return bool + */ + function matchCIDR($addr,$cidrs) + { + // If CIDR is not an array + if(!is_array($cidrs)) { + $cidrs = array($cidrs); + } + + // Go through CIDRs list + foreach($cidrs as $cidr) { + + list($ip,$mask) = explode("/",$cidr); + + // If mask like 255.255.0.0 + if(strpos(".",$mask)) { + $mask = 0xffffffff & ip2long($mask); + } + // Understand mask as decimal value (16) + else { + $mask = 0xffffffff << (int)$mask; + } + + // Apply mask to both addresses and get the comparison result + if((ip2long($addr) & $mask) == (ip2long($ip) & $mask)) { + return TRUE; + } + } + + // Match cdir not found + return FALSE; + } /** * return some info @@ -124,6 +168,17 @@ } // FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others. +// Check by IP + if (substr($val,0,1)=="#") { + $val=substr($val,1); + if ($not==1 && !$this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) { + $rend=1; + } + if ($not==0 && $this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) { + $rend=1; + } + } + // If current user/group found in wanted groups/userid, then render. if ($not==0 && in_array($val,$grps)) { $rend=1; --- //[[viperet@gmail.com|Vitaly Peretiatko]]// This plugin doesn't work properly with newer versions. Please update. (If you go to my page, I'm trying to use it to hide the ad code for registered users and admins.) --- //[[http://ksd5.techaos.com/personal/wiki/user/ksd5|Siddharth Patil]]// >Seems to work with **Anteater**. Great Plugin !!! --- Tested by Münchener 2011-10-13