Set portion of page to be displayed/hidden for authorized group.
Table of Contents
ifauth Plugin
Compatible with DokuWiki
- 2012-01-25 "Angua" unknown
- 2011-05-25 "Rincewind" yes
- 2010-11-07 "Anteater" yes
Security warning (please read plugin security guidelines): Hiding parts of a DokuWiki page is not supported by the core. Most attempts to introduce ACL control for parts of a page will leak information through RSS feed, search or other core functionality.
Similar to nodisp
Description
With this plugin you can set portion of page to be displayed/hidden for authorized user or group.
Please note! The page is always set as not cached! So it will impact performance!
Syntax
Basic Syntax
- Just wrap the text, where the access authorization shall be checked with XML Style Tag
<ifauth userName, @groupName> Text displayed if authorized</ifauth>
- userName: the user listed is allowed to see the text
- @groupName: members of the group listed, areallowed to see the text
- !userName: the user listed with ! is NOT allowed to see the text. User this to make exceptional rule.
More Examples
In with group admin, or user not oiv <ifauth @admin,!oiv>**OK**</ifauth>
In as user oiv <ifauth oiv>**OK**</ifauth>
In with group not @admin <ifauth !@admin>**OK**</ifauth>
In as user not oiv or is with group admin <ifauth !oiv,@admin>**OK**</ifauth>
In with group not admin or user is oiv <ifauth !@admin,oiv>**OK**</ifauth>
In with group admin or user is oiva <ifauth @admin,oiva>**OK**</ifauth>
In with group admin or other or user is oiva <ifauth @admin,@admin,oiva>**OK**</ifauth>
Changes, Notes
Added feature to add a list of users. The list works as OR. So that is any of the options are true, then the text is shown.
Now the plugin does not insert paragraph (<p> and </p>) marks around the text.
Ok the removal of paragraph marks was broken. No should have better checks.
— Otto Vainio 2005-09-26 08:46Removal of <p> tags is broken with latest version. Fix:
// Remove '\n<p>\n' from start and '\n</p>\n' from the end. if (stristr(substr($r,0,5),"\n<p>\n")) { $r = substr($r,5); } if (stristr(substr($r,-7),"\n\n</p>\n")) { $r = substr($r,0,strlen($r)-7); } $renderer->doc .= $r;— SherriW 2009-02-04
I have a fixed version if anyone needs it.
— Luke Howson 2007-05-03
And what about hide text from not authorized group? Like: <ifauth !@ALL>OK</ifauth>
It will be useful…
Installation
Using Plugin Manager from here
Plugin
Create a new folder lib/plugin/ifauth/ and place the following file in it: syntax.php.
lib/plugin/ifauth/syntax.php:
<?php /** * Plugin ifauth: Displays content at given time. (After next cache update) * * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) * @author Otto Vainio <oiv-ifauth@valjakko.net> */ if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../../').'/'); if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/'); require_once(DOKU_PLUGIN.'syntax.php'); /** * All DokuWiki plugins to extend the parser/rendering mechanism * need to inherit from this class */ class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin { /** * return some info */ function getInfo(){ return array( 'author' => 'Otto Vainio', 'email' => 'oiv-ifauth@valjakko.net', 'date' => '2005-09-26', 'name' => 'ifauth plugin', 'desc' => 'Show content at this time', 'url' => 'http://www.dokuwiki.org/plugin:ifauth', ); } /** * What kind of syntax are we? */ function getType(){ return 'substition'; } /** * Paragraph Type * * Defines how this syntax is handled regarding paragraphs. This is important * for correct XHTML nesting. Should return one of the following: * * 'normal' - The plugin can be used inside paragraphs * 'block' - Open paragraphs need to be closed before plugin output * 'stack' - Special case. Plugin wraps other paragraphs. * * @see Doku_Handler_Block */ function getPType() { return 'normal'; } function getSort(){ return 360; } function connectTo($mode) { $this->Lexer->addEntryPattern('<ifauth.*?>(?=.*?\x3C/ifauth\x3E)',$mode,'plugin_ifauth'); } function postConnect() { $this->Lexer->addExitPattern('</ifauth>','plugin_ifauth'); } /** * Handle the match */ function handle($match, $state, $pos, &$handler){ switch ($state) { case DOKU_LEXER_ENTER : // remove <ifauth and > $auth = trim(substr($match, 8, -1)); // explode wanted auths $aauth = explode(",",$auth); return array($state, $aauth); case DOKU_LEXER_UNMATCHED : return array($state, $match); case DOKU_LEXER_EXIT : return array($state, ''); } return array(); } /** * Create output */ function render($mode, &$renderer, $data) { // ifauth stoes wanted user/group array global $ifauth; // grps hold curren user groups and userid global $grps; global $INFO; if($mode == 'xhtml'){ list($state, $match) = $data; switch ($state) { case DOKU_LEXER_ENTER : // Store wanted groups/userid $ifauth=$match; // Store current user info. Add '@' to the group names $grps=array(); if (is_array($INFO['userinfo'])) { foreach($INFO['userinfo']['grps'] as $val) { $grps[]="@" . $val; } } $grps[]=$_SERVER['REMOTE_USER']; break; case DOKU_LEXER_UNMATCHED : $rend=0; // Loop through each wanted user / group foreach($ifauth as $val) { $not=0; // Check negation if (substr($val,0,1)=="!") { $not=1; $val=substr($val,1); } // FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others. // If current user/group found in wanted groups/userid, then render. if ($not==0 && in_array($val,$grps)) { $rend=1; } // If user set as not wanted (!) or not found from current user/group then render. if ($not==1 && !in_array($val,$grps)) { $rend=1; } } if ($rend>0) { $r = p_render('xhtml',p_get_instructions($match),$info); // Remove '\n<b>\n' from start and '\n</b>\n' from the end. if (stristr(substr($r,0,5),"\n<p>\n")) { $r = substr($r,5); } if (stristr(substr($r,-7)," \n</p>\n")) { $r = substr($r,0,-7); } $renderer->doc .= $r; } $renderer->nocache(); break; case DOKU_LEXER_EXIT : break; } return true; } return false; } } ?>
Discussion
This plugin messes up the Header levels causing them to nest/indent improperly. I've also come across situations where it caused the section edit buttons to be located improperly, and function improperly. Anyone know how to fix that? EDIT: the outdent plugin can help with the indenting problem (but not the section edit button problem). I suspect the plugin needs to be written to run BEFORE the rest of the syntax on the page is parsed.
What's happen if someone show source of page ? do they see the hidden text ?
Yes they do. I should document that here.
There was this patch for older version of DokuWiki to not show PHP code if user was not logged in. Would be a nice feature to register your plugin so that you cannot see the source between your tags. — Otto Vainio 2005-09-23 14:50
Sure wish email subscriptions were active for this page… — Caylan Larson 2005-10-05 17:13
I was hoping to use this plugin to hide rows in a table (so users would see a filtered selection of rows relevant to them). However the table gets broken at the point that the tags are inserted. Is there any way round this. I can see that the problem might be in the table code rather than anything you can tackle! I can of course hide the text inside each cell in the table that that will look pretty odd— Justin Willey 2006-06-10 21:00
That could be fixed by setting the sort number for the plugin lower than what table has. I cannot check this now. Will try next week. Or you can try it self also— Otto Vainio 2006-06-10 13:19
Hi - Thanks for the suggestion, I tried that but it still seems to cause the table to be broken at that point, presumably something in the table rendering gets upset. — Justin Willey 2006-06-27 12:12
It does work if you hide the text in each cell separately, rather than the row as a whole. The table then suppresses the effectively blank row automatically. e.g.:
|<ifauth @whoever>1.1.2</ifauth>|<ifauth @whoever>stuff, more stuff</ifauth>|
it would be a nice feature if the ifauth could be a coloured advertisement for groups(e.g. red) — prom 2007-01-16
Recently made patch to add access check by user's IP ($_SERVER['REMOTE_ADDR']). Syntax:
<ifauth #192.168.0.0/24> Hello, dear user of our LAN! </ifauth>
--- syntax.php.orig 2005-09-26 09:42:06.000000000 +0300
+++ syntax.php 2007-10-10 15:38:56.000000000 +0300
@@ -15,6 +15,50 @@
* need to inherit from this class
*/
class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin {
+
+/**
+ * Function check`s if an ip address is inside the CIDR range specified
+ *
+ * Support`s CIDRs in format:
+ * 72.14.207.99/255.255.0.0
+ * 72.14.0.0/16
+ *
+ * @author chin [Yura Bogdanov] <mynickname@itcube.com.ua> 2007
+ *
+ * @param string $addr
+ * @param string|array $cidrs
+ * @return bool
+ */
+ function matchCIDR($addr,$cidrs)
+ {
+ // If CIDR is not an array
+ if(!is_array($cidrs)) {
+ $cidrs = array($cidrs);
+ }
+
+ // Go through CIDRs list
+ foreach($cidrs as $cidr) {
+
+ list($ip,$mask) = explode("/",$cidr);
+
+ // If mask like 255.255.0.0
+ if(strpos(".",$mask)) {
+ $mask = 0xffffffff & ip2long($mask);
+ }
+ // Understand mask as decimal value (16)
+ else {
+ $mask = 0xffffffff << (int)$mask;
+ }
+
+ // Apply mask to both addresses and get the comparison result
+ if((ip2long($addr) & $mask) == (ip2long($ip) & $mask)) {
+ return TRUE;
+ }
+ }
+
+ // Match cdir not found
+ return FALSE;
+ }
/**
* return some info
@@ -124,6 +168,17 @@
}
// FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others.
+// Check by IP
+ if (substr($val,0,1)=="#") {
+ $val=substr($val,1);
+ if ($not==1 && !$this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) {
+ $rend=1;
+ }
+ if ($not==0 && $this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) {
+ $rend=1;
+ }
+ }
+
// If current user/group found in wanted groups/userid, then render.
if ($not==0 && in_array($val,$grps)) {
$rend=1;
This plugin doesn't work properly with newer versions. Please update. (If you go to my page, I'm trying to use it to hide the ad code for registered users and admins.) — Siddharth Patil
Seems to work with Anteater. Great Plugin !!! — Tested by Münchener 2011-10-13