DokuWiki

It's better when it's simple

User Tools

Site Tools


acl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
acl [2017-06-10 23:14] – Changed the auth constants in the example to numbers since the constants can't be used (on my system - otherwise please state how to get this working) dedeibelacl [2020-10-23 18:12] – old revision restored (2019-10-31 10:06) lpaulsen93
Line 1: Line 1:
-====== Access Control Lists (ACL) ======+====== Access Control Lists (ACL)======
  
 [[DokuWiki]] --- like most wikis --- is very open by default. Everyone is allowed to create, edit and delete pages. However ​sometimes it makes sense to restrict access to certain or all pages. This is when the //Access Control List// (ACL) comes into play. This page gives an overview of how ACLs work in DokuWiki and how they are configured. [[DokuWiki]] --- like most wikis --- is very open by default. Everyone is allowed to create, edit and delete pages. However ​sometimes it makes sense to restrict access to certain or all pages. This is when the //Access Control List// (ACL) comes into play. This page gives an overview of how ACLs work in DokuWiki and how they are configured.
  
 +{{:aclexample.png?400|}}
  
 ===== Configuration and Setup =====  ===== Configuration and Setup ===== 
Line 13: Line 14:
  
   * Config option [[config:useacl]] -- enable ACL usage   * Config option [[config:useacl]] -- enable ACL usage
-  * Config option [[config:superuser]] -- setup superusers with ACL granting rights +  * Config option [[config:superuser]] -- setup superusers with ACL granting rights 
-  * Config option [[config:openregister]] -- allows you to disable open registration+
   * Config option [[config:defaultgroup]] -- the default group to which new users are added   * Config option [[config:defaultgroup]] -- the default group to which new users are added
   * [[plugin:usermanager|User Manager]] -- managing users   * [[plugin:usermanager|User Manager]] -- managing users
   * [[auth|Authentication Backends]] -- identify users from different data sources   * [[auth|Authentication Backends]] -- identify users from different data sources
-  * [[faq:regdisable|FAQ: How to disable open user registration]]+  * [[faq:regdisable|FAQ: How to disable open user registration]] -- replaces $conf[openregister]
  
 :!: **WARNING:** DokuWiki's ACL feature has been included for some time and should be pretty stable. However, if you are concerned about the risk of unauthorized users accessing information in your wiki, you should never put it on a computer accessible from the Internet. :!: **WARNING:** DokuWiki's ACL feature has been included for some time and should be pretty stable. However, if you are concerned about the risk of unauthorized users accessing information in your wiki, you should never put it on a computer accessible from the Internet.
Line 50: Line 50:
     * by selecting a known group or user from the dropdown menu     * by selecting a known group or user from the dropdown menu
     * or by selecting "User:" or "Group:" and entering the group or user name in the field     * or by selecting "User:" or "Group:" and entering the group or user name in the field
-  - set the appropriate permission+  - set the appropriate permissions
  
 Existing rules can be modified or deleted in the table at the bottom of the ACL manager. Existing rules can be modified or deleted in the table at the bottom of the ACL manager.
Line 142: Line 142:
 :!: **Note:** When using $conf['authtype'] = 'ad'; and groups names with spaces needing to be written in the acl.auth.php with a "%5f" replacing the spaces instead of "%20". This is because Group names with spaces are first converted into underscores "_" which are "%5f". :!: **Note:** When using $conf['authtype'] = 'ad'; and groups names with spaces needing to be written in the acl.auth.php with a "%5f" replacing the spaces instead of "%20". This is because Group names with spaces are first converted into underscores "_" which are "%5f".
  
-:!: **Note:** The delete permission affects media files only. Pages can be deleted (and restored) by everyone with at least edit permission. Someone who has upload permissions but no delete permissions can not overwrite existing media files anymore.+:!: **Note:** The delete permission affects media files only. Pages can be deleted (and restored) by everyone with at least edit permission. Someone who has upload permissions but no delete permissions can only overwrite existing media files if the [[config:mediarevisions|media revisions]] option is enabled.
  
 ==== User Wildcards ==== ==== User Wildcards ====
Line 168: Line 168:
 # #
 # Allow members of 'group' to edit pages in the 'group' namespace. # Allow members of 'group' to edit pages in the 'group' namespace.
-be careful, if you have a user namespace, all members of the default group  +BE CAREFUL, if you have a 'usernamespace, all members of the default group  
-# will gain access to it+# will gain access to it since %GROUP% will be replaced literally
 %GROUP%:              %GROUP% 2 %GROUP%:              %GROUP% 2
 </file> </file>
acl.txt · Last modified: 2024-01-13 11:44 by Aleksandr

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki