DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:aclplusregex

aclplusregex Plugin

Compatible with DokuWiki

  • 2018-04-22 "Greebo" yes
  • 2017-02-19 "Frusterick Manners" unknown
  • 2016-06-26 "Elenor Of Tsort" unknown
  • 2015-08-10 "Detritus" unknown

plugin Dynamically extend DokuWiki ACLs based on regex rules

Last updated on
2020-03-25
Provides
Action
Repository
Source

Tagged with acl

A CosmoCode Plugin

This plugin allows you to set up additional Access Control Lists (ACL)s based on user's names or groups. This is especially useful where users come from external sources (like Active Directory) and follow a certain naming scheme.

Installation

Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.

Configuration

ACLs for this plugin have to be created manually in a config file named aclplusregex.conf located in your wiki's conf directory.

The syntax of that file follows the regular ACL configuration with the three whitespace separated fields for the page/namespace, user/group regexp, ACL level1).

Unlike in the normal ACL configuration, the user/group part expects a regular expression. If it matches against the current user's login or groups the ACL line will be added to the normal ACLs. In the page/namespace part all pattern groups from the regexp can be used.

Note: the file can also be edited through the Confmanager Plugin.

:!: Important:

  • The ACLs generated by this plugin are added to the list of regular ACLs internally - it does not change the ACL configuration file
  • Be sure you are familiar with DokuWiki's ACL system and with writing regular expressions. If you mess up the configuration, you may give unintentional access

Examples

Imagine you have a customer logins following the following naming scheme: customer_<customerid>_<user>. You now want to give those customers read access to their own area in your wiki under docs:customer:<customerid>:. Here's how to do it:

docs:customer:$1:*    ^customer_(\d+)_.*     1

For a user with the username customer_0815_joe the following ACL line would be added internally:

docs:customer:0815:*     customer_0815_joe   1

A similar setup could be done where you have two groups for each customer: customer_<customerid>_write and customer_<customerid>_read. You could use this to give different access levels to the customer namespace:

docs:customer:$1:*    ^@customer_(\d+)_read$     1
docs:customer:$1:*    ^@customer_(\d+)_write$    4

Please note that groups are prefixed with an @. Assuming user joe is in both groups, the result would look like this:

docs:customer:0815:*     joe   1
docs:customer:0815:*     joe   4

Changleog

Releases

1)
Refer to Background Infos on ACL for the different levels
plugin/aclplusregex.txt · Last modified: 2020-03-25 11:21 by andi