DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:aclplusregex

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Both sides next revision
plugin:aclplusregex [2020-04-02 23:50]
andi version upped
plugin:aclplusregex [2021-01-21 12:13] (current)
annda [Examples]
Line 3: Line 3:
 ---- plugin ---- ---- plugin ----
 description: Dynamically extend DokuWiki ACLs based on regex rules description: Dynamically extend DokuWiki ACLs based on regex rules
-author     : Anna Dabrowska+author     : Anna Dabrowska + Andreas Gohr
 email      : dokuwiki@cosmocode.de email      : dokuwiki@cosmocode.de
 type       : action type       : action
-lastupdate : 2020-04-02+lastupdate : 2021-01-19
 compatible : greebo compatible : greebo
 depends    :  depends    : 
Line 36: Line 36:
 The syntax of that file follows the regular ACL configuration with the three whitespace separated fields for the //page/namespace//, //user/group regexp//, ACL level((Refer to [[acl#background_info|Background Infos on ACL]] for the different levels)). The syntax of that file follows the regular ACL configuration with the three whitespace separated fields for the //page/namespace//, //user/group regexp//, ACL level((Refer to [[acl#background_info|Background Infos on ACL]] for the different levels)).
  
-Unlike in the normal ACL configuration, the user/group part expects a regular expression. If it matches against the current user's login or groups the ACL line will be added to the normal ACLs. In the page/namespace part all pattern groups from the regexp can be used.+Unlike in the normal ACL configuration, the user/group part expects a regular expression. If it matches against the current user's login or groups the line will be treated as an additional ACL configuration.
  
-Note: the file can also be edited through the [[plugin:confmanager|Confmanager Plugin]].+The special thing about this plugin is is that you may use any matched pattern groups from the regexp in the page/namespace part. In addition, placeholders may be useda ''*'' to match a single namespace or pagename and ''%%**%%'' to match an arbitrary number of namespaces.
  
-:!: Important:+The file can also be edited through the [[plugin:confmanager|Confmanager Plugin]]. 
 + 
 +:!: Important: Be sure you are familiar with DokuWiki's ACL system and with writing regular expressions. If you mess up the configuration, you may give unintentional access 
 + 
 +In addition to the configuration file, there is an additional config setting that can be changed via the [[plugin:config|Configuration Manager]]. 
 + 
 +The plugin can either run ''AFTER'' or ''BEFORE'' DokuWiki's default ACL handling. 
 + 
 +In ''AFTER'' mode, the plugin will check the ACLs defined by this plugin and will only apply a result if it is higher than the one that DokuWiki found in it's own ACL setup. This is probably what most users want. 
 + 
 +In the ''BEFORE'' mode all plugin defined rules are checked before DokuWiki does it's own checks and if there are any rules that apply to the current user, these rules are applied and no further checking by DokuWiki is done. This may be the mode you want if you have a large amount of dynamic rules as this may be faster.
  
-  * The ACLs generated by this plugin are added to the list of regular ACLs internally - it does not change the ACL configuration file 
-  * Be sure you are familiar with DokuWiki's ACL system and with writing regular expressions. If you mess up the configuration, you may give unintentional access 
  
 ==== Examples ==== ==== Examples ====
  
-Imagine you have customer logins following the following naming scheme: ''customer_<customerid>_<user>''. You now want to give those customers read access to their own area in your wiki under ''docs:customer:<customerid>:''. Here's how to do it:+Imagine you have customer logins following the following naming scheme: ''customer_<customerid>_<user>''. You now want to give those customers read access to their own area in your wiki under ''docs:customer:<customerid>:''. Here's how to do it:
  
 <code> <code>
Line 53: Line 61:
 </code> </code>
  
-For a user with the username ''customer_0815_joe'' the following ACL line would be added internally:+For a user with the username ''customer_0815_joe'' the following ACL rule would be applied:
  
 <code> <code>
Line 59: Line 67:
 </code> </code>
  
 +Please note that above example use the ''*'' placeholder. The rule would match ''docs:customer:0815:foo'' but not ''docs:customer:0815:foo:bar''. Use the ''%%**%%'' placeholder to match all namespaces bolow.
  
 A similar setup could be done where you have two groups for each customer: ''customer_<customerid>_write'' and ''customer_<customerid>_read''. You could use this to give different access levels to the customer namespace: A similar setup could be done where you have two groups for each customer: ''customer_<customerid>_write'' and ''customer_<customerid>_read''. You could use this to give different access levels to the customer namespace:
Line 74: Line 83:
 </code> </code>
  
 +You can also use regular expressions in the id part of the configuration line like this:
 +<code>
 +docs:customer:$1:(\d{3})   @customer_(\d{5})_sub   4
 +</code>
 +
 +Note that you **have to** define your pattern as a group and put it in parentheses, otherwise it won't be recognized as regex.
  
 +The above would allow user in a group like ''@customer_54321_sub'' to create pages in namespaces such as
 +  * ''docs:customer:54321:001''
 +  * ''docs:customer:54321:002''
 +  * ''docs:customer:54321:003''
  
 ===== Changleog ===== ===== Changleog =====
plugin/aclplusregex.1585864207.txt.gz · Last modified: 2020-04-02 23:50 by andi