It's better when it's simple

User Tools

Site Tools


distributedACL Plugin

Compatible with DokuWiki

  • 2024-02-06 "Kaos" yes
  • 2023-04-04 "Jack Jackrum" unknown
  • 2022-07-31 "Igor" unknown
  • 2020-07-29 "Hogfather" unknown

plugin An enhanced ACL management system

Last updated on

Tagged with acl


Standard DokuWiki ACL manager has a strong limitation, ACL management can't be delegated to other users but site-wide admin and/or managers.

the Idea

With this action plugin, ACL information can be written in wiki pages, so the permission to edit a pages in a particular namespace means the permission to edit ACL of a corresponding page or namespace.

How it works

You can define a specific namespace under which you create pages with the same hierarchy of the root tree.

For example if you have a namespace named “xx:yy:” and you want to grant Edit privilege to user “john” on it, you have to create the page “acl:xx:yy:start” (“start” is the page you set as “Start page name” in DokuWiki config), and write into it:


When you submit, an ACL like

xx:yy:*     john      2 # distributedACL autogenerated for xx:yy:* #

is immediately written into conf/acl.auth.php.

If you want to set a permission for a page named “xx:yy:mypage” create the page “acl:xx:yy:mypage”.


In the page you should write:

Perm Description DokuWiki ACL
N None (deny anything) 0
R Read 1
E Edit 2
C Create 4
U Upload 8
D Delete 16
W alias for “Delete” 16

whoAccess can be a username or a @group.

Delegated ACL

If you want to permit a user (or a group) to edit ACLs for a namespace or a page, you have to grant him to edit the corresponding page into “acl:”.

For example, you want JOE to edit ACLs for “xx:yy:*”:

To do that he should edit the page “acl:xx:yy:start”. To grant him to do it, you edit the page “acl:acl:xx:yy:start” and write:


and so, a permission will be created to grant JOE to edit “acl:xx:yy:*”. When he edit “acl:xx:yy:home”, he set ACLs for “xx:yy:”.


The only configuration you can make is the ACL namespace, into the action.php set the variable $ACLNAMESPACE to the namespace you want. Default is “acl:”.

Known Issues

When a user change permission for a namespace or a page, all permission to that (only for that item) will be overwritten, if you inserted other ACL to that item by the standard aclplugin they will disappear.

If your wiki use distributedACL I suggest, to avoid confusion, to stop using standard aclplugin, or at least don't use distributedACL and aclplugin to manage ACLs for the same namespace or page.

plugin/distributedacl.txt · Last modified: 2024-03-29 18:18 by Aleksandr

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki