DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:ifauth

IfAuth Plugin

Compatible with DokuWiki

  • 2024-02-06 "Kaos" unknown
  • 2023-04-04 "Jack Jackrum" unknown
  • 2022-07-31 "Igor" unknown
  • 2020-07-29 "Hogfather" no

plugin Set portion of page to be displayed/hidden for authorized group

Last updated on
2005-09-23
Provides
Syntax

Similar to condition, ifauthex, isauth, nodisp, showif

Tagged with acl, groups, hide, if, users

:!: There is a new plugin ifauthex which is actively updated. You may want to use it instead :!:
oiv 2019-01-11 23:22

Description

With this plugin you can set portion of page to be displayed/hidden for authorized user or group.

The text is still on the page, but not displayed. For true hiding, you would have to use the nodisp or include plugin and set the appropriate ACLs.

Please note! The page is always set as not cached! So it will impact performance!

Syntax

Basic Syntax

  • Just wrap the text, where the access authorization shall be checked with XML Style Tag
    <ifauth userName,@groupName>Text displayed if authorized</ifauth>
    • userName: the user listed is allowed to see the text
    • @groupName: members of the group listed, are allowed to see the text
    • !userName: everyone except the user listed with ! is allowed to see the text (This is not the same as saying the user listed is NOT allowed to see the text. This condition does not restrict visibility to users authorized by previous rules. Every additional rule widens the number of users who can see the text.)
  • Any number of rules can be added to the list, but make sure there is no white space between a comma and an exclamation mark! The rules are OR'ed, so each additional rule expands the set of authorized viewers.

More Examples

condition text is visible …
<ifauth @admin,!oiv>OK</ifauth> if oiv is in group @admin, to everybody;
otherwise to everyone in group @admin if oiv is not in it
<ifauth !oiv,@admin>OK</ifauth> same as above
<ifauth oiv>OK</ifauth> only to user oiv
<ifauth !@admin>OK</ifauth> everybody who is not in group @admin
<ifauth !@admin,oiv>OK</ifauth> everybody who is not in group @admin,
and also to user oiv (whether he is in @admin or not)
<ifauth @admin,oiv>OK</ifauth> everybody who is in group @admin,
and also to user oiv (whether he is in @admin or not)
<ifauth @admin,@other,oiva>OK</ifauth> everybody who is in group @admin, and everybody who is in group @other, and to user oiv

Changes, Notes

Added feature to add a list of users. The list works as OR. So that is any of the options are true, then the text is shown.
Now the plugin does not insert paragraph (<p> and </p>) marks around the text.
Ok the removal of paragraph marks was broken. No should have better checks.
Otto Vainio 2005-09-26 08:46
Removal of <p> tags is broken with latest version. Fix:
            // Remove '\n<p>\n' from start and '\n</p>\n' from the end.
 
            if (stristr(substr($r,0,5),"\n<p>\n")) {
              $r = substr($r,5);
            }
 
            if (stristr(substr($r,-7),"\n\n</p>\n")) {
              $r = substr($r,0,strlen($r)-7);
            }
 
            $renderer->doc .= $r;

— SherriW 2009-02-04

I have a fixed version if anyone needs it.
Luke Howson 2007-05-03
And what about hide text from not authorized group? Like: <ifauth !@ALL>OK</ifauth>
It will be useful…
Removal of <p> tags Needs to be fixed. Fix:
            // Remove '\n<p>\n' from start and '\n</p>\n' from the end.
 
            if (stristr(substr($r,0,5),"\n<p>\n")) {
              $r = substr($r,5);
            }
 
            if (stristr(substr($r,-7),"\n\n</p>\n")) {
              $r = substr($r,0,-7);
            }
 
            if (stristr(substr($r,-6),"\n</p>\n")) {
              $r = substr($r,0,-6);
 
            $renderer->doc .= $r;

— Chris 2017-08-19

Installation

Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.

Manually install

Create a new folder lib/plugin/ifauth/ and place the following file in it: syntax.php.

lib/plugin/ifauth/syntax.php:

syntax.php
<?php
  /**
  * Plugin ifauth: Displays content at given time. (After next cache update)
  *
  * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
  * @author     Otto Vainio <oiv-ifauth@valjakko.net>
  */
 
  if(!defined('DOKU_INC')) define('DOKU_INC',realpath(dirname(__FILE__).'/../../').'/');
  if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/');
  require_once(DOKU_PLUGIN.'syntax.php');
 
  /**
  * All DokuWiki plugins to extend the parser/rendering mechanism
  * need to inherit from this class
  */
  class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin {
 
    /**
    * return some info
    */
    function getInfo(){
      return array(
        'author' => 'Otto Vainio',
        'email'  => 'oiv-ifauth@valjakko.net',
        'date'   => '2005-09-23',
        'name'   => 'ifauth plugin',
        'desc'   => 'Show content at this time',
        'url'    => 'http://wiki.splitbrain.org/wiki:plugins',
      );
    }
 
    /**
    * What kind of syntax are we?
    */
    function getType(){
      return 'substition';
    }
   /**
    * Paragraph Type
    *
    * Defines how this syntax is handled regarding paragraphs. This is important
    * for correct XHTML nesting. Should return one of the following:
    *
    * 'normal' - The plugin can be used inside paragraphs
    * 'block'  - Open paragraphs need to be closed before plugin output
    * 'stack'  - Special case. Plugin wraps other paragraphs.
    *
    * @see Doku_Handler_Block
    */
    function getPType() {
      return 'normal';
    }
 
    function getSort(){
      return 360;
    }
    function connectTo($mode) {
      $this->Lexer->addEntryPattern('<ifauth.*?>(?=.*?\x3C/ifauth\x3E)',$mode,'plugin_ifauth');
    }
    function postConnect() {
      $this->Lexer->addExitPattern('</ifauth>','plugin_ifauth');
    }
 
 
    /**
    * Handle the match
    */
    function handle($match, $state, $pos, Doku_Handler $handler){
      switch ($state) {
        case DOKU_LEXER_ENTER :
 
// remove <ifauth and >
          $auth  = trim(substr($match, 8, -1));
 
// explode wanted auths
          $aauth = explode(",",$auth);
          return array($state, $aauth);
        case DOKU_LEXER_UNMATCHED :  return array($state, $match);
        case DOKU_LEXER_EXIT :       return array($state, '');
      }
      return array();
    }
 
    /**
    * Create output
    */
    function render($mode, Doku_Renderer $renderer, $data) {
 
// ifauth stoes wanted user/group array
      global $ifauth;
 
// grps hold curren user groups and userid
      global $grps;
      global $INFO;
      if($mode == 'xhtml'){
        list($state, $match) = $data;
        switch ($state) {
        case DOKU_LEXER_ENTER :
 
// Store wanted groups/userid
          $ifauth=$match;
 
// Store current user info. Add '@' to the group names
          $grps=array();
          if (is_array($INFO['userinfo'])) {
            foreach($INFO['userinfo']['grps'] as $val) {
              $grps[]="@" . $val;
            }
          }
          $grps[]=$_SERVER['REMOTE_USER'];
          break;
        case DOKU_LEXER_UNMATCHED :
          $rend=0;
 
// Loop through each wanted user / group
          foreach($ifauth as $val) {
            $not=0;
 
// Check negation
            if (substr($val,0,1)=="!") {
              $not=1;
              $val=substr($val,1);
            }
// FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others.
 
// If current user/group found in wanted groups/userid, then render.
            if ($not==0 && in_array($val,$grps)) {
              $rend=1;
            }
 
// If user set as not wanted (!) or not found from current user/group then render.
            if ($not==1 && !in_array($val,$grps)) {
              $rend=1;
            }
          }
          if ($rend>0) {
            $r = p_render('xhtml',p_get_instructions($match),$info);
// Remove '\n<b>\n' from start and '\n</b>\n' from the end.
            if (stristr(substr($r,0,5),"\n<p>\n")) {
              $r = substr($r,5);
            }
            if (stristr(substr($r,-7)," \n</p>\n")) {
              $r = substr($r,0,-7);
            }
            $renderer->doc .= $r;
          }
          $renderer->nocache();
          break;
        case DOKU_LEXER_EXIT :
          break;
        }
        return true;
      }
      return false;
    }
  }
?>

Juergen_aus_Zuendorf 2018-02-06 17:44
→ Changes for compatibility to PHP7:
“&$handler” and “&$renderer” to “Doku_Handler $handler” and “Doku_Renderer $renderer”

Discussion

This plugin messes up the Header levels causing them to nest/indent improperly. I've also come across situations where it caused the section edit buttons to be located improperly, and function improperly. Anyone know how to fix that? EDIT: the outdent plugin can help with the indenting problem (but not the section edit button problem). I suspect the plugin needs to be written to run BEFORE the rest of the syntax on the page is parsed.
To avoid this I use the include plugin as workaround:
The part of the wiki page that should be hided has to be moved to another page and then be included by {{page>...}}. Then the section edit function can be used in the included page.
Juergen_aus_Zuendorf 2018-10-30 13:13
What's happen if someone show source of page ? do they see the hidden text ?
Yes they do. I should document that here.
There was this patch for older version of DokuWiki to not show PHP code if user was not logged in. Would be a nice feature to register your plugin so that you cannot see the source between your tags. — Otto Vainio 2005-09-23 14:50
Sure wish email subscriptions were active for this page… — Caylan Larson 2005-10-05 17:13
I was hoping to use this plugin to hide rows in a table (so users would see a filtered selection of rows relevant to them). However the table gets broken at the point that the tags are inserted. Is there any way round this. I can see that the problem might be in the table code rather than anything you can tackle! I can of course hide the text inside each cell in the table that that will look pretty odd :-DJustin Willey 2006-06-10 21:00
That could be fixed by setting the sort number for the plugin lower than what table has. I cannot check this now. Will try next week. Or you can try it self also :-)Otto Vainio 2006-06-10 13:19
Hi - Thanks for the suggestion, I tried that but it still seems to cause the table to be broken at that point, presumably something in the table rendering gets upset. — Justin Willey 2006-06-27 12:12
It does work if you hide the text in each cell separately, rather than the row as a whole. The table then suppresses the effectively blank row automatically. e.g.:
|<ifauth @whoever>1.1.2</ifauth>|<ifauth @whoever>stuff, more stuff</ifauth>|
it would be a nice feature if the ifauth could be a coloured advertisement for groups(e.g. red) — prom 2007-01-16

Recently made patch to add access check by user's IP ($_SERVER['REMOTE_ADDR']). Syntax:

<ifauth #192.168.0.0/24> Hello, dear user of our LAN! </ifauth> 
--- syntax.php.orig	2005-09-26 09:42:06.000000000 +0300
+++ syntax.php	2007-10-10 15:38:56.000000000 +0300
@@ -15,6 +15,50 @@
   * need to inherit from this class
   */
   class syntax_plugin_ifauth extends DokuWiki_Syntax_Plugin {
+
+/**
+ * Function check`s if an ip address is inside the CIDR range specified
+ * 
+ * Support`s CIDRs in format:
+ *  72.14.207.99/255.255.0.0
+ *  72.14.0.0/16
+ * 
+ * @author chin [Yura Bogdanov] <mynickname@itcube.com.ua> 2007
+ * 
+ * @param string $addr
+ * @param string|array $cidrs
+ * @return bool
+ */
+    function matchCIDR($addr,$cidrs)
+    {
+        // If CIDR is not an array
+        if(!is_array($cidrs)) {
+                $cidrs = array($cidrs);
+        }
+        
+        // Go through CIDRs list
+        foreach($cidrs as $cidr) {
+                
+                list($ip,$mask) = explode("/",$cidr);
+                
+                // If mask like 255.255.0.0
+                if(strpos(".",$mask)) {
+                        $mask = 0xffffffff & ip2long($mask);
+                }
+                // Understand mask as decimal value (16)
+                else {
+                        $mask = 0xffffffff << (int)$mask;
+                }
+                
+                // Apply mask to both addresses and get the comparison result
+                if((ip2long($addr) & $mask) == (ip2long($ip) & $mask)) {
+                        return TRUE;
+                }
+        }
+        
+        // Match cdir not found
+        return FALSE;
+    }
 
     /**
     * return some info
@@ -124,6 +168,17 @@
             }
 // FIXME More complicated rules may be wanted. Currently any rule that matches for render overrides others.
 
+// Check by IP
+            if (substr($val,0,1)=="#") {
+              $val=substr($val,1);
+    		  if ($not==1 && !$this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) {
+            	$rend=1;
+          	  }
+          	  if ($not==0 && $this->matchCIDR($_SERVER['REMOTE_ADDR'],$val)) {
+            	$rend=1;
+          	  }
+            }
+			
 // If current user/group found in wanted groups/userid, then render.
             if ($not==0 && in_array($val,$grps)) {
               $rend=1;

Vitaly Peretiatko

This plugin doesn't work properly with newer versions. Please update. (If you go to my page, I'm trying to use it to hide the ad code for registered users and admins.) — Siddharth Patil

Seems to work with Anteater. Great Plugin !!! — Tested by Münchener 2011-10-13

Watch out for spaces!

I was baffled trying to figure out exactly how this works with multiple conditions, and rightly so. I tried using <ifauth @internal, !@internal>. Since I figured every user either belongs to the group @internal or does not, the text should always display. In fact, it remained invisible for users who were not in the group. It turned out that the problem was the space after the comma. When I changed the condition to <ifauth @internal,!@internal>, the text was displayed for all users. If this plugin is being maintained by anyone, the parser should be changed to ignore leading whitespace after the string is split on commas. — Art Carlson, Max Planck Institute of Biochemistry, Germany, 2014-10-24

plugin/ifauth.txt · Last modified: 2022-01-08 13:08 by Michaelsy

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki