DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:ifauthex

ifauthex Plugin

Compatible with DokuWiki

  • 2018-04-22 "Greebo" yes
  • 2017-02-19 "Frusterick Manners" unknown
  • 2016-06-26 "Elenor Of Tsort" unknown
  • 2015-08-10 "Detritus" unknown

plugin Toggle DokuWiki page content based on users and groups with arbitrary boolean expressions.

Last updated on
2019-01-09
Provides
Syntax
Repository
Source

Similar to condition, ifauth, nodisp

Tagged with acl, groups, hide, if, users

Installation

Install the plugin using the Plugin Manager and the download URL above, which points to latest version of the plugin. Refer to Plugins on how to install plugins manually.

Examples/Usage

This plugin selectively renders portion of the wiki page for certain users or groups (or combination of these conditions). The content is not truly hidden, it is just not rendered (it is still visibile on the source).

<ifauth @user>
  Visible only to logged in users
</ifauth>
<ifauth @admin>
  Visible only to admins
</ifauth>
<ifauth testuser>
  Visible only to the user ''testuser''
</ifauth>
<ifauth @user && !@admin>
  Visible only to logged in users who are not admins
</ifauth>
<ifauth !eviluser>
  Hidden to ''eviluser''
</ifauth>
<ifauth !@user>
  Hidden to logged in users
</ifauth>
<ifauth !@user || testuser>
  Visible only to ''testuser'' and when you are not logged in
</ifauth>
<ifauth @staff && @admin>
  Visible only to members of the staff who are admin too
</ifauth>

In the examples above

  • these are all groups: user, admin, staff
  • these are all users: testuser, eviluser

Syntax

Basic syntax:

<ifauth EXPR>Content to selectively display</ifauth>

The content will be rendered only if the access condition described by EXPR is satisfied. EXPR is built using the standard PHP logical operators NOT !, AND &&, OR || and the parentheses (SUBEXPR). The access conditions are described using the following literals:

  • @group true if and only if the viewing user is a member of group
  • user (not preceded by @): true exclusively if user is the viewer of the page

You can form arbitrary expressions such as the ones in the examples above, or more sophisticated such as (usr1 || @grp1 || usr2) && (@grp2 || !@grp3 && @grp4).

  • Whitespace in the expression is ignored.
  • For compatibility with the ifauth Plugin, you may use a comma , instead of the OR operator ||.

Remarks and limitations

  • Pages using IfAuthEx cannot be cached.
    Obviously, they need to be re-rendered depending on who's viewing. You do not need to add ~~NOCACHE~~, it's done automatically.
  • The “hidden content” will still be readable in the source of the page,
    if the user is allowed to edit the page content. The plugin is meant to tailor the page to different users, not to guarantee secrecy. If that's what you are looking for, you may want to create a separate page with different access rights.
  • The plugin removes <p> tags around its content,
    in the attempt of removing any extra unspecified markup.
  • You cannot nest the <ifauth> classes.
    This would probably be possible but felt unnecessary; you can concatenate the conditions and create three <ifauth> clauses.
    <ifauth OUTER>
      Content
    </ifauth>
    <ifauth OUTER && INNER>
      More restricted content
    </ifauth>
    <ifauth OUTER>
      Again content
    </ifauth>
  • Non-existent groups and users always evaluate to false.
    Watch out for misspelled groups.
    <ifauth @users && !@addmin>
      This content will be accidentally visible to admins.
    </ifauth>
  • Malformed expressions will not render.
    If your expression is not valid, the content won't render.
    <ifauth me && someoneelse &&>
      This will never render, did you forget something?
    </ifauth>

Compatibility with the ifauth plugin

This plugin intends to replace the ifauth Plugin, but it's an independent reboot. By design, it features exactly the same syntax, plus the extra logical operators, borrowed from PHP. You can just deactivate ifauth, and activate ifauthex.

The case for writing a different plugin is because ifauth can only “or” the conditions that are specified. We had the need of specifying precisely the condition @users && !@admin, and this simple expression already cannot be specified in ifauth. So we generalized the syntax to arbitrary Boolean expression (in for a penny…).

Development

Goes without saying, this plugin does not use eval.

The plugin contains internally a relatively simple tokenizer and lexer/parser, which generates an abstract syntax tree and can evaluate it depending on the operations defined. It is not super efficient or the most flexible, but it does the job and it's reconfigurable. It is implemented in ifauthex/lib/, in the files tokenizer.php, parser.php, exceptions.php.

The grammar for this specific application is independently defined in ifauthex/lib/grammar.php, so tokenizer, lexer and parsers could be reused for other plugins.

Change Log

plugin/ifauthex.txt · Last modified: 2019-01-12 08:05 by Aleksandr