DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:ipgroup

IP Group Plugin

Compatible with DokuWiki

  • 2017-02-19 "Frusterick Manners" unknown
  • 2016-06-26 "Elenor Of Tsort" unknown
  • 2015-08-10 "Detritus" unknown
  • 2014-09-29 "Hrun" yes

plugin Allows administrators to map (anonymous) users from specified networks to a single group.

Last updated on
2011-11-14
Provides
Admin, Action
Repository
Source

Similar to iptrust

Tagged with acl, groups, ip

This plugin allows administrators to map (anonymous) users to a group. Users accessing the wiki from the specified network will be added to the given virtual group.

Download

Download and install the plugin using the Plugin Manager using the URL given above. Refer to Plugins on how to install plugins manually.

Changes

  • use plugin for RSS-Feeds (2011/04/07)
    (purge of feedcache is recommend: find data/cache/ -name *.feed | xargs rm)
  • use plugin for AJAX-based search (2011/05/22)
  • use plugin for Media-Manager (2011/10/19)
  • use plugin for Media-Details (2011/11/09)
  • fixed errormessage with empty config file (2011/11/14, thx to Marc Theilhaber)

Known Issues

Media Access

The plugin did not work for media/file access (depends on Bug #2103) and media details. (This bug has gone un-included for years. please bug the devs if you find this useful!)

In the release 2014-05-05 “Ponder Stibbons” this feature is implemented. — Klap-inKlap-in

2014/02/27
Seems not working to me… Still had to patch manually - dan
same for me… even in 2014-05-05a its not working for me… Is someone outside where its working?- mrlight 2014/07/05

Solution/Patches

fetch.php.patch
--- lib/exe/fetch.php.old   2011-01-16 19:04:09.000000000 +0100
+++ lib/exe/fetch.php   2011-06-20 21:04:34.993547069 +0200
@@ -27,6 +27,10 @@
     $DL   = true;
   }

+  $evt = new Doku_Event('MEDIA_SENDFILE_PREPROCESS', $data);
+  if (!$evt->advise_before())
+    exit;
+
   // check for permissions, preconditions and cache external files
   list($STATUS, $STATUSMESSAGE) = checkFileStatus($MEDIA, $FILE);
 
detail.php.patch
--- lib/exe/detail.php.orig     2011-11-09 20:57:56.845166714 +0100
+++ lib/exe/detail.php  2011-10-20 12:29:14.442462847 +0200
@@ -5,6 +5,10 @@
 //close session
 session_write_close();
 
+$evt = new Doku_Event('MEDIA_DETAIL_PREPROCESS', $data);
+if (!$evt->advise_before())
+  exit;
+
 $IMG  = getID('media');
 $ID   = cleanID($_REQUEST['id']);
 
ipgroup-action.php.patch
--- lib/plugins/ipgroup/action.php.orig 2011-11-09 20:52:43.280744547 +0100
+++ lib/plugins/ipgroup/action.php      2011-11-09 20:55:05.626565921 +0100
@@ -36,6 +36,8 @@
         $controller->register_hook('FEED_OPTS_POSTPROCESS', 'BEFORE', $this, 'start');
         $controller->register_hook('SEARCH_QUERY_PAGELOOKUP', 'BEFORE', $this, 'start');
         $controller->register_hook('MEDIAMANAGER_STARTED', 'BEFORE', $this, 'start');
+        $controller->register_hook('MEDIA_SENDFILE_PREPROCESS', 'BEFORE', $this, 'start');
+        $controller->register_hook('MEDIA_DETAIL_PREPROCESS', 'BEFORE', $this, 'start');
     }
 
     function start(&$event, $param) {

Ignored user-specific rights

User-specific rights are ignored if the plugin is used.

Solution/Patches

--- action.php.old      2013-06-04 13:53:47.564281400 +0200
+++ action.php  2013-06-04 13:54:20.582312301 +0200
@@ -83,7 +83,7 @@
 
                // Overwrite Permissions
                $GLOBALS['USERINFO']['grps'] = $grps;
-               $GLOBALS['INFO']['perm'] = auth_aclcheck($GLOBALS['ID'],'', $grps);
+               $GLOBALS['INFO']['perm'] = auth_aclcheck($GLOBALS['ID'],$_SERVER['REMOTE_USER'], $grps);
 
                // Overwrite writable/editable-flags (as done in lib/common.php/pageinfo():137 before)
                if($GLOBALS['INFO']['exists']){

How to use

As an example we will create a separate group that has read access everywhere based upon an IP address.

Make sure you are an administrator and install the package with the Extension Manager on the Admin page (you can find the Admin screen by clicking on 'Admin' at the top, just right of your name).

After installation, on the Admin screen , an additional entry IPGroup Manager appears.

First we create a group with the name lan and read rights to all data in the wiki : Open the Amdin panel and go to the “Access Control List Management” screen. In the left panel select [root] as we want to apply this group to everything. At the right, in the empty case right of the Group pull down selector, you can enter the name of a new group you want to create. Enter lan and press Select. You should use lower case for the group name as the system seems to convert upper case to lower case. Then a radio button list appears, where you can select 'None / Read / Edit …' for this new group. Select 'Read' and press 'Save'.
A new group with the name @lan and read access to root (and everything below) is created, and you can see the group listed at the bottom of the screen.

Now we must tell the system that everybody with a certain IP address is member of this group. Go again to the Admin screen and click IPGroup Manager. Here you can enter a group name and an IP range. For the group name, enter lan (lower case, do not add the @ sign), and the IP range (eg 10.100.0.0/16 for everybody in the 10.100.0.0 .. 10.100.255.255 range) and click save.

plugin/ipgroup.txt · Last modified: 2015-05-06 13:25 by herman.c