Contents

  1. Description
    1. Wiki
    2. Attachment
    3. Improvements
  2. Bugs/Feature Requests
  3. Download
  4. Source
  5. Example
  6. Recent Changes
  7. Author/Contributors

Protect parts of a wiki page from invalid access

Description

Wiki

With the Trac Protected macro it is possible to limit access to parts of a wiki page.

A protected part has the following syntax: 

{{{                                                
#!protected                                        
#:This is what an unauthorized user sees (optional)
This is what an authorized user sees               
}}}

A protected part can use !protected, !protected-red, !protected-blue, or !protected-green to provide access restrictions on different levels. Users will only see these protected sections when they have the permissions "PROTECTED_VIEW", "PROTECTED_RED_VIEW", "PROTECTED_BLUE_VIEW", or "PROTECTED_GREEN_VIEW", respectively. A !protected part will be rendered with a red line to the left, a !protected-blue part will be rendered with a blue line to the left, etc.

Note: when searching though the wiki the protected parts are still shown

Attachment

Attachments are protected when the key-string "!protected", "!protected-red", "!protected-blue", or "!protected-green" is present in the attachment's description. Users will only see these protected attachments when they have the permissions "PROTECTED_VIEW", "PROTECTED_RED_VIEW", "PROTECTED_BLUE_VIEW", or "PROTECTED_GREEN_VIEW", respectively.

To enable the attachment protection the conf/trac.ini must be modified. Add the ProtectedAttachmentPolicy? to the permission_policies: 

[trac]                                                                  
permission_policies = ProtectedAttachmentPolicy, DefaultPermissionPolicy

Improvements

  • SECURITY VIOLATION: When searching through the wiki protected parts are searched and shown
  • Filter out hidden parts when editing a wiki page
  • Supply an admin feature to add/edit protected-xxx
  • Supply an admin feature to edit the style/template for a permission part
  • Give visual feedback for unauthorized attachments in the attachment list

Bugs/Feature Requests

Existing bugs and feature requests for ProtectedMacro are here.

If you have any issues, create a new ticket.

Download

Download the zipped source from here.

Source

You can check out ProtectedMacro from here using Subversion, or browse the source with Trac.

Example

{{{
#!protected
#:This will only be visible to those that do not have the PROTECTED_VIEW permission
This will only be visible to those that have the PROTECTED_VIEW permission
Will show all content with a red line to the left
}}}

{{{
#!protected-red
#:This will only be visible to those that do not have the PROTECTED_RED_VIEW permission
This will only be visible to those that have the PROTECTED_RED_VIEW permission
Will show all content with a red line to the left
}}}

{{{
#!protected-blue
#:[[Include(wiki:RestrictedSection)]]
This will only be visible to those that have the PROTECTED_BLUE_VIEW permission. 
Those that do not have this permission will see the wiki page called RestictedSection
}}}

Recent Changes

[7628] by frayja on 02/17/10 08:32:48

Fix by miau: the format must be checked since the action will be 'view' when you download a plain text

[6679] by frayja on 10/12/09 14:53:40

A little code cleanup. The filter is part of wiki page security, so can be in the same class as the other wiki page security features

[6678] by frayja on 10/12/09 14:43:12

Added a security filter on other view actions such as edit and diff

[5045] by frayja on 12/22/08 09:19:14

Small changes in documentation

Author/Contributors

Author: frayja
Maintainer: frayja
Contributors: