wiki:ProtectedMacro

Contents

  1. Description
    1. Wiki
    2. Attachment
    3. Improvements
  2. Bugs/Feature Requests
  3. Download
  4. Source
  5. Example
  6. Recent Changes
  7. Author/Contributors

Protect parts of a wiki page from invalid access

Description

Wiki

With this macro it is possible to limit access to parts of a Trac wiki page.

A protected part has the following syntax: 

{{{         
#!protected
#:This is what an unauthorized user sees (optional)
This is what an authorized user sees
}}}

A protected part can use !protected, !protected-red, !protected-blue or !protected-green to provide access restrictions on different levels. Users will only see these protected sections when they have the permissions PROTECTED_VIEW, PROTECTED_RED_VIEW, PROTECTED_BLUE_VIEW or PROTECTED_GREEN_VIEW respectively. A !protected part will be rendered with a red line to the left, a !protected-blue part will be rendered with a blue line to the left, etc.

Note: when searching though the wiki the protected parts are still shown.

Attachment

Attachments are protected when the key-string "!protected", "!protected-red", "!protected-blue", or "!protected-green" is present in the attachment's description. Users will only see these protected attachments when they have the permissions PROTECTED_VIEW, PROTECTED_RED_VIEW, PROTECTED_BLUE_VIEW or PROTECTED_GREEN_VIEW respectively.

To enable the attachment protection the conf/trac.ini must be modified. Add the ProtectedAttachmentPolicy to the permission_policies: 

[trac]
permission_policies = ProtectedAttachmentPolicy, DefaultPermissionPolicy

Improvements

  • SECURITY VIOLATION: When searching through the wiki protected parts are searched and shown
  • Filter out hidden parts when editing a wiki page
  • Supply an admin feature to add/edit protected-xxx
  • Supply an admin feature to edit the style/template for a permission part
  • Give visual feedback for unauthorized attachments in the attachment list

Bugs/Feature Requests

Existing bugs and feature requests for ProtectedMacro are here.

If you have any issues, create a new ticket.

defect

2 / 5
enhancement

1 / 1

Download

Download the zipped source from here.

Source

You can check out ProtectedMacro from here using Subversion, or browse the source with Trac.

Example

{{{
#!protected
#:This will only be visible to those that do not have the PROTECTED_VIEW permission
This will only be visible to those that have the PROTECTED_VIEW permission
Will show all content with a red line to the left
}}}

{{{
#!protected-red
#:This will only be visible to those that do not have the PROTECTED_RED_VIEW permission
This will only be visible to those that have the PROTECTED_RED_VIEW permission
Will show all content with a red line to the left
}}}

{{{
#!protected-blue
#:[[Include(wiki:RestrictedSection)]]
This will only be visible to those that have the PROTECTED_BLUE_VIEW permission. 
Those that do not have this permission will see the wiki page called RestictedSection
}}}

Recent Changes

7628 by frayja on 2010-02-17 07:32:48
Fix by miau: the format must be checked since the action will be 'view' when you download a plain text
6679 by frayja on 2009-10-12 12:53:40
A little code cleanup. The filter is part of wiki page security, so can be in the same class as the other wiki page security features
6678 by frayja on 2009-10-12 12:43:12
Added a security filter on other view actions such as edit and diff
(more)

Author/Contributors

Author: frayja
Maintainer: frayja
Contributors:

Last modified 8 years ago Last modified on Mar 8, 2017, 8:05:25 PM