Feature #2636
openFeature Request: Wiki ACLs (Access control for individual pages)
0%
Description
It would be nice if redmine would support ACLs (access control) for individual wiki pages or groups of wiki pages.
Our use-case:
We'd like to give out wiki access to sub-contractors, but only to the parts of the wiki that are their business.
In our case that means a given sub-contractor should see:
- The wiki pages relevant to his project
- Parts of the global wiki documentation that we deem non-confidential
That sub-contractor should generally not be able to see anything else. In particular not pages that are meant for other sub-contractors and internal documents that we just don't want them to see.
To achieve this goal we have experimented with creating sub-projects for individual sub-contractors but this approach is very cumbersome and error-prone. For example we are forced to copy individual pages from our global documentation to the sub-project wikis to make them available to the contractor - that duplication doesn't scale and is unmaintainable.
To better handle such situations I propose the following implementation (or similar):
- Provide a way to tag wiki-pages with ACL-Tokens. This could be achieved with inline code, e.g. a magic line like "#ACL read,write ContractorRole" somewhere in the page source would grant read/write access to that role. Or redmine could provide nice GUI elements to achieve the same task.
- Provide a per-project toggle to set the wiki pages to "Allow-default" or "Deny-default".
- Provide a per-project list of default access patterns. For example in a given project we may like to set all pages whose names start with "Internal" to be set to "Deny-Default" and "read/write for RoleDevTeam". Such a patterns list would make it easy and straightforward to divide a wiki into any number of access-zones.
Well, that would be my ideas, I'm sure they can be improved - please discuss.
Files
Related issues
Updated by Anonymous almost 16 years ago
+1
An simple solution would fit our needs so just internal/public per page would be enough. Where all logged in users can see "internal" pages. Of course it would even be better to integrate it into the existing Rights system.
Updated by Sven Schwyn over 15 years ago
+1
I second Bernhard: A checkbox to set the page "public" or "private" would be sufficient. However, "private" pages should only be visible if a user is both logged in and member of the project the wiki is hooked to. Furthermore, wiki links from public to private pages should display an access denied info.
Updated by Felipe Reyes over 15 years ago
+1
I think that use case proposed by Jimi Jones is the really useful one, moinmoin wiki has that kind of ACL and is very powerful and flexible, probably to avoid the gui part (that could be complex and hard to build a simple and usable one) in a first stage use the magic first line #ACL.
Is this posible that could be implemented like a plugin?, My knowledge of ruby on rails is zero, but maybe somebody at my work aims to develop a plugin.
Updated by Michael Aye about 15 years ago
+1
We have meeting minutes that we would like to keep confidential, but lots of other useful stuff on the Wiki, that is interesting for 'external' users. Please implement!
Updated by James Downs over 14 years ago
How do we go about getting this feature started?
Updated by arthur me about 14 years ago
+1 This would be extremely helpful for having clients interacting with developers on projects while keeping some content separate from them.
Updated by Raidel del Peso almost 14 years ago
+1
Also might be useful to extend this feature to a wiki format tag (like < pre>) that can be inserted anywhere where wiki format is accepted (issues description, etc) making parts of an issue description private is very useful
even tagging an issue notes as private or "hidden to not registered users"
Updated by Adriano Carneiro almost 14 years ago
+1
We only need two different Wiki areas: Public Wiki and Private Wiki. Permissions would be set like today, in the Role edit. Instead of only the Wiki box that we have there, we'd have Public Wiki and Private Wiki.
Updated by Iwao AVE! over 13 years ago
+1
public/private setting is not good enough for our needs because our company uses Redmine to communicate with our clients and there's no public users (every user has to login).
Setting a minimum role for each wiki page would be sufficient, though.
The role of the client is 'Reporter' and some wiki pages should be visible/editable only to 'Developer' and 'Manager' (i.e. members of our comapny).
Updated by Iwao AVE! over 13 years ago
Please ignore my last comment. I had just started using Redmine and expected there can be multiple wiki pages for a project...
Updated by Oleg Kandaurov almost 13 years ago
Please, take a look at my plugin http://www.redmine.org/plugins/private_wiki
Updated by Anton Gillert over 12 years ago
+1
Oleg Volossetski Kandaurov, thanks i'll try your plugin
Updated by Vasa Maximov over 12 years ago
+1
I want to be able to give read access for pages only to particular users or roles.
Updated by Antuan Shakhin almost 12 years ago
We(Catincan) are interested in financially contributing to this feature if one of the redmine developers is willing to implement it.
Why not crowdfund this feature on https://www.catincan.com ?
Updated by Hans Ginzel over 10 years ago
+1
We (Generali CZ) are also interested.
Is a copy of #1086.
Updated by Toshi MARUYAMA over 10 years ago
- Related to Feature #1086: Fine grained permissions added
Updated by Toshi MARUYAMA almost 9 years ago
- Has duplicate Feature #8392: Grant access to particular Wiki page added
Updated by Phil Valentine about 8 years ago
It would be great to be able to specify that the wiki page security is set to:
- Public (anyone, signed in or not)
- Private (logged in only)
- Restricted (Black / White list based on existing 'groups')
Updated by @ go2null about 7 years ago
- Manage Wiki View Page permission [https://github.com/stpl/manage_wiki_view_page_permission]
- Wiki permissions [https://github.com/edtsech/redmine_wiki_permissions] [last updated 2012]
Updated by cyril Thibout about 7 years ago
and only the first one is working with current versions of ruby/redmine :(
Updated by Heiko Robert about 5 years ago
+1
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4
Updated by Tuan-Tu Tran over 4 years ago
- File 2020-03-27_11h41_12.png 2020-03-27_11h41_12.png added
Heiko Robert wrote:
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4
Did you actually try to use it(them) on redmine 4? Or do you just assume so because of the compatible versions advertised in the plugin page:
https://www.redmine.org/plugins/manage_wiki_view_page_permission
I imagine a scenario where this actually works with Redmine 4 but it's just the plugin maintainer that did not update the advertised supported versions.
I don't know how Redmine plugins publication work but in this scenario, I'm assuming the advertised version are not automatically checked but manually updated by the plugin maintainer.
Thanks
Updated by Tuan-Tu Tran over 4 years ago
Heiko Robert wrote:
+1
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4
Well actually one of the plugin actually works with Redmine 4.1.0
https://www.redmine.org/plugins/manage_wiki_view_page_permission