Project

General

Profile

Actions

Feature #2636

open

Feature Request: Wiki ACLs (Access control for individual pages)

Added by Jim Jones almost 16 years ago. Updated over 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Wiki
Target version:
-
Start date:
2009-01-31
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

It would be nice if redmine would support ACLs (access control) for individual wiki pages or groups of wiki pages.

Our use-case:
We'd like to give out wiki access to sub-contractors, but only to the parts of the wiki that are their business.
In our case that means a given sub-contractor should see:

  • The wiki pages relevant to his project
  • Parts of the global wiki documentation that we deem non-confidential

That sub-contractor should generally not be able to see anything else. In particular not pages that are meant for other sub-contractors and internal documents that we just don't want them to see.

To achieve this goal we have experimented with creating sub-projects for individual sub-contractors but this approach is very cumbersome and error-prone. For example we are forced to copy individual pages from our global documentation to the sub-project wikis to make them available to the contractor - that duplication doesn't scale and is unmaintainable.

To better handle such situations I propose the following implementation (or similar):

  • Provide a way to tag wiki-pages with ACL-Tokens. This could be achieved with inline code, e.g. a magic line like "#ACL read,write ContractorRole" somewhere in the page source would grant read/write access to that role. Or redmine could provide nice GUI elements to achieve the same task.
  • Provide a per-project toggle to set the wiki pages to "Allow-default" or "Deny-default".
  • Provide a per-project list of default access patterns. For example in a given project we may like to set all pages whose names start with "Internal" to be set to "Deny-Default" and "read/write for RoleDevTeam". Such a patterns list would make it easy and straightforward to divide a wiki into any number of access-zones.

Well, that would be my ideas, I'm sure they can be improved - please discuss.


Files

2020-03-27_11h41_12.png (46.3 KB) 2020-03-27_11h41_12.png Tuan-Tu Tran, 2020-03-27 11:41

Related issues

Related to Redmine - Feature #1086: Fine grained permissionsNew2008-04-22

Actions
Has duplicate Redmine - Feature #8392: Grant access to particular Wiki pageClosed2011-05-18

Actions
Actions #1

Updated by Juris P almost 16 years ago

+1

Actions #2

Updated by Anonymous over 15 years ago

+1

An simple solution would fit our needs so just internal/public per page would be enough. Where all logged in users can see "internal" pages. Of course it would even be better to integrate it into the existing Rights system.

Actions #3

Updated by Sven Schwyn over 15 years ago

+1

I second Bernhard: A checkbox to set the page "public" or "private" would be sufficient. However, "private" pages should only be visible if a user is both logged in and member of the project the wiki is hooked to. Furthermore, wiki links from public to private pages should display an access denied info.

Actions #4

Updated by Lorenzo Pisani over 15 years ago

+1

Actions #5

Updated by Michael Wünsch over 15 years ago

+1

Actions #6

Updated by Felipe Reyes over 15 years ago

+1

I think that use case proposed by Jimi Jones is the really useful one, moinmoin wiki has that kind of ACL and is very powerful and flexible, probably to avoid the gui part (that could be complex and hard to build a simple and usable one) in a first stage use the magic first line #ACL.

Is this posible that could be implemented like a plugin?, My knowledge of ruby on rails is zero, but maybe somebody at my work aims to develop a plugin.

Actions #7

Updated by Michael Aye about 15 years ago

+1
We have meeting minutes that we would like to keep confidential, but lots of other useful stuff on the Wiki, that is interesting for 'external' users. Please implement!

Actions #8

Updated by Nicolas Zinopoulos about 15 years ago

+1

Actions #9

Updated by James Downs over 14 years ago

How do we go about getting this feature started?

Actions #10

Updated by Hans Schmidt about 14 years ago

+1

Actions #11

Updated by goldleaf asd about 14 years ago

SPAM

Actions #12

Updated by Yaroslav Matsera about 14 years ago

+1

Actions #13

Updated by arthur me about 14 years ago

+1 This would be extremely helpful for having clients interacting with developers on projects while keeping some content separate from them.

Actions #14

Updated by Rares Pop about 14 years ago

+1.

Actions #15

Updated by Lukas Jelonek almost 14 years ago

+1

Actions #16

Updated by Raidel del Peso almost 14 years ago

+1

Also might be useful to extend this feature to a wiki format tag (like < pre>) that can be inserted anywhere where wiki format is accepted (issues description, etc) making parts of an issue description private is very useful

even tagging an issue notes as private or "hidden to not registered users"

Actions #17

Updated by Adriano Carneiro over 13 years ago

+1
We only need two different Wiki areas: Public Wiki and Private Wiki. Permissions would be set like today, in the Role edit. Instead of only the Wiki box that we have there, we'd have Public Wiki and Private Wiki.

Actions #18

Updated by Matthias Lohr over 13 years ago

+1

Actions #19

Updated by Iwao AVE! over 13 years ago

+1

public/private setting is not good enough for our needs because our company uses Redmine to communicate with our clients and there's no public users (every user has to login).
Setting a minimum role for each wiki page would be sufficient, though.
The role of the client is 'Reporter' and some wiki pages should be visible/editable only to 'Developer' and 'Manager' (i.e. members of our comapny).

Actions #20

Updated by Iwao AVE! over 13 years ago

Please ignore my last comment. I had just started using Redmine and expected there can be multiple wiki pages for a project...

Actions #21

Updated by Igor Zubkov about 13 years ago

+1

Actions #22

Updated by Naveen Prabhu almost 13 years ago

+1

Actions #23

Updated by Mikhail Tcishewsky almost 13 years ago

+1

Actions #25

Updated by Oleg Kandaurov over 12 years ago

Please, take a look at my plugin http://www.redmine.org/plugins/private_wiki

Actions #26

Updated by Anton Gillert over 12 years ago

+1
Oleg Volossetski Kandaurov, thanks i'll try your plugin

Actions #27

Updated by Vasa Maximov about 12 years ago

+1
I want to be able to give read access for pages only to particular users or roles.

Actions #28

Updated by Antuan Shakhin over 11 years ago

We(Catincan) are interested in financially contributing to this feature if one of the redmine developers is willing to implement it.

Why not crowdfund this feature on https://www.catincan.com ?

Actions #29

Updated by Hans Ginzel over 10 years ago

+1
We (Generali CZ) are also interested.
Is a copy of #1086.

Actions #30

Updated by Toshi MARUYAMA about 10 years ago

Actions #31

Updated by [ Desperados ] about 9 years ago

+1

Actions #32

Updated by Anh Le Giang almost 9 years ago

+ 1

Actions #33

Updated by Toshi MARUYAMA almost 9 years ago

  • Has duplicate Feature #8392: Grant access to particular Wiki page added
Actions #34

Updated by Cristiano Cesario over 8 years ago

+1

Actions #35

Updated by Michael Schaefer over 8 years ago

+1

Actions #36

Updated by Phil Valentine almost 8 years ago

+1 Yes please, we have information applicable to fellow 'developers' that it is not desirable to have shared with other project members.
It would be great to be able to specify that the wiki page security is set to:
  • Public (anyone, signed in or not)
  • Private (logged in only)
  • Restricted (Black / White list based on existing 'groups')
Actions #37

Updated by Salvo Rapisarda almost 8 years ago

+1

Actions #39

Updated by @ go2null about 7 years ago

Actions #40

Updated by cyril Thibout about 7 years ago

and only the first one is working with current versions of ruby/redmine :(

Actions #41

Updated by Maksim Makhniuk about 7 years ago

+1 long awaiting feature

Actions #42

Updated by Kamil . about 6 years ago

+1

Actions #43

Updated by Heiko Robert about 5 years ago

+1
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4

Actions #44

Updated by Tuan-Tu Tran over 4 years ago

Heiko Robert wrote:

unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4

Did you actually try to use it(them) on redmine 4? Or do you just assume so because of the compatible versions advertised in the plugin page:
https://www.redmine.org/plugins/manage_wiki_view_page_permission

I imagine a scenario where this actually works with Redmine 4 but it's just the plugin maintainer that did not update the advertised supported versions.
I don't know how Redmine plugins publication work but in this scenario, I'm assuming the advertised version are not automatically checked but manually updated by the plugin maintainer.

Thanks

Actions #45

Updated by Tuan-Tu Tran over 4 years ago

Heiko Robert wrote:

+1
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4

Well actually one of the plugin actually works with Redmine 4.1.0
https://www.redmine.org/plugins/manage_wiki_view_page_permission

Actions

Also available in: Atom PDF