プロジェクト

全般

プロフィール

Vote #64559

未完了

Feature Request: Wiki ACLs (Access control for individual pages)

Admin Redmine さんが3ヶ月前に追加. 3ヶ月前に更新.

ステータス:
New
優先度:
通常
担当者:
-
カテゴリ:
Wiki_1
対象バージョン:
-
開始日:
2009/01/31
期日:
進捗率:

0%

予定工数:
category_id:
1
version_id:
0
issue_org_id:
2636
author_id:
1596
assigned_to_id:
0
comments:
45
status_id:
1
tracker_id:
2
plus1:
33
affected_version:
closed_on:
affected_version_id:
ステータス-->[New]

説明

It would be nice if redmine would support ACLs (access control) for individual wiki pages or groups of wiki pages.

Our use-case:
We'd like to give out wiki access to sub-contractors, but only to the parts of the wiki that are their business.
In our case that means a given sub-contractor should see:

  • The wiki pages relevant to his project
  • Parts of the global wiki documentation that we deem non-confidential

That sub-contractor should generally not be able to see anything else. In particular not pages that are meant for other sub-contractors and internal documents that we just don't want them to see.

To achieve this goal we have experimented with creating sub-projects for individual sub-contractors but this approach is very cumbersome and error-prone. For example we are forced to copy individual pages from our global documentation to the sub-project wikis to make them available to the contractor - that duplication doesn't scale and is unmaintainable.

To better handle such situations I propose the following implementation (or similar):

  • Provide a way to tag wiki-pages with ACL-Tokens. This could be achieved with inline code, e.g. a magic line like "#ACL read,write ContractorRole" somewhere in the page source would grant read/write access to that role. Or redmine could provide nice GUI elements to achieve the same task.
  • Provide a per-project toggle to set the wiki pages to "Allow-default" or "Deny-default".
  • Provide a per-project list of default access patterns. For example in a given project we may like to set all pages whose names start with "Internal" to be set to "Deny-Default" and "read/write for RoleDevTeam". Such a patterns list would make it easy and straightforward to divide a wiki into any number of access-zones.

Well, that would be my ideas, I'm sure they can be improved - please discuss.


journals

+1
--------------------------------------------------------------------------------
+1

An simple solution would fit our needs so just internal/public per page would be enough. Where all logged in users can see "internal" pages. Of course it would even be better to integrate it into the existing Rights system.
--------------------------------------------------------------------------------
+1

I second Bernhard: A checkbox to set the page "public" or "private" would be sufficient. However, "private" pages should only be visible if a user is both logged in and member of the project the wiki is hooked to. Furthermore, wiki links from public to private pages should display an access denied info.
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1

I think that use case proposed by Jimi Jones is the really useful one, "moinmoin wiki":http://www.moinmo.in/ has that kind of ACL and is very powerful and flexible, probably to avoid the gui part (that could be complex and hard to build a simple and usable one) in a first stage use the magic first line #ACL.

Is this posible that could be implemented like a plugin?, My knowledge of ruby on rails is zero, but maybe somebody at my work aims to develop a plugin.

--------------------------------------------------------------------------------
+1
We have meeting minutes that we would like to keep confidential, but lots of other useful stuff on the Wiki, that is interesting for 'external' users. Please implement!
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
How do we go about getting this feature started?
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
SPAM

--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1 This would be extremely helpful for having clients interacting with developers on projects while keeping some content separate from them.
--------------------------------------------------------------------------------
+1.
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1

Also might be useful to extend this feature to a wiki format tag (like < pre>) that can be inserted anywhere where wiki format is accepted (issues description, etc) making parts of an issue description private is very useful

even tagging an issue notes as private or "hidden to not registered users"
--------------------------------------------------------------------------------
+1
We only need two different Wiki areas: *Public Wiki* and *Private Wiki*. Permissions would be set like today, in the Role edit. Instead of only the *Wiki* box that we have there, we'd have *Public Wiki* and *Private Wiki*.
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1

public/private setting is not good enough for our needs because our company uses Redmine to communicate with our clients and there's no public users (every user has to login).
Setting a minimum role for each wiki page would be sufficient, though.
The role of the client is 'Reporter' and some wiki pages should be visible/editable only to 'Developer' and 'Manager' (i.e. members of our comapny).
--------------------------------------------------------------------------------
Please ignore my last comment. I had just started using Redmine and expected there can be multiple wiki pages for a project...
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
Please, take a look at my plugin http://www.redmine.org/plugins/private_wiki
--------------------------------------------------------------------------------
+1
@Oleg Kandaurov, thanks i'll try your plugin
--------------------------------------------------------------------------------
+1
I want to be able to give read access for pages only to particular users or roles.
--------------------------------------------------------------------------------
We(Catincan) are interested in financially contributing to this feature if one of the redmine developers is willing to implement it.

Why not crowdfund this feature on https://www.catincan.com ?
--------------------------------------------------------------------------------
+1
We (Generali CZ) are also interested.
Is a copy of #1086.
--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+ 1
--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1 Yes please, we have information applicable to fellow 'developers' that it is not desirable to have shared with other project members.
It would be great to be able to specify that the wiki page security is set to:
* Public (anyone, signed in or not)
* Private (logged in only)
* Restricted (Black / White list based on existing 'groups')
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1.
--------------------------------------------------------------------------------
To save people looking, here are two plugins:
# "Manage Wiki View Page permission":/plugins/manage_wiki_view_page_permission [https://github.com/stpl/manage_wiki_view_page_permission]
# *Wiki permissions* [https://github.com/edtsech/redmine_wiki_permissions] [last updated 2012]
--------------------------------------------------------------------------------
and only the first one is working with current versions of ruby/redmine :(
--------------------------------------------------------------------------------
+1 long awaiting feature
--------------------------------------------------------------------------------
+1
--------------------------------------------------------------------------------
+1
unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4
--------------------------------------------------------------------------------
Heiko Robert wrote:
> unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4

Did you actually try to use it(them) on redmine 4? Or do you just assume so because of the compatible versions advertised in the plugin page:
https://www.redmine.org/plugins/manage_wiki_view_page_permission

!2020-03-27_11h41_12.png!

I imagine a scenario where this actually works with Redmine 4 but it's just the plugin maintainer that did not update the advertised supported versions.
I don't know how Redmine plugins publication work but in this scenario, I'm assuming the advertised version are not automatically checked but manually updated by the plugin maintainer.

Thanks
--------------------------------------------------------------------------------
Heiko Robert wrote:
> +1
> unfortunately the plugins mentioned in #2636#note-40 seem to be dead and don't support redmine 4

Well actually one of the plugin actually works with Redmine 4.1.0
https://www.redmine.org/plugins/manage_wiki_view_page_permission
--------------------------------------------------------------------------------


related_issues

relates,New,1086,Fine grained permissions
duplicates,Closed,8392,Grant access to particular Wiki page

Admin Redmine さんが3ヶ月前に更新

  • カテゴリWiki_1 にセット

他の形式にエクスポート: Atom PDF

いいね!0
いいね!0