-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permissions per Page / Directory (Allow admins to set pages as 'protected', allowing only Admins to edit those pages) #54
Comments
Thx for opening this feature request. I've thought about makeing pages configureable via YAML frontmatter. For this feature it might look like this: ---
protected: true
---
# Home
... Do you that's a viable option? |
Would there be anything preventing a normal user from adding that to a page and making it un-editable, requiring admin intervention? Or would only admins be allowed to save documents containing that type of YAML configuration? Also, if that's going to be a thing, maybe add a hidden option as well, to prevent certain pages from appearing in the search/A-Z list? |
Obviously I underestimate what disruptive or trolling peoples might could come up with. Good point. Configurations like should be limited to Admins. My assumption was that if someone encounters disruptive behaviour, the user gets the approval revoked and the changes to the pages reverted. |
To make this possible, a permissions management per page or per subdirectory would be the most viable option. I would consider this (for now) as out of scope. To discuss this further, please open another feature request. I'm curious what your use-case is. |
Another thought: Maybe permissions per page / subdirectory would be the best way to handle protected pages as well. |
Yeah, I think that's the general idea for the most part, but for some pages you kinda don't want approved users to edit them either, like a Rules page or a homepage, or high-traffic pages in general.
I'll probably open another feature request at some point, but for now it's not really important. Just a random thought I had while responding last night.
You could probably use regex or something to detect if someone is trying to change page configuration, and if they are, then check if they're an admin, if they're not, block the edit. Just make it so configuration only loads from the top of the file or something. |
I like the idea of adding an option that Admins can configure a regex to protect pages. Implementing this is nevertheless a lot of work, on the one hand it must always be tested for all changes whether this pagepath is allowed to be edited, on the other hand there are several actions in which the pagepath is not directly "visible", e.g. when a commit is reverted. When this is done we are halfway to permissions per page / subdirectory. Will think about it. Maybe this is a good feature for the 2.1.0 milestone. |
I came here just to suggest this but it looks like rcosg thought of it first, started using it today and i feel this is perfect to replace my personal YouTrack wiki and the only thing missing is the option to have it either private/public by default and being able to set one or more pages to public/private as rcosg suggested. |
The idea that I have in mind should support at least these common environments:
This feature for sure needs the concept of groups, because no one wants to configure this again and again per user ... and a concept of rules brigns together pages, groups and permissions. |
I was thinking about a repository global configuration of groups -> permissions and user -> groups mappings, that only an admin can edit. |
Title explains it, pretty much. This is useful for pages like the home page that you don't really want random people editing, but you want the rest of the wiki to be editable by other people.
The text was updated successfully, but these errors were encountered: