I'm using MediaWiki 1.27.4 running on Ubuntu 16.4 I've got confused with the following task: how to deny view to All pages for certain users (who has account in my wiki) or How to allow view per group . The goal to achieve is to have no access to pages on wiki except allowed few for some users.
I've tried some extensions but can't find a solution for ~180 pages and less than hundred of users.
Related
We are evaluating Drupal as an enterprise CMS and need some help/recommendations for the following features.
Multi Step Approval Workflows with reassignments
PDF files in the media library requires authentication to view/download - Does drupal have any security features that does not allow anonymous access to media files?
Does Drupal support Roles, User Groups and security groups? We are looking to restrict users from certain areas of the website and CMS based on group and role permissions.
I understand that Drupal is modular by design so there are lots of modules available that does similar things or these functions available in Core?
Appreciate any advise/experience that members can share.
Thank you.
Drupal can do all these things.
Multi Step Approval Workflows with reassignments
There is the Workbench moderation module, but also now in Drupal core as of 8.4, the Content moderation system is available. You might need to do some research on how content review might be assigned to a specific user.
PDF files in the media library requires authentication to view/download - Does drupal have any security features that does not allow anonymous access to media files?
Yes, Drupal has a private file system available in core. You need to set this up when you are setting up the file fields initially, because converting from a public to private file system is a bit of a messy process (I literally just did it a couple months ago for a project). It you can store files in a directory outside of your webroot, and the user will request a path like /file/system/1234, and all appropriate access checks are made. You might need to set up some additional permissions to have these access checks respect things like "groups" or any other access rules that you want to implement.
Does Drupal support Roles, User Groups and security groups? We are looking to restrict users from certain areas of the website and CMS based on group and role permissions.
Yes! "Roles" are available out of the box in Drupal. You can define as many roles as you like, and apply permissions to each role.
There is a module called "Organic Groups" which provides the group functionality. You can restrict content access to group members as well. You can even define roles within a group, so different users can manage the group.
Currently, we are running 2 web pages based on WordPress, custom application built in JS (Hapi, Angular, Mongo), as well as self-hosted GitLab repository and hosting based on ISP Config. Currently, user which want to use more than 1 service is forced to create multiple accounts.
What would be the best approach to centralize it assuming that we want:
a user to use same credentials on each page
allow a user to log in using social login (Facebook, Google, Twitter) and still keep his single profile
centralize information about user services, usage and billing information (invoices)
We do not want overcomplicate the solution, therefore, we don't want to centralize access management and obtain them from centralized server, each page/service will maintain it's on it own (i.e. when user makes a purchase in on of the WP sites (woocommerce) wordpress itself will maintain order and we will write custom code to report sale to centralized system for billing purpose)
We are currently considering using LDAP or Kerberos, what would suit better?
Secondly - how to cover part regarding social login? I assume that we should still allow user register using OAuth2 and somehow synchronise the data between each service and centralized system. Is there another way?
Your desires [correct me if I'm wrong]:
You have two apps that are essentially separate things.
These apps can be served from a web page via HTTP, and either don't
have an auth system or need one revamped.
You want a centralized login system with social auth.
You have a single business entity.
You want a single, combined source of data for e-commerce.
You are essentially setting this up from scratch on the WordPress
backend side, there is no current mixed ecosystem of users.
My thoughts:
You DO NOT want LDAP or Kerberos. Those solutions are much too complex for this situation.
You want a SINGLE WordPress install. You can easily setup the backend to answer to multiple domains. In other words a single wordpress install can handle pages at "domain1.com" and "domain2.com" and render the pages with compleately different headers and text to make them APPEAR as two sites. There is no reason to maintain two separate lists of users, because you want a single system to login. Differentiate the users based on their business data, i.e. user1 has data "registered on SiteA", user2 had data "registered on SiteB" etc.
You can place your app into a WordPress page, then use is_user_logged_in() to firewall it behind WordPress. This is an industry standard method of auth and extremely secure if setup correctly. Or if it's a data api, you can place it as an endpoint and leverage the exact same auth system.
Any of the major social auth plugins that are popular in the free .org repo should work out the box with this method.
If you are going to associate blogging, that is, many "posts" about the products, and you want those blogs to be different ecosystems, with different sets of users, you are looking for WordPress Multi-Site. I don't think this is what you want. You don't sound like you are going to "blog". Or at least every page is going to be meticulously curated on these combined sites. So you're probably looking for just a single install to serve content to two domains. NOT MULTISITE.
You should use WooCommerce, simply because it is the most widely supported platform. Setup is 100% free.
You can easily serve pages that are branded totally differently, even in one install. For instance, one WordPress site can serve pages to two domains, and put different logos and headers on the top of the page to make them appear different. One physical machine can serve two domains.
Bottom line: You want a single WordPress setup on a single machine, serving two domains. The content and appearance on the domains can be different at will. Use any popular social auth plugins in the .org repo to firewall the apps.
I've found some useful information on this subject, but haven't found any solutions that works. I have new installs of wordpress 4.5 on all sites. I want to set up multiple Wordpress Multisite installs and share the same user database as well as cookies so users are signed in as they move from site to site.
Sharing the database tables is easy. However, sharing login status via shared cookies hasn't worked.
I've tried every variation of
define('COOKIE_DOMAIN', '.domain.com');
define('COOKIEPATH', '/');
define( 'SITECOOKIEPATH', '/');
and a few other and still no go.
Here's what I would like to accomplish: I need to set up a solution where users are shared across several subdomains. The reason for multiple Multisite installs is that each Multisite has a different purpose and requires the ability to set up segregated sites. We still need to use the same main members list and keep members logged in across all the sections. For example, a clubs site at clubs.domain.com where each club has its own site under clubs.domain.com/smallclub. Another subdomains (members.domain.com) will offer the ability for regular members to create pages at members.domain.com/myusername. Everything about this is easy except keeping members logged in as they move from subdomain to subdomain. Shared user database is easy (more or less), but reporting the login status via cookies hasn't worked.
Any insight is appreciated.
I am running a Drupal 7 site, and I need to allow users to view unpublished nodes, I did check the "Bypass content access control" in permissions page for both authenticated and anonymous users, but instead of "Access denied" I keep getting "The page isn't redirecting properly", while debugging the site with NetBeans, I did notice it goes into infinite loop when visiting that URL.
Any modules/hooks you suggest me using, that'll be great.
The module views unpublished allows you to grant access for specific user roles to view unpublished nodes of a specific type. Access control is quite granular in this regard. Additionally, using this module does not require any modifications to your existing URL structure.
django 1.5.1
django cms 2.4.2
i am just learning django-cms and am working on my first test site. I searched this site and googled for these questions but can't find any answers which is why I am posting here.... Any help would be appreciated!
Through the admin page (as superuser) i added a group with permission to add/change/delete pages in addition to other permissions.
I create a user and assign the user to this group.
First of all, if i don't specify that user as staff then they can't access the admin site to login to begin with - this just doesn't make sense to me: what's the point of a user who never has the option to log in? Or is there something I'm missing - is there another way to log in besides the admin site itself.
Second, after marking that user as staff, and keeping in mind that the user is a member of group with permission to add/edit/delete pages, when the user logs in he can perform other admin tasks that he was given permissions for but still can't add/edit/delete pages. Although pages shows up as an object there is no link to the page list.
The Staff setting is to differentiate between users who are allowed to access the Django admin and users who aren't i.e. regular users who have signed up to your website via a registration form.
I had the same problem as you creating a new non-superuser user and not being able to add or edit pages as that user. It turned out that I needed to set CMS_PERMISSION = False in my settings.py.
If CMS_PERMISSION == True, you get a more fine-grained permissions framework where each page has its own list of users who are allowed to view and edit it, so permission to edit is done on a page-by-page basis (unless you're a superuser). If you don't need that functionality, I suggest you turn it off.
If you do want the more fine-grained permissions system, but you also want some users to be able to edit any page on the site, log in to django admin as a superuser and look at Cms -> Pages global permissions. From there you can give blanket edit rights to any user or group.