Skip navigation

Wiki Server - People - suppress for unauthenticated users

2436 Views 16 Replies Latest reply: Feb 13, 2014 6:42 AM by ElFitz RSS
1 2 Previous Next
TK321 Level 1 Level 1 (40 points)
Currently Being Moderated
Aug 31, 2012 6:20 PM

With Wiki Server 4 (Server 10.8.1), unauthenticated users hitting the web server's default home page are presented with Wiki Server's default landing page listing:

  • "My Documents"
  • "All Activity"
  • "Wikis"
  • "People"

 

If an unauthenticated user tries any of the first three items they get no content, which is great (althouh only the "My Documnets" page prompts for credentials — I think they all should).

 

However, if they hit the "People" item, it lists (exposes) all of the people on your system.

 

We don't want a list of our users exposed — we think if you are unauthenticated, you shouldn't see anything when clicking on "People".

 

Suggestions?

Mac mini, OS X Server
  • Nikk Burton Calculating status...

    The People list does need more control. 

     

    The Wiki and Activity lists shouldn't require authentication though, because you might have public wikis. Unauthenticated users will be able to see these Wikis and the Activity within them.

  • Mark23 Level 3 Level 3 (975 points)

    You're welcome

  • stephen.willis.smith Level 1 Level 1 (65 points)

    ******** PLEASE BEFORE DOING ANYTHING COPY THE CONTENT FOLDER OF THE SERVER.APP AND BACK IT UP SOMEWHERE SAFE**************

     

    I have been working on this for weeks.....  I understand some people want to be able to share there blogs and people pages but you have to understand some people don't

     

    "People pages" should be set up is the same way as wikis...  The owner(s) have the ability to give access to whom they choose.  If it is a public "people page" it shows up in search and activity, if it is private it doesn't show up (or only shows up in search results with people that have access).  I also feel you should have the ability to choose whether a person has a "people page" or not. 

     

    But it is what it is. So I'll step through what I did to make it work for me.  You do lose some services but this was my goal....

    1.  All activity does not work

    2.  Search does not work

    3.  tags do not work (I hope to fix this because I want tags....)

    4.  iPad now brings up the PC version of the wiki server, which eliminates the ability to upload files.  Some one with some java script experience maybe able to help us out but at this time I just chose to remove it....

     

    **The other thing to note is the iPad version is completely independent of the PC version (I address this also) so even if you make all these fixes someone with an iPad will still be able to search and gain access to people unauthenticated***

     

    Now all services (including the home page and people) need authentication to gain access.

     

     

    ************** Once complete you need to stop/restart wikis**************

    **************I recommend making a copy of the content file of your server app (just incase)**************

     

    Step 1.  Set up authentication: (SAVE A COPY ON THE DESKTOP BEFORE EDITING)

     

    1.Edit the controller for the wiki

    /Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/co ntrollers/application_controller.rb

    2. find the block

       helper_method :service_client, :current_user, :current_version, :page_context, :use_inline_webauth, :javascript_includes_for_locale

       helper_method :webcal_enabled?, :webmail_enabled?, :entityURL, :iphone, :ipod, :ipad

       before_filter :master_before_filter, :block_older_internet_explorer

       after_filter :master_after_filter

    3. Change to

       helper_method :service_client, :current_user, :current_version, :page_context, :use_inline_webauth, :javascript_includes_for_locale

       helper_method :webcal_enabled?, :webmail_enabled?, :entityURL, :iphone, :ipod, :ipad

       before_filter :master_before_filter, :block_older_internet_explorer

       before_filter :ensure_user_is_authenticated

       after_filter :master_after_filter

     

    2.  Remove search/all activity/tag access (SAVE A COPY TO DESKTOP BEFORE EDITING)

    Go to:

    /Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/config /routes.rb

    I removed the following lines of code:

     

        match "/updates" => redirect("/wiki/activity")

        match "/updates/:path", :to => redirect {|params| "/wiki/activity/#{params[:path]}"}

        match "/activity", :to => 'activity#index'

     

        match "/search", :to => 'find#index'

        match "/search/:id", :to => 'find#index'

        match "/find", :to => 'find#index'

        match "/find/:id", :to => 'find#index'

     

     

    3.  Remove activity from menu bars (SAVE A COPY TO DESKTOP BEFORE EDITING)

    Go to:

    /Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/config /initializers/register_apple_plugins.rb

     

    I removed these lines of code:

     

        BannerLinks::Project::Activity,

        BannerLinks::Project::Documents,

        BannerLinks::Project::Tags,

        BannerLinks::Person::Activity,

     

        Sources::Activity,

     

       Sources::MyFavorites

     

     

    4. Redirect iPad to the PC version of the wiki server. (SAVE A COPY TO DESKTOP BEFORE EDITING)

    Go to:

    Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/con trollers/application_controller.rb

     

     

    Change:

     

          if ipad and ios5plus

          redirect_url = "/wiki/ipad/#route=#{request.fullpath}"

          logger.info("Redirecting to #{redirect_url} because we detected an iPad running iOS5+")

          redirect_to redirect_url

          end

     

    To:(You could probably just remove these lines but I was still troubleshooting at the time)

     

          # if ipad and ios5plus

          # redirect_url = "/wiki/ipad/#route=#{request.fullpath}"

          # logger.info("Redirecting to #{redirect_url} because we detected an iPad running iOS5+")

          # redirect_to redirect_url

          # end

  • mehrab @ zettachem Level 1 Level 1 (0 points)

    Hi,

     

    I am begginer with apple.

    I setup a server and activated wiki,

    now people profile is just working for admin and when I click on anybody else to view or edit their profile it says:

     

    Routing Error

     

    No route matches "/wiki/people/john.dow/john_dow.html"

     

     

    any idea?

    thx in advance

  • mmurray47 Level 1 Level 1 (0 points)

    It definately closes off the Wiki People access (thanks) but now it's closed off for everyone - even authenticated users. I used "disable_people_view": 

     

    http://help.apple.com/advancedserveradmin/mac/10.8/#apd59153f0a-7ed3-4c64-9c74-3 a1fff831475.

     

    Is there a way to grant access conditionally?

  • Punctual Diva Calculating status...

    I found a solution that allows you to browse people only after logging in, rather than eliminating this entirely. (i.e. conditional access as mmurray47 asked for):

     

    In Mountain Lion you edit /Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/c ontrollers/people_controller.rb

     

    to include:

      before_filter :ensure_user_is_authenticated

     

    so now it looks like this:

    class PeopleController < BaseContainerEntityController

           

        before_filter :ensure_user_is_authenticated

         

        def container_key

           "people"  

        end

    (etc....)

     

    I'm sure next time that you update the server.app this will go away, so keep an eye on it after updates.

     

    Be sure to restart your wiki to enable this change!

  • mmurray47 Level 1 Level 1 (0 points)

    Punctual Diva!!! NICE!!!

     

    Interesting it didn't work for the Activity module also but I'll take it! 

     

    Might add I shut down the Wiki service first - then made a copy of "people_controller.rb" before the edit just in case.  Works like a charm though! 

     

    Thanks again.

  • mmurray47 Level 1 Level 1 (0 points)

    Must have spoken too soon.  After performing Punctual Diva's steps, conditional access seems to be in effect using Safari from my Mac (internal network) but NOT from Safari on my iPad (external network/3G).  What the...?

  • Matthew Jason Level 1 Level 1 (0 points)

    Hi. Sorry I am new to Ruby.

     

    I have this in my code:

     

    class PeopleController < BaseContainerEntityController

       

      def container_key

        "people"

      end

     

      def container_type

        "user"

      end

     

      def entity_for_id_param(id)

        return entity_for_id_or_login(id)

      end

     

    end

     

    Where do I insert the code suggested by Punctual Diva?

     

    Thanks.

  • mmurray47 Level 1 Level 1 (0 points)

    Matthew,

     

    DIva is clear on the insertion point.  Read her thread again and focus on what gets inserted and then the before and after example.

  • Matthew Jason Level 1 Level 1 (0 points)

    Hi.

     

    Got it. However, one more thing I am trying to do is to fix the iPad redirect.

     

    I did exactly point 4 to comment out the codes and restarted the wiki service but same result on iPad. Anything else I need to do?

     

    matthew

1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (2)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.