Change Permissions on Wiki People page?

The only way I can think to do what you want requires that everyone whom you wish to permit to see the People pages be located in a pre-defined block of IP addresses. For example, you could make it so that the People pages were only visible to people coming in from your company's internal addresses or VPN address pool.

I don't have time to work out all the details, but what you'd do is use Apache's RewriteCond rules to tell Apache that "all requests for pages meeting these criteria that do not come from this set of IP addresses should be redirected to the root page."

Something like:

RewriteCond %{REMOTE_ADDR} !^123\.456\.789\.0$

RewriteCond %{REQUEST_URI} ^/people_page\.html$ [NC]

RewriteRule ^(.*) /root_page.html [R]

But don't take my syntax as necessarily correct - you'll have to root around Apache's website to work out the proper commands.

I've encountered the same problem. We're running 10.7.2 and the only solution I've found is to edit the actual code to require that the user be authenticated in order to view the people page. This probably isn't a good long term solution, but just in case you're interested here's what I did.

1) Edit the file /usr/share/collabd/coreclient/app/controllers/people_controller.rb to include 'before_filter :ensure_user_is_authenticated' at the top of the PeopleController class definition.

2) Stop and restart the wiki server (serveradmin stop wiki;serveradmin start wiki).

This will prevent unauthenticated users from seeing the people pages. Note that this change will likely be overwritten when you upgrade.

Hope this helps.

These are neat little config files. It looks like you could make other changes as well, such as restricting People access to only users with Owner privileges. I wish I knew more about what options I could use in these files.

I must admit that I am a little bit confused. Is it the build in Wiki in Mac OS X 10.7?

If this is the case you should just set your wiki not to be public.

And then set the access for each wiki when you create it

Did I miss the point, or are the solutions proposed here a little bit to complicated when the needed controll is already build in by Apple?

I think you did miss the point. The OP wants to have a public wiki, so he can share information with anyone, but private People pages, so only logged-in users can see personal details of contributors.

Thanks for the info, it worked like a charm! Now I have another question for the Wiki gurus. Let's say I have two People, Amy and John. Technically Amy owns Amy's People page and John owns his own, I'm assuming. The problem I have is Amy can change John's People page and Vice Versa with John and Amy. Is there a way to drill the permissions down any further to only allow Amy to change her People page and no one else's? Thanks for any info on this topic!

My initial guess is no, because the Wiki server isn't designed to work like this. It thinks of people as members of collaborative workgroups, so there's no need to prohibit authorized users from making changes.

Maybe a workaround would be to use the Blogs feature. You could create a blog for each user and put their personal info there. Then only that user could edit that info.

What I ended up doing is removing people pages (no one has a people page or blog) and making a wiki for each person (giving them owner rights on that wiki) they can then allow all logged in users to view but not edit and they can allow certain users read/write access..... This seems much easier to control for my needs

Thanks for the info Colin, I cracked the nut, so to speak. It seems I had marked Amy and John and admins to the server so no matter what the permissions for the People and Blog pages, both could do whatever they wanted to to each other. Once I create a user account, Frank, as a standard user then Frank could only edit Frank's pages and not Amy's. But Amy could edit anything Frank did. It all makes sense now. I just won't give Admin rights to the users on the Wiki to make it all easier. Thanks again everyone! 😁

Just an update for everyone. It seems Apple did not fix the People permissions in 10.7.3 Server. Boo! Oh well, just be sure to backup the people_controller.rb file before you update to 10.7.3. The edited file still works in 10.7.3, just turn off Wiki Server, move the file back in, and turn on Wiki Server. Maybe in 10.7.4???

Gregory, sorry to say 10.7.4 has not fixed the problem.

I had installed the latest update to 10.7.4 prior to seeing this thread to fix problem of publicly viewable people pages. So sad to say Apple still haven't seen the importance of securing our personal information in their wikis.

I have now ran the fix suggested by attymullins and can confirm the fix is still valid and works for 10.7.4 (11E53)

Do we have to wait for Mountain Lion for this feature to be a default?

Still seems to be a problem with Mountail Lion!

Does the fix suggested by attymullins still wrok with Mountain Lion?