Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Wiki Server - People - suppress for unauthenticated users

With Wiki Server 4 (Server 10.8.1), unauthenticated users hitting the web server's default home page are presented with Wiki Server's default landing page listing:

  • "My Documents"
  • "All Activity"
  • "Wikis"
  • "People"


If an unauthenticated user tries any of the first three items they get no content, which is great (althouh only the "My Documnets" page prompts for credentials — I think they all should).


However, if they hit the "People" item, it lists (exposes) all of the people on your system.


We don't want a list of our users exposed — we think if you are unauthenticated, you shouldn't see anything when clicking on "People".


Suggestions?

Mac mini, OS X Server

Posted on Aug 31, 2012 6:20 PM

Reply
Question marked as Best reply
20 replies

Sep 1, 2012 6:34 AM in response to TK321

******** PLEASE BEFORE DOING ANYTHING COPY THE CONTENT FOLDER OF THE SERVER.APP AND BACK IT UP SOMEWHERE SAFE**************


I have been working on this for weeks..... I understand some people want to be able to share there blogs and people pages but you have to understand some people don't


"People pages" should be set up is the same way as wikis... The owner(s) have the ability to give access to whom they choose. If it is a public "people page" it shows up in search and activity, if it is private it doesn't show up (or only shows up in search results with people that have access). I also feel you should have the ability to choose whether a person has a "people page" or not.


But it is what it is. So I'll step through what I did to make it work for me. You do lose some services but this was my goal....

1. All activity does not work

2. Search does not work

3. tags do not work (I hope to fix this because I want tags....)

4. iPad now brings up the PC version of the wiki server, which eliminates the ability to upload files. Some one with some java script experience maybe able to help us out but at this time I just chose to remove it....


**The other thing to note is the iPad version is completely independent of the PC version (I address this also) so even if you make all these fixes someone with an iPad will still be able to search and gain access to people unauthenticated***


Now all services (including the home page and people) need authentication to gain access.



************** Once complete you need to stop/restart wikis**************

**************I recommend making a copy of the content file of your server app (just incase)**************


Step 1. Set up authentication: (SAVE A COPY ON THE DESKTOP BEFORE EDITING)


1.Edit the controller for the wiki

/Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/co ntrollers/application_controller.rb

2. find the block

helper_method :service_client, :current_user, :current_version, :page_context, :use_inline_webauth, :javascript_includes_for_locale

helper_method :webcal_enabled?, :webmail_enabled?, :entityURL, :iphone, :ipod, :ipad

before_filter :master_before_filter, :block_older_internet_explorer

after_filter :master_after_filter

3. Change to

helper_method :service_client, :current_user, :current_version, :page_context, :use_inline_webauth, :javascript_includes_for_locale

helper_method :webcal_enabled?, :webmail_enabled?, :entityURL, :iphone, :ipod, :ipad

before_filter :master_before_filter, :block_older_internet_explorer

before_filter :ensure_user_is_authenticated

after_filter :master_after_filter


2. Remove search/all activity/tag access (SAVE A COPY TO DESKTOP BEFORE EDITING)

Go to:

/Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/config /routes.rb

I removed the following lines of code:


match "/updates" => redirect("/wiki/activity")

match "/updates/:path", :to => redirect {|params| "/wiki/activity/#{params[:path]}"}

match "/activity", :to => 'activity#index'


match "/search", :to => 'find#index'

match "/search/:id", :to => 'find#index'

match "/find", :to => 'find#index'

match "/find/:id", :to => 'find#index'



3. Remove activity from menu bars (SAVE A COPY TO DESKTOP BEFORE EDITING)

Go to:

/Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/config /initializers/register_apple_plugins.rb


I removed these lines of code:


BannerLinks::Project::Activity,

BannerLinks::Project::Documents,

BannerLinks::Project::Tags,

BannerLinks::Person::Activity,


Sources::Activity,


Sources::MyFavorites



4. Redirect iPad to the PC version of the wiki server. (SAVE A COPY TO DESKTOP BEFORE EDITING)

Go to:

Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/con trollers/application_controller.rb



Change:


if ipad and ios5plus

redirect_url = "/wiki/ipad/#route=#{request.fullpath}"

logger.info("Redirecting to #{redirect_url} because we detected an iPad running iOS5+")

redirect_to redirect_url

end


To:(You could probably just remove these lines but I was still troubleshooting at the time)


# if ipad and ios5plus

# redirect_url = "/wiki/ipad/#route=#{request.fullpath}"

# logger.info("Redirecting to #{redirect_url} because we detected an iPad running iOS5+")

# redirect_to redirect_url

# end

Dec 28, 2012 2:59 PM in response to TK321

I found a solution that allows you to browse people only after logging in, rather than eliminating this entirely. (i.e. conditional access as mmurray47 asked for):


In Mountain Lion you edit /Applications/Server.app/Contents/ServerRoot/usr/share/collabd/coreclient/app/c ontrollers/people_controller.rb


to include:

before_filter :ensure_user_is_authenticated


so now it looks like this:

class PeopleController < BaseContainerEntityController

       

    before_filter :ensure_user_is_authenticated

     

    def container_key

       "people"  

    end

(etc....)


I'm sure next time that you update the server.app this will go away, so keep an eye on it after updates.


Be sure to restart your wiki to enable this change!

Wiki Server - People - suppress for unauthenticated users

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.