Sometimes it may be useful to provide "semi-protected" access to a wiki page. This can be done using a readable page in a read-protected namespace. Only a user who knows the page url can access the page.
Using the sneaky index option prevents the discovery of the namespace when using the index page. Unfortunately the page which should stay hidden is listed in changelog (feed).
A few lines of code will prevent this:
--- dokuwiki.php.orig 2011-01-16 19:04:09.000000000 +0100
+++ dokuwiki.php 2011-02-13 14:00:57.921875000 +0100
@@ -74,6 +74,7 @@
$conf['profileconfirm'] = 1; //Require current password to confirm changes to user profile
$conf['disableactions'] = ''; //comma separated list of actions to disable
$conf['sneaky_index'] = 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
+$conf['sneaky_changelog'] = 0; //check for namespace read permission in changelog/feed view (0|1) (1 might cause unexpected behavior)
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
--- changelog.php.orig 2011-01-16 19:04:09.000000000 +0100
+++ changelog.php 2011-02-13 14:09:07.906250000 +0100
@@ -244,6 +244,8 @@
* @author Ben Coburn <
btcoburn@silicodon.net>
*/
function _handleRecent($line,$ns,$flags,&$seen){
+ global $conf;
+
if(empty($line)) return false; //skip empty lines
// split the line into parts
@@ -272,6 +274,19 @@
$recent['perms'] = auth_quickaclcheck($recent['id']);
if ($recent['perms'] < AUTH_READ) return false;
+ // check namespace ACL
+ if ($conf['sneaky_changelog']) {
+ $nsTokens = explode(':', $recent['id']);
+ array_pop($nsTokens);
+ $ns = '';
+ foreach($nsTokens as $nsToken) {
+ $ns .= $nsToken . ':';
+ $nsPerms = auth_quickaclcheck($ns);
+ if ($nsPerms < AUTH_READ) return false;
+ }
+ }
+
+
// check existance
$fn = (($flags & RECENTS_MEDIA_CHANGES) ? mediaFN($recent['id']) : wikiFN($recent['id']));
if((!@file_exists($fn)) && ($flags & RECENTS_SKIP_DELETED)) return false;