Hi, Petteri!
I had in the past a bit similar use case. The solution was following:
-
- set of subwikis for exactly the same purpose: customers
should not know each other and have access to not-related projects. Subwiki registration
gives only local users.
Finally:
- Global Users as staff members have access to the their projects.
- Customers have access to their projects only.
- Inside the company there are some restricted projects also have
with no free registration and access only for some GlobalUsers.
The biggest problem was to plan all this stuff and build logic and understandable
structure both of projects and access rights to them. Now it has 30+ subwikis and 100+
users. Creation of a new project takes couple of minutes: create a new wiki from template
+ give access rights to related groups (+customization on demand).
Disadvantage of such a structure (in your use case) - one can "hack" user
details also, BUT in his project(s) only.
But sure, I would vote for having User directory in a separate Space to disable any
possibility to "hack" such an info.
Kind regards,
Dmitry
Среда, 10 июля 2013, 21:53 +03:00 от "Petteri Lyytinen"
<petteri.lyytinen(a)hannas.ee>ee>:
Briefly put, I have a wiki where anyone can register
(it's going to be used
for work-related stuff so it will be necessary to allow customers to
register and see anything and everything related to their projects, but I
want only the company employees ie. one group to be able to have access to
user details. This is due to NDA reasons as well as an effort against spam
and NSA :P
-Petteri
-----Original Message-----
From: users-bounces(a)xwiki.org [mailto:users-bounces@xwiki.org] On
Behalf Of Vincent Massol
Sent: 10. heinäkuuta 2013 17:42
To: XWiki Users
Subject: Re: [xwiki-users] Restricting users' ability to see the User
Directory
Hi,
On Jul 10, 2013, at 4:26 PM, Petteri Lyytinen < petteri.lyytinen(a)hannas.ee >
wrote:
> Hey all,
>
> I'm running my very first xwiki installation and came across a small
> issue I can't seem to be able to resolve with my limited experience of
the
product:
I need to restrict (registered) users' permission to see the user
directory to a specific group only ie. nobody else will be able to see
the list of registered users.
What I tried first was to restrict users' access to the User Directory
page but that doesn't really help since it only restricts access to
that page - not to users' profiles. You can simply manually hack the
desired username in the URL and get to see that user's profile.
How should I proceed?
I guess the only solution is to give the view rights on user pages only to
some
group/users.
This could be achieved with a script to change all existing users.
You'd also need to change the user registration code so that it adds a new
rights to user pages when they are created. Another option is to write an
even listener and have it check if the rights for the page is correct and
if not,
then programmatically set it.
I'm curious: what's your use case?
Note that in some future, we want to move all users to a specific space.
When this is done the solution will simply be to set a right at the space
level.
Thanks
-Vincent
-Petteri
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users