[pmwiki-users] Help :How to hide command buttons from normal viewers, but not from administrators ?

Tamara Temple tamouse.lists at gmail.com
Sat Jun 22 09:36:12 CDT 2013 

Thant Sin Lin <tslin.ucsy at gmail.com> wrote:
> Thanks for the reply.
> 
> These markups (: :)  are for pages, right?
> Then, I have to add them at every pages?

There are various ways of doing this, but it really depends...

> Can I do this in my skin_name.tmpl file? I moved command buttons out of the div "wikibody".

Yes, you can. Read up on skins in the Cookbook.

> And on the first load, I haven't fill in edit password and I am not authenticated. So, those buttons don't appear.
> Then, how can I fill password? Normally, I can enter password when I click on edit link (if i set edit password).

If you are working directly on your site (as opposed to going through
the iframe you customer's go through) you can simply add ?action=login
to the url in your address bar. This takes you to the login page.

> If I am approaching in wrong way, please advise me.

It's non-standard from the way I have used wikis, but there is really
nothing wrong with the way you are doing this.

> My resolution is - 
> We are using pmwiki to build a documentation page for our product.
> We don't want normal visitors to make any changes. (No edit, No print, No history).

You won't be able to prevent a user from printing a page from their
browser -- you have no control over that. The print action substitutes a
more suitable skin for printing, that is all it does.

What you may wish to do is completely remove the page actions from your
wiki unless the user has authenticated and is authorized for those
functions. This is easy using the (:if  :) .. (:ifend:) I showed you
previously, or it can be done from inside your skin.php file, or inside
your local/config.php file, many ways it can be done. Explore the skins
on the pmwiki site to see how people have done this.

> We want to allow only administrators to do those actions.

This should be fine; there is no particular reason to go through an
iframe to get this ability, unless you wish to hide the wiki's address
from casual users.

> If pmwiki still don't support this feature, I think I have to setup two different pmwiki pages and copy data manually :(

PmWiki supports this just fine.

Here's a couple of screenshots of my wiki that shows the difference
(this isn't exactly what you want, but demonstrates the concept):

Page actions when logged out:

https://dl.dropboxusercontent.com/u/571329/Screenshots/logged%20out%20Screenshot%20-%2006222013%20-%2009%3A26%3A26%20AM.png

(short link: http://bit.ly/15t5W4j )
Page actions when logged in:

https://dl.dropboxusercontent.com/u/571329/Screenshots/logged%20in%20Screenshot%20-%2006222013%20-%2009%3A27%3A34%20AM.png

(short link: http://bit.ly/14elaL8 )

The page actions on that skin are in the second row of the header. You
can see in the first version, there are no links to edit, attach, and
copy/move. After logging in, those appear.

The Site.PageActions contents is at:
https://gist.github.com/tamouse/5841099



> Thanks and best regards, 
> Robin



> On Fri, Jun 21, 2013 at 6:06 PM, tamouse mailing lists <tamouse.lists at gmail.com> wrote:
> 
>     On Jun 21, 2013 2:38 AM, "Thant Sin Lin" <tslin.ucsy at gmail.com> wrote:
>     >
>     > Hello, 
>     >
>     > I need to toggle visibility of command buttons "edit, history, etc...".
>     >
>     > Eg. if my page is www.mypmwiki.com, everyone visit that page don't see command buttons.
>     > If I enter www.mypmwiki.com/administrator, I want to see command buttons.
>     > Of course, even I access from second URL, I have to fill password.
>     >
>     > I know I can remove or hide command buttons from template file.
>     > But doing like this prevent everyone from editing pages including administrators.
>     >
>     > I loaded my pmwiki site inside iframe of my Main site.
>     > So I cannot edit pages by adding "?action" to URL.
>     >
>     > I don't want to create another pmwiki site for administrator and publich changes to live site everytime by copying wiki.d folder.
>     > It's Ok to create another pmwiki site if not require to copy wiki.d folder manually everytime I made changes.
>     >
>     > Please let me know how can I achieve this.
>     > I surfed the web for a long time and still can't find the solution.
>     >
>     > Thanks in advanced.
>     > Robin
>     >
>     > _______________________________________________
>     > pmwiki-users mailing list
>     > pmwiki-users at pmichaud.com
>     > http://www.pmichaud.com/mailman/listinfo/pmwiki-users
>     >
>    
>     I don't know how you manage authorization, but wrapping the buttons for admin use only is generally done like so:
>    
>     (:if auth edit:)
>     ... button stuff...
>     (:ifend:)
>    
>     also, you should have an edit password. A user can read the page source snd see the path in your iframe, and bypass your main site without precautions.
> 
> --
> Thant Sin Lin
>

More information about the pmwiki-users mailing list