Could someone point out where I could implement a template variable? I would like an IS_ADMIN. I'm pretty sure I could do it but I'm sure someone has an opinion on where this might belong. I want to hide the edit links on my blog for non-admin users.
This isn't possible without out-of-band mechanisms (Javascript or something). ikiwiki produces static HTML; template variables are evaluated when the HTML is compiled, and admins and non-admins see the exact same file.
(More precisely, URLs containing
/ikiwiki.cgi/are dynamically-generated pages; everything else is static.)Ok, I think I get it. The template is used when IkiWiki is compiling the static pages, then users access the static pages. So at the time the templates are compiled there isn't a concept of who is accessing the page or what their session may be like (be it admin or anon or whatever).
Is there a simple way to serve a different static page based on session information? Off the top of my head I would say no but I thought I would ask. I suppose I could try to compile two static sites, one for me and one for the world. That would solve my IS_ADMIN problem, but I don't think its a solution for similar types of things.
I like ikiwiki for what it is, I get the feeling I may be asking it to do something it wasn't meant to do. If so I'd appreciate it if someone told me to stop trying. justint
Yes, this is the problem with what you're asking for.
No, the thing serving the static pages is your web server; IkiWiki isn't involved at all.
I've done similar in the past with two setup files, under the same user ID, running different checkouts of the same git repository - one for me, on https with httpauth, and one for the world, with only openid. You have to make them write their git wrappers to different filenames, and make the real git hook be a shell script that runs one wiki's wrapper, then the other, to refresh both wikis when something gets committed.
It's a bit fiddly to admin (you have to duplicate most setup changes in the two setup files), but can be made to work. I've given up on that in favour of having a single wiki reachable from both http and https, with httpauth only working over https.
Pretty much, yes.
I can help! "Stop trying."
But, if you want this functionality badly enough, one way you could get it would be to have all the links on all the pages (for the benefit of
NoScriptusers), use Javascript to make an XMLHTTPRequest (or something) to to a CGI action provided by a plugin (ikiwiki.cgi?do=amiadminornotor something), and if that says the user isn't an admin, hide some of the links to not confuse them.That would break the normal way that people log in to ikiwiki (by trying to do something that needs them logged-in, like editing), so you'd also want to add a "Log In" button or link (or just remember that editing your Preferences has the side-effect of logging you in).
Note that hiding the links isn't useful for security, only for usability - the actual edit obviously needs to check whether the user is a logged-in admin, and it already does.
I've done a plugin, but I haven't done a CGI one yet. I can probably handle it though. I have a little javascript, I could probably do that too.
I'm fuzzy on the log in bit, I don't know how to bring up a log in page in IkiWiki (that would just return to the calling page and not an edit page).
If I were going to do this I'd want to have a log out button appear when the user is logged in. Is it possible to add a log out function to the same plugin?
Cheap hack: make a link to
cgiurl(do => prefs)and the user will have to press Back a couple of times when they've logged inLess-cheap hack: have a CGI plugin that responds to
do=loginby doing basically the same thing asIkiWiki::needsignin, but instead of returning to theQUERY_STRING, return to the HTTP referer, or a page whose name is passed in the query string, or some such.I don't see why not; you could create it from Javascript for logged-in users only. That'd close the bug logout in ikiwiki (see that bug for related ideas).