GuestPass, GuestPasses and GuestPassFile

Background and rationale

MoinMoin pages can be protected from being viewed by unauthorised users by Access Control Lists (ACL). ACL can be used to grant individuals or groups access to a page. However, it could be handy to occasionally give people (without user accounts) read access to an otherwise restricted page. Of course, a static copy of a page could be sent to them, but if the page is subject to change, this might not be the ideal solution, and would not be overly convenient. A mechanism to issue guest passes would be a more elegant solution.

Description

The GuestPass action allows the creation and retirement of guest passes for individual, non-public pages for which the creator has write privileges. A link is created that can be given to anyone the user wishes to read the page. This link gives access to the page and attachments with links on the page created by the GuestPassFile macro. Guest passes expire after 30 days.

Access checking by in MoinMoin.action.__init__.py prevents actions (both inbuilt and plugin) from being being invoked for pages for with the user does not have read access. So, by design, an anonymous user cannot gain access to a non-public page by using a URL with an action parameter. Consequently to facilitate the GuestPass action, MoinMoin.action.__init__.py must be modified to allow this action to pass and for it to take over responsibility for anonymous user access to a page. GuestPass action will only allow read access to a page, and only when the user is anonymous or a logged in user does not already have read access to the page (including the creator of the guest pass). Access to attached files is controlled by the GuestPassFile macro, which only allows views and downloads. Guest pass users cannot upload, delete, move, unzip or perform any other such action on attached files.

The GuestPasses macro allows the user to obtain a listing of all currently valid guest passes they have created. The superuser can obtain a listing of all currently valid guest passes including the name of the user that created them.

Usage

The GuestPass dialog is opened by selecting GuestPass from the "More actions" menu. Although it is possible to put a link in the pages with the <<Action()>> macro, this makes no sense, as it would be visible to, but not usable by, the guest pass user.

If there is no currently valid guest pass for the page, the GuestPass dialog offers only the options to create a guest pass or cancel the action. When valid guest passes exist, they are listed, and one or more can be selected for retirement. Guest passes that are retired are not deleted but superseded by passes with 0 days till expiry.

GuestPass action has two companion macros and requires a logfile module.

<<GuestPasses(page=pagename)>> inserts a table of currently valid guest passes created by the current user for all pages (or a particular page, if specified). The links can be copied and sent to someone to invite them to view the page. For security reasons, the table can only be displayed on a page writable by the current user and not readable publicly. The superuser, however, can view passes created by all users.

<<GuestPassFile(filename=filename)>> inserts a link to an attached file when the page has been accessed using a guest pass. If the page is accessed normally, it creates a link equivalent to [[attachment:filename]]. If the file is not attached, a message that the file is not available is given to a guest pass user, or an upload file link for a normal user. Embedding attached files (e.g. filename) work on a guest pass accessed page, so no special arrangements are needed.

The module passlog.py, installed in wiki.data.pulugin.logfile (see #Prerequisites below) handles the access to the log of guest passes created. Guest passes are never deleted, they are either expired or retired. So pass-log contains a complete history of guest pass creation/retirement.

When a page is accessed using a guest pass, a message in the header provides the guest pass link to the page, the number of days till expiry, and links for print view and PDF creation. For PDF creation to work, the PDF action needs to be installed and preferably, a slight modification to MoinMoin.page.py made (see under prerequisites).

Prerequisites

To allow GuestPass action to be recognised as an available action for non-readable pages in MoinMoin.action.__init__.py, the initial code in MoinMoin.action.__init__.get_available_actions function needs to be modified.

Original

   1         if not user.may.read(page.page_name):
   2             return []

Modified

   1         if not user.may.read(page.page_name):
   2             #return [] 
   3             return [u'GuestPass'] # original returned empty list

For this action and the companion macros to work the PassLog class is imported from passlog.py in wiki/data/plugin/logfile. This folder must also contain the standard __init__.py for plugin modules. The file is provided for download as psslog-1.0.py and must be renamed to viewlog.py when installing.

This plugin parallels the inbuilt logfile modules eventlog.py and editlog.py found in MoinMoin/logfile.

To allow TableOfContents macro to find headings in the page, it needs to be modified. To do this, copy MoinMoin.macro.TableOfContents.py to wiki.data.plugin.macro, and edit as follows.

Add the following function.

   1 def send_special(request):
   2     """
   3     Check if GuestPass used and OK to send_special
   4 
   5     """
   6     pname = request.page.page_name
   7     action = request.values.get('action', '')
   8     passcode = request.values.get('pass', '')
   9     send = action == 'GuestPass' and passcode and not request.user.may.read(pname)
  10     return send

Modify the following line.

Original

   1     output = macro.request.redirectedOutput(p.send_page,
   2                                             content_only=True,
   3                                             count_hit=False,
   4                                             omit_footnotes=True)

Modified

   1     output = macro.request.redirectedOutput(p.send_page,
   2                                             content_only=True,
   3                                             count_hit=False,
   4                                             send_special=send_special(macro.request),
   5                                             omit_footnotes=True)

To have GuestPass action call the PDF action to create a PDF of the page, it is best make a slight modification to MoinMoin.page.py. GuestPass action calls MoinMoin.page.send_page function with send_special=True, which allows pages that the user could not otherwise read to be displayed. However, this function sets the status code in the HTML headers to 403 even though send_special=True allows the page to be displayed. PDF calls wkhtmltopdf as a subprocess and it will return an error if a forbidden error (403) is received. This does not prevent the PDF being created but will litter log files.

Original

   1                     if not request.user.may.read(self.page_name):
   2                         request.status_code = 403
   3                     else:
   4                         request.status_code = 200

Modified

   1                     if not request.user.may.read(self.page_name) and \
   2                        not send_special: #added for wkhtmltopdf with guestpass
   3                         request.status_code = 403
   4                     else:
   5                         request.status_code = 200

Download & Release Notes

For installation, rename files to remove version number (e.g. -1.0).

Examples

The URL examples below would all be created automatically by the action or its macros.

Guest pass URL

Created by GuestPass action.

http://domain/wiki/PrivatePage?action=GuestPass&pass=MsM1y9KJ6m8yvNkb

Guest pass attachment URLs

Inserted by <<GuestPassFile(filename)>> into a page when accessed by a guest pass.

http://domain/wiki/PrivatePage?action=GuestPass&pass=MsM1y9KJ6m8yvNkb&do=view&show=filename

This is to view files with download link (equivalent to the inbuilt AttachFile action but without the upload form). Text files are show with highlighting if possible, images are display and zip file contents listed. Other file types are redirected to get.

The download link is the do=get link.

http://domain/wiki/PrivatePage?action=GuestPass&pass=MsM1y9KJ6m8yvNkb&do=get&show=filename

This link might still simplely display the file contents in the browser (such as PDFs in Safari) depending on the file type and browser settings. In such cases, the file can be downloaded by saving that page, or using the appropriate option in the browsers pop-up menu on the download link.

Guest pass table

<<GuestPasses(creator='all')>>

When run by the superuser generates:

History

See individual source files for details of version history.

Developed with inspiration and MoinMoin code from:

• @copyright: 2000-2004 Juergen Hermann <jh@web.de>

• @copyright: 2000-2001 Richard Jones <richard@bizarsoftware.com.au>

• @copyright: 2001 Ken Sugino (sugino@mediaone.net)

• @copyright: 2005-2010 ReimarBauer

• @copyright: 2005 AlexanderSchremmer

• @copyright: 2005 DiegoOngaro at ETSZONE (diego@etszone.com)

• @copyright: 2006-2008 ThomasWaldmann,

Copyright

• @copyright: 2013 Ian Riley <ian@riley.asia>

License

GNU GPL, see COPYING for details.

Known issues and limitations

• The links created in the page header (title and trail) do not include GuestPass parameters and will not provide the guest pass user access to the page. This might confuse some users. They should be advised to only use the link provided for guest access to the page.

• Re-displaying a page accessed by a guest pass by using the back arrow in Safari can cause some links not to operate as expected. This does not happen if the page is refreshed. This does not appear to be an issue for Firefox.

Hits

619