Skip to content

Commit

Permalink
Merge pull request #359 from pratikb64/guest-access
Browse files Browse the repository at this point in the history 
feat: feature to disable guest access to wiki & fix api private page …
  • Loading branch information
@pratikb64
pratikb64 authored Feb 21, 2025
2 parents 9d54358 + ee0664a commit 26caeb2
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 5 deletions.
27 changes: 23 additions & 4 deletions wiki/wiki/doctype/wiki_page/wiki_page.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,8 +150,16 @@ def update_page(self, title, content, edit_message, raised_by=None):
self.save()

def verify_permission(self):
permitted = self.allow_guest or frappe.session.user != "Guest"
if not permitted:
wiki_settings = frappe.get_single("Wiki Settings")
user_is_guest = frappe.session.user == "Guest"

disable_guest_access = False
if wiki_settings.disable_guest_access and user_is_guest:
disable_guest_access = True

access_permitted = self.allow_guest or not user_is_guest

if not access_permitted or disable_guest_access:
frappe.local.response["type"] = "redirect"
frappe.local.response["location"] = "/login?" + urlencode({"redirect-to": frappe.request.url})
raise frappe.Redirect
Expand Down Expand Up @@ -640,17 +648,28 @@ def get_markdown_content(wikiPageName, wikiPagePatch):
@frappe.whitelist(allow_guest=True)
def get_page_content(wiki_page_name: str):
html_cache_key = f"wiki_page_html:{wiki_page_name}"

content = frappe.cache.hget(html_cache_key, "content")
page_title = frappe.cache.hget(html_cache_key, "page_title")
# TOC can be "None" if user has disabled it
toc_html = frappe.cache.hget(html_cache_key, "toc_html")

wiki_page = frappe.get_cached_doc("Wiki Page", wiki_page_name)
wiki_settings = frappe.get_single("Wiki Settings")

user_is_guest = frappe.session.user == "Guest"
disable_guest_access = False
if wiki_settings.disable_guest_access and user_is_guest:
disable_guest_access = True

if not wiki_page.allow_guest or disable_guest_access:
frappe.local.response.http_status_code = 403
frappe.throw(_("You are not permitted to access this page"), frappe.PermissionError)

if not all([content, page_title]):
wiki_page = frappe.get_cached_doc("Wiki Page", wiki_page_name)
md_content = wiki_page.content

content = frappe.utils.md_to_html(md_content)
wiki_settings = frappe.get_single("Wiki Settings")
toc_html = wiki_page.calculate_toc_html(content) if wiki_settings.enable_table_of_contents else None
page_title = wiki_page.title

Expand Down
9 changes: 8 additions & 1 deletion wiki/wiki/doctype/wiki_settings/wiki_settings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
"table_of_contents_section",
"collapse_sidebar_groups",
"enable_table_of_contents",
"disable_guest_access",
"navbar_tab",
"navbar_column",
"navbar",
Expand Down Expand Up @@ -165,12 +166,18 @@
"fieldtype": "Table",
"label": "App Switcher List",
"options": "Wiki App Switcher List Table"
},
{
"default": "0",
"fieldname": "disable_guest_access",
"fieldtype": "Check",
"label": "Disable guest access"
}
],
"index_web_pages_for_search": 1,
"issingle": 1,
"links": [],
"modified": "2025-02-19 15:41:34.635439",
"modified": "2025-02-21 15:58:45.056326",
"modified_by": "Administrator",
"module": "Wiki",
"name": "Wiki Settings",
Expand Down

0 comments on commit 26caeb2

Please sign in to comment.