From 820b575c7df1144095f07e903cd65739d11b20c5 Mon Sep 17 00:00:00 2001
From: chrysn <chrysn@fsfe.org>
Date: Fri, 25 Apr 2014 01:21:31 +0200
Subject: [PATCH] proposed plugin

---
 doc/todo/inband_acl_data.mdwn   | 73 +++++++++++++++++++++++++++++++++
 doc/users/chrysn/interests.mdwn |  1 +
 2 files changed, 74 insertions(+)
 create mode 100644 doc/todo/inband_acl_data.mdwn

diff --git a/doc/todo/inband_acl_data.mdwn b/doc/todo/inband_acl_data.mdwn
new file mode 100644
index 000000000..f8f28b3f1
--- /dev/null
+++ b/doc/todo/inband_acl_data.mdwn
@@ -0,0 +1,73 @@
+it [[!tag wishlist]] would be nice to have acls that get their data from wiki pages.
+
+a particular use case is the [debienna wiki](http://debienna.at/) (our local
+debian usergroup), where there are few admins, but everyone who has been
+granted edit rights to the wiki should be allowed to allow other people in.
+those people can register their accounts on their own, but may only write to a
+dedicated page where they request write privileges.
+
+the setup file should look like this:
+
+    locked_pages: '!PleaseClearForEditing and !user_in_page(DebiennaGroup)'
+
+and DebiennaGroup would contain
+
+    * \[[chrysn]]
+    * \[[albert]]
+    * \[[rhonda]]
+
+etc.
+
+a suggested implementation is published on
+`git://prometheus.amsuess.com/ikiwiki-plugins` and is short enough to be quoted
+here:
+
+<!-- don't copy/paste from here, clone the git or copy/paste from the ikiwiki rendered version, i had to scape [ -->
+
+    #!/usr/bin/perl
+    # Ikiwiki "user_in_page" pagespec
+    # 
+    # The pagespec user_in_page(some_page) returns success if the currently logged
+    # in user is mentioned in a wikilink on some_page (which might be relative to
+    # the currently active page, which allows per-directory restrictions).
+    #
+    # To be precise, the string \[[${USERNAME}]] has to be present in the some_page
+    # source file.
+    
+    package IkiWiki::Plugin::user_in_page;
+    
+    package IkiWiki::PageSpec;
+    
+    sub match_user_in_page ($$;@) {
+    	my $page=shift;
+    	my $userlistpage=shift;
+    	my %params=@_;
+    	my $user=$params{user};
+    
+    	# this is relative to page, but this is intentional
+    	my $userlistpagename = IkiWiki::bestlink($page, $userlistpage);
+    
+    	# FIXME: pagesources seems not to be defined in do=edit
+    	my $userlistpagefile = "$userlistpagename/index.mdwn";
+    
+    	my $userlistpagedata = IkiWiki::readfile(IkiWiki::srcfile($userlistpagefile));
+    
+    	if ($userlistpagedata =~ /\Q\[[$user]]\E/ ) {
+    		return IkiWiki::SuccessReason->new("User $user is listed in $userlistpagename");
+    	} else {
+    		return IkiWiki::FailReason->new("User $user is not listed in $userlistpagename");
+    	}
+    }
+    
+    1
+
+before i complete this as a proposed plugin, i'd like to know
+
+* if you have better ideas to check for the delimited user name than the
+  \[[$user]] scheme?
+
+* i had to manually expand `$pagename` to `$pagename/index.mdwn` as
+  %pagesources seems to be empty in the context of `?do=edit`. how is this
+  supposed to work?
+
+--[[chrysn]]
diff --git a/doc/users/chrysn/interests.mdwn b/doc/users/chrysn/interests.mdwn
index 2db49d1ba..c25e6ed4e 100644
--- a/doc/users/chrysn/interests.mdwn
+++ b/doc/users/chrysn/interests.mdwn
@@ -21,6 +21,7 @@ these are the topics [[chrysn]] is or was interested in inside ikiwiki:
 * [[todo/calendar with "create" links]]
 * [[todo/credentials page]]
 * [[todo/flexible relationships between pages]]
+* [[todo/inband acl data]]
 * [[todo/inline postform autotitles]]
 * [[todo/internal definition list support]]
 * [[todo/mirrorlist with per-mirror usedirs settings]]
-- 
2.39.5