Access controls
Uniqki has two types of pages including non-wiki and wiki pages, and supports read access controls for both types of pages using the $READ_ACCESS
setting. Because Uniqki generates static HTML files and is not involved in delivering their contents to visitors, the web server has to secure the HTML files if any of non-wiki or wiki pages has a non-open read access control. For example, if $READ_ACCESS
is open
or open:open
(open for both non-wiki and wiki pages), you don’t have to do anything because HTML files need not be secured at all.
1 Read access
Except for open
or open:open
, you have to secure HTML files to control read access and redirect any requests to Uniqki. For the Apache server, the directives in Figure 1 can be added to .htaccess. What these directives do is to redirect any HTML requests to the Uniqki script so that Uniqki can handle the requests according to the read access setting.
$READ_ACCESS
can be set to one of the following read access controls:
open
oropen:open
- Your site is fully readable by anyone.
open:closed
- Open non-wiki and closed wiki pages. Non-wiki pages are readable by anyone, but wiki pages are only readable by logged-in users. This setting alone doesn’t actually secure wiki pages because your site is static and Uniqki cannot do anything about the HTML files it has created. You have to use the web server’s directives to secure the HTML files as shown in Figure 1.
open:admin
- Open non-wiki and admin-only wiki pages. Non-wiki pages are readable by anyone, but wiki pages are only readable by admin users.
closed:open
- Closed non-wiki and open wiki pages. Non-wiki pages are only readable by logged-in users, but wiki pages are readable by anyone.
closed
orclosed:closed
- Closed non-wiki and wiki pages. Both non-wiki and wiki pages are only readable by logged-in users.
closed:admin
- Closed non-wiki and admin-only wiki pages. Non-wiki pages are only readable by logged-in users and wiki pages are only readable by admin users.
admin:open
- Admin-only non-wiki and open wiki pages. Non-wiki pages are only readable by admin users, but wiki pages are readable by anyone.
admin:closed
- Admin-only non-wiki and closed wiki pages. Non-wiki pages are only readable by admin users and wiki pages are only readable by logged-in users.
admin
oradmin:admin
- Admin-only non-wiki and wiki pages. Both non-wiki and wiki pages are only readable by admin users.
2 Write access
Non-wiki pages can only be created and edited by administrators because these pages can have powerful commands on top of the wiki-like syntax that allows for executing Perl code. Wiki pages do not allow Perl code and may be created and edited by visitors without login or users with login depending on the $WRITE_ACCESS
and $WIKI_PAGES_ALLOWED
settings. $WRITE_ACCESS
can be set to one of the following values:
open
- Anyone can edit existing wiki pages and may create new wiki pages that are allowed by
$WIKI_PAGES_ALLOWED
. closed
- Only logged-in users can edit existing wiki pages and may create new wiki pages that are allowed by
$WIKI_PAGES_ALLOWED
. admin
- Only admin users can edit existing wiki pages and may create new wiki pages that are allowed by
$WIKI_PAGES_ALLOWED
. However, admin users can create any wiki pages using the non-wikiedit
command regardless of the$WIKI_PAGES_ALLOWED
setting.