wiki icon indicating copy to clipboard operation
wiki copied to clipboard

Published 20 hours ago verified publisher icon frappe

Option to create internal Wiki - RBAC

Open blewsky opened this issue 3 years ago • 15 comments

It would be very beneficial if (parts of) the Wiki can be protected password. This would allow the creation of an internal wiki that could be used e.g. by employees and which isn't seen by outsiders. Currently (if I understand the wiki correctly) the wiki is automatically open to access by anyone with access to the link.

Potential solution: A check box could be added that restricts the respective page to internal use. If it is activated one could not see the page without being logged in into Frappe.

Potential conflicts: There are different roles on ERPnext/Frappe that allow external users (e.g. auditors to get access to some selected parts of ERPnext/Frappe. It could create a problem, if these external users could access the internal wiki. So it would be probably good to have restrictions on the Roles who might view the internal wiki and who not.

blewsky avatar Dec 07 '21 10:12 blewsky

Hi @blewsky Wiki can be used as a Internal Wiki We are using it For any wiki page if you turn off allow guest, it will be password protected(only logged in user can view) image

Just now I also added a small thing that a new page would inherit the value of allow guest from the page on which new page was clicked

hasnain2808 avatar Dec 08 '21 10:12 hasnain2808

A better Role based system could be really nice though

hasnain2808 avatar Dec 08 '21 10:12 hasnain2808

Exactly. More specific role based permissions would be critical if the wiki was used for internal/sensitive information. You wouldn't want to have an auditor or customer accessing your internal wiki.

blewsky avatar Dec 08 '21 11:12 blewsky

Also another use case is where a certain information is only available for Finance team, or leadership team, and not the entire company member. Linking this with Frappe Role Permission would really be awesome.

hans-permana avatar Sep 17 '22 04:09 hans-permana

Is there somehow a way to use the role-based access control used in ERPnext for the wiki? I am not familiar with the internal way how the RBAC is implemented for ERPnext. If it is something in the Frappe framework, one could probably extend it to the wiki more easily to assign roles etc. that are allowed to read/edit the wiki.

So far the lack of the RBAC is the dealbreaker for us why we can't use the wiki. Would be great to see this implemented soon. I guess without proper RBAC, the wiki is probably only of limited us as an internal knowledge base in an ERP setting (due to the above mentioned reasons by me and others).

blewsky avatar Nov 10 '22 09:11 blewsky

We really would like to use the wiki for internal documentation. Has anyone in the community succeeded to make this work? What would be needed in order to achieve this?

(The suggestion that @hasnain2808 suggested does not work for us as there are certain roles with access to the desk such as auditors who should not have access to the wiki)

blewsky avatar Jan 10 '23 19:01 blewsky

hey, this exactly what i am looking for. currently wiki version-14 have a problem that i can access the wiki page without login even when i'm not allow guest user. sometime it redirect to login page and sometime it doesn't. and that lead to serious problem that i can't put some important docs on wiki. i tried to use Basic Authentication but the wiki page log me out with a expired session message. any solution that i can keep my wiki page private?

Ragevn avatar Jun 25 '23 19:06 Ragevn

yes, It's the exactly feature what we want. We want use wiki for internal but must be limited by group of users or Department. So Hope we can define role/ permission for page level for Wiki.

Hope someone can support on this soon. best regards,

lamphanjk avatar Jun 30 '23 07:06 lamphanjk

I'll take a stab at this when I get some time

What I'm thinking of is restriction to be added in Wiki Space and not per Wiki Page as it makes more sense (set of pages are usually shared among the team instead of a single page)

BreadGenie avatar Jul 18 '23 04:07 BreadGenie

So, could I know any update on role/ permission with WIki, I love it but can not use if we can not control permission. Hope to have a good new from you. Thanks

lamphanjk avatar Sep 21 '23 09:09 lamphanjk

Hey, I haven't got the bandwidth to work on this feature yet. If anyone is interested in working on it feel free to contribute the feature.

BreadGenie avatar Sep 21 '23 09:09 BreadGenie

is any one is working on this feature ?

nilpatel42 avatar Sep 29 '23 08:09 nilpatel42

Definitely interested in this feature too! Would be great to have permissions on a wiki site for the different departments of a company. Also different permissions on who can read or write to the wiki.

cdiethelm avatar Oct 18 '23 04:10 cdiethelm

Assalam oalikum everyone,

In order to make wiki usefull for internal documentation, you need to uncheck 'allow guest to view" on doctype level of "wiki page" Screenshot 2023-12-22 004323

then also while making a "wiki page", untick the allow guest on the wiki page Screenshot 2023-12-22 004707

Now if you try to access the page, it will only open via login Note: before making your doctype changes, switch the site to develops mode "developer_mode": 1 add this line to the site_config.json save it so that the site can be developers mode

Have a great day hustlers, Happy Learning :)

SalmanShamsKhan avatar Dec 21 '23 19:12 SalmanShamsKhan

We have started working on a solution, hopefully it will be merged soon. @BreadGenie could you take a look into this: https://github.com/frappe/wiki/pull/217/commits/87957daaa30fdba25e8e2a641142df51bf9b3b43

Thank you

monolithonadmin avatar Mar 08 '24 10:03 monolithonadmin