[Partly solved] Ikiwiki Blogs: Anyone can register and edit everything?

homer77 · March 26, 2020, 5:51pm

I created a blog with Ikiwiki ([Partially Solved] Cannot create blog in Ikiwiki).

Problem Description
But now literally anyone can register as a user and edit any post or create some itself. Shouldn’t the user administration of the ikiwiki be the same as the freedombox’s ldap?!

Or is the user administration broken at my place because of the problems in the link above?

Like that ikiwiki would be unusable as a blog, wouldn’t it?

wind · March 26, 2020, 7:44pm

As an admin, you can prevent a user from creating and editing blogs.

homer77 · March 26, 2020, 7:58pm

Yes I know:
I can administer users in the plinth user administration and check the option to allow creating and editing wikis, right?
But in my installation I can register users on the “Preferences”-Page of the blog. That’s completely independent of the LDAP of the freedombox. And those wiki-users can alter everything in the wiki.
Furthermore there’s no option to manage the wiki’s users at all.

Actually I don’t want any other person than the blog’s admin to create and edit content in the blog.

wind · March 26, 2020, 8:26pm

Yes, you’re right, there is a registration option here that allows you to create an account…

homer77 · March 27, 2020, 12:33am

OK, I fixed this

The crucial hints came from https://ikiwiki.info/features/
and the solution were to be found at https://ikiwiki.info/plugins/.

From my point of view, there have to be some adjustments on plinth’s config files:

/etc/ikiwiki/plinth-blog.setup:

add_plugins has to be completed with at least lockedit, opendiscussion, moderatedcomments and userlist.
I would recommend about this theme, smile and remove.
The line locked_pages => "* and !postcomment(*)", has to be inserted.

[snip]
add_plugins => [qw{goodstuff websetup comments calendar sidebar trail httpa\
uth lockedit opendiscussion moderatedcomments userlist theme smiley remove}],
    rss => 1,
    atom => 1,
    syslog => 1,
    example => "blog",
    comments_pagespec => "posts/* and !*/Discussion",
    archive_pagespec => "page(posts/*) and !*/Discussion",
    locked_pages => "* and !postcomment(*)",
    global_sidebars => 0,
    discussion => 0,
    tagbase => "tags",
)

By this adjustment every newly created ‘Blog’ will allow only the admin of the tikiwiki instance to post, edit and remove by default.
Other users can comment but comments will have to be moderated by the admin.

All this can be toggled under Preferences/Setup at web.
Or you can edit the /var/lib/ikiwiki/<YourBlogsShortName>.setup file. This is the actual config file of your blog which contains all your preferences. If you have e.g. banned yourself by accident this is the place fix this … so I’ve heard
Whenever you change this setup file you must do
ikiwiki --setup /var/lib/ikiwiki/<_YourBlogsShortName_>.setup
to compile your blog/wiki to let your adjustments come into effect.
If you don’t like the very basic default … theme … you might want to add the theme plugin:
In the setup you may then input one of the names of the included themes.
Some extra themes you may e.g. git clone to /usr/share/ikiwiki/themes/ and then use as easily.
If styles are not perfectly fitting for you just add your personal stylesheets in /var/www/ikiwiki/<YourBlogsShortName>/local.css.

njoseph · March 27, 2020, 9:58am

Link to Salsa issue