Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-17317

Manage Rights on Export

    XMLWordPrintable

Details

    • Unknown

    Description

      At the moment XAR export of a page is only allowed by admins. All other exports are open to anybody.

      In the UI we do not allow exports, hence we would not like to have exports being available through an api.

      At the moment you can only deny the exports through Apache/NGINX for instance to capture the ?format=HTML in the querystring.

      It would be great if we can manage this in the application with rights in the same way as you manage other rights.

      The export function is quite heavy on resources, hence it can be used for DDOS.

      I would suggest the following user story:

      As an admin you can set the rights based upon groups and users on who is allowed to export HTML, PDF, XAR, RTF, LaTex.

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. XWIKI-16764 Allow caching of document exports

          • Major - Major loss of function.
          • Open

          Activity

            People

              Unassigned Unassigned
              JurjenRoels Jurjen Roels
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: