Content Protection¶
This page contains ways to define securable content directly in the rst/md files.
Technical background and ways to configure users, roles and permissions can be found in User Management.
secure page field¶
The access per page can be directly restricted in the related md/rst file by using the field :secure: <Permission> at the beginning of the file
(also called front matter).
:secure: internal, admin
My page
=======
Some content
A page with the above example is only accessible by users, which have the permissions internal or admin.
You can also define permissions, which are not allowed:
:secure: customer, !customer_A
Customer Support
================
Call this number to get support: +1 123 456 789
This page can be accessed by every user with the permission customer, but users from customer_A shall not have access to it.
Technical background¶
During the Sphinx build, ubTrace collects the secure field-data and writes to a file called ubTrace.toml in the build folder.
This file contains all pages and their needed permissions.
When the ubTrace app is started and the user requests a specific page, ubTrace takes a look into this file and checks the user permissions against the configured ones.
If they match, content gets delivered, otherwise a response with the HTTP status 403 is returned.
secure directive¶
The directive .. secure:: <Permission> allows to set needed permissions, which a user must have to see the content.
If the user has none of the needed permissions, the content gets removed by the backend server before it is delivered to the user.
**Welcome**
Hello everybody.
.. secure:: internal
As an internal employee, you can use all internal data in the
internal section.
Feel free to read our product information.
.. secure:: support
Thanks to your support package, you have unlimited access to our support.
Just call **+01 123 456789**.
.. secure:: internal support
Thanks for your loyalty.
.. secure:: customer !support
Dear Customer, we would like to help you much more. Just buy a Support contract.
The access matrix for the above code is as follows:
Permissions |
Normal text |
Internal text |
Support text |
Loyalty text |
Sales text |
|---|---|---|---|---|---|
None / logged out |
Yes |
No |
No |
No |
No |
internal |
Yes |
Yes |
No |
Yes |
No |
support |
Yes |
No |
Yes |
Yes |
No |
internal, support |
Yes |
Yes |
Yes |
Yes |
No |
customer |
Yes |
No |
No |
Yes |
Yes |
customer, support |
Yes |
No |
Yes |
No |
No |
Example¶
Hint
The following content shows the realization of the above example code.
Login with employee@ubTrace.com, customer@ubTrace.com or admin@ubTrace.com to
see the different results. The password for all users is ubTrace.
Welcome
Hello everybody.
As an internal employee, you can use all internal data in the internal section.
Feel free to read our product information.
Thanks to your support package, you have unlimited access to our support. Just call +01 123 456789.
Thanks for your loyalty.
Dear Customer, we would like to help you much more. Just buy a Support contract.