Thursday, September 28, 2006

Gettin' Wikijiggered

Wikijiggered? Trust me, it's a politer word than what I'm thinking at the moment!

I've been wrestling with DokuWiki, a wiki that the TechGnome (aka Nayth) mentioned to me. It's neat - a wiki that relies only on PHP and the standard HTML/Javascript/CSS blend, no backend database (unless you want one) and no java classes (I'll come back to those in a minute). One upshot of this is that the pages are saved as text files -- yes, I said text files, vanilla flavoured, human readable, completely portable text files.

So why am ready to rip a few limbs off something? ACLs.

Access Control Lists. Or should that be Administrators Cursing Loudly? Without ACL features turned on, DokuWiki performs as expected, all is well. Turn the ACL features on, and register a new user, get a password emailed back, and login... except the username/password combo doesn't work. Aargh! How can be so close and yet so far?!

I want to set up this wiki in a school, but I don't want anyone in the world being able to hack up students' work, I'd like a certain level of security around this - if student X vandalised student Y's work, I'll be able to track X down and kick his sorry ar... erm... reprimand him. But I can't do that with someone on the other side of the planet. Hence security. Hence ACLs. And hence "Aargh".

The security issue also came up the other day with blogs. KP wanted a blog that only she and her students would access. I was looking at setting up a blogging system anyway, but had assumed that the TechGnome would know how to lock up subdirectories of our webserver - what do I tell my students until they're tired of hearing it? Never assume.

Nayth, to his credit, had not been simply resting on his laurels - the issue was that Apple had changed things significantly when they introduced OS X, Nayth had simply not had the time to dig through the manuals/forums/online support, and no one had pushed him to find out the answer.

At this point, God said "Come, let us go down and confuse them" (actually, that was the people of the Shinar plain [Genesis 11], but it works here too), and reminded Nayth of something he had seen. Mac OS X Server has a built-in weblog setup.

A quick look at this revealed that it could be locked down to specific users who would be authenticated by LDAP against the users on our file server. Hooray! Problem solved. (Never assume.)

Further inspection of this wondrous blogging system revealed what I should have suspected. It's not something Apple cooked up from scratch - in fact, it's a pruned version of Blojsom, a java-based implementation of Blosxom. Pruned? Yes - Apple have removed several aspects of the standard Blojsom implementation, added their own OS X branded skins, tied it to LDAP, and so on. The point is obviously to make it work neatly with OS X Server, which it does, but at the sacrifice of features and the user interface.

Some of this can be worked around (e.g. themes), but others present a problem. For example, WYSIWYG editing is a standard feature of most blogging systems, but Apple have removed that bit. You can probably install TinyMCE, but if you do, forget about using Safari. There's no easy way to upload images - you can put them into a folder in the web server, but then you have to add the image tags manually. (Unless I can get one of the Blojsom plugins to do this for me. And here I'm starting to get out of my depth - Blojsom is java-based, and its plugins are java classes. If it's just a case of editing some text files to enable the appropriate classes, fine, but if something goes belly-up, well... oh look, a decoy!)

And if that wasn't enough? A user can only have one blog, based on his/her username. Of course, it's possible to create a blog for a 'group', and we could create as many 'groups' as we like, but this means creating 'groups' that aren't actually groups, and cluttering up user lists, and I hate kludges like that at the best of times.

In short, Apple's Mac OS X Server weblog system is wikijiggered blogshlock. (For that matter, so is Safari. Safari could be the best browser on the planet, except that when it comes to some things, like using rich text editors in blogging systems, it's hopeless. Hmm, I can feel another rant coming on.)

Software that takes you nine-tenths of the way, and then leaves you flat on your laurels, just short of your goal - don't you hate being wikijiggered?

Oh, the shame. The ACLs weren't the problem. The problem? My bad.

It turned out that in adjusting one of the files to set up the 'superuser', Dreamweaver was saving the file with 'Mac-style' CR line endings instead of 'Linux-style' LF line endings, and this was screwing up Dokuwiki's attempts to read the user names and password hashes.

I suppose I could blame the documentation which directed me to make the changes to that file but never mentioned the necessity of ensuring that it is saved with LFs rather than CRs, but then again, that documentation is in a wiki, so I suppose the responsible thing is to go back and add this myself.

So I guess I wikijiggered my own blog post. Ain't irony a beautiful thing?


Nathan Zamprogno said...

I deny everything. References to an IT manager sharing my name are coincidental. And I'm not a gnome. I'm a midget giant, thank you.

Bdidi said...

My dear midget giant, I was not casting aspersions at you - you do a great job. And there is nothing insulting about gnomes, they are a noble race. Now if I had called you a troll...