The Disclose-Secret plugin only shows Wordpress content to other users if they meet certain access criteria.
Download Disclose-Secret 2.3 here!
Because I hate cool plugins that are badly documented. Even the smallest piece of code needs some documentation. The following text is pretty exhaustive. Feel free to skip the sections you are not interested in. If you have a question about the plugin please first make sure you refer to the latest version of the plugin and the question is not answered on this page or in the comments of the plugin homepage. Then - and only then - post your question here.
It all started once I was trying to set up Filipe Fortes Post Levels plugin. At first I only did a patch for it, to make it run with Wordpress 1.5.x the way I wanted. Then Wordpress 2.0 came out with a complete overhaul of the user management system. Filipes plugin did not switch over to the new user management system but introduced its own. Exchanging some mails between Filipe and me, he explained that he will never switch to the new system in the overseeable future. This was the kick I needed to start a new plugin on my own.
Nowadays, my mission is to build an access restriction plugin for Wordpress that is complete in its feature set but still easy to use. Besides implementing ideas of my own, I will add features known from other similar plugins as far as they make sense. Please use the voting to priorize the implementation of new features or leave a comment to suggest new features.
Disclose-Secret is an access restriction plugin for content posted in your Wordpress blog. Once installed you can select what potions of your written content will be displayed to which user of your blog. By that you are able to expose content only to a certain groups of users.
Securing your Wordpress content is the number one concern of this plugin. Because the plugin may be used to restrict access to sensible content, the plugin must avoid to give access to this content to unallowed users by any means. This goal must also be achieved once you have deactivated the plugin in your Wordpress installation. If you find an error in the plugin that is causing this #1 goal to be corrupted, please contact me directly or write a comment.
The Post Restrictions plugin was the predecessor of the Disclose-Secret plugin. Because concepts and features has changed dramatically since the first release of Post Restrictions, I thought it was time for renaming. There were other choices when searching for a new name like Mystery Monger, Shared Secrets, Gatekeeper or Secret Barker - just to name a few. Nevertheless the version number wasn't reset back to 1.0 with the first release of Disclose-Secret but counted one major release number forward resulting in 2.0. Because of that Disclose-Secret and Post Restrictions are synonyms and can be used interchangeably.
There are a lot of access restriction plugins available on the internet all doing slightly different things. Over time Disclose-Secret may absorb some of their features. The following list may not be complete and probably outdated because some of the plugins may have been updated, including more features. Theirfore the names of the compared plugins are given including the version number.
The Post Levels plugin by Filipe Fortes provided almost the same functionality in the days when this plugin was named Post Restrictions. A big bunch of code was taken from his plugin to set up this work. The main difference was that Post Restrictions could restrict access based on capabilities while Post Levels did its own permission management. With version 2.0 of this plugin, there were a lot of new features introduced that further departed both plugins in terms of functionality and code base.
The ViewLevel plugin by Alex Tingle is based on the abandoned Viewlevel plugin by Kendra Burbank and isn't yet ported to Wordpress 2.0 as far as I know (although it was reported that it works) and so has no restrictions based on Wordpress 2.0 roles/capabilities either. The restricted posts will become public when the plugin is deactivated.
The Private Categories plugin by Greg Elin restricts complete categories from being read. The restricted posts will become public when the plugin is deactivated. Please note that access restriction based on categories is not and will not be implemented into Disclose-Secret. You can achieve the same functionality be restricting access based on a capability.
There are a lot of other plugins that I am simply to lazy to write some further text. Nevertheless they are all worth a mention because of implementing additional features, concepts and ideas that this plugin was or is still missing. A lot of inspiration for further extension of Disclose-Secret came and comes from this list of plugins:
There are other sources on the web, that have developed own ideas about access restrictions to Wordpress not resulting in a plugin that solves these issues. This may be used for getting new ideas:
You need the following software to be installed on your webserver in order to run the Disclose-Secret plugin:
As with the most Wordpress plugins, installation is easy:
plugins directoryFinished. It couldn't be easier. The rest is self-explanatory. ;)
Usually if not specifically mentioned on this page you can upgrade from a previous version of this plugin by simply removing the content of the disclose-secret directory in your Wordpress plugins directory and afterwards follow the installation instructions. Note that an upgrade may implicitly migrate settings of an older plugin version. Therefore you may not be able to downgrade back to an older version of the plugin.
Remove the post-restrictions directory from your Wordpress plugins directory or at least deactivate the Post Restrictions plugin in your Wordpress admin panel. Don't use both plugins in parallel. Although I don't expect to have security affected when running both plugins, I haven't tested it and so behaviour is undefined. Afterwards follow the installation instructions.
Because directory layout and file names have changed, you have to remove your old post_restrictions.php from your Wordpress plugins directory and afterwards follow the installation instructions.
The Disclose-Secret plugin provides a configuration page in your Wordpress admin panel available from the Options tab. If it recognizes that another restriction plugin was once in use, it provides an additional migration dialog at the end of the configuration page. Once migration is done, you can retire and uninstall the old plugin. Don't use both plugins in parallel. Although I don't expect to have security affected when running both plugins, I haven't tested it and so behaviour is undefined. Remember that migration can not be undone by this plugin. Currently migration was tested with the following plugins:
For uninstalling the plugin simply delete the disclose-secret directory from the Wordpress plugins directory. You even don't need to deactivate the plugin in the Wordpress admin panel. Read this topic if you want to know what happens to your already access restricted content.
The Wordpress core system knows two restriction states. They are public for posts to show up even for unregistered users of your blog and private for posts only to show up for the user who has written the post. The Post Restriction plugin introduces a third virtual state protected. Technically this is defined by having a post status of private and at least one access restriction set in the Disclose-Secret box on the Write Post page. This restriction state is weaker than the private, but stronger than the public state. The restriction state will show up on the Manage Post page of the Wordpress admin panel.
You can restrict access to Wordpress content based on user names, roles or even capabilities. If you set more than one access restriction, a user only needs to fullfil one of it to view the content. The following will give some examples. Assume you have the following users in your Wordpress blog:
The roles used for this example are installed by default in a fresh Wordpress version. For this example we assume these roles have the capabilties assigned to as defined after a fresh Wordpress installation.
Assume Barney is writing a post talking about the last game of the Bedrock soccer team and only wants Fred to be allowed to read the post. In this case he would restrict access to the user Fred. Note that Wilma - although she has a higher role assigned to as Barney - will not be able to read the post.
Assume Betty is starting a post with a discussion about Wilmas next birthday present. Because she knows Fred will leak information if he reads this, she only wants her family to be allowed to read the post. Here she has two choices to achieve this:
Choice b) and c) may broaden the set of allowed readers if a new user with a role of Contributor will be created while choice a) is very specific about who can access the post. Choice c) will cause Barney to fullfill access criteria based on restriction to user Barney and restriction to role Contributor. This is redundant but does totally legal.
Once the content is protected by the plugin, the whole topic including title, excerpt and content will only show up on the main page, archives, feeds, search results etc. while the viewer is logged in and fullfills one of the access criteria set for this content.
If a user does not fullfill the access criteria, a direct access to the content - if the URL is known - will lead to an 404 error message by the Wordpress system.
Since most RSS readers support HTTP authentication, you may chose to add http_auth=yes to the query string of the feed, to use HTTP authentication to get protected posts data. The amount of data of the post shown in the feed is configurable. You can show just the title, excerpt, or give the full content of your posts. This all is configurable on the plugin's configuration page.
If you deactivate the plugin, all your protected posts become private and are only visible to the user who has written the post. This assures no content is leaked if you once decide to deactivate the plugin.
There are many ways to set or query access restrictions for Wordpress content. All interfaces are described in the following subsections.
Your Write Post page in the Wordpress admin panel now has a new box called Disclose-Secret. Simply choose the capabilities a user must have to read the post and save your changes afterwards. Now a user can only read this post if he has at least one capability in common with one you have set for the post. Once you have chosen at least one capability from the Disclose-Secret box, it doesn't make a difference whether you press the 'Save' or 'Publish' button or mark your post as 'Published' or 'Private' in the Post Status box. The Disclose-Secret plugin will adjust the post status in all cases to private and will protect you from accidently publishing a restricted post.
If you don't write your Wordpress content with the build-in Write Post page of Wordpress you are still able to restrict access to posts by using XHTML styled tags in the content. The plugin will filter out these tags and will set access restrictions accordingly. Because not to break XHTML validation of your blog if the plugin is turned off, the XHTML tag is styled as a XHTML comment as you may know it from the Wordpress tag <!--more-->. If you define more than one tag in your content, the last tag will overwrite all settings of previously defined tags. The EBNF styled syntax of this tag is:
'<!--disclose-secret' ( ATTRIBUTES )* '/-->' ;
ATTRIBUTES :=
( USER_ATTRIBUTE | ROLE_ATTRIBUTE | CAP_ATTRIBUTE ) ;
USER_ATTRIBUTE :=
'user' '=' '"' ( USER_VALUE ( ',' USER_VALUE )* )? '"' ;
USER_VALUE :=
Display name of the user
ROLE_ATTRIBUTE :=
'role' '=' '"' ( ROLE_VALUE ( ',' ROLE_VALUE )* )? '"' ;
ROLE_VALUE :=
Role name
CAP_ATTRIBUTE :=
'cap' '=' '"' ( CAP_VALUE ( ',' CAP_VALUE )* )? '"' ;
CAP_VALUE :=
Capability nameBy the above given definition, the following examples are valid:
<!--disclose-secret user="Fred"/--><!--disclose-secret user="Barney, Bamm-Bamm"/--><!--disclose-secret user="Bamm-Bamm" role="Contributor"/--><!--disclose-secret user="Barney, Bamm-Bamm" role="Contributor"/--><!--disclose-secret/-->private.<!--disclose-secret user="The incredible Hulk"/-->private.Although the code for this plugin contains of a lot of functions you may call, I only recommend the following public interface to be used in your page templates:
is_private();is_protected();The following list contains all plugins including the version number that will cause Disclose-Secret to break. Additionally the kind of impact is mentioned.
Adhesive 2.3 by Owen Winkler
Because of the way the Adhesive plugin works, it will seriously break the Disclose-Secret functionality. All protected posts are accessible by directly linking to them, even if the user isn't allowed to see the posts. Older versions of Adhesive most likely will suffer from the same problem. Newer versions may not, depending on Owen to provide a fix. There is absolutely no way Disclose-Secret can work around this issue. Thanks to Orlando and Tom for reporting this issue.
If a user accesses the dashboard, he will see the title of restricted content in "Latest Activity/Comments" even if he isn't allowed to read the content. This is due to WordPress (found in version 2.0.4) and can not be changed without editing the core files. More technical: Because the dashboard ignores the "the_title" filter, you have to edit the file "wp-admin/index.php" manually. This was assigned ticket #3478 in the WordPress bug tracking database. Editing core files is out of the scope of this plugin.
This is as intended by the Wordpress developers and the developer of this plugin. Userlevels are marked deprecated. Don't use them. Get more information about the capability/roles model of Wordpress 2 and above in the Wordpress Codex.
Assigning capabilities to roles or users is out of the scope of this plugin. Because Wordpress has no built-in configuration page in the admin panel to assign roles/capabilities, you need to install one of the available role/capability manager plugins. There may be more such plugins available as shown in the following list:
This is due to an unsolved feature request in the Wordpress core.
This is due to an unsolved feature request in the Wordpress core. Although protected posts will be shown if you access one category directly by using the category link.
Restricting access to pages does not work with the current plugin version, because the Wordpress core needs some further adjustments before. This may be implemented into Wordpress 2.1.
The roadmap contains features that will come in one of the next releases of the plugin. They are ordered by priority but may be hold back because of dependencies (e.g. unfixed bugs or missing features in the Wordpress core)
You can vote for new feature to priorize the implementation of new features. If your desired feature isn't in this list, just write a comment and I will add it.