The multisite support is really appreciated but I have a small problem. Most of my sites use the same LDAP settings but a handful use a different Base DN to limit who can access the blog.
Currently the only way I can see to do this would be to not network enable the plugin but to enable it on each site and add the settings for each site, which is more work than before.
Is there any way to allow certain sites to override the Network wpDirAuth settings?
The behaviour has changed since I last tried this above. Back then (I’m guessing it was 1.7.5) when you network enabled the plugin on a multisite install it would give you one Dir Auth settings page in the Network Admin dashboard settings.
Now in 1.7.6 when you network enable the plugin on a multisite install you get the Dir Auth settings page on each blog. When you first do this you get a blank settings page as it is trying to retrieve the values from wp_sitemeta. The wpDirAuth_activation function doesn’t help as the settings are in the per-blog options table wp_xx_options.
Now if I change the settings on the Dir Auth settings page of any blog it updates the settings for all blogs as it is reading/writing them to wp_sitemeta. The previous settings are still in the per-blog options table but it is not using these.
Ideally I’d like to be able to set the Dir Auth options globally, with the option to override the settings on a per-blog basis. i.e. if the settings are set in wp_xx_options use those otherwise default to the settings from wp_sitemeta.
Is this doable?
Strange. 1.7.6 in a multisite wordpress install, should only be visible in the Network Admin area, not on each individual site. It should only be visible in each site if it HASNT been network activated, and instead activated on each individual site. Did you have it activated for individual sites first, and then network activate it? Even then, I can’t think of a way that the settings page should be showing up in individual sites if the plugin is in a multisite setup.
So what you are wanting is for it to be both network-activated AND individual for each site? Wow… the complication of course is that the users are shared across the entire installation. There is not a user_meta table per site; only one for the entire installation.
It’s possibly doable, but it isn’t going to be easy.
Can you explain what situation you have where you need it to be different on some sites, but not others? Maybe there’s a different way to come at the problem…
I upgraded from 1.6.1 to 1.7.6, the plugin has always been network activated (as far as I know, I inherited this a few years ago). Last time I tested it I did get the behaviour you mention, with the settings in the Network Admin area. But this time the settings are showing up for each blog, as it did in 1.6.1.
I didn’t think about the complication of the users.
The situation is that I have various blogs are restricted to registered users of the network (using the Network Privacy plugin). This allows on those with a WP user to see the site, which on our setup is restricted to those users with an LDAP/AD account, i.e. staff and students. On some blogs we have restricted access to staff only, to do this we’ve selected the “restricted to registered users” option and changed the base DN in the Dir Auth settings to just the staff container, this prevents students from being able to see the blog.
I do have a workaround which I’m going to test which could resolve the issue. When I upgraded I also installed the Multisite Plugin Manager which lets me install a plugin on all blogs at once, this would let me network disable the Dir Auth plugin and install it on all blogs with one click. I’ll test this tomorrow and see if it resolves the issue.
I’ve tested network deactivating the Dir Auth plugin and activating it on all blogs, but this still doesn’t work as changing the settings for one blog changes them for all blogs, i.e. it’s reading writing to wp_sitemeta. I think something must be a bit screwed up with my setup, I’ll have a dig through the code/data to see if I can get to the bottom of it.
I upgraded from 1.6.1 to 1.7.6,
Ah. That’s how. There was a note at the changelog mentioning that if you were upgrading from anything earlier than 1.7.5, you need to deactivate the plugin before upgrading. I should probably alter the activation clean up routine to catch situations like yours.
Because of the way multisite handles users, the script runs in network-wide multisite mode even if it isnt network-enabled. Here is (http://pastebin.com/Wmw5QAiA) an altered version of the script that will allow you to run per site in a multisite setup, but since I’ve never tested it, I don’t know how it’ll work. I can definitely foresee some issues where one user needs access to multiple sites in the network if the wpdirauth settings are different on each site.
The bigger issue here is that wpdirauth is really set up to handle authentication, not authorization. In your described scenario, you’re really dealing with authorization. The student who logs in (given they used their correct LDAP credentials) *is* authenticated; however, they might not be authorized to see a specific site.
I did deactivate the plugin before upgrading, so maybe something else was going on.
Thanks for the updated script, I’ve modified it so that it uses WPDIRAUTH_MULTISITE to determine whether to get/set blog-specifc or network-wide settings. The diff is here http://pastebin.com/H8ChJvdJ and the full file is here http://pastebin.com/ieLCETAA.
I could see how this could cause issues but it fits my use case exactly.
- The topic ‘Multisite with different settings on some sites’ is closed to new replies.