Required Rights Application

Last modified by Admin on 2023/11/27 15:35

cogDefault implementation of the Required Rights API
Developed by

XWiki Development Team

0 Votes
LicenseGNU Lesser General Public License 2.1
Bundled With

XWiki Standard (XWiki 15.9RC1+)


XWiki 15.9RC1+

Installable with the Extension Manager


The Required right Application is currently used to warn users when editing a document would either break macros or objects or when additional rights would be granted that a document or object currently doesn't have.
A warning is, for instance, raised if a page authored by an user with Script right contains velocity script in its title (e.g., to translate the title), is edited by an user without Script right. Without this warning, the user would break the title, and the velocity script of the title would be displayed in plain text instead of the translation.

See also the corresponding API.




#-# [Since 15.9RC1]
#-# Indicates how documents are protected by required rights.
#-# The possible choices are:
#-# * none: no required rights check
#-# * warning (the default): a warning is presented to the user when trying to edit a document with required rights
#-# issues

<15.10 The required rights protection was disabled by default.


Existing Analyzers

  • Macros
    • default: Recurses into the macro content if it is wiki syntax
    • script: Analyze script macros
    • 15.10+ context: Analyzes the context macro, disables scanning of restricted content
    • 15.10+ cache: Analyzes the cache macro, making sure that the id parameter is analyzed
    • 15.10+ raw: Analyzes the raw macro, reporting script right for raw HTML content
    • 15.10+ HTML: Analyzes the HTML macro, reporting script right when filtering is disabled, wiki content is enabled (then also analyzing the wiki syntax) or HTML elements, attributes or comments are used that would be affected by restricted filtering.
  • XObjects
    • default: Analyzes text area properties with Velocity or wiki syntax content
    • XWiki.RequiredRightClass: Analyzer that checks if the document has the rights indicated in the RequiredRights object
    • XWiki.JavaScriptExtension/XWiki.StyleSheetExtension: Required right analyzer for skin extensions
    • 15.10+ XWiki.UIExtensionClass: Analyzes rights for UI extensions, taking scope, content, parameters (may contain Velocity), and extension point (some require wiki admin right) into account.
    • 15.10+ XWiki.TranslationDocumentClass: Required rights analyzer for content and metadata of translation documents, taking the scope into account.
    • 15.10+ XWiki.GadgetClass: Required rights analyzer for gadgets, checking for scripts in the gadget title and analyzing the content
    • 15.10+ IconThemesCode.IconThemeClass: Required rights analyzer for icon themes, reporting script and programming right with manual review required for metadata and content.
    • 15.10+ XWiki.ConfigurableClass: Required rights analyzer for configurable sections, analyzing the heading that may contain Velocity and the content.
  • XDOM
    • default: Analyzes all macros in the content
  • XWikiDocument
    • default Analyzes the title and calls the other analyzers to analyze content and XObjects.

Prerequisites & Installation Instructions

We recommend using the Extension Manager to install this extension (Make sure that the text "Installable with the Extension Manager" is displayed at the top right location on this page to know if this extension can be installed with the Extension Manager).

You can also use the manual method which involves dropping the JAR file and all its dependencies into the WEB-INF/lib folder and restarting XWiki.


Dependencies for this extension (org.xwiki.platform:xwiki-platform-security-requiredrights-default 15.10):


Get Connected