MoinMoin has Access Control Lists (ACLs) so I figured it would work for creating a private wiki on the internet.
Unfortunately this is against the MoinMoin philosophy so it took a little work.
MoinMoin pages can be protected by adding a processing instruction to the top of the page
This would work but is not what I was looking for since I want all pages to be protected. I don’t want the users to have to remember to add the acl to every page.
In the Security section of wikiconfig.py I changed the default acl rights so a user must be logged in to read or write wiki pages.
# the user must be logged in to view or write pages
acl_rights_default = u'Known:read,write'
This works great except that anyone can just create an account and view pages. So I also needed to disable user registration. MoinMoin uses the same form for user creation and editing users, so a file system hack worked the best.
$ cd /path/to/wiki/instance/data
$ chmod -w users
This allows users with existing accounts to edit them, but if someone attempts to create a user account, they get a nice IOError since MoinMoin can’t create the file. Effective but ugly.
Last I hacked userform.py to catch this error and display an message
When user registration was disabled the IOError was on line 155 of userform.py.
return _("User registration is disabled")
This solution seems to work fine. Adding users is a bit of a pain, but it doesn’t happen often. Since users can’t register, I need to create the new accounts. I enable user creation (
chmod +w users), use the UI to create users and then disable user registration again (
chmod -w users).