Hello, in the future we’d like to implement Add concept of required permissions for Macros
For now, what I can propose to you is to:
- create a wiki macro that wraps the iframe macro and adds a permission check (using the scripting api for that)
- Categorize the iframe macro so that it’s hidden. See https://www.xwiki.org/xwiki/bin/view/Documentation/AdminGuide/Configuration/#HMacroscategoriesandvisibility
Now one issue is that a knowedgeable user could still use the iframe macro even if it’s not listed anymore in the UI (hidden), but maybe it’s enough for your use case.
The alternative is to not install the iframe macro and re-implement it as a wiki macro with a permissions check. Since it’s a very simple macro, that should be very easy (I think it’s already a wiki macro so you could even copy its implementation).