[pmwiki-users] UserAuth2 and WikiCalendar problem
IchBin
weconsultants at gmail.com
Wed May 30 19:12:37 CDT 2007
IchBin wrote:
> I am fooling around with WikiCalendar since I can not get any response
> from the author of Logbook. It is not working, for me, but then that is
> another post I posted here and to his personal email address.
>
> Anyway, a user with UserAuth2 security of read\write "ed_Calendar.*"
> access has no problem editing a day when picking it from the visual
> calendar.
>
> There is a problem when they use the "Story form markup (:wikilogbox:)"
> to post to the calendar. The error looks like this for say adding a
> story on 05/29/2007:
>
> Calendar /
> 20070529
> Insufficient privileges to perform action
>
> The files are kept on disk in this format: 'Calendar.YYYYMMDD'. So this
> page would be: Calendar.20070529. It does not seem to matter if the
> Calendar.date exists or needs to be created. I just get the security error.
>
> The current calendar files I have are:
> Calendar.Calendar
> Calendar.GroupHeader
> Calendar.RecentChanges
> Calendar.20070528
> Calendar.20070530
> Calendar.20070530
>
> Just a quick idea: I guess there must be an intermediary file that does
> not conform to the Calendar naming convention that is created\destroyed
> (temp file) in the process of posting a 'Story message' to the calendar.
> I'll take a peek.
>
Looking at the logic in UserAuth2.php in function
TryAccessingPage($pagename, $level) It is passing this:
$pagename = Calendar/20070429
$level = edit
But get caught on this:
if ($UserInstanceVars->isAuthenticated())
even though I set the security rule for the user to: 'ed_*.*' and I am
signed in... Should be OK.
--
Thanks in Advance... http://weconsulting.org
IchBin, Philadelphia, Pa, USA http://ichbinquotations.weconsulting.org
______________________________________________________________________
'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)
More information about the pmwiki-users
mailing list