[pmwiki-users] Limiting Group access via AuthUser groups

Wed Oct 30 22:42:12 CDT 2013

somehow, $Group is not the same as $DefaultGroup, even when both hold the
string "Main"

-Michael Paulukonis
http://www.xradiograph.com
 <http://goog_2112721603>Interference Patterns (a
blog)<http://www.xradiograph.com%5Cinterference>
@XraysMonaLisa <https://twitter.com/XraysMonaLisa>
http://michaelpaulukonis.com
<http://www.BestAndroidResources.com>

Sent from somewhere in the Cloud
(hearthrug, by the fender)

On Wed, Oct 30, 2013 at 11:33 PM, michael paulukonis <
xraysmalevich at gmail.com> wrote:

> Thanks, Tamara.
>
> Something is happening well beyond my php-fu (which is so low I don't even
> have a belt).
> The negative case is ALWAYS true.
> Even, say in the "Main" or "PmWiki" groups.
> I've dumped the array and variables to the page to check -- and it sure
> looks to _me_ like the $Group should be found in the array, but PHP is
> telling me it ain't so.
>
> ???
>
> -Michael Paulukonis
> http://www.xradiograph.com
> <http://goog_2112721603>Interference Patterns (a blog)<http://www.xradiograph.com%5Cinterference>
> @XraysMonaLisa <https://twitter.com/XraysMonaLisa>
> http://michaelpaulukonis.com
> <http://www.BestAndroidResources.com>
>
> Sent from somewhere in the Cloud
> (hearthrug, by the fender)
>
>
> On Wed, Oct 30, 2013 at 8:52 PM, Tamara Temple <tamouse.lists at gmail.com>wrote:
>
>>
>> On Oct 30, 2013, at 8:23 AM, michael paulukonis <xraysmalevich at gmail.com>
>> wrote:
>>
>> > [since the two words are identical, I will be using an uppercase
>> "Group" to refer to PmWiki Groups of pages, and use a lowercase "group" to
>> refer to AuthUser groups of users]
>> >
>> > Is there a programmatic way to restrict group access?
>> > I'm setting up a wiki for others to maintain, who will be creating
>> users and Groups.
>> > Each Group should be restricted to one AuthUser group.
>> > Ideally, the AuthUser group would have the same name as the Group.
>> > This would mean that once a Group is created and users are added to the
>> AuthUser group, no further action would have to be taken by the
>> administrator.
>> >
>> > However, I haven't figured out how to set Group restrictions without
>> using {Group}.GroupAttributes?action=attr and manually setting the group.
>> >
>> >
>> > Would it be possible to do something like the following in
>> local/config.php ?
>> >
>> > // exclude Groups like PmWiki, Main, etc.
>> > if ($Group != 'Site') {
>> >   $DefaultPasswords['read'] = array('@$Group', 'id:admin'); // restrict
>> to group and admin
>> > }
>> >
>> > I believe I tried the above and it didn't work (I'm away from my dev
>> machine right now).
>> >
>> > If something like this is possible, could it easily be extended to add
>> additional users or groups via GroupAttributes without modifying config.php?
>> >
>> > -Michael Paulukonis
>>
>> Not really sure if this is an answer, and I’ve not even tried this, but:
>>
>> // exclude Groups like PmWiki, Main, etc.
>> if ( ! in_array($Group, array($SiteGroup, $SiteAdminGroup, 'PmWiki',
>> $DefaultGroup ) {
>>   $group = strtolower($Group); // to refer to AuthUser group associated
>> with PmWiki Group?
>>   $DefaultPasswords['read'] = array("@$group", 'id:admin'); // restrict
>> to group and admin. Interpolate?
>> }
>>
>> I think you’ll want the AuthUser group here, so down case the PmWIki
>> Group. Also, I think you want that interpolated immediately in the
>> assignment for DefaultPasswords, no?
>>
>> Also, the in_array thingie for checking might be a touch more robust
>> using the variables…
>>
>> Again, just off the cuff, not tried it.
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pmichaud.com/pipermail/pmwiki-users/attachments/20131030/23a4543b/attachment-0001.html>