[pmwiki-users] User authorization notes (was: A few wishes for PmWiki)
Patrick R. Michaud
pmichaud at pobox.com
Mon Feb 28 10:32:43 CST 2005
On Mon, Feb 28, 2005 at 04:36:37PM +0100, Barthelemy, Christian wrote:
> - A simple User Management system based on ACLs: the best I have seen so far
> is the one from wikka: http://wikka.jsnx.com/ACLInfo.
Actually, having looked at it, the one that wikka is using is very
close to what I've planning to do for PmWiki's user-authorization
system. Essentially, in addition to setting read/edit/attr passwords,
one would be able to specify passwords like:
user:Pm,JohnRankin (only Pm and JohnRankin)
user:auth (any authenticated user)
user:-JMorris (anyone except JMorris)
user:-JMorris,auth (any authenticated user except JMorris)
One will also be able to specify passwords as before, thus
reallysecret user:Pm
will grant access to Pm or anyone who knows the password "reallysecret".
One item I haven't quite figured out is how to fix the Page Attributes
dialog where there are mixed passwords and user-authorizations.
Currently the dialog presents all of the fields as blank, but this
won't really work where someone is wanting to change the existing user
settings. I may simply repeat the user-based settings to the right
of the password input field, along with a notation for any encrypted
per-page passwords.
Finally, to try to make things easier when debugging password problems,
I think I'm going to change the password prompt so that when someone
is prompted for a password, the prompt will also indicate whether
the restriction is per-page, per-group, or from a site default.
Pm
More information about the pmwiki-users
mailing list