[Pmwiki-users] User-based Authorization (was Another Question)

[Wade Hudson]

Thanks much. That is very clear and very helpful.

When will the upcoming release with user-based authorization be
released?
Will that authorization consist of a registration process that users
must complete prior to gaining instant access?
If so, can/will that registration process REQUIRE the user to provide
more information than just email address?
Would I be able to require, for example, name, mailing address, and/or
phone number?
Will I be able to revoke a particular user's authorization?


> -----Original Message-----
> From: Patrick R. Michaud [mailto:pmichaud at pobox.com]
> Sent: Saturday, January 22, 2005 6:10 AM
> To: Ciaran
> Cc: Wade Hudson; pmwiki
> Subject: Re: [Pmwiki-users] Re: Another Question
>
>
> On Sat, Jan 22, 2005 at 08:15:06AM +0000, Ciaran wrote:
> > I've cc'd Pm in, incase I mis-explain something to you  :)
> > > I'm assuming that we will be able to block abusers if and
> when need be,
> > > or restrict access later.
> > Not at the minute, see my earlier point about an outstanding feature
> > request (PITS 0010 I think..)
>
> It depends what sort of abusers you're wanting to block.  If you're
> worried about wiki spam, one of the best ways to do this is to
> use the urlapprove.php script that comes with the distribution.
> This script allows a site to distinguish between "approved" and
> "unapproved" urls, and a list of approved urls can be
> maintained.  Any url that is not approved is not converted to a link;
> furthermore, any post that contains too many unapproved URLs is
> automatically rejected.  (Spammers seem to want to post lots of
> unapproved links, so this is pretty effective.)
>
> This is the method that is being used on pmwiki.org; since I began
> this wikispam abuse has not been an issue even though the wiki is
> an open one.  More details on this below.
>
> If you're concerned about abuse coming from people simply destroying
> each other's posts, then password-protecting only those
> selected pages in
> which this is occurring is probably a sufficient response.
>
> And yes, user-based authorization is slated for inclusion in an
> upcoming release.
>
> Okay, back to url approvals.  To enable this for your site, simply
> add the following to local/config.php:
>
>     include_once('scripts/urlapprove.php');
>
> This causes links to external sites to be listed on an "approval page"
> (normally Main.ApprovedUrls) before the system will automatically
> convert them into links.  Any external links not listed on
> the approval
> page are not converted into links and are displayed with an
> "(approve links)" button.  Pressing the "approve links" button will
> add all unapproved links on the page to Main.ApprovedUrls, thus
> approving them.  The Main.ApprovedUrls page can be password-protected
> to limit the url approval capability.
>
> You can experiment with this capability on pmwiki.org -- just create a
> page somewhere in the Main group and place a link to an external site
> on it.  It will then be marked as needing approval.  The password for
> approving URLs on pmwiki.org is "quick".
>
> Finally, to block posts that contain too many unapproved
> external urls,
> simply set the following in config.php:
>
>     $UnapprovedLinkCountMax = 10;
>
> If you want to disable the url approval requirement for selected pages
> or groups, you can simply set the following in the corresponding page
> or group configuration file:
>
>     $EnableUrlApprovedRequired = 0;
>
> I do this on pmwiki.org for the Test, PITS, and Cookbook
> groups, as well
> as for Main.WikiSandbox.
>
> I know there's a lot of information here, so if there are any
> questions,
> feel free to ask.
>
> Pm
>
>
>