[pmwiki-users] Re : Auth issue

Jean-Fabrice [gmail] jeanfabrice at gmail.com
Tue Aug 22 18:04:26 CDT 2006


Pm,

Sorry for reposting but I'm not sure you get this
message. As I can reproduced the problem on a fresh installation, I
was wondering if this is a bug (or a feature).

JF

2006/8/22, Jean-Fabrice [gmail] <jeanfabrice at gmail.com>:
>
> I will try on a fresh new installation to confirm the problem I get.
> > Im' using AuthUser with .htpasswd. The problem also occurs if the
> > editor user is declared in .htpasswd
>
>
> I have just tested this setup on a fresh new 2.1.14 and I encountered the
> same issue.
> Extract from the config.php :
> $AuthUser['adminuser'] = array('<encoded_password>','@administrator');
> $AuthUser['editoruser'] = array('<encoded_password>','@editor');
> $DefaultPasswords['read'] = 'id:*';
> $DefaultPasswords['admin'] = '@administrator';
> $DefaultPasswords['upload'] = array('@administrator','@editor');
>
> $DefaultPasswords['edit'] = array( '@administrator','@editor');
> $DefaultPasswords['attr'] = $DefaultPasswords['admin'];
> $AuthUser['htpasswd'] = 'local/.htpasswd';
> include_once("$FarmD/scripts/authuser.php");
>
> What I did is :
> 1) As editoruser, create /Test/Test page (fresh new group, fresh new page)
> 2) As adminuser, update /Test/Test attributes and set @_site_edit as read
> password (instead of the site defined id:*)
> 3) Try to access /Test/Test as editoruser => read denied
> 4) Try to access /Test/Test as adminuser => read allowed
> 5) Try to edit /Test/Test as editoruser => edit allowed
>
> Is this a bug or am I misunderstanding the @_site_edit shortcut ?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20060823/3bbbe4c1/attachment.html 


More information about the pmwiki-users mailing list