[pmwiki-users] Issue with Private Group.

[Stirling Westrup]

I've mentioned this particular issue here in the past. I was hoping that
with the recent processing changes made to @_site_edit, it had been
resolved but this does not appear to be the case.

I have a personal site with a passwords set in config.php like this:

$DefaultPasswords['admin'] = crypt('AdminPass');
$DefaultPasswords['edit'] = crypt('EditPass');
$DefaultPasswords['attr'] = '@_site_edit';
$DefaultPasswords['upload'] = '@_site_edit';

I am also loading authuser.php, although I'm currently only using some
of the conditionals it provides, as part of my edit view. (I'm thinking
of possibly adding a group forum, which is why I'm loading it).

The intent is for the edit password to allow one to change anything on
the site, including attributes, leaving the AdminPass for emergency use
only. This seems to be working.

Finally, I have a group called Private for things which do not want to
be publicly visible. I went in and set the read attribute in
Private.GroupAttributes to @_site_edit in the hopes that this would
restrict viewing of the group to all but those who had entered the
site-wide edit password. This is what doesn't work.

On the plus side it works by locking down the group so that it requires
the admin password to read it rather than making it publicly visible,
but this is not what I wanted. For now I've had to go back and set the
group's read attribute to 'EditPass', but its a pain to have to edit the
password in two places every time the password changes.

How difficult would it be to resolve this so that @_site_edit would work
as expected?