[pmwiki-users] AuthUser - ldap - how to define custom groups
Thomas Gemperli
tom at arch.ethz.ch
Thu Feb 8 11:18:25 CST 2007
Hi all
I'm trying to set up PmWiki with LDAP auth. The basic's are working
well, users have to log on with their ldap usernames and passwords to
edit pages.
Because I want to use existing ldap groups to assign edit rights I've
wrote a small piece of php code to get out group-memberships from our
LDAP. Well, this works also. config.php snippet:
###
include_once("cookbook/archbook.php");
$AuthUser['ldap'] = "$ldaphost/$ldapuserdn,$ldapdn?$ldapuserprefix";
include_once("$FarmD/scripts/authuser.php");
$AuthUser['@editors'] = array(get_ldap_values("cn=groups",
"(cn=aldapgroup)", array("memberUid")));
$DefaultPasswords['edit'] = '@editors';
$DefaultPasswords['attr'] = '@editors';
$DefaultPasswords['upload'] = '@editors';
###
Note, $AuthUser['@editors'] will contain something like this: "alice,
bob, steve, bill, laura"
Now I want to give edit rights to another group on some wiki pages
(or wiki groups). I would like to use "?action=attr" -> "edit
password" -> "@othereditors" on wiki pages for this this, as
described in "Site/AuthUser".
My problem, where (and how) can I define "@othereditors"? I don't
want to make this group static (e.g. "@ othereditors: bart, lisa" in
"Site/AuthUser"), I want to get this information from ldap the same
way as I do with "$AuthUser['@editors']"
Obviously the following statement in config.php does not work:
$AuthUser['@othereditors'] = array(get_ldap_values("cn=groups",
"(cn=anotherldapgroup)", array("memberUid")));
I hope you get the idea, my english isn't that good.
And, before I forget, PmWiki is really great! :)
-Thomas
More information about the pmwiki-users
mailing list